npm - directus - Versions diffs - 9.2.2 → 9.4.2 - Mend

directus 9.2.2 → 9.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (96) hide show

package/dist/app.js +16 -4
package/dist/auth/auth.d.ts +4 -6
package/dist/auth/auth.js +5 -9
package/dist/auth/drivers/ldap.d.ts +3 -3
package/dist/auth/drivers/ldap.js +2 -3
package/dist/auth/drivers/local.d.ts +2 -2
package/dist/auth/drivers/local.js +7 -13
package/dist/auth/drivers/oauth2.d.ts +3 -3
package/dist/auth/drivers/oauth2.js +4 -4
package/dist/auth/drivers/openid.d.ts +3 -3
package/dist/auth/drivers/openid.js +4 -4
package/dist/cache.js +1 -3
package/dist/cli/commands/bootstrap/index.js +3 -2
package/dist/cli/commands/init/index.js +3 -7
package/dist/cli/commands/schema/apply.js +1 -1
package/dist/cli/utils/defaults.d.ts +11 -0
package/dist/cli/utils/defaults.js +14 -0
package/dist/constants.d.ts +8 -0
package/dist/constants.js +16 -2
package/dist/controllers/activity.js +2 -1
package/dist/controllers/auth.js +5 -4
package/dist/controllers/shares.d.ts +2 -0
package/dist/controllers/shares.js +212 -0
package/dist/controllers/users.js +21 -9
package/dist/database/index.js +3 -0
package/dist/database/migrations/20211211A-add-shares.d.ts +3 -0
package/dist/database/migrations/20211211A-add-shares.js +38 -0
package/dist/database/migrations/20211230A-add-project-descriptor.d.ts +3 -0
package/dist/database/migrations/20211230A-add-project-descriptor.js +15 -0
package/dist/database/run-ast.js +5 -5
package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml +0 -15
package/dist/database/system-data/app-access-permissions/index.d.ts +1 -0
package/dist/database/system-data/app-access-permissions/index.js +4 -2
package/dist/database/system-data/app-access-permissions/schema-access-permissions.yaml +17 -0
package/dist/database/system-data/collections/collections.yaml +3 -0
package/dist/database/system-data/fields/_defaults.yaml +2 -0
package/dist/database/system-data/fields/sessions.yaml +1 -1
package/dist/database/system-data/fields/settings.yaml +20 -1
package/dist/database/system-data/fields/shares.yaml +77 -0
package/dist/database/system-data/fields/users.yaml +1 -1
package/dist/database/system-data/relations/relations.yaml +15 -0
package/dist/emitter.d.ts +3 -2
package/dist/emitter.js +13 -6
package/dist/env.js +3 -1
package/dist/extensions.d.ts +1 -0
package/dist/extensions.js +10 -4
package/dist/middleware/authenticate.js +7 -16
package/dist/middleware/check-ip.js +9 -6
package/dist/middleware/rate-limiter.js +2 -1
package/dist/middleware/respond.js +4 -1
package/dist/services/activity.d.ts +2 -1
package/dist/services/activity.js +2 -2
package/dist/services/authentication.d.ts +2 -7
package/dist/services/authentication.js +81 -41
package/dist/services/authorization.js +3 -3
package/dist/services/collections.d.ts +1 -2
package/dist/services/collections.js +2 -2
package/dist/services/files.d.ts +2 -2
package/dist/services/files.js +14 -8
package/dist/services/graphql.d.ts +1 -1
package/dist/services/graphql.js +47 -6
package/dist/services/index.d.ts +1 -0
package/dist/services/index.js +1 -0
package/dist/services/items.d.ts +1 -15
package/dist/services/notifications.d.ts +2 -2
package/dist/services/permissions.d.ts +2 -2
package/dist/services/roles.d.ts +2 -2
package/dist/services/server.js +1 -0
package/dist/services/shares.d.ts +17 -0
package/dist/services/shares.js +135 -0
package/dist/services/specifications.js +1 -1
package/dist/services/users.d.ts +2 -2
package/dist/services/webhooks.d.ts +2 -2
package/dist/types/ast.d.ts +3 -3
package/dist/types/auth.d.ts +31 -0
package/dist/types/extensions.d.ts +2 -0
package/dist/types/items.d.ts +14 -0
package/dist/utils/apply-query.d.ts +0 -38
package/dist/utils/apply-query.js +66 -67
package/dist/utils/apply-snapshot.js +69 -14
package/dist/utils/get-ast-from-query.js +3 -3
package/dist/utils/get-default-value.js +3 -1
package/dist/utils/get-ip-from-req.d.ts +2 -0
package/dist/utils/get-ip-from-req.js +24 -0
package/dist/utils/get-permissions.js +15 -7
package/dist/utils/get-relation-type.d.ts +1 -1
package/dist/utils/get-relation-type.js +1 -1
package/dist/utils/merge-permissions-for-share.d.ts +5 -0
package/dist/utils/merge-permissions-for-share.js +116 -0
package/dist/utils/merge-permissions.d.ts +13 -1
package/dist/utils/merge-permissions.js +27 -19
package/dist/utils/reduce-schema.d.ts +2 -2
package/dist/utils/reduce-schema.js +7 -7
package/dist/utils/user-name.js +3 -0
package/example.env +1 -1
package/package.json +15 -14

