npm - directus - Versions diffs - 9.2.1 → 9.4.1 - Mend

directus 9.2.1 → 9.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/dist/app.js +5 -3
package/dist/auth/auth.d.ts +4 -6
package/dist/auth/auth.js +5 -9
package/dist/auth/drivers/ldap.d.ts +3 -3
package/dist/auth/drivers/ldap.js +6 -2
package/dist/auth/drivers/local.d.ts +2 -2
package/dist/auth/drivers/local.js +5 -12
package/dist/auth/drivers/oauth2.d.ts +3 -3
package/dist/auth/drivers/oauth2.js +2 -3
package/dist/auth/drivers/openid.d.ts +3 -3
package/dist/auth/drivers/openid.js +2 -3
package/dist/cli/commands/bootstrap/index.js +3 -2
package/dist/cli/commands/init/index.js +3 -7
package/dist/cli/commands/schema/apply.js +1 -1
package/dist/cli/utils/defaults.d.ts +11 -0
package/dist/cli/utils/defaults.js +14 -0
package/dist/constants.d.ts +8 -0
package/dist/constants.js +16 -2
package/dist/controllers/shares.d.ts +2 -0
package/dist/controllers/shares.js +212 -0
package/dist/controllers/users.js +21 -9
package/dist/database/migrations/20211211A-add-shares.d.ts +3 -0
package/dist/database/migrations/20211211A-add-shares.js +38 -0
package/dist/database/run-ast.js +5 -5
package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml +0 -15
package/dist/database/system-data/app-access-permissions/index.d.ts +1 -0
package/dist/database/system-data/app-access-permissions/index.js +4 -2
package/dist/database/system-data/app-access-permissions/schema-access-permissions.yaml +17 -0
package/dist/database/system-data/collections/collections.yaml +3 -0
package/dist/database/system-data/fields/_defaults.yaml +2 -0
package/dist/database/system-data/fields/sessions.yaml +1 -1
package/dist/database/system-data/fields/settings.yaml +9 -0
package/dist/database/system-data/fields/shares.yaml +77 -0
package/dist/database/system-data/fields/users.yaml +1 -1
package/dist/database/system-data/relations/relations.yaml +15 -0
package/dist/emitter.d.ts +3 -2
package/dist/emitter.js +13 -6
package/dist/env.js +1 -1
package/dist/exceptions/index.d.ts +1 -0
package/dist/exceptions/index.js +1 -0
package/dist/exceptions/unexpected-response.d.ts +4 -0
package/dist/exceptions/unexpected-response.js +10 -0
package/dist/extensions.d.ts +1 -0
package/dist/extensions.js +10 -4
package/dist/middleware/authenticate.js +5 -15
package/dist/middleware/check-ip.js +9 -6
package/dist/middleware/respond.js +4 -1
package/dist/services/activity.d.ts +2 -1
package/dist/services/activity.js +2 -2
package/dist/services/authentication.d.ts +2 -7
package/dist/services/authentication.js +81 -41
package/dist/services/authorization.js +3 -3
package/dist/services/collections.d.ts +1 -2
package/dist/services/collections.js +2 -2
package/dist/services/files.d.ts +2 -2
package/dist/services/files.js +14 -8
package/dist/services/graphql.js +20 -5
package/dist/services/index.d.ts +1 -0
package/dist/services/index.js +1 -0
package/dist/services/items.d.ts +1 -15
package/dist/services/notifications.d.ts +2 -2
package/dist/services/permissions.d.ts +2 -2
package/dist/services/roles.d.ts +2 -2
package/dist/services/shares.d.ts +17 -0
package/dist/services/shares.js +135 -0
package/dist/services/specifications.js +1 -1
package/dist/services/users.d.ts +2 -2
package/dist/services/users.js +8 -6
package/dist/services/webhooks.d.ts +2 -2
package/dist/tests/database/migrations/run.test.d.ts +1 -0
package/dist/tests/database/migrations/run.test.js +29 -0
package/dist/types/ast.d.ts +3 -3
package/dist/types/auth.d.ts +31 -0
package/dist/types/extensions.d.ts +2 -0
package/dist/types/items.d.ts +14 -0
package/dist/utils/apply-query.d.ts +0 -38
package/dist/utils/apply-query.js +66 -67
package/dist/utils/apply-snapshot.js +69 -14
package/dist/utils/get-ast-from-query.js +3 -3
package/dist/utils/get-default-value.js +3 -1
package/dist/utils/get-permissions.d.ts +2 -2
package/dist/utils/get-permissions.js +117 -72
package/dist/utils/get-relation-type.d.ts +1 -1
package/dist/utils/get-relation-type.js +1 -1
package/dist/utils/merge-permissions-for-share.d.ts +5 -0
package/dist/utils/merge-permissions-for-share.js +116 -0
package/dist/utils/merge-permissions.d.ts +13 -1
package/dist/utils/merge-permissions.js +27 -19
package/dist/utils/reduce-schema.d.ts +2 -2
package/dist/utils/reduce-schema.js +7 -7
package/dist/utils/user-name.js +3 -0
package/example.env +1 -1
package/package.json +14 -13

