directus 9.2.1 → 9.4.1

package/dist/utils/get-permissions.js

@@ -9,6 +9,7 @@ const lodash_1 = require("lodash");
 const database_1 = __importDefault(require("../database"));
 const app_access_permissions_1 = require("../database/system-data/app-access-permissions");
 const merge_permissions_1 = require("../utils/merge-permissions");
+const merge_permissions_for_share_1 = require("./merge-permissions-for-share");
 const users_1 = require("../services/users");
 const roles_1 = require("../services/roles");
 const cache_1 = require("../cache");
@@ -16,91 +17,135 @@ const object_hash_1 = __importDefault(require("object-hash"));
 const env_1 = __importDefault(require("../env"));
 async function getPermissions(accountability, schema) {
     const database = (0, database_1.default)();
-    const { systemCache } = (0, cache_1.getCache)();
+    const { systemCache, cache } = (0, cache_1.getCache)();
     let permissions = [];
-    const { user, role, app, admin } = accountability;
-    const cacheKey = `permissions-${(0, object_hash_1.default)({ user, role, app, admin })}`;
+    const { user, role, app, admin, share_scope } = accountability;
+    const cacheKey = `permissions-${(0, object_hash_1.default)({ user, role, app, admin, share_scope })}`;
     if (env_1.default.CACHE_PERMISSIONS !== false) {
         const cachedPermissions = await systemCache.get(cacheKey);
         if (cachedPermissions) {
-            return cachedPermissions;
-        }
-    }
-    if (accountability.admin !== true) {
-        const permissionsForRole = await database
-            .select('*')
-            .from('directus_permissions')
-            .where({ role: accountability.role });
-        const requiredPermissionData = {
-            $CURRENT_USER: [],
-            $CURRENT_ROLE: [],
-        };
-        permissions = permissionsForRole.map((permissionRaw) => {
-            const permission = (0, lodash_1.cloneDeep)(permissionRaw);
-            if (permission.permissions && typeof permission.permissions === 'string') {
-                permission.permissions = JSON.parse(permission.permissions);
-            }
-            else if (permission.permissions === null) {
-                permission.permissions = {};
-            }
-            if (permission.validation && typeof permission.validation === 'string') {
-                permission.validation = JSON.parse(permission.validation);
-            }
-            else if (permission.validation === null) {
-                permission.validation = {};
-            }
-            if (permission.presets && typeof permission.presets === 'string') {
-                permission.presets = JSON.parse(permission.presets);
-            }
-            else if (permission.presets === null) {
-                permission.presets = {};
-            }
-            if (permission.fields && typeof permission.fields === 'string') {
-                permission.fields = permission.fields.split(',');
+            if (!cachedPermissions.containDynamicData) {
+                return processPermissions(accountability, cachedPermissions.permissions, {});
             }
-            else if (permission.fields === null) {
-                permission.fields = [];
+            const cachedFilterContext = await (cache === null || cache === void 0 ? void 0 : cache.get(`filterContext-${(0, object_hash_1.default)({ user, role, permissions: cachedPermissions.permissions })}`));
+            if (cachedFilterContext) {
+                return processPermissions(accountability, cachedPermissions.permissions, cachedFilterContext);
             }
-            const extractPermissionData = (val) => {
-                if (typeof val === 'string' && val.startsWith('$CURRENT_USER.')) {
-                    requiredPermissionData.$CURRENT_USER.push(val.replace('$CURRENT_USER.', ''));
+            else {
+                const { permissions: parsedPermissions, requiredPermissionData, containDynamicData, } = parsePermissions(cachedPermissions.permissions);
+                permissions = parsedPermissions;
+                const filterContext = containDynamicData
+                    ? await getFilterContext(schema, accountability, requiredPermissionData)
+                    : {};
+                if (containDynamicData && env_1.default.CACHE_ENABLED !== false) {
+                    await (cache === null || cache === void 0 ? void 0 : cache.set(`filterContext-${(0, object_hash_1.default)({ user, role, permissions })}`, filterContext));
                 }
-                if (typeof val === 'string' && val.startsWith('$CURRENT_ROLE.')) {
-                    requiredPermissionData.$CURRENT_ROLE.push(val.replace('$CURRENT_ROLE.', ''));
-                }
-                return val;
-            };
-            (0, utils_1.deepMap)(permission.permissions, extractPermissionData);
-            (0, utils_1.deepMap)(permission.validation, extractPermissionData);
-            (0, utils_1.deepMap)(permission.presets, extractPermissionData);
-            return permission;
-        });
-        if (accountability.app === true) {
-            permissions = (0, merge_permissions_1.mergePermissions)(permissions, app_access_permissions_1.appAccessMinimalPermissions.map((perm) => ({ ...perm, role: accountability.role })));
+                return processPermissions(accountability, permissions, filterContext);
+            }
+        }
+    }
+    if (accountability.admin !== true) {
+        const query = database.select('*').from('directus_permissions');
+        if (accountability.role) {
+            query.where({ role: accountability.role });
         }
-        const usersService = new users_1.UsersService({ schema });
-        const rolesService = new roles_1.RolesService({ schema });
-        const filterContext = {};
-        if (accountability.user && requiredPermissionData.$CURRENT_USER.length > 0) {
