npm - directus - Versions diffs - 9.23.3 → 9.24.0 - Mend

directus 9.23.3 → 9.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

package/dist/app.js +15 -15
package/dist/auth/drivers/ldap.js +22 -22
package/dist/auth/drivers/local.js +7 -7
package/dist/auth/drivers/oauth2.js +27 -25
package/dist/auth/drivers/openid.js +32 -30
package/dist/auth/drivers/saml.js +10 -10
package/dist/auth.js +4 -3
package/dist/cache.js +16 -11
package/dist/cli/commands/bootstrap/index.js +5 -4
package/dist/cli/utils/create-db-connection.js +1 -1
package/dist/cli/utils/create-env/index.js +1 -1
package/dist/constants.d.ts +1 -0
package/dist/constants.js +6 -5
package/dist/controllers/activity.js +10 -10
package/dist/controllers/assets.js +19 -18
package/dist/controllers/auth.js +16 -16
package/dist/controllers/collections.js +11 -11
package/dist/controllers/dashboards.js +11 -11
package/dist/controllers/extensions.js +3 -3
package/dist/controllers/fields.js +17 -17
package/dist/controllers/files.js +18 -17
package/dist/controllers/flows.js +13 -13
package/dist/controllers/folders.js +11 -11
package/dist/controllers/graphql.js +6 -6
package/dist/controllers/items.js +19 -19
package/dist/controllers/notifications.js +11 -11
package/dist/controllers/operations.js +11 -11
package/dist/controllers/panels.js +11 -11
package/dist/controllers/permissions.js +11 -11
package/dist/controllers/presets.js +11 -11
package/dist/controllers/relations.js +11 -11
package/dist/controllers/revisions.js +3 -3
package/dist/controllers/roles.js +11 -11
package/dist/controllers/schema.js +5 -5
package/dist/controllers/server.js +7 -7
package/dist/controllers/settings.js +2 -2
package/dist/controllers/shares.js +14 -14
package/dist/controllers/users.js +16 -16
package/dist/controllers/utils.js +7 -7
package/dist/controllers/webhooks.js +11 -11
package/dist/database/helpers/fn/types.d.ts +0 -1
package/dist/database/helpers/fn/types.js +0 -2
package/dist/database/helpers/index.d.ts +3 -3
package/dist/database/index.js +5 -5
package/dist/database/migrations/20210805B-change-image-metadata-structure.js +15 -15
package/dist/database/migrations/run.js +1 -1
package/dist/database/run-ast.js +6 -6
package/dist/database/system-data/collections/index.js +2 -2
package/dist/database/system-data/fields/index.js +3 -3
package/dist/env.js +1 -1
package/dist/exceptions/database/dialects/mssql.js +2 -2
package/dist/exceptions/database/dialects/mysql.js +6 -6
package/dist/exceptions/database/record-not-unique.d.ts +1 -1
package/dist/extensions.js +10 -10
package/dist/flows.js +33 -31
package/dist/logger.d.ts +1 -0
package/dist/logger.js +32 -32
package/dist/mailer.js +16 -16
package/dist/messenger.js +4 -4
package/dist/middleware/authenticate.d.ts +1 -1
package/dist/middleware/authenticate.js +2 -2
package/dist/middleware/cache.js +11 -11
package/dist/middleware/collection-exists.js +4 -4
package/dist/middleware/cors.js +8 -8
package/dist/middleware/error-handler.js +2 -2
package/dist/middleware/extract-token.js +3 -3
package/dist/middleware/get-permissions.js +1 -1
package/dist/middleware/graphql.js +12 -6
package/dist/middleware/rate-limiter-global.js +5 -5
package/dist/middleware/rate-limiter-ip.js +2 -2
package/dist/middleware/respond.js +16 -16
package/dist/middleware/sanitize-query.js +1 -1
package/dist/middleware/schema.js +1 -1
package/dist/middleware/use-collection.js +1 -1
package/dist/middleware/validate-batch.js +1 -1
package/dist/operations/exec/index.js +2 -2
package/dist/rate-limiter.js +1 -1
package/dist/request/validate-ip.js +2 -2
package/dist/server.js +4 -4
package/dist/services/activity.js +14 -14
package/dist/services/assets.js +6 -6
package/dist/services/authentication.js +9 -9
package/dist/services/collections.js +9 -9
package/dist/services/fields.js +5 -5
package/dist/services/files.js +18 -18
package/dist/services/graphql/index.js +170 -116
package/dist/services/import-export.js +6 -6
package/dist/services/items.js +6 -6
package/dist/services/mail/index.js +5 -5
package/dist/services/meta.js +1 -0
package/dist/services/notifications.js +4 -4
package/dist/services/relations.js +4 -4
package/dist/services/revisions.js +3 -3
package/dist/services/roles.js +5 -5
package/dist/services/server.js +27 -27
package/dist/services/shares.js +9 -9
package/dist/services/specifications.js +5 -3
package/dist/services/users.d.ts +1 -5
package/dist/services/users.js +24 -27
package/dist/storage/register-locations.js +1 -1
package/dist/utils/apply-diff.js +12 -12
package/dist/utils/apply-query.js +3 -2
package/dist/utils/dynamic-import.js +1 -1
package/dist/utils/generate-hash.js +1 -1
package/dist/utils/get-ast-from-query.js +2 -2
package/dist/utils/get-auth-providers.js +1 -1
package/dist/utils/get-cache-headers.js +3 -3
package/dist/utils/get-collection-from-alias.js +1 -0
package/dist/utils/get-column-path.js +2 -1
package/dist/utils/get-default-value.js +1 -1
package/dist/utils/get-ip-from-req.js +2 -2
package/dist/utils/get-permissions.js +11 -11
package/dist/utils/get-schema.js +5 -5
package/dist/utils/get-snapshot-diff.js +1 -1
package/dist/utils/is-url-allowed.js +5 -2
package/dist/utils/parse-image-metadata.js +3 -3
package/dist/utils/reduce-schema.js +5 -5
package/dist/utils/sanitize-query.js +26 -26
package/dist/utils/should-skip-cache.js +13 -4
package/dist/utils/strip-function.js +1 -1
package/dist/utils/telemetry.d.ts +1 -0
package/dist/utils/telemetry.js +30 -0
package/dist/utils/validate-keys.js +1 -1
package/dist/utils/validate-query.js +1 -1
package/dist/utils/validate-storage.js +8 -8
package/dist/webhooks.js +2 -2
package/package.json +13 -13
package/dist/utils/redact-header-cookies.d.ts +0 -1
package/dist/utils/redact-header-cookies.js +0 -11
package/dist/utils/track.d.ts +0 -1
package/dist/utils/track.js +0 -81
/package/dist/{utils/redact-header-cookies.test.d.ts → logger.test.d.ts} +0 -0

