directus 9.2.1 → 9.4.1

package/dist/app.js

@@ -51,6 +51,7 @@ const settings_1 = __importDefault(require("./controllers/settings"));
 const users_1 = __importDefault(require("./controllers/users"));
 const utils_1 = __importDefault(require("./controllers/utils"));
 const webhooks_1 = __importDefault(require("./controllers/webhooks"));
+const shares_1 = __importDefault(require("./controllers/shares"));
 const database_1 = require("./database");
 const emitter_1 = __importDefault(require("./emitter"));
 const env_1 = __importDefault(require("./env"));
@@ -112,14 +113,14 @@ async function createApp() {
     });
     app.use((0, cookie_parser_1.default)());
     app.use(extract_token_1.default);
-    app.use((req, res, next) => {
+    app.use((_req, res, next) => {
         res.setHeader('X-Powered-By', 'Directus');
         next();
     });
     if (env_1.default.CORS_ENABLED === true) {
         app.use(cors_1.default);
     }
-    app.get('/', (req, res, next) => {
+    app.get('/', (_req, res, next) => {
         if (env_1.default.ROOT_REDIRECT) {
             res.redirect(env_1.default.ROOT_REDIRECT);
         }
@@ -133,7 +134,7 @@ async function createApp() {
         // Set the App's base path according to the APIs public URL
         const html = await fs_extra_1.default.readFile(adminPath, 'utf8');
         const htmlWithBase = html.replace(/<base \/>/, `<base href="${adminUrl.toString({ rootRelative: true })}/" />`);
-        const noCacheIndexHtmlHandler = (req, res) => {
+        const noCacheIndexHtmlHandler = (_req, res) => {
             res.setHeader('Cache-Control', 'no-cache');
             res.send(htmlWithBase);
         };
@@ -173,6 +174,7 @@ async function createApp() {
     app.use('/roles', roles_1.default);
     app.use('/server', server_1.default);
     app.use('/settings', settings_1.default);
+    app.use('/shares', shares_1.default);
     app.use('/users', users_1.default);
     app.use('/utils', utils_1.default);
     app.use('/webhooks', webhooks_1.default);

package/dist/auth/auth.d.ts

@@ -1,5 +1,5 @@
 import { Knex } from 'knex';
-import { AuthDriverOptions, SchemaOverview, User, SessionData } from '../types';
+import { AuthDriverOptions, SchemaOverview, User } from '../types';
 export declare abstract class AuthDriver {
     knex: Knex;
     schema: SchemaOverview;
@@ -28,20 +28,18 @@ export declare abstract class AuthDriver {
      * @throws InvalidCredentialsException
      * @returns Data to be stored with the session
      */
-    login(_user: User, _payload: Record<string, any>): Promise<SessionData>;
+    login(_user: User, _payload: Record<string, any>): Promise<void>;
     /**
      * Handle user session refresh
      *
      * @param _user User information
-     * @param _sessionData Session data
      * @throws InvalidCredentialsException
      */
-    refresh(_user: User, sessionData: SessionData): Promise<SessionData>;
+    refresh(_user: User): Promise<void>;
     /**
      * Handle user session termination
      *
      * @param _user User information
-     * @param _sessionData Session data
      */
-    logout(_user: User, _sessionData: SessionData): Promise<void>;
+    logout(_user: User): Promise<void>;
 }

package/dist/auth/auth.js

@@ -15,28 +15,24 @@ class AuthDriver {
      * @returns Data to be stored with the session
      */
     async login(_user, _payload) {
-        /* Optional, though should probably be set */
-        return null;
+        return;
     }
     /**
      * Handle user session refresh
      *
      * @param _user User information
-     * @param _sessionData Session data
      * @throws InvalidCredentialsException
      */
-    async refresh(_user, sessionData) {
-        /* Optional */
-        return sessionData;
+    async refresh(_user) {
+        return;
     }
     /**
      * Handle user session termination
      *
      * @param _user User information
-     * @param _sessionData Session data
      */
-    async logout(_user, _sessionData) {
-        /* Optional */
+    async logout(_user) {
+        return;
     }
 }
 exports.AuthDriver = AuthDriver;