package/dist/controllers/users.js CHANGED Viewed

@@ -62,8 +62,20 @@ const readHandler = (0, async_handler_1.default)(async (req, res, next) => {
 router.get('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
 router.search('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
 router.get('/me', (0, async_handler_1.default)(async (req, res, next) => {
-    var _a;
-    if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
+    var _a, _b, _c;
+    if ((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.share_scope) {
+        const user = {
+            share: (_b = req.accountability) === null || _b === void 0 ? void 0 : _b.share,
+            role: {
+                id: req.accountability.role,
+                admin_access: false,
+                app_access: false,
+            },
+        };
+        res.locals.payload = { data: user };
+        return next();
+    }
+    if (!((_c = req.accountability) === null || _c === void 0 ? void 0 : _c.user)) {
         throw new exceptions_1.InvalidCredentialsException();
     }
     const service = new services_1.UsersService({
@@ -108,7 +120,7 @@ router.patch('/me', (0, async_handler_1.default)(async (req, res, next) => {
     res.locals.payload = { data: item || null };
     return next();
 }), respond_1.respond);
-router.patch('/me/track/page', (0, async_handler_1.default)(async (req, res, next) => {
+router.patch('/me/track/page', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();
@@ -162,7 +174,7 @@ router.patch('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
     }
     return next();
 }), respond_1.respond);
-router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_handler_1.default)(async (req, res, next) => {
+router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_handler_1.default)(async (req, _res, next) => {
     const service = new services_1.UsersService({
         accountability: req.accountability,
         schema: req.schema,
@@ -178,7 +190,7 @@ router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_hand
     }
     return next();
 }), respond_1.respond);
-router.delete('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
+router.delete('/:pk', (0, async_handler_1.default)(async (req, _res, next) => {
     const service = new services_1.UsersService({
         accountability: req.accountability,
         schema: req.schema,
@@ -191,7 +203,7 @@ const inviteSchema = joi_1.default.object({
     role: joi_1.default.string().uuid({ version: 'uuidv4' }).required(),
     invite_url: joi_1.default.string().uri(),
 });
-router.post('/invite', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/invite', (0, async_handler_1.default)(async (req, _res, next) => {
     const { error } = inviteSchema.validate(req.body);
     if (error)
         throw new exceptions_1.InvalidPayloadException(error.message);
@@ -206,7 +218,7 @@ const acceptInviteSchema = joi_1.default.object({
     token: joi_1.default.string().required(),
     password: joi_1.default.string().required(),
 });
-router.post('/invite/accept', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/invite/accept', (0, async_handler_1.default)(async (req, _res, next) => {
     const { error } = acceptInviteSchema.validate(req.body);
     if (error)
         throw new exceptions_1.InvalidPayloadException(error.message);
@@ -238,7 +250,7 @@ router.post('/me/tfa/generate/', (0, async_handler_1.default)(async (req, res, n
     res.locals.payload = { data: { secret, otpauth_url: url } };
     return next();
 }), respond_1.respond);
-router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();
@@ -256,7 +268,7 @@ router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, res, nex
     await service.enableTFA(req.accountability.user, req.body.otp, req.body.secret);
     return next();
 }), respond_1.respond);
-router.post('/me/tfa/disable', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/me/tfa/disable', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();

package/dist/database/migrations/20211211A-add-shares.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20211211A-add-shares.js ADDED Viewed