package/dist/services/users.js CHANGED Viewed

@@ -20,9 +20,6 @@ const items_1 = require("./items");
 const mail_1 = require("./mail");
 const settings_1 = require("./settings");
 class UsersService extends items_1.ItemsService {
-    knex;
-    accountability;
-    schema;
     constructor(options) {
         super('directus_users', options);
         this.knex = options.knex || (0, database_1.default)();
@@ -131,8 +128,8 @@ class UsersService extends items_1.ItemsService {
      * Create multiple new users
      */
     async createMany(data, opts) {
-        const emails = data.map((payload) => payload.email).filter((email) => email);
-        const passwords = data.map((payload) => payload.password).filter((password) => password);
+        const emails = data['map']((payload) => payload['email']).filter((email) => email);
+        const passwords = data['map']((payload) => payload['password']).filter((password) => password);
         try {
             if (emails.length) {
                 await this.checkUniqueEmails(emails);
@@ -182,44 +179,44 @@ class UsersService extends items_1.ItemsService {
      */
     async updateMany(keys, data, opts) {
         try {
-            if (data.role) {
-                // data.role will be an object with id with GraphQL mutations
-                const roleId = data.role?.id ?? data.role;
+            if (data['role']) {
+                // data['role'] will be an object with id with GraphQL mutations
+                const roleId = data['role']?.id ?? data['role'];
                 const newRole = await this.knex.select('admin_access').from('directus_roles').where('id', roleId).first();
                 if (!newRole?.admin_access) {
                     await this.checkRemainingAdminExistence(keys);
                 }
             }
-            if (data.status !== undefined && data.status !== 'active') {
+            if (data['status'] !== undefined && data['status'] !== 'active') {
                 await this.checkRemainingActiveAdmin(keys);
             }
-            if (data.email) {
+            if (data['email']) {
                 if (keys.length > 1) {
                     throw new record_not_unique_1.RecordNotUniqueException('email', {
                         collection: 'directus_users',
                         field: 'email',
-                        invalid: data.email,
+                        invalid: data['email'],
                     });
                 }
-                await this.checkUniqueEmails([data.email], keys[0]);
+                await this.checkUniqueEmails([data['email']], keys[0]);
             }
-            if (data.password) {
-                await this.checkPasswordPolicy([data.password]);
+            if (data['password']) {
+                await this.checkPasswordPolicy([data['password']]);
             }
-            if (data.tfa_secret !== undefined) {
+            if (data['tfa_secret'] !== undefined) {
                 throw new exceptions_2.InvalidPayloadException(`You can't change the "tfa_secret" value manually.`);
             }
-            if (data.provider !== undefined) {
+            if (data['provider'] !== undefined) {
                 if (this.accountability && this.accountability.admin !== true) {
                     throw new exceptions_2.InvalidPayloadException(`You can't change the "provider" value manually.`);
                 }
-                data.auth_data = null;
+                data['auth_data'] = null;
             }
-            if (data.external_identifier !== undefined) {
+            if (data['external_identifier'] !== undefined) {
                 if (this.accountability && this.accountability.admin !== true) {
                     throw new exceptions_2.InvalidPayloadException(`You can't change the "external_identifier" value manually.`);
                 }
-                data.auth_data = null;
+                data['auth_data'] = null;
             }
         }
         catch (err) {
@@ -266,7 +263,7 @@ class UsersService extends items_1.ItemsService {
     async inviteUser(email, role, url, subject) {