package/dist/auth/drivers/ldap.d.ts

@@ -1,7 +1,7 @@
 import { Router } from 'express';
 import { Client } from 'ldapjs';
 import { AuthDriver } from '../auth';
-import { AuthDriverOptions, User, SessionData } from '../../types';
+import { AuthDriverOptions, User } from '../../types';
 import { UsersService } from '../../services';
 export declare class LDAPAuthDriver extends AuthDriver {
     bindClient: Client;
@@ -15,7 +15,7 @@ export declare class LDAPAuthDriver extends AuthDriver {
     private fetchUserId;
     getUserID(payload: Record<string, any>): Promise<string>;
     verify(user: User, password?: string): Promise<void>;
-    login(user: User, payload: Record<string, any>): Promise<SessionData>;
-    refresh(user: User): Promise<SessionData>;
+    login(user: User, payload: Record<string, any>): Promise<void>;
+    refresh(user: User): Promise<void>;
 }
 export declare function createLDAPAuthRouter(provider: string): Router;

package/dist/auth/drivers/ldap.js

@@ -87,6 +87,12 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
                         }
                     });
                 });
+                res.on('end', (result) => {
+                    if ((result === null || result === void 0 ? void 0 : result.status) === 0) {
+                        // Handle edge case with IBM systems where authenticated bind user could not fetch their DN
+                        reject(new exceptions_1.UnexpectedResponseException('Failed to find bind user record'));
+                    }
+                });
             });
         });
     }
@@ -254,7 +260,6 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
     }
     async login(user, payload) {
         await this.verify(user, payload.password);
-        return null;
     }
     async refresh(user) {
         await this.validateBindClient();
@@ -262,7 +267,6 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
         if ((userInfo === null || userInfo === void 0 ? void 0 : userInfo.userAccountControl) && userInfo.userAccountControl & INVALID_ACCOUNT_FLAGS) {
             throw new exceptions_1.InvalidCredentialsException();
         }
-        return null;
     }
 }
 exports.LDAPAuthDriver = LDAPAuthDriver;

package/dist/auth/drivers/local.d.ts

@@ -1,9 +1,9 @@
 import { Router } from 'express';
 import { AuthDriver } from '../auth';
-import { User, SessionData } from '../../types';
+import { User } from '../../types';
 export declare class LocalAuthDriver extends AuthDriver {
     getUserID(payload: Record<string, any>): Promise<string>;
     verify(user: User, password?: string): Promise<void>;
-    login(user: User, payload: Record<string, any>): Promise<SessionData>;
+    login(user: User, payload: Record<string, any>): Promise<void>;
 }
 export declare function createLocalAuthRouter(provider: string): Router;