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.down = exports.up = void 0;
+async function up(knex) {
+    await knex.schema.createTable('directus_shares', (table) => {
+        table.uuid('id').primary();
+        table.string('name');
+        table.string('collection', 64).references('collection').inTable('directus_collections').onDelete('CASCADE');
+        table.string('item');
+        table.uuid('role').references('id').inTable('directus_roles').onDelete('CASCADE');
+        table.string('password');
+        table.uuid('user_created').references('id').inTable('directus_users').onDelete('SET NULL');
+        table.timestamp('date_created').defaultTo(knex.fn.now());
+        // This was changed after the migration went live to retroactively fix mysql5, see #10693
+        table.timestamp('date_start').nullable().defaultTo(null);
+        table.timestamp('date_end').nullable().defaultTo(null);
+        table.integer('times_used').defaultTo(0);
+        table.integer('max_uses');
+    });
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.dropColumn('data');
+    });
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.uuid('user').nullable().alter();
+        table.uuid('share').references('id').inTable('directus_shares').onDelete('CASCADE');
+    });
+}
+exports.up = up;
+async function down(knex) {
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.uuid('user').notNullable().alter();
+        table.json('data');
+        table.dropForeign('share');
+        table.dropColumn('share');
+    });
+    await knex.schema.dropTable('directus_shares');
+}
+exports.down = down;

package/dist/database/run-ast.js CHANGED Viewed

@@ -18,7 +18,7 @@ const helpers_1 = require("../database/helpers");
 async function runAST(originalAST, schema, options) {
     const ast = (0, lodash_1.cloneDeep)(originalAST);
     const knex = (options === null || options === void 0 ? void 0 : options.knex) || (0, _1.default)();
-    if (ast.type === 'm2a') {
+    if (ast.type === 'a2o') {
         const results = {};
         for (const collection of ast.names) {
             results[collection] = await run(collection, ast.children[collection], ast.query[collection]);
@@ -85,7 +85,7 @@ async function parseCurrentLevel(schema, collection, children, query) {
         if (child.type === 'm2o') {
             columnsToSelectInternal.push(child.fieldKey);
         }
-        if (child.type === 'm2a') {
+        if (child.type === 'a2o') {
             columnsToSelectInternal.push(child.relation.field);
             columnsToSelectInternal.push(child.relation.meta.one_collection_field);
         }
@@ -182,7 +182,7 @@ function applyParentFilters(schema, nestedCollectionNodes, parentItem) {
                 nestedNode.query.union = [foreignField, foreignIds];
             }
         }
-        else if (nestedNode.type === 'm2a') {
+        else if (nestedNode.type === 'a2o') {
             const keysPerCollection = {};
             for (const parentItem of parentItems) {
                 const collection = parentItem[nestedNode.relation.meta.one_collection_field];
@@ -256,7 +256,7 @@ function mergeWithParentItems(schema, nestedItem, parentItem, nestedNode) {
             parentItem[nestedNode.fieldKey] = itemChildren.length > 0 ? itemChildren : [];
         }
     }
-    else if (nestedNode.type === 'm2a') {
+    else if (nestedNode.type === 'a2o') {
         for (const parentItem of parentItems) {
             if (!((_a = nestedNode.relation.meta) === null || _a === void 0 ? void 0 : _a.one_collection_field)) {
                 parentItem[nestedNode.fieldKey] = null;
@@ -279,7 +279,7 @@ function removeTemporaryFields(schema, rawItem, ast, primaryKeyField, parentItem
     var _a;
     const rawItems = (0, lodash_1.cloneDeep)((0, utils_1.toArray)(rawItem));
     const items = [];
-    if (ast.type === 'm2a') {
+    if (ast.type === 'a2o') {
         const fields = {};
         const nestedCollectionNodes = {};
         for (const relatedCollection of ast.names) {

package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml CHANGED Viewed

@@ -13,18 +13,6 @@
     comment:
       _nnull: true
-- collection: directus_collections
-  action: read
-- collection: directus_fields
-  action: read
-- collection: directus_permissions
-  action: read
-  permissions:
-    role:
-      _eq: $CURRENT_ROLE
 - collection: directus_presets
   action: read
   permissions:
@@ -60,9 +48,6 @@
     user:
       _eq: $CURRENT_USER
-- collection: directus_relations
-  action: read
 - collection: directus_roles
   action: read
   permissions:

package/dist/database/system-data/app-access-permissions/index.d.ts CHANGED Viewed