         const opts = {};
         try {
-            if (url && (0, is_url_allowed_1.default)(url, env_1.default.USER_INVITE_URL_ALLOW_LIST) === false) {
+            if (url && (0, is_url_allowed_1.default)(url, env_1.default['USER_INVITE_URL_ALLOW_LIST']) === false) {
                 throw new exceptions_2.InvalidPayloadException(`Url "${url}" can't be used to invite users.`);
             }
         }
@@ -280,9 +277,9 @@ class UsersService extends items_1.ItemsService {
         });
         for (const email of emails) {
             const payload = { email, scope: 'invite' };
-            const token = jsonwebtoken_1.default.sign(payload, env_1.default.SECRET, { expiresIn: '7d', issuer: 'directus' });
+            const token = jsonwebtoken_1.default.sign(payload, env_1.default['SECRET'], { expiresIn: '7d', issuer: 'directus' });
             const subjectLine = subject ?? "You've been invited";
-            const inviteURL = url ? new url_1.Url(url) : new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'accept-invite');
+            const inviteURL = url ? new url_1.Url(url) : new url_1.Url(env_1.default['PUBLIC_URL']).addPath('admin', 'accept-invite');
             inviteURL.setQuery('token', token);
             // Create user first to verify uniqueness
             await this.createOne({ email, role, status: 'invited' }, opts);
@@ -300,7 +297,7 @@ class UsersService extends items_1.ItemsService {
         }
     }
     async acceptInvite(token, password) {
-        const { email, scope } = jsonwebtoken_1.default.verify(token, env_1.default.SECRET, { issuer: 'directus' });
+        const { email, scope } = jsonwebtoken_1.default.verify(token, env_1.default['SECRET'], { issuer: 'directus' });
         if (scope !== 'invite')
             throw new exceptions_2.ForbiddenException();
         const user = await this.knex.select('id', 'status').from('directus_users').where({ email }).first();
@@ -326,7 +323,7 @@ class UsersService extends items_1.ItemsService {
             await (0, stall_1.stall)(STALL_TIME, timeStart);
             throw new exceptions_2.ForbiddenException();
         }
-        if (url && (0, is_url_allowed_1.default)(url, env_1.default.PASSWORD_RESET_URL_ALLOW_LIST) === false) {
+        if (url && (0, is_url_allowed_1.default)(url, env_1.default['PASSWORD_RESET_URL_ALLOW_LIST']) === false) {
             throw new exceptions_2.InvalidPayloadException(`Url "${url}" can't be used to reset passwords.`);
         }
         const mailService = new mail_1.MailService({
@@ -335,10 +332,10 @@ class UsersService extends items_1.ItemsService {
             accountability: this.accountability,
         });
         const payload = { email, scope: 'password-reset', hash: (0, utils_1.getSimpleHash)('' + user.password) };
-        const token = jsonwebtoken_1.default.sign(payload, env_1.default.SECRET, { expiresIn: '1d', issuer: 'directus' });
+        const token = jsonwebtoken_1.default.sign(payload, env_1.default['SECRET'], { expiresIn: '1d', issuer: 'directus' });
         const acceptURL = url
             ? new url_1.Url(url).setQuery('token', token).toString()
-            : new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'reset-password').setQuery('token', token);
+            : new url_1.Url(env_1.default['PUBLIC_URL']).addPath('admin', 'reset-password').setQuery('token', token).toString();
         const subjectLine = subject ? subject : 'Password Reset Request';
         await mailService.send({
             to: email,
@@ -354,7 +351,7 @@ class UsersService extends items_1.ItemsService {
         await (0, stall_1.stall)(STALL_TIME, timeStart);
     }
     async resetPassword(token, password) {
-        const { email, scope, hash } = jsonwebtoken_1.default.verify(token, env_1.default.SECRET, { issuer: 'directus' });
+        const { email, scope, hash } = jsonwebtoken_1.default.verify(token, env_1.default['SECRET'], { issuer: 'directus' });
         if (scope !== 'password-reset' || !hash)
             throw new exceptions_2.ForbiddenException();
         const opts = {};