package/dist/utils/merge-permissions.js CHANGED Viewed

@@ -1,66 +1,73 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.mergePermissions = void 0;
+exports.mergePermission = exports.mergePermissions = void 0;
 const lodash_1 = require("lodash");
-function mergePermissions(...permissions) {
+function mergePermissions(strategy, ...permissions) {
     const allPermissions = (0, lodash_1.flatten)(permissions);
     const mergedPermissions = allPermissions
         .reduce((acc, val) => {
         const key = `${val.collection}__${val.action}__${val.role || '$PUBLIC'}`;
         const current = acc.get(key);
-        acc.set(key, current ? mergePerm(current, val) : val);
+        acc.set(key, current ? mergePermission(strategy, current, val) : val);
         return acc;
     }, new Map())
         .values();
-    const result = Array.from(mergedPermissions).map((perm) => {
-        return (0, lodash_1.omit)(perm, ['id', 'system']);
-    });
-    return result;
+    return Array.from(mergedPermissions);
 }
 exports.mergePermissions = mergePermissions;
-function mergePerm(currentPerm, newPerm) {
+function mergePermission(strategy, currentPerm, newPerm) {
+    const logicalKey = `_${strategy}`;
     let permissions = currentPerm.permissions;
     let validation = currentPerm.validation;
     let fields = currentPerm.fields;
     let presets = currentPerm.presets;
     if (newPerm.permissions) {
-        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === '_or') {
+        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === logicalKey) {
             permissions = {
-                _or: [...currentPerm.permissions._or, newPerm.permissions],
+                [logicalKey]: [
+                    ...currentPerm.permissions[logicalKey],
+                    newPerm.permissions,
+                ],
             };
         }
         else if (currentPerm.permissions) {
             permissions = {
-                _or: [currentPerm.permissions, newPerm.permissions],
+                [logicalKey]: [currentPerm.permissions, newPerm.permissions],
             };
         }
         else {
             permissions = {
-                _or: [newPerm.permissions],
+                [logicalKey]: [newPerm.permissions],
             };
         }
     }
     if (newPerm.validation) {
-        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === '_or') {
+        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === logicalKey) {
             validation = {
-                _or: [...currentPerm.validation._or, newPerm.validation],
+                [logicalKey]: [
+                    ...currentPerm.validation[logicalKey],
+                    newPerm.validation,
+                ],
             };
         }
         else if (currentPerm.validation) {
             validation = {
-                _or: [currentPerm.validation, newPerm.validation],
+                [logicalKey]: [currentPerm.validation, newPerm.validation],
             };
         }
         else {
             validation = {
-                _or: [newPerm.validation],
+                [logicalKey]: [newPerm.validation],
             };
         }
     }
     if (newPerm.fields) {
-        if (Array.isArray(currentPerm.fields)) {
+        if (Array.isArray(currentPerm.fields) && strategy === 'or') {
             fields = [...new Set([...currentPerm.fields, ...newPerm.fields])];
         }
+        else if (Array.isArray(currentPerm.fields) && strategy === 'and') {
+            fields = (0, lodash_1.intersection)(currentPerm.fields, newPerm.fields);
+        }
         else {
             fields = newPerm.fields;
         }
@@ -70,11 +77,12 @@ function mergePerm(currentPerm, newPerm) {
     if (newPerm.presets) {
         presets = (0, lodash_1.merge)({}, presets, newPerm.presets);
     }
-    return {
+    return (0, lodash_1.omit)({
         ...currentPerm,
         permissions,
         validation,
         fields,
         presets,
-    };
+    }, ['id', 'system']);
 }
+exports.mergePermission = mergePermission;

