directus 9.2.2 → 9.4.2

package/dist/emitter.d.ts

@@ -1,10 +1,9 @@
 import { ActionHandler, FilterHandler, HookContext, InitHandler } from './types';
-declare class Emitter {
+export declare class Emitter {
     private filterEmitter;
     private actionEmitter;
     private initEmitter;
     constructor();
-    eventsToEmit(event: string, meta: Record<string, any>): string[];
     emitFilter<T>(event: string, payload: T, meta: Record<string, any>, context: HookContext): Promise<T>;
     emitAction(event: string, meta: Record<string, any>, context: HookContext): void;
     emitInit(event: string, meta: Record<string, any>): Promise<void>;
@@ -14,6 +13,8 @@ declare class Emitter {
     offFilter(event: string, handler: FilterHandler): void;
     offAction(event: string, handler: ActionHandler): void;
     offInit(event: string, handler: InitHandler): void;
+    offAll(): void;
+    private eventsToEmit;
 }
 declare const emitter: Emitter;
 export default emitter;

package/dist/emitter.js

@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Emitter = void 0;
 const eventemitter2_1 = require("eventemitter2");
 const logger_1 = __importDefault(require("./logger"));
 class Emitter {
@@ -18,12 +19,6 @@ class Emitter {
         this.actionEmitter = new eventemitter2_1.EventEmitter2(emitterOptions);
         this.initEmitter = new eventemitter2_1.EventEmitter2(emitterOptions);
     }
-    eventsToEmit(event, meta) {
-        if (event.startsWith('items')) {
-            return [event, `${meta.collection}.${event}`];
-        }
-        return [event];
-    }
     async emitFilter(event, payload, meta, context) {
         const events = this.eventsToEmit(event, meta);
         const listeners = events.flatMap((event) => this.filterEmitter.listeners(event));
@@ -72,6 +67,18 @@ class Emitter {
     offInit(event, handler) {
         this.initEmitter.off(event, handler);
     }
+    offAll() {
+        this.filterEmitter.removeAllListeners();
+        this.actionEmitter.removeAllListeners();
+        this.initEmitter.removeAllListeners();
+    }
+    eventsToEmit(event, meta) {
+        if (event.startsWith('items')) {
+            return [event, `${meta.collection}.${event}`];
+        }
+        return [event];
+    }
 }
+exports.Emitter = Emitter;
 const emitter = new Emitter();
 exports.default = emitter;

package/dist/env.js

@@ -20,7 +20,7 @@ const defaults = {
     PORT: 8055,
     PUBLIC_URL: '/',
     MAX_PAYLOAD_SIZE: '100kb',
-    DB_EXCLUDE_TABLES: 'spatial_ref_sys',
+    DB_EXCLUDE_TABLES: 'spatial_ref_sys,sysdiagrams',
     STORAGE_LOCATIONS: 'local',
     STORAGE_LOCAL_DRIVER: 'local',
     STORAGE_LOCAL_ROOT: './uploads',
@@ -61,6 +61,8 @@ const defaults = {
     ASSETS_TRANSFORM_MAX_CONCURRENT: 1,
     ASSETS_TRANSFORM_IMAGE_MAX_DIMENSION: 6000,
     ASSETS_TRANSFORM_MAX_OPERATIONS: 5,
+    IP_TRUST_PROXY: true,
+    IP_CUSTOM_HEADER: false,
     SERVE_APP: true,
 };
 // Allows us to force certain environment variable into a type, instead of relying

package/dist/extensions.d.ts

@@ -7,6 +7,7 @@ declare class ExtensionManager {
     private appExtensions;
     private apiHooks;
     private apiEndpoints;
+    private apiEmitter;
     private endpointRouter;
     private isScheduleHookEnabled;
     constructor();