package/dist/auth/drivers/local.js

@@ -6,7 +6,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createLocalAuthRouter = exports.LocalAuthDriver = void 0;
 const express_1 = require("express");
 const argon2_1 = __importDefault(require("argon2"));
-const ms_1 = __importDefault(require("ms"));
 const joi_1 = __importDefault(require("joi"));
 const auth_1 = require("../auth");
 const exceptions_1 = require("../../exceptions");
@@ -14,6 +13,7 @@ const services_1 = require("../../services");
 const async_handler_1 = __importDefault(require("../../utils/async-handler"));
 const env_1 = __importDefault(require("../../env"));
 const respond_1 = require("../../middleware/respond");
+const constants_1 = require("../../constants");
 class LocalAuthDriver extends auth_1.AuthDriver {
     async getUserID(payload) {
         if (!payload.email) {
@@ -36,20 +36,19 @@ class LocalAuthDriver extends auth_1.AuthDriver {
     }
     async login(user, payload) {
         await this.verify(user, payload.password);
-        return null;
     }
 }
 exports.LocalAuthDriver = LocalAuthDriver;
 function createLocalAuthRouter(provider) {
     const router = (0, express_1.Router)();
-    const loginSchema = joi_1.default.object({
+    const userLoginSchema = joi_1.default.object({
         email: joi_1.default.string().email().required(),
         password: joi_1.default.string().required(),
         mode: joi_1.default.string().valid('cookie', 'json'),
         otp: joi_1.default.string(),
     }).unknown();
     router.post('/', (0, async_handler_1.default)(async (req, res, next) => {
-        var _a, _b;
+        var _a;
         const accountability = {
             ip: req.ip,
             userAgent: req.get('user-agent'),
@@ -59,7 +58,7 @@ function createLocalAuthRouter(provider) {
             accountability: accountability,
             schema: req.schema,
         });
-        const { error } = loginSchema.validate(req.body);
+        const { error } = userLoginSchema.validate(req.body);
         if (error) {
             throw new exceptions_1.InvalidPayloadException(error.message);
         }
@@ -72,13 +71,7 @@ function createLocalAuthRouter(provider) {
             payload.data.refresh_token = refreshToken;
         }
         if (mode === 'cookie') {
-            res.cookie(env_1.default.REFRESH_TOKEN_COOKIE_NAME, refreshToken, {
-                httpOnly: true,
-                domain: env_1.default.REFRESH_TOKEN_COOKIE_DOMAIN,
-                maxAge: (0, ms_1.default)(env_1.default.REFRESH_TOKEN_TTL),
-                secure: (_b = env_1.default.REFRESH_TOKEN_COOKIE_SECURE) !== null && _b !== void 0 ? _b : false,
-                sameSite: env_1.default.REFRESH_TOKEN_COOKIE_SAME_SITE || 'strict',
-            });
+            res.cookie(env_1.default.REFRESH_TOKEN_COOKIE_NAME, refreshToken, constants_1.COOKIE_OPTIONS);
         }
         res.locals.payload = payload;
         return next();

package/dist/auth/drivers/oauth2.d.ts

@@ -2,7 +2,7 @@ import { Router } from 'express';
 import { Client } from 'openid-client';
 import { LocalAuthDriver } from './local';
 import { UsersService } from '../../services';
-import { AuthDriverOptions, User, SessionData } from '../../types';
+import { AuthDriverOptions, User } from '../../types';
 export declare class OAuth2AuthDriver extends LocalAuthDriver {
     client: Client;
     redirectUrl: string;
@@ -13,7 +13,7 @@ export declare class OAuth2AuthDriver extends LocalAuthDriver {
     generateAuthUrl(codeVerifier: string, prompt?: boolean): string;
     private fetchUserId;
     getUserID(payload: Record<string, any>): Promise<string>;
-    login(user: User): Promise<SessionData>;
-    refresh(user: User, sessionData: SessionData): Promise<SessionData>;
+    login(user: User): Promise<void>;
+    refresh(user: User): Promise<void>;
 }
 export declare function createOAuth2AuthRouter(providerName: string): Router;

package/dist/auth/drivers/oauth2.js

@@ -130,9 +130,9 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         return (await this.fetchUserId(identifier));
     }
     async login(user) {
-        return this.refresh(user, null);
+        return this.refresh(user);
     }
-    async refresh(user, sessionData) {
+    async refresh(user) {
         let authData = user.auth_data;
         if (typeof authData === 'string') {
             try {
@@ -156,7 +156,6 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
                 throw handleError(e);
             }
         }
-        return sessionData;
     }
 }
 exports.OAuth2AuthDriver = OAuth2AuthDriver;

package/dist/auth/drivers/openid.d.ts

@@ -2,7 +2,7 @@ import { Router } from 'express';
 import { Client } from 'openid-client';
 import { LocalAuthDriver } from './local';
 import { UsersService } from '../../services';
-import { AuthDriverOptions, User, SessionData } from '../../types';
+import { AuthDriverOptions, User } from '../../types';
 export declare class OpenIDAuthDriver extends LocalAuthDriver {
     client: Promise<Client>;
     redirectUrl: string;
@@ -13,7 +13,7 @@ export declare class OpenIDAuthDriver extends LocalAuthDriver {
     generateAuthUrl(codeVerifier: string, prompt?: boolean): Promise<string>;
     private fetchUserId;
     getUserID(payload: Record<string, any>): Promise<string>;
-    login(user: User): Promise<SessionData>;
-    refresh(user: User, sessionData: SessionData): Promise<SessionData>;
+    login(user: User): Promise<void>;
+    refresh(user: User): Promise<void>;
 }
 export declare function createOpenIDAuthRouter(providerName: string): Router;