package/dist/storage/register-locations.js CHANGED Viewed

@@ -6,7 +6,7 @@ const env_1 = require("../env");
 const get_config_from_env_1 = require("../utils/get-config-from-env");
 const registerLocations = async (storage) => {
     const env = (0, env_1.getEnv)();
-    const locations = (0, utils_1.toArray)(env.STORAGE_LOCATIONS);
+    const locations = (0, utils_1.toArray)(env['STORAGE_LOCATIONS']);
     locations.forEach((location) => {
         location = location.trim();
         const driverConfig = (0, get_config_from_env_1.getConfigFromEnv)(`STORAGE_${location.toUpperCase()}_`);

package/dist/utils/apply-diff.js CHANGED Viewed

@@ -27,7 +27,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
         const getNestedCollectionsToDelete = (currentLevelCollection) => snapshotDiff.collections.filter(({ diff }) => diff[0].lhs?.meta?.group === currentLevelCollection);
         const createCollections = async (collections) => {
             for (const { collection, diff } of collections) {
-                if (diff?.[0].kind === types_1.DiffKind.NEW && diff[0].rhs) {
+                if (diff?.[0]?.kind === types_1.DiffKind.NEW && diff[0].rhs) {
                     // We'll nest the to-be-created fields in the same collection creation, to prevent
                     // creating a collection without a primary key
                     const fields = snapshotDiff.fields
@@ -64,7 +64,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
         };
         const deleteCollections = async (collections) => {
             for (const { collection, diff } of collections) {
-                if (diff?.[0].kind === types_1.DiffKind.DELETE) {
+                if (diff?.[0]?.kind === types_1.DiffKind.DELETE) {
                     const relations = schema.relations.filter((r) => r.related_collection === collection || r.collection === collection);
                     if (relations.length > 0) {
                         const relationsService = new services_1.RelationsService({ knex: trx, schema });
@@ -94,7 +94,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
         // Finds all collections that need to be created
         const filterCollectionsForCreation = ({ diff }) => {
             // Check new collections only
-            const isNewCollection = diff[0].kind === types_1.DiffKind.NEW;
+            const isNewCollection = diff[0]?.kind === types_1.DiffKind.NEW;
             if (!isNewCollection)
                 return false;
             // Create now if no group
@@ -111,7 +111,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
             // TopLevelCollection - I exist in current schema
             // 		NestedCollection - I exist in snapshotDiff as a new collection
             //			TheCurrentCollectionInIteration - I exist in snapshotDiff as a new collection but will be created as part of NestedCollection
-            const parentWillBeCreatedInThisApply = snapshotDiff.collections.filter(({ collection, diff }) => diff[0].kind === types_1.DiffKind.NEW && collection === groupName).length > 0;
+            const parentWillBeCreatedInThisApply = snapshotDiff.collections.filter(({ collection, diff }) => diff[0]?.kind === types_1.DiffKind.NEW && collection === groupName).length > 0;
             // Has group, but parent is not new, parent is also not being created in this snapshot apply
             if (parentExists && !parentWillBeCreatedInThisApply)
                 return true;
@@ -121,9 +121,9 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
         // then continue with nested collections recursively
         await createCollections(snapshotDiff.collections.filter(filterCollectionsForCreation));
         // delete top level collections (no group) first, then continue with nested collections recursively
-        await deleteCollections(snapshotDiff.collections.filter(({ diff }) => diff[0].kind === types_1.DiffKind.DELETE && diff[0].lhs.meta?.group === null));
+        await deleteCollections(snapshotDiff.collections.filter(({ diff }) => diff[0]?.kind === types_1.DiffKind.DELETE && diff[0].lhs.meta?.group === null));
         for (const { collection, diff } of snapshotDiff.collections) {
-            if (diff?.[0].kind === types_1.DiffKind.EDIT || diff?.[0].kind === types_1.DiffKind.ARRAY) {
+            if (diff?.[0]?.kind === types_1.DiffKind.EDIT || diff?.[0]?.kind === types_1.DiffKind.ARRAY) {
                 const currentCollection = currentSnapshot.collections.find((field) => {
                     return field.collection === collection;
                 });
@@ -147,7 +147,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
             schema: await (0, get_schema_1.getSchema)({ database: trx, bypassCache: true }),
         });
         for (const { collection, field, diff } of snapshotDiff.fields) {
-            if (diff?.[0].kind === types_1.DiffKind.NEW && !isNestedMetaUpdate(diff?.[0])) {
+            if (diff?.[0]?.kind === types_1.DiffKind.NEW && !isNestedMetaUpdate(diff?.[0])) {
                 try {
                     await fieldsService.createField(collection, diff[0].rhs, undefined, mutationOptions);
                 }
@@ -156,7 +156,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
                     throw err;
                 }
             }
-            if (diff?.[0].kind === types_1.DiffKind.EDIT || diff?.[0].kind === types_1.DiffKind.ARRAY || isNestedMetaUpdate(diff?.[0])) {
+            if (diff?.[0]?.kind === types_1.DiffKind.EDIT || diff?.[0]?.kind === types_1.DiffKind.ARRAY || isNestedMetaUpdate(diff[0])) {
                 const currentField = currentSnapshot.fields.find((snapshotField) => {
                     return snapshotField.collection === collection && snapshotField.field === field;
                 });
@@ -174,7 +174,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
                     }
                 }
             }
-            if (diff?.[0].kind === types_1.DiffKind.DELETE && !isNestedMetaUpdate(diff?.[0])) {
+            if (diff?.[0]?.kind === types_1.DiffKind.DELETE && !isNestedMetaUpdate(diff?.[0])) {
                 try {
                     await fieldsService.deleteField(collection, field, mutationOptions);
                 }
@@ -196,7 +196,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
             for (const diffEdit of diff) {
                 (0, lodash_1.set)(structure, diffEdit.path, undefined);
             }
-            if (diff?.[0].kind === types_1.DiffKind.NEW) {
+            if (diff?.[0]?.kind === types_1.DiffKind.NEW) {
                 try {
                     await relationsService.createOne(diff[0].rhs, mutationOptions);
                 }
@@ -205,7 +205,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
                     throw err;
                 }
             }
-            if (diff?.[0].kind === types_1.DiffKind.EDIT || diff?.[0].kind === types_1.DiffKind.ARRAY) {
+            if (diff?.[0]?.kind === types_1.DiffKind.EDIT || diff?.[0]?.kind === types_1.DiffKind.ARRAY) {
                 const currentRelation = currentSnapshot.relations.find((relation) => {
                     return relation.collection === collection && relation.field === field;
                 });
@@ -223,7 +223,7 @@ async function applyDiff(currentSnapshot, snapshotDiff, options) {
                     }
                 }
             }
-            if (diff?.[0].kind === types_1.DiffKind.DELETE) {
+            if (diff?.[0]?.kind === types_1.DiffKind.DELETE) {
                 try {
                     await relationsService.deleteOne(collection, field, mutationOptions);
                 }