package/dist/extensions.js

@@ -28,7 +28,7 @@ const path_1 = __importDefault(require("path"));
 const node_1 = require("@directus/shared/utils/node");
 const constants_1 = require("@directus/shared/constants");
 const database_1 = __importDefault(require("./database"));
-const emitter_1 = __importDefault(require("./emitter"));
+const emitter_1 = __importStar(require("./emitter"));
 const env_1 = __importDefault(require("./env"));
 const exceptions = __importStar(require("./exceptions"));
 const sharedExceptions = __importStar(require("@directus/shared/exceptions"));
@@ -44,6 +44,7 @@ const plugin_virtual_1 = __importDefault(require("@rollup/plugin-virtual"));
 const plugin_alias_1 = __importDefault(require("@rollup/plugin-alias"));
 const url_1 = require("./utils/url");
 const get_module_default_1 = __importDefault(require("./utils/get-module-default"));
+const lodash_1 = require("lodash");
 let extensionManager;
 function getExtensionManager() {
     if (extensionManager) {
@@ -61,6 +62,7 @@ class ExtensionManager {
         this.apiHooks = [];
         this.apiEndpoints = [];
         this.isScheduleHookEnabled = true;
+        this.apiEmitter = new emitter_1.Emitter();
         this.endpointRouter = (0, express_1.Router)();
     }
     async initialize({ schedule } = { schedule: true }) {
@@ -92,6 +94,7 @@ class ExtensionManager {
         logger_1.default.info('Reloading extensions');
         this.unregisterHooks();
         this.unregisterEndpoints();
+        this.apiEmitter.offAll();
         if (env_1.default.SERVE_APP) {
             this.appExtensions = {};
         }
@@ -139,12 +142,13 @@ class ExtensionManager {
         return bundles;
     }
     async getSharedDepsMapping(deps) {
-        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist'));
+        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist', 'assets'));
         const depsMapping = {};
         for (const dep of deps) {
-            const depName = appDir.find((file) => dep.replace(/\//g, '_') === file.substring(0, file.indexOf('.')));
+            const depRegex = new RegExp(`${(0, lodash_1.escapeRegExp)(dep.replace(/\//g, '_'))}\\.[0-9a-f]{8}\\.entry\\.js`);
+            const depName = appDir.find((file) => depRegex.test(file));
             if (depName) {
-                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', depName);
+                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'assets', depName);
                 depsMapping[dep] = depUrl.toString({ rootRelative: true });
             }
             else {
@@ -237,6 +241,7 @@ class ExtensionManager {
             exceptions: { ...exceptions, ...sharedExceptions },
             env: env_1.default,
             database: (0, database_1.default)(),
+            emitter: this.apiEmitter,
             logger: logger_1.default,
             getSchema: get_schema_1.getSchema,
         });
@@ -254,6 +259,7 @@ class ExtensionManager {
             exceptions: { ...exceptions, ...sharedExceptions },
             env: env_1.default,
             database: (0, database_1.default)(),
+            emitter: this.apiEmitter,
             logger: logger_1.default,
             getSchema: get_schema_1.getSchema,
         });

package/dist/middleware/authenticate.js

@@ -27,6 +27,7 @@ const database_1 = __importDefault(require("../database"));
 const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const get_ip_from_req_1 = require("../utils/get-ip-from-req");
 const is_directus_jwt_1 = __importDefault(require("../utils/is-directus-jwt"));
 /**
  * Verify the passed JWT and assign the user ID and role to `req`
@@ -37,7 +38,7 @@ const authenticate = (0, async_handler_1.default)(async (req, res, next) => {
         role: null,
         admin: false,
         app: false,
-        ip: req.ip.startsWith('::ffff:') ? req.ip.substring(7) : req.ip,
+        ip: (0, get_ip_from_req_1.getIPFromReq)(req),
         userAgent: req.get('user-agent'),
     };
     const database = (0, database_1.default)();
@@ -58,22 +59,12 @@ const authenticate = (0, async_handler_1.default)(async (req, res, next) => {
                     throw err;
                 }
             }
-            const user = await database
-                .select('directus_users.role', 'directus_roles.admin_access', 'directus_roles.app_access')
-                .from('directus_users')
-                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
-                .where({
-                'directus_users.id': payload.id,
-                status: 'active',
-            })
-                .first();
-            if (!user) {
-                throw new exceptions_1.InvalidCredentialsException();
-            }
+            req.accountability.share = payload.share;
+            req.accountability.share_scope = payload.share_scope;
             req.accountability.user = payload.id;
-            req.accountability.role = user.role;
-            req.accountability.admin = user.admin_access === true || user.admin_access == 1;
-            req.accountability.app = user.app_access === true || user.app_access == 1;
+            req.accountability.role = payload.role;
+            req.accountability.admin = payload.admin_access === true || payload.admin_access == 1;
+            req.accountability.app = payload.app_access === true || payload.app_access == 1;
         }
         else {
             // Try finding the user with the provided token