@@ -1,2 +1,3 @@
 import { Permission } from '@directus/shared/types';
+export declare const schemaPermissions: Permission[];
 export declare const appAccessMinimalPermissions: Permission[];

package/dist/database/system-data/app-access-permissions/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.appAccessMinimalPermissions = void 0;
+exports.appAccessMinimalPermissions = exports.schemaPermissions = void 0;
 const lodash_1 = require("lodash");
 const require_yaml_1 = require("../../../utils/require-yaml");
 const defaults = {
@@ -11,5 +11,7 @@ const defaults = {
     fields: ['*'],
     system: true,
 };
+const schemaPermissionsRaw = (0, require_yaml_1.requireYAML)(require.resolve('./schema-access-permissions.yaml'));
 const permissions = (0, require_yaml_1.requireYAML)(require.resolve('./app-access-permissions.yaml'));
-exports.appAccessMinimalPermissions = permissions.map((row) => (0, lodash_1.merge)({}, defaults, row));
+exports.schemaPermissions = schemaPermissionsRaw.map((row) => (0, lodash_1.merge)({}, defaults, row));
+exports.appAccessMinimalPermissions = [...exports.schemaPermissions, ...permissions].map((row) => (0, lodash_1.merge)({}, defaults, row));

package/dist/database/system-data/app-access-permissions/schema-access-permissions.yaml ADDED Viewed

@@ -0,0 +1,17 @@
+# NOTE: Activity/collections/fields/presets/relations/revisions will have an extra hardcoded filter
+# to filter out collections you don't have read access
+- collection: directus_collections
+  action: read
+- collection: directus_fields
+  action: read
+- collection: directus_permissions
+  action: read
+  permissions:
+    role:
+      _eq: $CURRENT_ROLE
+- collection: directus_relations
+  action: read

package/dist/database/system-data/collections/collections.yaml CHANGED Viewed

@@ -65,3 +65,6 @@ data:
     note: $t:directus_collection.directus_panels
   - collection: directus_notifications
     note: $t:directus_collection.directus_notifications
+  - collection: directus_shares
+    icon: share
+    note: $t:directus_collection.directus_shares

package/dist/database/system-data/fields/_defaults.yaml CHANGED Viewed

@@ -12,3 +12,5 @@ width: full
 group: null
 translations: null
 note: null
+conditions: null
+required: false

package/dist/database/system-data/fields/sessions.yaml CHANGED Viewed

@@ -11,4 +11,4 @@ fields:
     width: half
   - field: user_agent
     width: half
-  - field: data
+  - field: share

package/dist/database/system-data/fields/settings.yaml CHANGED Viewed

@@ -343,3 +343,12 @@ fields:
                   type:
                     _neq: 'raster'
                 hidden: true
+        - field: attribution
+          name: $t:fields.directus_settings.attribution
+          type: string
+          schema:
+            is_nullable: true
+          meta:
+            interface: input
+            options:
+              placeholder: $t:fields.directus_settings.attribution_placeholder

package/dist/database/system-data/fields/shares.yaml ADDED Viewed

@@ -0,0 +1,77 @@
+table: directus_shares
+fields:
+  - field: id
+    special: uuid
+    readonly: true
+    hidden: true
+  - field: name
+  - field: collection
+    width: half
+    hidden: true
+  - field: item
+    width: half
+    hidden: true
+  - field: role
+    interface: select-dropdown-m2o
+    width: half
+    options:
+      template: '{{name}}'
+      filter:
+        admin_access:
+          _eq: false
+  - field: password
+    special: hash,conceal
+    interface: input-hash
+    options:
+      iconRight: lock
+      masked: true
+    width: half
+    note: $t:shared_leave_blank_for_unlimited
+  - field: date_start
+    width: half
+    note: $t:shared_leave_blank_for_unlimited
+  - field: date_end
+    width: half
+    note: $t:shared_leave_blank_for_unlimited
+  - field: max_uses
+    width: half
+    note: $t:shared_leave_blank_for_unlimited
+  - field: times_used
+    width: half
+    readonly: true
+  - field: date_created
+    special: date-created
+    width: half
+    readonly: true
+    conditions:
+      - name: notCreatedYet
+        rule:
+          id:
+            _null: true
+        hidden: true
+  - field: user_created
+    special: user-created
+    interface: select-dropdown-m2o
+    width: half
+    display: user
+    options:
+      template: '{{avatar.$thumbnail}} {{first_name}} {{last_name}}'
+    readonly: true
+    conditions:
+      - name: notCreatedYet
+        rule:
+          id:
+            _null: true
+        hidden: true