-            filterContext.$CURRENT_USER = await usersService.readOne(accountability.user, {
-                fields: requiredPermissionData.$CURRENT_USER,
-            });
+        else {
+            query.whereNull('role');
         }
-        if (accountability.role && requiredPermissionData.$CURRENT_ROLE.length > 0) {
-            filterContext.$CURRENT_ROLE = await rolesService.readOne(accountability.role, {
-                fields: requiredPermissionData.$CURRENT_ROLE,
-            });
+        const permissionsForRole = await query;
+        const { permissions: parsedPermissions, requiredPermissionData, containDynamicData, } = parsePermissions(permissionsForRole);
+        permissions = parsedPermissions;
+        if (accountability.app === true) {
+            permissions = (0, merge_permissions_1.mergePermissions)('or', permissions, app_access_permissions_1.appAccessMinimalPermissions.map((perm) => ({ ...perm, role: accountability.role })));
         }
-        permissions = permissions.map((permission) => {
-            permission.permissions = (0, utils_1.parseFilter)(permission.permissions, accountability, filterContext);
-            permission.validation = (0, utils_1.parseFilter)(permission.validation, accountability, filterContext);
-            permission.presets = (0, utils_1.parseFilter)(permission.presets, accountability, filterContext);
-            return permission;
-        });
+        if (accountability.share_scope) {
+            permissions = (0, merge_permissions_for_share_1.mergePermissionsForShare)(permissions, accountability, schema);
+        }
+        const filterContext = containDynamicData
+            ? await getFilterContext(schema, accountability, requiredPermissionData)
+            : {};
         if (env_1.default.CACHE_PERMISSIONS !== false) {
-            await systemCache.set(cacheKey, permissions);
+            await systemCache.set(cacheKey, { permissions, containDynamicData });
+            if (containDynamicData && env_1.default.CACHE_ENABLED !== false) {
+                await (cache === null || cache === void 0 ? void 0 : cache.set(`filterContext-${(0, object_hash_1.default)({ user, role, permissions })}`, filterContext));
+            }
         }
+        return processPermissions(accountability, permissions, filterContext);
     }
     return permissions;
 }
 exports.getPermissions = getPermissions;
+function parsePermissions(permissions) {
+    const requiredPermissionData = {
+        $CURRENT_USER: [],
+        $CURRENT_ROLE: [],
+    };
+    let containDynamicData = false;
+    permissions = permissions.map((permissionRaw) => {
+        const permission = (0, lodash_1.cloneDeep)(permissionRaw);
+        if (permission.permissions && typeof permission.permissions === 'string') {
+            permission.permissions = JSON.parse(permission.permissions);
+        }
+        else if (permission.permissions === null) {
+            permission.permissions = {};
+        }
+        if (permission.validation && typeof permission.validation === 'string') {
+            permission.validation = JSON.parse(permission.validation);
+        }
+        else if (permission.validation === null) {
+            permission.validation = {};
+        }
+        if (permission.presets && typeof permission.presets === 'string') {
+            permission.presets = JSON.parse(permission.presets);
+        }
+        else if (permission.presets === null) {
+            permission.presets = {};
+        }
+        if (permission.fields && typeof permission.fields === 'string') {
+            permission.fields = permission.fields.split(',');
+        }
+        else if (permission.fields === null) {
+            permission.fields = [];
+        }
+        const extractPermissionData = (val) => {
+            if (typeof val === 'string' && val.startsWith('$CURRENT_USER.')) {
+                requiredPermissionData.$CURRENT_USER.push(val.replace('$CURRENT_USER.', ''));
+                containDynamicData = true;
+            }
+            if (typeof val === 'string' && val.startsWith('$CURRENT_ROLE.')) {
+                requiredPermissionData.$CURRENT_ROLE.push(val.replace('$CURRENT_ROLE.', ''));
+                containDynamicData = true;
+            }
+            return val;
+        };
+        (0, utils_1.deepMap)(permission.permissions, extractPermissionData);
+        (0, utils_1.deepMap)(permission.validation, extractPermissionData);
+        (0, utils_1.deepMap)(permission.presets, extractPermissionData);
+        return permission;
+    });
+    return { permissions, requiredPermissionData, containDynamicData };
+}
+async function getFilterContext(schema, accountability, requiredPermissionData) {
+    const usersService = new users_1.UsersService({ schema });
+    const rolesService = new roles_1.RolesService({ schema });
+    const filterContext = {};
+    if (accountability.user && requiredPermissionData.$CURRENT_USER.length > 0) {
+        filterContext.$CURRENT_USER = await usersService.readOne(accountability.user, {
+            fields: requiredPermissionData.$CURRENT_USER,
+        });
+    }
+    if (accountability.role && requiredPermissionData.$CURRENT_ROLE.length > 0) {
+        filterContext.$CURRENT_ROLE = await rolesService.readOne(accountability.role, {
+            fields: requiredPermissionData.$CURRENT_ROLE,
+        });
+    }
+    return filterContext;
+}
+function processPermissions(accountability, permissions, filterContext) {
+    return permissions.map((permission) => {
+        permission.permissions = (0, utils_1.parseFilter)(permission.permissions, accountability, filterContext);
+        permission.validation = (0, utils_1.parseFilter)(permission.validation, accountability, filterContext);
+        permission.presets = (0, utils_1.parseFilter)(permission.presets, accountability, filterContext);
+        return permission;
+    });
+}