package/dist/middleware/check-ip.js

@@ -7,13 +7,16 @@ exports.checkIP = void 0;
 const database_1 = __importDefault(require("../database"));
 const exceptions_1 = require("../exceptions");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
-exports.checkIP = (0, async_handler_1.default)(async (req, res, next) => {
+exports.checkIP = (0, async_handler_1.default)(async (req, _res, next) => {
     const database = (0, database_1.default)();
-    const role = await database
-        .select('ip_access')
-        .from('directus_roles')
-        .where({ id: req.accountability.role })
-        .first();
+    const query = database.select('ip_access').from('directus_roles');
+    if (req.accountability.role) {
+        query.where({ id: req.accountability.role });
+    }
+    else {
+        query.whereNull('id');
+    }
+    const role = await query.first();
     const ipAllowlist = ((role === null || role === void 0 ? void 0 : role.ip_access) || '').split(',').filter((ip) => ip);
     if (ipAllowlist.length > 0 && ipAllowlist.includes(req.accountability.ip) === false)
         throw new exceptions_1.InvalidIPException();

package/dist/middleware/rate-limiter.js

@@ -9,6 +9,7 @@ const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const rate_limiter_1 = require("../rate-limiter");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const get_ip_from_req_1 = require("../utils/get-ip-from-req");
 const validate_env_1 = require("../utils/validate-env");
 let checkRateLimit = (req, res, next) => next();
 if (env_1.default.RATE_LIMITER_ENABLED === true) {
@@ -16,7 +17,7 @@ if (env_1.default.RATE_LIMITER_ENABLED === true) {
     exports.rateLimiter = (0, rate_limiter_1.createRateLimiter)();
     checkRateLimit = (0, async_handler_1.default)(async (req, res, next) => {
         try {
-            await exports.rateLimiter.consume(req.ip, 1);
+            await exports.rateLimiter.consume((0, get_ip_from_req_1.getIPFromReq)(req), 1);
         }
         catch (rateLimiterRes) {
             if (rateLimiterRes instanceof Error)

package/dist/middleware/respond.js

@@ -77,9 +77,12 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
     if (Buffer.isBuffer(res.locals.payload)) {
         return res.end(res.locals.payload);
     }
-    else {
+    else if (res.locals.payload) {
         return res.json(res.locals.payload);
     }
+    else {
+        return res.status(204).end();
+    }
 });
 function getDateFormatted() {
     const date = new Date();

package/dist/services/activity.d.ts

@@ -1,5 +1,6 @@
 import { AbstractServiceOptions, PrimaryKey, Item } from '../types';
-import { ItemsService, MutationOptions } from './index';
+import { ItemsService } from './items';
+import { MutationOptions } from '../types';
 import { NotificationsService } from './notifications';
 import { UsersService } from './users';
 export declare class ActivityService extends ItemsService {

package/dist/services/activity.js

@@ -5,7 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ActivityService = void 0;
 const types_1 = require("../types");
-const index_1 = require("./index");
+const items_1 = require("./items");
 const notifications_1 = require("./notifications");
 const users_1 = require("./users");
 const authorization_1 = require("./authorization");
@@ -16,7 +16,7 @@ const user_name_1 = require("../utils/user-name");
 const lodash_1 = require("lodash");
 const env_1 = __importDefault(require("../env"));
 const uuid_validate_1 = __importDefault(require("uuid-validate"));
-class ActivityService extends index_1.ItemsService {
+class ActivityService extends items_1.ItemsService {
     constructor(options) {
         super('directus_activity', options);
         this.notificationsService = new notifications_1.NotificationsService({ schema: this.schema });