package/dist/database/system-data/fields/users.yaml CHANGED Viewed

@@ -100,7 +100,7 @@ fields:
     options:
       icon: verified_user
       title: $t:fields.directus_users.admin_options
-      color: '#E35169'
+      color: 'var(--danger)'
     special:
       - alias
       - no-data

package/dist/database/system-data/relations/relations.yaml CHANGED Viewed

@@ -12,6 +12,9 @@ defaults:
   sort_field: null
 data:
+  - many_collection: directus_collections
+    many_field: group
+    one_collection: directus_collections
   - many_collection: directus_users
     many_field: role
     one_collection: directus_roles
@@ -73,6 +76,9 @@ data:
   - many_collection: directus_sessions
     many_field: user
     one_collection: directus_users
+  - many_collection: directus_sessions
+    many_field: share
+    one_collection: directus_shares
   - many_collection: directus_settings
     many_field: storage_default_folder
     one_collection: directus_folders
@@ -88,3 +94,12 @@ data:
   - many_collection: directus_notifications
     many_field: sender
     one_collection: directus_users
+  - many_collection: directus_shares
+    many_field: role
+    one_collection: directus_roles
+  - many_collection: directus_shares
+    many_field: collection
+    one_collection: directus_collections
+  - many_collection: directus_shares
+    many_field: user_created
+    one_collection: directus_users

package/dist/emitter.d.ts CHANGED Viewed

@@ -1,10 +1,9 @@
 import { ActionHandler, FilterHandler, HookContext, InitHandler } from './types';
-declare class Emitter {
+export declare class Emitter {
     private filterEmitter;
     private actionEmitter;
     private initEmitter;
     constructor();
-    eventsToEmit(event: string, meta: Record<string, any>): string[];
     emitFilter<T>(event: string, payload: T, meta: Record<string, any>, context: HookContext): Promise<T>;
     emitAction(event: string, meta: Record<string, any>, context: HookContext): void;
     emitInit(event: string, meta: Record<string, any>): Promise<void>;
@@ -14,6 +13,8 @@ declare class Emitter {
     offFilter(event: string, handler: FilterHandler): void;
     offAction(event: string, handler: ActionHandler): void;
     offInit(event: string, handler: InitHandler): void;
+    offAll(): void;
+    private eventsToEmit;
 }
 declare const emitter: Emitter;
 export default emitter;

package/dist/emitter.js CHANGED Viewed

@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Emitter = void 0;
 const eventemitter2_1 = require("eventemitter2");
 const logger_1 = __importDefault(require("./logger"));
 class Emitter {
@@ -18,12 +19,6 @@ class Emitter {
         this.actionEmitter = new eventemitter2_1.EventEmitter2(emitterOptions);
         this.initEmitter = new eventemitter2_1.EventEmitter2(emitterOptions);
     }
-    eventsToEmit(event, meta) {
-        if (event.startsWith('items')) {
-            return [event, `${meta.collection}.${event}`];
-        }
-        return [event];
-    }
     async emitFilter(event, payload, meta, context) {
         const events = this.eventsToEmit(event, meta);
         const listeners = events.flatMap((event) => this.filterEmitter.listeners(event));
@@ -72,6 +67,18 @@ class Emitter {
     offInit(event, handler) {
         this.initEmitter.off(event, handler);
     }
+    offAll() {
+        this.filterEmitter.removeAllListeners();
+        this.actionEmitter.removeAllListeners();
+        this.initEmitter.removeAllListeners();
+    }
+    eventsToEmit(event, meta) {
+        if (event.startsWith('items')) {
+            return [event, `${meta.collection}.${event}`];
+        }
+        return [event];
+    }
 }
+exports.Emitter = Emitter;
 const emitter = new Emitter();
 exports.default = emitter;