package/dist/utils/get-relation-type.d.ts

@@ -3,4 +3,4 @@ export declare function getRelationType(getRelationOptions: {
     relation: Relation;
     collection: string | null;
     field: string;
-}): 'm2o' | 'o2m' | 'm2a' | null;
+}): 'm2o' | 'o2m' | 'a2o' | null;

package/dist/utils/get-relation-type.js

@@ -10,7 +10,7 @@ function getRelationType(getRelationOptions) {
         relation.field === field &&
         ((_a = relation.meta) === null || _a === void 0 ? void 0 : _a.one_collection_field) &&
         ((_b = relation.meta) === null || _b === void 0 ? void 0 : _b.one_allowed_collections)) {
-        return 'm2a';
+        return 'a2o';
     }
     if (relation.collection === collection && relation.field === field) {
         return 'm2o';

package/dist/utils/merge-permissions-for-share.d.ts

@@ -0,0 +1,5 @@
+import { Permission, Accountability, Filter } from '@directus/shared/types';
+import { SchemaOverview } from '../types';
+export declare function mergePermissionsForShare(currentPermissions: Permission[], accountability: Accountability, schema: SchemaOverview): Permission[];
+export declare function traverse(schema: SchemaOverview, rootItemPrimaryKeyField: string, rootItemPrimaryKey: string, currentCollection: string, parentCollections?: string[], path?: string[]): Partial<Permission>[];
+export declare function getFilterForPath(type: 'o2m' | 'm2o' | 'a2o', path: string[], rootPrimaryKeyField: string, rootPrimaryKey: string): Filter;