package/dist/services/authentication.d.ts

@@ -1,6 +1,6 @@
 import { Knex } from 'knex';
 import { ActivityService } from './activity';
-import { AbstractServiceOptions, SchemaOverview } from '../types';
+import { AbstractServiceOptions, SchemaOverview, LoginResult } from '../types';
 import { Accountability } from '@directus/shared/types';
 export declare class AuthenticationService {
     knex: Knex;
@@ -14,12 +14,7 @@ export declare class AuthenticationService {
      * Password is optional to allow usage of this function within the SSO flow and extensions. Make sure
      * to handle password existence checks elsewhere
      */
-    login(providerName: string | undefined, payload: Record<string, any>, otp?: string): Promise<{
-        accessToken: any;
-        refreshToken: any;
-        expires: any;
-        id?: any;
-    }>;
+    login(providerName: string | undefined, payload: Record<string, any>, otp?: string): Promise<LoginResult>;
     refresh(refreshToken: string): Promise<Record<string, any>>;
     logout(refreshToken: string): Promise<void>;
     verifyPassword(userID: string, password: string): Promise<void>;

package/dist/services/authentication.js

@@ -21,7 +21,6 @@ const settings_1 = require("./settings");
 const lodash_1 = require("lodash");
 const perf_hooks_1 = require("perf_hooks");
 const stall_1 = require("../utils/stall");
-const logger_1 = __importDefault(require("../logger"));
 const loginAttemptsLimiter = (0, rate_limiter_1.createRateLimiter)({ duration: 0 });
 class AuthenticationService {
     constructor(options) {
@@ -42,10 +41,11 @@ class AuthenticationService {
         const timeStart = perf_hooks_1.performance.now();
         const provider = (0, auth_1.getAuthProvider)(providerName);
         const user = await this.knex
-            .select('id', 'first_name', 'last_name', 'email', 'password', 'status', 'role', 'tfa_secret', 'provider', 'external_identifier', 'auth_data')
-            .from('directus_users')
-            .where('id', await provider.getUserID((0, lodash_1.cloneDeep)(payload)))
-            .andWhere('provider', providerName)
+            .select('u.id', 'u.first_name', 'u.last_name', 'u.email', 'u.password', 'u.status', 'u.role', 'r.admin_access', 'r.app_access', 'u.tfa_secret', 'u.provider', 'u.external_identifier', 'u.auth_data')
+            .from('directus_users as u')
+            .innerJoin('directus_roles as r', 'u.role', 'r.id')
+            .where('u.id', await provider.getUserID((0, lodash_1.cloneDeep)(payload)))
+            .andWhere('u.provider', providerName)
             .first();
         const updatedPayload = await emitter_1.default.emitFilter('auth.login', payload, {
             status: 'pending',
@@ -98,9 +98,8 @@ class AuthenticationService {
                 await loginAttemptsLimiter.set(user.id, 0, 0);
             }
         }
-        let sessionData = null;
         try {
-            sessionData = await provider.login((0, lodash_1.clone)(user), (0, lodash_1.cloneDeep)(updatedPayload));
+            await provider.login((0, lodash_1.clone)(user), (0, lodash_1.cloneDeep)(updatedPayload));
         }
         catch (e) {
             emitStatus('fail');
@@ -123,6 +122,9 @@ class AuthenticationService {
         }
         const tokenPayload = {
             id: user.id,
+            role: user.role,
+            app_access: user.app_access,
+            admin_access: user.admin_access,
         };
         const customClaims = await emitter_1.default.emitFilter('auth.jwt', tokenPayload, {
             status: 'pending',
@@ -146,7 +148,6 @@ class AuthenticationService {
             expires: refreshTokenExpiration,
             ip: (_a = this.accountability) === null || _a === void 0 ? void 0 : _a.ip,
             user_agent: (_b = this.accountability) === null || _b === void 0 ? void 0 : _b.userAgent,
-            data: sessionData && JSON.stringify(sessionData),
         });
         await this.knex('directus_sessions').delete().where('expires', '<', new Date());
         if (this.accountability) {
@@ -177,33 +178,80 @@ class AuthenticationService {
             throw new exceptions_1.InvalidCredentialsException();
         }
         const record = await this.knex
-            .select('s.expires', 's.data', 'u.id', 'u.first_name', 'u.last_name', 'u.email', 'u.password', 'u.status', 'u.role', 'u.provider', 'u.external_identifier', 'u.auth_data')
-            .from('directus_sessions as s')
-            .innerJoin('directus_users as u', 's.user', 'u.id')
+            .select({
+            session_expires: 's.expires',
+            user_id: 'u.id',
+            user_first_name: 'u.first_name',
+            user_last_name: 'u.last_name',
+            user_email: 'u.email',
+            user_password: 'u.password',
+            user_status: 'u.status',
+            user_provider: 'u.provider',
+            user_external_identifier: 'u.external_identifier',
+            user_auth_data: 'u.auth_data',
+            role_id: 'r.id',
+            role_admin_access: 'r.admin_access',
+            role_app_access: 'r.app_access',
+            share_id: 'd.id',
+            share_item: 'd.item',
+            share_role: 'd.role',
+            share_collection: 'd.collection',
+            share_start: 'd.date_start',
+            share_end: 'd.date_end',