package/dist/env.js CHANGED Viewed

@@ -20,7 +20,7 @@ const defaults = {
     PORT: 8055,
     PUBLIC_URL: '/',
     MAX_PAYLOAD_SIZE: '100kb',
-    DB_EXCLUDE_TABLES: 'spatial_ref_sys',
+    DB_EXCLUDE_TABLES: 'spatial_ref_sys,sysdiagrams',
     STORAGE_LOCATIONS: 'local',
     STORAGE_LOCAL_DRIVER: 'local',
     STORAGE_LOCAL_ROOT: './uploads',

package/dist/exceptions/index.d.ts CHANGED Viewed

@@ -15,3 +15,4 @@ export * from './route-not-found';
 export * from './service-unavailable';
 export * from './unprocessable-entity';
 export * from './user-suspended';
+export * from './unexpected-response';

package/dist/exceptions/index.js CHANGED Viewed

@@ -27,3 +27,4 @@ __exportStar(require("./route-not-found"), exports);
 __exportStar(require("./service-unavailable"), exports);
 __exportStar(require("./unprocessable-entity"), exports);
 __exportStar(require("./user-suspended"), exports);
+__exportStar(require("./unexpected-response"), exports);

package/dist/exceptions/unexpected-response.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { BaseException } from '@directus/shared/exceptions';
+export declare class UnexpectedResponseException extends BaseException {
+    constructor(message: string);
+}

package/dist/exceptions/unexpected-response.js ADDED Viewed

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UnexpectedResponseException = void 0;
+const exceptions_1 = require("@directus/shared/exceptions");
+class UnexpectedResponseException extends exceptions_1.BaseException {
+    constructor(message) {
+        super(message, 503, 'UNEXPECTED_RESPONSE');
+    }
+}
+exports.UnexpectedResponseException = UnexpectedResponseException;

package/dist/extensions.d.ts CHANGED Viewed

@@ -7,6 +7,7 @@ declare class ExtensionManager {
     private appExtensions;
     private apiHooks;
     private apiEndpoints;
+    private apiEmitter;
     private endpointRouter;
     private isScheduleHookEnabled;
     constructor();

package/dist/extensions.js CHANGED Viewed

@@ -28,7 +28,7 @@ const path_1 = __importDefault(require("path"));
 const node_1 = require("@directus/shared/utils/node");
 const constants_1 = require("@directus/shared/constants");
 const database_1 = __importDefault(require("./database"));
-const emitter_1 = __importDefault(require("./emitter"));
+const emitter_1 = __importStar(require("./emitter"));
 const env_1 = __importDefault(require("./env"));
 const exceptions = __importStar(require("./exceptions"));
 const sharedExceptions = __importStar(require("@directus/shared/exceptions"));
@@ -44,6 +44,7 @@ const plugin_virtual_1 = __importDefault(require("@rollup/plugin-virtual"));
 const plugin_alias_1 = __importDefault(require("@rollup/plugin-alias"));
 const url_1 = require("./utils/url");
 const get_module_default_1 = __importDefault(require("./utils/get-module-default"));
+const lodash_1 = require("lodash");
 let extensionManager;
 function getExtensionManager() {
     if (extensionManager) {
@@ -61,6 +62,7 @@ class ExtensionManager {
         this.apiHooks = [];
         this.apiEndpoints = [];
         this.isScheduleHookEnabled = true;
+        this.apiEmitter = new emitter_1.Emitter();
         this.endpointRouter = (0, express_1.Router)();
     }
     async initialize({ schedule } = { schedule: true }) {
@@ -92,6 +94,7 @@ class ExtensionManager {
         logger_1.default.info('Reloading extensions');
         this.unregisterHooks();
         this.unregisterEndpoints();
+        this.apiEmitter.offAll();
         if (env_1.default.SERVE_APP) {
             this.appExtensions = {};
         }
@@ -139,12 +142,13 @@ class ExtensionManager {
         return bundles;
     }
     async getSharedDepsMapping(deps) {
-        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist'));
+        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist', 'assets'));
         const depsMapping = {};
         for (const dep of deps) {
-            const depName = appDir.find((file) => dep.replace(/\//g, '_') === file.substring(0, file.indexOf('.')));
+            const depRegex = new RegExp(`${(0, lodash_1.escapeRegExp)(dep.replace(/\//g, '_'))}\\.[0-9a-f]{8}\\.entry\\.js`);
+            const depName = appDir.find((file) => depRegex.test(file));
             if (depName) {
-                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', depName);
+                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'assets', depName);
                 depsMapping[dep] = depUrl.toString({ rootRelative: true });
             }
             else {
@@ -237,6 +241,7 @@ class ExtensionManager {
             exceptions: { ...exceptions, ...sharedExceptions },
             env: env_1.default,
             database: (0, database_1.default)(),
+            emitter: this.apiEmitter,
             logger: logger_1.default,
             getSchema: get_schema_1.getSchema,
         });
@@ -254,6 +259,7 @@ class ExtensionManager {
             exceptions: { ...exceptions, ...sharedExceptions },
             env: env_1.default,
             database: (0, database_1.default)(),
+            emitter: this.apiEmitter,
             logger: logger_1.default,
             getSchema: get_schema_1.getSchema,
         });