package/dist/utils/reduce-schema.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { SchemaOverview } from '../types';
-import { Accountability, PermissionsAction } from '@directus/shared/types';
+import { Permission, PermissionsAction } from '@directus/shared/types';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
  * the allowed collections/fields/relations included based on the permissions.
@@ -7,4 +7,4 @@ import { Accountability, PermissionsAction } from '@directus/shared/types';
  * @param actions Array of permissions actions (crud)
  * @returns Reduced schema
  */
-export declare function reduceSchema(schema: SchemaOverview, accountability: Accountability | null, actions?: PermissionsAction[]): SchemaOverview;
+export declare function reduceSchema(schema: SchemaOverview, permissions: Permission[] | null, actions?: PermissionsAction[]): SchemaOverview;

package/dist/utils/reduce-schema.js CHANGED Viewed

@@ -9,13 +9,13 @@ const lodash_1 = require("lodash");
  * @param actions Array of permissions actions (crud)
  * @returns Reduced schema
  */
-function reduceSchema(schema, accountability, actions = ['create', 'read', 'update', 'delete']) {
-    var _a, _b, _c, _d, _e;
+function reduceSchema(schema, permissions, actions = ['create', 'read', 'update', 'delete']) {
+    var _a, _b, _c;
     const reduced = {
         collections: {},
         relations: [],
     };
-    const allowedFieldsInCollection = (_b = (_a = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _a === void 0 ? void 0 : _a.filter((permission) => actions.includes(permission.action)).reduce((acc, permission) => {
+    const allowedFieldsInCollection = (_a = permissions === null || permissions === void 0 ? void 0 : permissions.filter((permission) => actions.includes(permission.action)).reduce((acc, permission) => {
         if (!acc[permission.collection]) {
             acc[permission.collection] = [];
         }
@@ -23,13 +23,13 @@ function reduceSchema(schema, accountability, actions = ['create', 'read', 'upda
             acc[permission.collection] = (0, lodash_1.uniq)([...acc[permission.collection], ...permission.fields]);
         }
         return acc;
-    }, {})) !== null && _b !== void 0 ? _b : {};
+    }, {})) !== null && _a !== void 0 ? _a : {};
     for (const [collectionName, collection] of Object.entries(schema.collections)) {
-        if ((_c = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _c === void 0 ? void 0 : _c.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
+        if (permissions === null || permissions === void 0 ? void 0 : permissions.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
             const fields = {};
             for (const [fieldName, field] of Object.entries(schema.collections[collectionName].fields)) {
-                if (((_d = allowedFieldsInCollection[collectionName]) === null || _d === void 0 ? void 0 : _d.includes('*')) ||
-                    ((_e = allowedFieldsInCollection[collectionName]) === null || _e === void 0 ? void 0 : _e.includes(fieldName))) {
+                if (((_b = allowedFieldsInCollection[collectionName]) === null || _b === void 0 ? void 0 : _b.includes('*')) ||
+                    ((_c = allowedFieldsInCollection[collectionName]) === null || _c === void 0 ? void 0 : _c.includes(fieldName))) {
                     fields[fieldName] = field;
                 }
             }

package/dist/utils/user-name.js CHANGED Viewed

@@ -2,6 +2,9 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.userName = void 0;
 function userName(user) {
+    if (!user) {
+        return 'Unknown User';
+    }
     if (user.first_name && user.last_name) {
         return `${user.first_name} ${user.last_name}`;
     }

package/example.env CHANGED Viewed

@@ -44,7 +44,7 @@ DB_PASSWORD="secret"
 # DB_PASSWORD="Test@123"
 ## OracleDB
-# DB_CLIENT="oracle"
+# DB_CLIENT="oracledb"
 # DB_CONNECT_STRING="localhost:5104/XE"
 # DB_USER="secretsysuser"
 # DB_PASSWORD="secretpassword"