package/dist/auth/drivers/openid.js

@@ -135,9 +135,9 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         return (await this.fetchUserId(identifier));
     }
     async login(user) {
-        return this.refresh(user, null);
+        return this.refresh(user);
     }
-    async refresh(user, sessionData) {
+    async refresh(user) {
         let authData = user.auth_data;
         if (typeof authData === 'string') {
             try {
@@ -162,7 +162,6 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
                 throw handleError(e);
             }
         }
-        return sessionData;
     }
 }
 exports.OpenIDAuthDriver = OpenIDAuthDriver;

package/dist/cli/commands/bootstrap/index.js

@@ -30,6 +30,7 @@ const logger_1 = __importDefault(require("../../../logger"));
 const get_schema_1 = require("../../../utils/get-schema");
 const services_1 = require("../../../services");
 const database_1 = __importStar(require("../../../database"));
+const defaults_1 = require("../../utils/defaults");
 async function bootstrap({ skipAdminInit }) {
     logger_1.default.info('Initializing bootstrap...');
     const database = (0, database_1.default)();
@@ -75,7 +76,7 @@ async function waitForDatabase(database) {
 async function createDefaultAdmin(schema) {
     logger_1.default.info('Setting up first admin role...');
     const rolesService = new services_1.RolesService({ schema });
-    const role = await rolesService.createOne({ name: 'Admin', admin_access: true });
+    const role = await rolesService.createOne(defaults_1.defaultAdminRole);
     logger_1.default.info('Adding first admin user...');
     const usersService = new services_1.UsersService({ schema });
     let adminEmail = env_1.default.ADMIN_EMAIL;
@@ -88,5 +89,5 @@ async function createDefaultAdmin(schema) {
         adminPassword = (0, nanoid_1.nanoid)(12);
         logger_1.default.info(`No admin password provided. Defaulting to "${adminPassword}"`);
     }
-    await usersService.createOne({ email: adminEmail, password: adminPassword, role });
+    await usersService.createOne({ email: adminEmail, password: adminPassword, role, ...defaults_1.defaultAdminUser });
 }

package/dist/cli/commands/init/index.js

@@ -15,6 +15,7 @@ const create_env_1 = __importDefault(require("../../utils/create-env"));
 const drivers_1 = require("../../utils/drivers");
 const questions_1 = require("./questions");
 const generate_hash_1 = require("../../../utils/generate-hash");
+const defaults_1 = require("../../utils/defaults");
 async function init() {
     const rootPath = process.cwd();
     const { client } = await inquirer_1.default.prompt([
@@ -79,19 +80,14 @@ async function init() {
     const roleID = (0, uuid_1.v4)();
     await db('directus_roles').insert({
         id: roleID,
-        name: 'Administrator',
-        icon: 'verified',
-        admin_access: true,
-        description: 'Initial administrative role with unrestricted App/API access',
+        ...defaults_1.defaultAdminRole,
     });
     await db('directus_users').insert({
         id: userID,
-        status: 'active',
         email: firstUser.email,
         password: firstUser.password,
-        first_name: 'Admin',
-        last_name: 'User',
         role: roleID,
+        ...defaults_1.defaultAdminUser,
     });
     await db.destroy();
     process.stdout.write(`\nYour project has been created at ${chalk_1.default.green(rootPath)}.\n`);

package/dist/cli/commands/schema/apply.js

@@ -135,7 +135,7 @@ async function apply(snapshotPath, options) {
                     else {
                         continue;
                     }
-                    // Related collection doesn't exist for m2a relationship types
+                    // Related collection doesn't exist for a2o relationship types
                     if (related_collection) {
                         message += `-> ${related_collection}`;
                     }

package/dist/cli/utils/defaults.d.ts

@@ -0,0 +1,11 @@
+export declare const defaultAdminRole: {
+    name: string;
+    icon: string;
+    admin_access: boolean;
+    description: string;
+};
+export declare const defaultAdminUser: {
+    status: string;
+    first_name: string;
+    last_name: string;
+};