package/dist/utils/apply-query.js CHANGED Viewed

@@ -171,6 +171,7 @@ function applySort(knex, schema, rootQuery, rootSort, collection, aliasMap, retu
     // Clears the order if any, eg: from MSSQL offset
     rootQuery.clear('order');
     rootQuery.orderBy(sortRecords);
+    return undefined;
 }
 exports.applySort = applySort;
 function applyLimit(knex, rootQuery, limit) {
@@ -337,7 +338,7 @@ function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap)
             }
             if (operator === '_nempty' || (operator === '_empty' && compareValue === false)) {
                 dbQuery[logical].andWhere((query) => {
-                    query.whereNotNull(key).orWhere(key, '!=', '');
+                    query.whereNotNull(key).andWhere(key, '!=', '');
                 });
             }
             // The following fields however, require a value to be run. If no value is passed, we
@@ -361,7 +362,7 @@ function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap)
             }
             // Cast filter value (compareValue) based on type of field being filtered against
             const [collection, field] = key.split('.');
-            const mappedCollection = originalCollectionName || collection;
+            const mappedCollection = (originalCollectionName || collection);
             if (mappedCollection in schema.collections && field in schema.collections[mappedCollection].fields) {
                 const type = schema.collections[mappedCollection].fields[field].type;
                 if (['date', 'dateTime', 'time', 'timestamp'].includes(type)) {

package/dist/utils/dynamic-import.js CHANGED Viewed

@@ -2,6 +2,6 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.dynamicImport = void 0;
 const dynamicImport = async (mod) => {
-    return process.env.VITEST ? await import(mod) : require(mod);
+    return process.env['VITEST'] ? await import(mod) : require(mod);
 };
 exports.dynamicImport = dynamicImport;

package/dist/utils/generate-hash.js CHANGED Viewed

@@ -10,7 +10,7 @@ function generateHash(stringToHash) {
     const argon2HashConfigOptions = (0, get_config_from_env_1.getConfigFromEnv)('HASH_', 'HASH_RAW'); // Disallow the HASH_RAW option, see https://github.com/directus/directus/discussions/7670#discussioncomment-1255805
     // associatedData, if specified, must be passed as a Buffer to argon2.hash, see https://github.com/ranisalt/node-argon2/wiki/Options#associateddata
     'associatedData' in argon2HashConfigOptions &&
-        (argon2HashConfigOptions.associatedData = Buffer.from(argon2HashConfigOptions.associatedData));
+        (argon2HashConfigOptions['associatedData'] = Buffer.from(argon2HashConfigOptions['associatedData']));
     return argon2_1.default.hash(stringToHash, argon2HashConfigOptions);
 }
 exports.generateHash = generateHash;