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "directus",
-	"version": "9.2.2",
+	"version": "9.4.2",
 	"license": "GPL-3.0-only",
 	"homepage": "https://github.com/directus/directus#readme",
 	"description": "Directus is a real-time API and App dashboard for managing SQL database content.",
@@ -60,7 +60,7 @@
 		"prebuild": "npm run cleanup",
 		"build": "tsc --build && copyfiles \"src/**/*.*\" -e \"src/**/*.ts\" -u 1 dist",
 		"cleanup": "rimraf dist",
-		"dev": "cross-env NODE_ENV=development SERVE_APP=false ts-node-dev --files --transpile-only --respawn --watch \".env\" --inspect --exit-child -- src/start.ts",
+		"dev": "cross-env NODE_ENV=development SERVE_APP=false ts-node-dev --files --transpile-only --respawn --watch \".env\" --inspect=0 --exit-child -- src/start.ts",
 		"cli": "cross-env NODE_ENV=development SERVE_APP=false ts-node --script-mode --transpile-only src/cli/run.ts",
 		"test": "jest --coverage",
 		"test:watch": "jest --watchAll"
@@ -76,16 +76,16 @@
 	],
 	"dependencies": {
 		"@aws-sdk/client-ses": "^3.40.0",
-		"@directus/app": "9.2.2",
-		"@directus/drive": "9.2.2",
-		"@directus/drive-azure": "9.2.2",
-		"@directus/drive-gcs": "9.2.2",
-		"@directus/drive-s3": "9.2.2",
-		"@directus/extensions-sdk": "9.2.2",
-		"@directus/format-title": "9.2.2",
-		"@directus/schema": "9.2.2",
-		"@directus/shared": "9.2.2",
-		"@directus/specs": "9.2.2",
+		"@directus/app": "9.4.2",
+		"@directus/drive": "9.4.2",
+		"@directus/drive-azure": "9.4.2",
+		"@directus/drive-gcs": "9.4.2",
+		"@directus/drive-s3": "9.4.2",
+		"@directus/extensions-sdk": "9.4.2",
+		"@directus/format-title": "9.4.2",
+		"@directus/schema": "9.4.2",
+		"@directus/shared": "9.4.2",
+		"@directus/specs": "9.4.2",
 		"@godaddy/terminus": "^4.9.0",
 		"@rollup/plugin-alias": "^3.1.2",
 		"@rollup/plugin-virtual": "^2.0.3",
@@ -114,6 +114,7 @@
 		"fs-extra": "^10.0.0",
 		"graphql": "^15.5.0",
 		"graphql-compose": "^9.0.1",
+		"helmet": "^4.6.0",
 		"inquirer": "^8.1.1",
 		"joi": "^17.3.0",
 		"js-yaml": "^4.1.0",
@@ -169,7 +170,7 @@
 		"sqlite3": "^5.0.2",
 		"tedious": "^13.0.0"
 	},
-	"gitHead": "546d525175c7ecc6ac9c235b4ebf77a1ae209e10",
+	"gitHead": "1a5a9180ee6d0ad8f03076bc6e3cfdd62a0dd2f9",
 	"devDependencies": {
 		"@types/async": "3.2.10",
 		"@types/atob": "2.1.2",
@@ -209,7 +210,7 @@
 		"copyfiles": "2.4.1",
 		"cross-env": "7.0.3",
 		"jest": "27.3.1",
-		"knex-mock-client": "^1.6.1",
+		"knex-mock-client": "1.6.1",
 		"ts-jest": "27.0.7",
 		"ts-node-dev": "1.1.8",
 		"typescript": "4.5.2"