+            share_times_used: 'd.times_used',
+            share_max_uses: 'd.max_uses',
+        })
+            .from('directus_sessions AS s')
+            .leftJoin('directus_users AS u', 's.user', 'u.id')
+            .leftJoin('directus_shares AS d', 's.share', 'd.id')
+            .joinRaw('LEFT JOIN directus_roles AS r ON r.id IN (u.role, d.role)')
             .where('s.token', refreshToken)
+            .andWhere('s.expires', '>=', new Date())
+            .andWhere((subQuery) => {
+            subQuery.whereNull('d.date_end').orWhere('d.date_end', '>=', new Date());
+        })
+            .andWhere((subQuery) => {
+            subQuery.whereNull('d.date_start').orWhere('d.date_start', '<=', new Date());
+        })
             .first();
-        if (!record || record.expires < new Date()) {
+        if (!record || (!record.share_id && !record.user_id)) {
             throw new exceptions_1.InvalidCredentialsException();
         }
-        let { data: sessionData } = record;
-        const user = (0, lodash_1.omit)(record, 'data');
-        if (typeof sessionData === 'string') {
-            try {
-                sessionData = JSON.parse(sessionData);
-            }
-            catch {
-                logger_1.default.warn(`Session data isn't valid JSON: ${sessionData}`);
-            }
+        if (record.user_id) {
+            const provider = (0, auth_1.getAuthProvider)(record.user_provider);
+            await provider.refresh({
+                id: record.user_id,
+                first_name: record.user_first_name,
+                last_name: record.user_last_name,
+                email: record.user_email,
+                password: record.user_password,
+                status: record.user_status,
+                provider: record.user_provider,
+                external_identifier: record.user_external_identifier,
+                auth_data: record.user_auth_data,
+                role: record.role_id,
+                app_access: record.role_app_access,
+                admin_access: record.role_admin_access,
+            });
         }
-        const provider = (0, auth_1.getAuthProvider)(user.provider);
-        const newSessionData = await provider.refresh((0, lodash_1.clone)(user), sessionData);
         const tokenPayload = {
-            id: user.id,
+            id: record.user_id,
+            role: record.role_id,
+            app_access: record.role_app_access,
+            admin_access: record.role_admin_access,
         };
+        if (record.share_id) {
+            tokenPayload.share = record.share_id;
+            tokenPayload.role = record.share_role;
+            tokenPayload.share_scope = {
+                collection: record.share_collection,
+                item: record.share_item,
+            };
+        }
         const customClaims = await emitter_1.default.emitFilter('auth.jwt', tokenPayload, {
             status: 'pending',
-            user: user === null || user === void 0 ? void 0 : user.id,
-            provider: user.provider,
+            user: record.user_id,
+            provider: record.user_provider,
             type: 'refresh',
         }, {
             database: this.knex,
@@ -220,37 +268,29 @@ class AuthenticationService {
             .update({
             token: newRefreshToken,
             expires: refreshTokenExpiration,
-            data: newSessionData && JSON.stringify(newSessionData),
         })
             .where({ token: refreshToken });
-        await this.knex('directus_users').update({ last_access: new Date() }).where({ id: user.id });
+        if (record.user_id) {
+            await this.knex('directus_users').update({ last_access: new Date() }).where({ id: record.user_id });
+        }
         return {
             accessToken,
             refreshToken: newRefreshToken,
             expires: (0, ms_1.default)(env_1.default.ACCESS_TOKEN_TTL),
-            id: user.id,
+            id: record.user_id,
         };
     }
     async logout(refreshToken) {
         const record = await this.knex
-            .select('u.id', 'u.first_name', 'u.last_name', 'u.email', 'u.password', 'u.status', 'u.role', 'u.provider', 'u.external_identifier', 'u.auth_data', 's.data')
+            .select('u.id', 'u.first_name', 'u.last_name', 'u.email', 'u.password', 'u.status', 'u.role', 'u.provider', 'u.external_identifier', 'u.auth_data')
             .from('directus_sessions as s')
             .innerJoin('directus_users as u', 's.user', 'u.id')
             .where('s.token', refreshToken)
             .first();
         if (record) {
-            let { data: sessionData } = record;
-            const user = (0, lodash_1.omit)(record, 'data');
-            if (typeof sessionData === 'string') {
-                try {
-                    sessionData = JSON.parse(sessionData);
-                }
-                catch {
-                    logger_1.default.warn(`Session data isn't valid JSON: ${sessionData}`);
-                }
-            }
+            const user = record;
             const provider = (0, auth_1.getAuthProvider)(user.provider);
-            await provider.logout((0, lodash_1.clone)(user), sessionData);
+            await provider.logout((0, lodash_1.clone)(user));
             await this.knex.delete().from('directus_sessions').where('token', refreshToken);
         }
     }