package/dist/utils/get-ast-from-query.js CHANGED Viewed

@@ -181,7 +181,7 @@ async function getASTFromQuery(collection, query, schema, options) {
                     continue;
                 }
                 // update query alias for children parseFields
-                const deepAlias = getDeepQuery(deep?.[fieldKey] || {})?.alias;
+                const deepAlias = getDeepQuery(deep?.[fieldKey] || {})?.['alias'];
                 if (!(0, lodash_1.isEmpty)(deepAlias))
                     query.alias = deepAlias;
                 child = {
@@ -296,5 +296,5 @@ async function getASTFromQuery(collection, query, schema, options) {
 }
 exports.default = getASTFromQuery;
 function getDeepQuery(query) {
-    return (0, lodash_1.mapKeys)((0, lodash_1.omitBy)(query, (value, key) => key.startsWith('_') === false), (value, key) => key.substring(1));
+    return (0, lodash_1.mapKeys)((0, lodash_1.omitBy)(query, (_value, key) => key.startsWith('_') === false), (_value, key) => key.substring(1));
 }

package/dist/utils/get-auth-providers.js CHANGED Viewed

@@ -7,7 +7,7 @@ exports.getAuthProviders = void 0;
 const utils_1 = require("@directus/shared/utils");
 const env_1 = __importDefault(require("../env"));
 function getAuthProviders() {
-    return (0, utils_1.toArray)(env_1.default.AUTH_PROVIDERS)
+    return (0, utils_1.toArray)(env_1.default['AUTH_PROVIDERS'])
         .filter((provider) => provider && env_1.default[`AUTH_${provider.toUpperCase()}_DRIVER`])
         .map((provider) => ({
         name: provider,

package/dist/utils/get-cache-headers.js CHANGED Viewed

@@ -22,7 +22,7 @@ function getCacheControlHeader(req, ttl, globalCacheSettings, personalized) {
     if (ttl === undefined || ttl < 0)
         return 'no-cache';
     // When the API cache can invalidate at any moment
-    if (globalCacheSettings && env_1.default.CACHE_AUTO_PURGE === true)
+    if (globalCacheSettings && env_1.default['CACHE_AUTO_PURGE'] === true)
         return 'no-cache';
     const headerValues = [];
     // When caching depends on the authentication status of the users
@@ -35,8 +35,8 @@ function getCacheControlHeader(req, ttl, globalCacheSettings, personalized) {
     const ttlSeconds = Math.round(ttl / 1000);
     headerValues.push(`max-age=${ttlSeconds}`);
     // When the s-maxage flag should be included
-    if (globalCacheSettings && Number.isInteger(env_1.default.CACHE_CONTROL_S_MAXAGE) && env_1.default.CACHE_CONTROL_S_MAXAGE >= 0) {
-        headerValues.push(`s-maxage=${env_1.default.CACHE_CONTROL_S_MAXAGE}`);
+    if (globalCacheSettings && Number.isInteger(env_1.default['CACHE_CONTROL_S_MAXAGE']) && env_1.default['CACHE_CONTROL_S_MAXAGE'] >= 0) {
+        headerValues.push(`s-maxage=${env_1.default['CACHE_CONTROL_S_MAXAGE']}`);
     }
     return headerValues.join(', ');
 }

package/dist/utils/get-collection-from-alias.js CHANGED Viewed

@@ -11,5 +11,6 @@ function getCollectionFromAlias(alias, aliasMap) {
             return aliasValue.collection;
         }
     }
+    return undefined;
 }
 exports.getCollectionFromAlias = getCollectionFromAlias;

package/dist/utils/get-column-path.js CHANGED Viewed

@@ -43,7 +43,8 @@ function getColumnPath({ path, collection, aliasMap, relations, schema }) {
                 addNestedPkField = schema.collections[parent].primary;
             }
             // Nested level alias field
-            else if (remainingParts.length === 1 && schema.collections[parent].fields[remainingParts[0]].type === 'alias') {
+            else if (remainingParts.length === 1 &&
+                schema.collections[parent].fields[remainingParts[0]].type === 'alias') {
                 remainingParts.push(schema.collections[relation.related_collection].primary);
                 addNestedPkField = schema.collections[relation.related_collection].primary;
             }