package/dist/cli/utils/defaults.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultAdminUser = exports.defaultAdminRole = void 0;
+exports.defaultAdminRole = {
+    name: 'Administrator',
+    icon: 'verified',
+    admin_access: true,
+    description: '$t:admin_description',
+};
+exports.defaultAdminUser = {
+    status: 'active',
+    first_name: 'Admin',
+    last_name: 'User',
+};

package/dist/constants.d.ts

@@ -5,3 +5,11 @@ export declare const FILTER_VARIABLES: string[];
 export declare const ALIAS_TYPES: string[];
 export declare const DEFAULT_AUTH_PROVIDER = "default";
 export declare const COLUMN_TRANSFORMS: string[];
+export declare const UUID_REGEX = "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}";
+export declare const COOKIE_OPTIONS: {
+    httpOnly: boolean;
+    domain: any;
+    maxAge: number;
+    secure: any;
+    sameSite: "lax" | "strict" | "none";
+};

package/dist/constants.js

@@ -1,6 +1,12 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var _a;
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.COLUMN_TRANSFORMS = exports.DEFAULT_AUTH_PROVIDER = exports.ALIAS_TYPES = exports.FILTER_VARIABLES = exports.ASSET_TRANSFORM_QUERY_KEYS = exports.SYSTEM_ASSET_ALLOW_LIST = void 0;
+exports.COOKIE_OPTIONS = exports.UUID_REGEX = exports.COLUMN_TRANSFORMS = exports.DEFAULT_AUTH_PROVIDER = exports.ALIAS_TYPES = exports.FILTER_VARIABLES = exports.ASSET_TRANSFORM_QUERY_KEYS = exports.SYSTEM_ASSET_ALLOW_LIST = void 0;
+const env_1 = __importDefault(require("./env"));
+const ms_1 = __importDefault(require("ms"));
 exports.SYSTEM_ASSET_ALLOW_LIST = [
     {
         key: 'system-small-cover',
@@ -38,6 +44,14 @@ exports.ASSET_TRANSFORM_QUERY_KEYS = [
     'withoutEnlargement',
 ];
 exports.FILTER_VARIABLES = ['$NOW', '$CURRENT_USER', '$CURRENT_ROLE'];
-exports.ALIAS_TYPES = ['alias', 'o2m', 'm2m', 'm2a', 'files', 'translations'];
+exports.ALIAS_TYPES = ['alias', 'o2m', 'm2m', 'm2a', 'o2a', 'files', 'translations'];
 exports.DEFAULT_AUTH_PROVIDER = 'default';
 exports.COLUMN_TRANSFORMS = ['year', 'month', 'day', 'weekday', 'hour', 'minute', 'second'];
+exports.UUID_REGEX = '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}';
+exports.COOKIE_OPTIONS = {
+    httpOnly: true,
+    domain: env_1.default.REFRESH_TOKEN_COOKIE_DOMAIN,
+    maxAge: (0, ms_1.default)(env_1.default.REFRESH_TOKEN_TTL),
+    secure: (_a = env_1.default.REFRESH_TOKEN_COOKIE_SECURE) !== null && _a !== void 0 ? _a : false,
+    sameSite: env_1.default.REFRESH_TOKEN_COOKIE_SAME_SITE || 'strict',
+};

package/dist/controllers/shares.d.ts

@@ -0,0 +1,2 @@
+declare const router: import("express-serve-static-core").Router;
+export default router;