package/dist/middleware/authenticate.js CHANGED Viewed

@@ -58,22 +58,12 @@ const authenticate = (0, async_handler_1.default)(async (req, res, next) => {
                     throw err;
                 }
             }
-            const user = await database
-                .select('directus_users.role', 'directus_roles.admin_access', 'directus_roles.app_access')
-                .from('directus_users')
-                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
-                .where({
-                'directus_users.id': payload.id,
-                status: 'active',
-            })
-                .first();
-            if (!user) {
-                throw new exceptions_1.InvalidCredentialsException();
-            }
+            req.accountability.share = payload.share;
+            req.accountability.share_scope = payload.share_scope;
             req.accountability.user = payload.id;
-            req.accountability.role = user.role;
-            req.accountability.admin = user.admin_access === true || user.admin_access == 1;
-            req.accountability.app = user.app_access === true || user.app_access == 1;
+            req.accountability.role = payload.role;
+            req.accountability.admin = payload.admin_access === true || payload.admin_access == 1;
+            req.accountability.app = payload.app_access === true || payload.app_access == 1;
         }
         else {
             // Try finding the user with the provided token

package/dist/middleware/check-ip.js CHANGED Viewed

@@ -7,13 +7,16 @@ exports.checkIP = void 0;
 const database_1 = __importDefault(require("../database"));
 const exceptions_1 = require("../exceptions");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
-exports.checkIP = (0, async_handler_1.default)(async (req, res, next) => {
+exports.checkIP = (0, async_handler_1.default)(async (req, _res, next) => {
     const database = (0, database_1.default)();
-    const role = await database
-        .select('ip_access')
-        .from('directus_roles')
-        .where({ id: req.accountability.role })
-        .first();
+    const query = database.select('ip_access').from('directus_roles');
+    if (req.accountability.role) {
+        query.where({ id: req.accountability.role });
+    }
+    else {
+        query.whereNull('id');
+    }
+    const role = await query.first();
     const ipAllowlist = ((role === null || role === void 0 ? void 0 : role.ip_access) || '').split(',').filter((ip) => ip);
     if (ipAllowlist.length > 0 && ipAllowlist.includes(req.accountability.ip) === false)
         throw new exceptions_1.InvalidIPException();

package/dist/middleware/respond.js CHANGED Viewed

@@ -77,9 +77,12 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
     if (Buffer.isBuffer(res.locals.payload)) {
         return res.end(res.locals.payload);
     }
-    else {
+    else if (res.locals.payload) {
         return res.json(res.locals.payload);
     }
+    else {
+        return res.status(204).end();
+    }
 });
 function getDateFormatted() {
     const date = new Date();

package/dist/services/activity.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { AbstractServiceOptions, PrimaryKey, Item } from '../types';
-import { ItemsService, MutationOptions } from './index';
+import { ItemsService } from './items';
+import { MutationOptions } from '../types';
 import { NotificationsService } from './notifications';
 import { UsersService } from './users';
 export declare class ActivityService extends ItemsService {