package/dist/services/authorization.js

@@ -41,7 +41,7 @@ class AuthorizationService {
          */
         function getCollectionsFromAST(ast) {
             const collections = [];
-            if (ast.type === 'm2a') {
+            if (ast.type === 'a2o') {
                 collections.push(...ast.names.map((name) => ({ collection: name, field: ast.fieldKey })));
                 for (const children of Object.values(ast.children)) {
                     for (const nestedNode of children) {
@@ -67,7 +67,7 @@ class AuthorizationService {
         function validateFields(ast) {
             var _a, _b, _c;
             if (ast.type !== 'field') {
-                if (ast.type === 'm2a') {
+                if (ast.type === 'a2o') {
                     for (const [collection, children] of Object.entries(ast.children)) {
                         checkFields(collection, children, (_b = (_a = ast.query) === null || _a === void 0 ? void 0 : _a[collection]) === null || _b === void 0 ? void 0 : _b.aggregate);
                     }
@@ -106,7 +106,7 @@ class AuthorizationService {
         }
         function applyFilters(ast, accountability) {
             if (ast.type !== 'field') {
-                if (ast.type === 'm2a') {
+                if (ast.type === 'a2o') {
                     const collections = Object.keys(ast.children);
                     for (const collection of collections) {
                         updateFilterQuery(collection, ast.query[collection]);

package/dist/services/collections.d.ts

@@ -1,8 +1,7 @@
 import SchemaInspector from '@directus/schema';
 import { Knex } from 'knex';
-import { MutationOptions } from '../services/items';
 import Keyv from 'keyv';
-import { AbstractServiceOptions, Collection, CollectionMeta, SchemaOverview } from '../types';
+import { AbstractServiceOptions, Collection, CollectionMeta, SchemaOverview, MutationOptions } from '../types';
 import { Accountability, RawField } from '@directus/shared/types';
 import { Table } from 'knex-schema-inspector/dist/types/table';
 export declare type RawCollection = {