package/dist/utils/get-default-value.js CHANGED Viewed

@@ -52,7 +52,7 @@ function castToObject(value) {
             return (0, utils_1.parseJSON)(value);
         }
         catch (err) {
-            if (env_1.default.NODE_ENV === 'development') {
+            if (env_1.default['NODE_ENV'] === 'development') {
                 logger_1.default.error(err);
             }
             return value;

package/dist/utils/get-ip-from-req.js CHANGED Viewed

@@ -9,8 +9,8 @@ const env_1 = __importDefault(require("../env"));
 const logger_1 = __importDefault(require("../logger"));
 function getIPFromReq(req) {
     let ip = req.ip;
-    if (env_1.default.IP_CUSTOM_HEADER) {
-        const customIPHeaderValue = req.get(env_1.default.IP_CUSTOM_HEADER);
+    if (env_1.default['IP_CUSTOM_HEADER']) {
+        const customIPHeaderValue = req.get(env_1.default['IP_CUSTOM_HEADER']);
         if (typeof customIPHeaderValue === 'string' && (0, net_1.isIP)(customIPHeaderValue) !== 0) {
             ip = customIPHeaderValue;
         }

package/dist/utils/get-permissions.js CHANGED Viewed

@@ -22,7 +22,7 @@ async function getPermissions(accountability, schema) {
     let permissions = [];
     const { user, role, app, admin, share_scope } = accountability;
     const cacheKey = `permissions-${(0, object_hash_1.default)({ user, role, app, admin, share_scope })}`;
-    if (cache && env_1.default.CACHE_PERMISSIONS !== false) {
+    if (cache && env_1.default['CACHE_PERMISSIONS'] !== false) {
         let cachedPermissions;
         try {
             cachedPermissions = await (0, cache_1.getSystemCache)(cacheKey);
@@ -31,20 +31,20 @@ async function getPermissions(accountability, schema) {
             logger_1.default.warn(err, `[cache] Couldn't read key ${cacheKey}. ${err.message}`);
         }
         if (cachedPermissions) {
-            if (!cachedPermissions.containDynamicData) {
-                return processPermissions(accountability, cachedPermissions.permissions, {});
+            if (!cachedPermissions['containDynamicData']) {
+                return processPermissions(accountability, cachedPermissions['permissions'], {});
             }
-            const cachedFilterContext = await (0, cache_1.getCacheValue)(cache, `filterContext-${(0, object_hash_1.default)({ user, role, permissions: cachedPermissions.permissions })}`);
+            const cachedFilterContext = await (0, cache_1.getCacheValue)(cache, `filterContext-${(0, object_hash_1.default)({ user, role, permissions: cachedPermissions['permissions'] })}`);
             if (cachedFilterContext) {
-                return processPermissions(accountability, cachedPermissions.permissions, cachedFilterContext);
+                return processPermissions(accountability, cachedPermissions['permissions'], cachedFilterContext);
             }
             else {
-                const { permissions: parsedPermissions, requiredPermissionData, containDynamicData, } = parsePermissions(cachedPermissions.permissions);
+                const { permissions: parsedPermissions, requiredPermissionData, containDynamicData, } = parsePermissions(cachedPermissions['permissions']);
                 permissions = parsedPermissions;
                 const filterContext = containDynamicData
                     ? await getFilterContext(schema, accountability, requiredPermissionData)
                     : {};
-                if (containDynamicData && env_1.default.CACHE_ENABLED !== false) {
+                if (containDynamicData && env_1.default['CACHE_ENABLED'] !== false) {
                     await (0, cache_1.setCacheValue)(cache, `filterContext-${(0, object_hash_1.default)({ user, role, permissions })}`, filterContext);
                 }
                 return processPermissions(accountability, permissions, filterContext);
@@ -71,9 +71,9 @@ async function getPermissions(accountability, schema) {
         const filterContext = containDynamicData
             ? await getFilterContext(schema, accountability, requiredPermissionData)
             : {};
-        if (cache && env_1.default.CACHE_PERMISSIONS !== false) {
+        if (cache && env_1.default['CACHE_PERMISSIONS'] !== false) {
             await (0, cache_1.setSystemCache)(cacheKey, { permissions, containDynamicData });
-            if (containDynamicData && env_1.default.CACHE_ENABLED !== false) {
+            if (containDynamicData && env_1.default['CACHE_ENABLED'] !== false) {
                 await (0, cache_1.setCacheValue)(cache, `filterContext-${(0, object_hash_1.default)({ user, role, permissions })}`, filterContext);
             }
         }
@@ -137,12 +137,12 @@ async function getFilterContext(schema, accountability, requiredPermissionData)
     const rolesService = new roles_1.RolesService({ schema });
     const filterContext = {};
     if (accountability.user && requiredPermissionData.$CURRENT_USER.length > 0) {
-        filterContext.$CURRENT_USER = await usersService.readOne(accountability.user, {
+        filterContext['$CURRENT_USER'] = await usersService.readOne(accountability.user, {
             fields: requiredPermissionData.$CURRENT_USER,
         });
     }
     if (accountability.role && requiredPermissionData.$CURRENT_ROLE.length > 0) {
-        filterContext.$CURRENT_ROLE = await rolesService.readOne(accountability.role, {
+        filterContext['$CURRENT_ROLE'] = await rolesService.readOne(accountability.role, {
             fields: requiredPermissionData.$CURRENT_ROLE,
         });
     }