package/dist/controllers/shares.js

@@ -0,0 +1,212 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const exceptions_1 = require("../exceptions");
+const respond_1 = require("../middleware/respond");
+const use_collection_1 = __importDefault(require("../middleware/use-collection"));
+const validate_batch_1 = require("../middleware/validate-batch");
+const services_1 = require("../services");
+const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const constants_1 = require("../constants");
+const joi_1 = __importDefault(require("joi"));
+const env_1 = __importDefault(require("../env"));
+const router = express_1.default.Router();
+router.use((0, use_collection_1.default)('directus_shares'));
+const sharedLoginSchema = joi_1.default.object({
+    share: joi_1.default.string().required(),
+    password: joi_1.default.string(),
+}).unknown();
+router.post('/auth', (0, async_handler_1.default)(async (req, res, next) => {
+    // This doesn't use accountability, as the user isn't logged in at this point
+    const service = new services_1.SharesService({
+        schema: req.schema,
+    });
+    const { error } = sharedLoginSchema.validate(req.body);
+    if (error) {
+        throw new exceptions_1.InvalidPayloadException(error.message);
+    }
+    const { accessToken, refreshToken, expires } = await service.login(req.body);
+    res.cookie(env_1.default.REFRESH_TOKEN_COOKIE_NAME, refreshToken, constants_1.COOKIE_OPTIONS);
+    res.locals.payload = { data: { access_token: accessToken, expires } };
+    return next();
+}), respond_1.respond);
+const sharedInviteSchema = joi_1.default.object({
+    share: joi_1.default.string().required(),
+    emails: joi_1.default.array().items(joi_1.default.string()),
+}).unknown();
+router.post('/invite', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        schema: req.schema,
+        accountability: req.accountability,
+    });
+    const { error } = sharedInviteSchema.validate(req.body);
+    if (error) {
+        throw new exceptions_1.InvalidPayloadException(error.message);
+    }
+    await service.invite(req.body);
+    return next();
+}), respond_1.respond);
+router.post('/', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const savedKeys = [];
+    if (Array.isArray(req.body)) {
+        const keys = await service.createMany(req.body);
+        savedKeys.push(...keys);
+    }
+    else {
+        const key = await service.createOne(req.body);
+        savedKeys.push(key);
+    }
+    try {
+        if (Array.isArray(req.body)) {
+            const items = await service.readMany(savedKeys, req.sanitizedQuery);
+            res.locals.payload = { data: items };
+        }
+        else {
+            const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
+            res.locals.payload = { data: item };
+        }
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+const readHandler = (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const records = await service.readByQuery(req.sanitizedQuery);
+    res.locals.payload = { data: records || null };
+    return next();
+});
+router.get('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.search('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.get(`/info/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params.pk, {
+        fields: ['id', 'collection', 'item', 'password', 'max_uses', 'times_used', 'date_start', 'date_end'],
+        filter: {
+            _and: [
+                {
+                    _or: [
+                        {
+                            date_start: {
+                                _lte: new Date().toISOString(),
+                            },
+                        },
+                        {
+                            date_start: {
+                                _null: true,
+                            },
+                        },
+                    ],
+                },
+                {
+                    _or: [
+                        {
+                            date_end: {
+                                _gte: new Date().toISOString(),
+                            },
+                        },
+                        {
+                            date_end: {
+                                _null: true,
+                            },
+                        },
+                    ],
+                },
+            ],
+        },
+    });
+    res.locals.payload = { data: record || null };
+    return next();
+}), respond_1.respond);
+router.get(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params.pk, req.sanitizedQuery);
+    res.locals.payload = { data: record || null };
+    return next();
+}), respond_1.respond);
+router.patch('/', (0, validate_batch_1.validateBatch)('update'), (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let keys = [];
+    if (req.body.keys) {
+        keys = await service.updateMany(req.body.keys, req.body.data);
+    }
+    else {
+        keys = await service.updateByQuery(req.body.query, req.body.data);
+    }
+    try {
+        const result = await service.readMany(keys, req.sanitizedQuery);
+        res.locals.payload = { data: result };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.patch(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const primaryKey = await service.updateOne(req.params.pk, req.body);
+    try {
+        const item = await service.readOne(primaryKey, req.sanitizedQuery);
+        res.locals.payload = { data: item || null };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.delete('/', (0, async_handler_1.default)(async (req, _res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    if (Array.isArray(req.body)) {
+        await service.deleteMany(req.body);
+    }
+    else if (req.body.keys) {
+        await service.deleteMany(req.body.keys);
+    }
+    else {
+        await service.deleteByQuery(req.body.query);
+    }
+    return next();
+}), respond_1.respond);
+router.delete(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, _res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.deleteOne(req.params.pk);
+    return next();
+}), respond_1.respond);
+exports.default = router;