package/dist/utils/merge-permissions-for-share.js

@@ -0,0 +1,116 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getFilterForPath = exports.traverse = exports.mergePermissionsForShare = void 0;
+const lodash_1 = require("lodash");
+const merge_permissions_1 = require("./merge-permissions");
+const app_access_permissions_1 = require("../database/system-data/app-access-permissions");
+const reduce_schema_1 = require("./reduce-schema");
+function mergePermissionsForShare(currentPermissions, accountability, schema) {
+    const defaults = {
+        action: 'read',
+        role: accountability.role,
+        collection: '',
+        permissions: {},
+        validation: null,
+        presets: null,
+        fields: null,
+    };
+    const { collection, item } = accountability.share_scope;
+    const parentPrimaryKeyField = schema.collections[collection].primary;
+    const reducedSchema = (0, reduce_schema_1.reduceSchema)(schema, currentPermissions, ['read']);
+    const relationalPermissions = traverse(reducedSchema, parentPrimaryKeyField, item, collection);
+    const parentCollectionPermission = (0, lodash_1.assign)({}, defaults, {
+        collection,
+        permissions: {
+            [parentPrimaryKeyField]: {
+                _eq: item,
+            },
+        },
+    });
+    // All permissions that will be merged into the original permissions set
+    const allGeneratedPermissions = [
+        parentCollectionPermission,
+        ...relationalPermissions.map((generated) => (0, lodash_1.assign)({}, defaults, generated)),
+        ...app_access_permissions_1.schemaPermissions,
+    ];
+    // All the collections that are touched through the relational tree from the current root collection, and the schema collections
+    const allowedCollections = (0, lodash_1.uniq)(allGeneratedPermissions.map(({ collection }) => collection));
+    const generatedPermissions = [];
+    // Merge all the permissions that relate to the same collection with an _or (this allows you to properly retrieve)
+    // the items of a collection if you entered that collection from multiple angles
+    for (const collection of allowedCollections) {
+        const permissionsForCollection = allGeneratedPermissions.filter((permission) => permission.collection === collection);
+        if (permissionsForCollection.length > 0) {
+            generatedPermissions.push(...(0, merge_permissions_1.mergePermissions)('or', permissionsForCollection));
+        }
+        else {
+            generatedPermissions.push(...permissionsForCollection);
+        }
+    }
+    // Explicitly filter out permissions to collections unrelated to the root parent item.
+    const limitedPermissions = currentPermissions.filter(({ collection }) => allowedCollections.includes(collection));
+    return (0, merge_permissions_1.mergePermissions)('and', limitedPermissions, generatedPermissions);
+}
+exports.mergePermissionsForShare = mergePermissionsForShare;
+function traverse(schema, rootItemPrimaryKeyField, rootItemPrimaryKey, currentCollection, parentCollections = [], path = []) {
+    var _a, _b, _c;
+    const permissions = [];
+    // If there's already a permissions rule for the collection we're currently checking, we'll shortcircuit.
+    // This prevents infinite loop in recursive relationships, like articles->related_articles->articles, or
+    // articles.author->users.avatar->files.created_by->users.avatar->files.created_by->🔁
+    if (parentCollections.includes(currentCollection)) {
+        return permissions;
+    }
+    const relationsInCollection = schema.relations.filter((relation) => {
+        return relation.collection === currentCollection || relation.related_collection === currentCollection;
+    });
+    for (const relation of relationsInCollection) {
+        let type;
+        if (relation.related_collection === currentCollection) {
+            type = 'o2m';
+        }
+        else if (!relation.related_collection) {
+            type = 'a2o';
+        }
+        else {
+            type = 'm2o';
+        }
+        if (type === 'o2m') {
+            permissions.push({
+                collection: relation.collection,
+                permissions: getFilterForPath(type, [...path, relation.field], rootItemPrimaryKeyField, rootItemPrimaryKey),
+            });
+            permissions.push(...traverse(schema, rootItemPrimaryKeyField, rootItemPrimaryKey, relation.collection, [...parentCollections, currentCollection], [...path, relation.field]));
+        }
+        if (type === 'a2o' && ((_a = relation.meta) === null || _a === void 0 ? void 0 : _a.one_allowed_collections)) {
+            for (const collection of relation.meta.one_allowed_collections) {
+                permissions.push({
+                    collection,
+                    permissions: getFilterForPath(type, [...path, `$FOLLOW(${relation.collection},${relation.field},${relation.meta.one_collection_field})`], rootItemPrimaryKeyField, rootItemPrimaryKey),
+                });
+            }
+        }
+        if (type === 'm2o') {
+            permissions.push({
+                collection: relation.related_collection,
+                permissions: getFilterForPath(type, [...path, `$FOLLOW(${relation.collection},${relation.field})`], rootItemPrimaryKeyField, rootItemPrimaryKey),
+            });
+            if ((_b = relation.meta) === null || _b === void 0 ? void 0 : _b.one_field) {
+                permissions.push(...traverse(schema, rootItemPrimaryKeyField, rootItemPrimaryKey, relation.related_collection, [...parentCollections, currentCollection], [...path, (_c = relation.meta) === null || _c === void 0 ? void 0 : _c.one_field]));
+            }
+        }
+    }
+    return permissions;
+}
+exports.traverse = traverse;
+function getFilterForPath(type, path, rootPrimaryKeyField, rootPrimaryKey) {
+    const filter = {};
+    if (type === 'm2o' || type === 'a2o') {
+        (0, lodash_1.set)(filter, path.reverse(), { [rootPrimaryKeyField]: { _eq: rootPrimaryKey } });
+    }
+    else {
+        (0, lodash_1.set)(filter, path.reverse(), { _eq: rootPrimaryKey });
+    }
+    return filter;
+}
+exports.getFilterForPath = getFilterForPath;