package/dist/services/collections.js

@@ -359,11 +359,11 @@ class CollectionsService {
                         await fieldsService.deleteField(relation.collection, relation.field);
                     }
                 }
-                const m2aRelationsThatIncludeThisCollection = this.schema.relations.filter((relation) => {
+                const a2oRelationsThatIncludeThisCollection = this.schema.relations.filter((relation) => {
                     var _a, _b;
                     return (_b = (_a = relation.meta) === null || _a === void 0 ? void 0 : _a.one_allowed_collections) === null || _b === void 0 ? void 0 : _b.includes(collectionKey);
                 });
-                for (const relation of m2aRelationsThatIncludeThisCollection) {
+                for (const relation of a2oRelationsThatIncludeThisCollection) {
                     const newAllowedCollections = relation
                         .meta.one_allowed_collections.filter((collection) => collectionKey !== collection)
                         .join(',');

package/dist/services/files.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="node" />
-import { AbstractServiceOptions, File, PrimaryKey } from '../types';
-import { ItemsService, MutationOptions } from './items';
+import { AbstractServiceOptions, File, PrimaryKey, MutationOptions } from '../types';
+import { ItemsService } from './items';
 export declare class FilesService extends ItemsService {
     constructor(options: AbstractServiceOptions);
     /**

package/dist/services/files.js

@@ -64,14 +64,20 @@ class FilesService extends items_1.ItemsService {
         payload.filesize = size;
         if (['image/jpeg', 'image/png', 'image/webp', 'image/gif', 'image/tiff'].includes(payload.type)) {
             const buffer = await storage_1.default.disk(data.storage).getBuffer(payload.filename_disk);
-            const meta = await (0, sharp_1.default)(buffer.content, {}).metadata();
-            if (meta.orientation && meta.orientation >= 5) {
-                payload.height = meta.width;
-                payload.width = meta.height;
+            try {
+                const meta = await (0, sharp_1.default)(buffer.content, {}).metadata();
+                if (meta.orientation && meta.orientation >= 5) {
+                    payload.height = meta.width;
+                    payload.width = meta.height;
+                }
+                else {
+                    payload.width = meta.width;
+                    payload.height = meta.height;
+                }
             }
-            else {
-                payload.width = meta.width;
-                payload.height = meta.height;
+            catch (err) {
+                logger_1.default.warn(`Couldn't extract sharp metadata from file`);
+                logger_1.default.warn(err);
             }
             payload.metadata = {};
             try {
@@ -95,7 +101,7 @@ class FilesService extends items_1.ItemsService {
                 }
             }
             catch (err) {
-                logger_1.default.warn(`Couldn't extract metadata from file`);
+                logger_1.default.warn(`Couldn't extract EXIF metadata from file`);
                 logger_1.default.warn(err);
             }
         }

package/dist/services/graphql.d.ts

@@ -70,7 +70,7 @@ export declare class GraphQLService {
      * Effectively merges the selections with the fragments used in those selections
      */
     replaceFragmentsInSelections(selections: readonly SelectionNode[] | undefined, fragments: Record<string, FragmentDefinitionNode>): readonly SelectionNode[] | null;
-    injectSystemResolvers(schemaComposer: SchemaComposer<GraphQLParams['contextValue']>, { CreateCollectionTypes, ReadCollectionTypes, DeleteCollectionTypes, }: {
+    injectSystemResolvers(schemaComposer: SchemaComposer<GraphQLParams['contextValue']>, { CreateCollectionTypes, ReadCollectionTypes, UpdateCollectionTypes, DeleteCollectionTypes, }: {
         CreateCollectionTypes: Record<string, ObjectTypeComposer<any, any>>;
         ReadCollectionTypes: Record<string, ObjectTypeComposer<any, any>>;
         UpdateCollectionTypes: Record<string, ObjectTypeComposer<any, any>>;