package/dist/utils/merge-permissions.d.ts

@@ -1,2 +1,14 @@
+/// <reference types="lodash" />
 import { Permission } from '@directus/shared/types';
-export declare function mergePermissions(...permissions: Permission[][]): Permission[];
+export declare function mergePermissions(strategy: 'and' | 'or', ...permissions: Permission[][]): Permission[];
+export declare function mergePermission(strategy: 'and' | 'or', currentPerm: Permission, newPerm: Permission): import("lodash").Omit<{
+    permissions: import("@directus/shared/types").Filter | null;
+    validation: import("@directus/shared/types").Filter | null;
+    fields: string[] | null;
+    presets: Record<string, any> | null;
+    id?: number | undefined;
+    role: string | null;
+    collection: string;
+    action: import("@directus/shared/types").PermissionsAction;
+    system?: true | undefined;
+}, "id" | "system">;

package/dist/utils/merge-permissions.js

@@ -1,66 +1,73 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.mergePermissions = void 0;
+exports.mergePermission = exports.mergePermissions = void 0;
 const lodash_1 = require("lodash");
-function mergePermissions(...permissions) {
+function mergePermissions(strategy, ...permissions) {
     const allPermissions = (0, lodash_1.flatten)(permissions);
     const mergedPermissions = allPermissions
         .reduce((acc, val) => {
         const key = `${val.collection}__${val.action}__${val.role || '$PUBLIC'}`;
         const current = acc.get(key);
-        acc.set(key, current ? mergePerm(current, val) : val);
+        acc.set(key, current ? mergePermission(strategy, current, val) : val);
         return acc;
     }, new Map())
         .values();
-    const result = Array.from(mergedPermissions).map((perm) => {
-        return (0, lodash_1.omit)(perm, ['id', 'system']);
-    });
-    return result;
+    return Array.from(mergedPermissions);
 }
 exports.mergePermissions = mergePermissions;
-function mergePerm(currentPerm, newPerm) {
+function mergePermission(strategy, currentPerm, newPerm) {
+    const logicalKey = `_${strategy}`;
     let permissions = currentPerm.permissions;
     let validation = currentPerm.validation;
     let fields = currentPerm.fields;
     let presets = currentPerm.presets;
     if (newPerm.permissions) {
-        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === '_or') {
+        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === logicalKey) {
             permissions = {
-                _or: [...currentPerm.permissions._or, newPerm.permissions],
+                [logicalKey]: [
+                    ...currentPerm.permissions[logicalKey],
+                    newPerm.permissions,
+                ],
             };
         }
         else if (currentPerm.permissions) {
             permissions = {
-                _or: [currentPerm.permissions, newPerm.permissions],
+                [logicalKey]: [currentPerm.permissions, newPerm.permissions],
             };
         }
         else {
             permissions = {
-                _or: [newPerm.permissions],
+                [logicalKey]: [newPerm.permissions],
             };
         }
     }
     if (newPerm.validation) {
-        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === '_or') {
+        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === logicalKey) {
             validation = {
-                _or: [...currentPerm.validation._or, newPerm.validation],
+                [logicalKey]: [
+                    ...currentPerm.validation[logicalKey],
+                    newPerm.validation,
+                ],
             };
         }
         else if (currentPerm.validation) {
             validation = {
-                _or: [currentPerm.validation, newPerm.validation],
+                [logicalKey]: [currentPerm.validation, newPerm.validation],
             };
         }
         else {
             validation = {
-                _or: [newPerm.validation],
+                [logicalKey]: [newPerm.validation],
             };
         }
     }
     if (newPerm.fields) {
-        if (Array.isArray(currentPerm.fields)) {
+        if (Array.isArray(currentPerm.fields) && strategy === 'or') {
             fields = [...new Set([...currentPerm.fields, ...newPerm.fields])];
         }
+        else if (Array.isArray(currentPerm.fields) && strategy === 'and') {
+            fields = (0, lodash_1.intersection)(currentPerm.fields, newPerm.fields);
+        }
         else {
             fields = newPerm.fields;
         }
@@ -70,11 +77,12 @@ function mergePerm(currentPerm, newPerm) {
     if (newPerm.presets) {
         presets = (0, lodash_1.merge)({}, presets, newPerm.presets);
     }
-    return {
+    return (0, lodash_1.omit)({
         ...currentPerm,
         permissions,
         validation,
         fields,
         presets,
-    };
+    }, ['id', 'system']);
 }
+exports.mergePermission = mergePermission;

package/dist/utils/reduce-schema.d.ts

@@ -1,5 +1,5 @@
 import { SchemaOverview } from '../types';
-import { Accountability, PermissionsAction } from '@directus/shared/types';
+import { Permission, PermissionsAction } from '@directus/shared/types';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
  * the allowed collections/fields/relations included based on the permissions.
@@ -7,4 +7,4 @@ import { Accountability, PermissionsAction } from '@directus/shared/types';
  * @param actions Array of permissions actions (crud)
  * @returns Reduced schema
  */
-export declare function reduceSchema(schema: SchemaOverview, accountability: Accountability | null, actions?: PermissionsAction[]): SchemaOverview;
+export declare function reduceSchema(schema: SchemaOverview, permissions: Permission[] | null, actions?: PermissionsAction[]): SchemaOverview;

package/dist/utils/reduce-schema.js

@@ -9,13 +9,13 @@ const lodash_1 = require("lodash");
  * @param actions Array of permissions actions (crud)
  * @returns Reduced schema
  */
-function reduceSchema(schema, accountability, actions = ['create', 'read', 'update', 'delete']) {
-    var _a, _b, _c, _d, _e;
+function reduceSchema(schema, permissions, actions = ['create', 'read', 'update', 'delete']) {
+    var _a, _b, _c;
     const reduced = {
         collections: {},
         relations: [],
     };
-    const allowedFieldsInCollection = (_b = (_a = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _a === void 0 ? void 0 : _a.filter((permission) => actions.includes(permission.action)).reduce((acc, permission) => {
+    const allowedFieldsInCollection = (_a = permissions === null || permissions === void 0 ? void 0 : permissions.filter((permission) => actions.includes(permission.action)).reduce((acc, permission) => {
         if (!acc[permission.collection]) {
             acc[permission.collection] = [];
         }
@@ -23,13 +23,13 @@ function reduceSchema(schema, accountability, actions = ['create', 'read', 'upda
             acc[permission.collection] = (0, lodash_1.uniq)([...acc[permission.collection], ...permission.fields]);
         }
         return acc;
-    }, {})) !== null && _b !== void 0 ? _b : {};
+    }, {})) !== null && _a !== void 0 ? _a : {};
     for (const [collectionName, collection] of Object.entries(schema.collections)) {
-        if ((_c = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _c === void 0 ? void 0 : _c.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
+        if (permissions === null || permissions === void 0 ? void 0 : permissions.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
             const fields = {};
             for (const [fieldName, field] of Object.entries(schema.collections[collectionName].fields)) {
-                if (((_d = allowedFieldsInCollection[collectionName]) === null || _d === void 0 ? void 0 : _d.includes('*')) ||
-                    ((_e = allowedFieldsInCollection[collectionName]) === null || _e === void 0 ? void 0 : _e.includes(fieldName))) {
+                if (((_b = allowedFieldsInCollection[collectionName]) === null || _b === void 0 ? void 0 : _b.includes('*')) ||
+                    ((_c = allowedFieldsInCollection[collectionName]) === null || _c === void 0 ? void 0 : _c.includes(fieldName))) {
                     fields[fieldName] = field;
                 }
             }

package/dist/utils/user-name.js

@@ -2,6 +2,9 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.userName = void 0;
 function userName(user) {
+    if (!user) {
+        return 'Unknown User';
+    }
     if (user.first_name && user.last_name) {
         return `${user.first_name} ${user.last_name}`;
     }

package/example.env

@@ -44,7 +44,7 @@ DB_PASSWORD="secret"
 # DB_PASSWORD="Test@123"
 
 ## OracleDB
-# DB_CLIENT="oracle"
+# DB_CLIENT="oracledb"
 # DB_CONNECT_STRING="localhost:5104/XE"
 # DB_USER="secretsysuser"
 # DB_PASSWORD="secretpassword"

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "directus",
-	"version": "9.2.1",
+	"version": "9.4.1",
 	"license": "GPL-3.0-only",
 	"homepage": "https://github.com/directus/directus#readme",
 	"description": "Directus is a real-time API and App dashboard for managing SQL database content.",
@@ -60,7 +60,7 @@
 		"prebuild": "npm run cleanup",
 		"build": "tsc --build && copyfiles \"src/**/*.*\" -e \"src/**/*.ts\" -u 1 dist",
 		"cleanup": "rimraf dist",
-		"dev": "cross-env NODE_ENV=development SERVE_APP=false ts-node-dev --files --transpile-only --respawn --watch \".env\" --inspect --exit-child -- src/start.ts",
+		"dev": "cross-env NODE_ENV=development SERVE_APP=false ts-node-dev --files --transpile-only --respawn --watch \".env\" --inspect=0 --exit-child -- src/start.ts",
 		"cli": "cross-env NODE_ENV=development SERVE_APP=false ts-node --script-mode --transpile-only src/cli/run.ts",
 		"test": "jest --coverage",
 		"test:watch": "jest --watchAll"
@@ -76,16 +76,16 @@
 	],
 	"dependencies": {
 		"@aws-sdk/client-ses": "^3.40.0",
-		"@directus/app": "9.2.1",
-		"@directus/drive": "9.2.1",
-		"@directus/drive-azure": "9.2.1",
-		"@directus/drive-gcs": "9.2.1",
-		"@directus/drive-s3": "9.2.1",
-		"@directus/extensions-sdk": "9.2.1",
-		"@directus/format-title": "9.2.1",
-		"@directus/schema": "9.2.1",
-		"@directus/shared": "9.2.1",
-		"@directus/specs": "9.2.1",
+		"@directus/app": "9.4.1",
+		"@directus/drive": "9.4.1",
+		"@directus/drive-azure": "9.4.1",
+		"@directus/drive-gcs": "9.4.1",
+		"@directus/drive-s3": "9.4.1",
+		"@directus/extensions-sdk": "9.4.1",
+		"@directus/format-title": "9.4.1",
+		"@directus/schema": "9.4.1",
+		"@directus/shared": "9.4.1",
+		"@directus/specs": "9.4.1",
 		"@godaddy/terminus": "^4.9.0",
 		"@rollup/plugin-alias": "^3.1.2",
 		"@rollup/plugin-virtual": "^2.0.3",
@@ -169,7 +169,7 @@
 		"sqlite3": "^5.0.2",
 		"tedious": "^13.0.0"
 	},
-	"gitHead": "1d4e9c425c10bcdc5831ae63c1bd03649648eb5e",
+	"gitHead": "4991ba858bdde8bdf03aee475d77a218da6e46ab",
 	"devDependencies": {
 		"@types/async": "3.2.10",
 		"@types/atob": "2.1.2",
@@ -209,6 +209,7 @@
 		"copyfiles": "2.4.1",
 		"cross-env": "7.0.3",
 		"jest": "27.3.1",
+		"knex-mock-client": "1.6.1",
 		"ts-jest": "27.0.7",
 		"ts-node-dev": "1.1.8",
 		"typescript": "4.5.2"