package/dist/utils/get-schema.js CHANGED Viewed

@@ -21,7 +21,7 @@ async function getSchema(options) {
     const database = options?.database || (0, database_1.default)();
     const schemaInspector = (0, schema_1.default)(database);
     let result;
-    if (!options?.bypassCache && env_1.default.CACHE_SCHEMA !== false) {
+    if (!options?.bypassCache && env_1.default['CACHE_SCHEMA'] !== false) {
         let cachedSchema;
         try {
             cachedSchema = await (0, cache_1.getSchemaCache)();
@@ -61,7 +61,7 @@ async function getDatabaseSchema(database, schemaInspector) {
         ...collections_1.systemCollectionRows,
     ];
     for (const [collection, info] of Object.entries(schemaOverview)) {
-        if ((0, utils_1.toArray)(env_1.default.DB_EXCLUDE_TABLES).includes(collection)) {
+        if ((0, utils_1.toArray)(env_1.default['DB_EXCLUDE_TABLES']).includes(collection)) {
             logger_1.default.trace(`Collection "${collection}" is configured to be excluded and will be ignored`);
             continue;
         }
@@ -81,7 +81,7 @@ async function getDatabaseSchema(database, schemaInspector) {
             note: collectionMeta?.note || null,
             sortField: collectionMeta?.sort_field || null,
             accountability: collectionMeta ? collectionMeta.accountability : 'all',
-            fields: (0, lodash_1.mapValues)(schemaOverview[collection].columns, (column) => {
+            fields: (0, lodash_1.mapValues)(schemaOverview[collection]?.columns, (column) => {
                 return {
                     field: column.column_name,
                     defaultValue: (0, get_default_value_1.default)(column) ?? null,
@@ -108,8 +108,8 @@ async function getDatabaseSchema(database, schemaInspector) {
     for (const field of fields) {
         if (!result.collections[field.collection])
             continue;
-        const existing = result.collections[field.collection].fields[field.field];
-        const column = schemaOverview[field.collection].columns[field.field];
+        const existing = result.collections[field.collection]?.fields[field.field];
+        const column = schemaOverview[field.collection]?.columns[field.field];
         const special = field.special ? (0, utils_1.toArray)(field.special) : [];
         if (constants_1.ALIAS_TYPES.some((type) => special.includes(type)) === false && !existing)
             continue;

package/dist/utils/get-snapshot-diff.js CHANGED Viewed

@@ -73,7 +73,7 @@ function getSnapshotDiff(current, after) {
      * When you delete a collection, we don't have to individually drop all the fields/relations as well
      */
     const deletedCollections = diffedSnapshot.collections
-        .filter((collection) => collection.diff?.[0].kind === types_1.DiffKind.DELETE)
+        .filter((collection) => collection.diff?.[0]?.kind === types_1.DiffKind.DELETE)
         .map(({ collection }) => collection);
     diffedSnapshot.fields = diffedSnapshot.fields.filter((field) => deletedCollections.includes(field.collection) === false);
     diffedSnapshot.relations = diffedSnapshot.relations.filter((relation) => deletedCollections.includes(relation.collection) === false);

package/dist/utils/is-url-allowed.js CHANGED Viewed

@@ -13,7 +13,8 @@ function isUrlAllowed(url, allowList) {
     const urlAllowList = (0, utils_1.toArray)(allowList);
     if (urlAllowList.includes(url))
         return true;
-    const parsedWhitelist = urlAllowList.map((allowedURL) => {
+    const parsedWhitelist = urlAllowList
+        .map((allowedURL) => {
         try {
             const { hostname, pathname } = new url_1.URL(allowedURL);
             return hostname + pathname;
@@ -21,7 +22,9 @@ function isUrlAllowed(url, allowList) {
         catch {
             logger_1.default.warn(`Invalid URL used "${url}"`);
         }
-    });
+        return null;
+    })
+        .filter((f) => f);
     try {
         const { hostname, pathname } = new url_1.URL(url);
         return parsedWhitelist.includes(hostname + pathname);

package/dist/utils/parse-image-metadata.js CHANGED Viewed

@@ -53,8 +53,8 @@ function parseXmp(buffer) {
         if (!tagMatches || tagMatches.length === 0) {
             return;
         }
-        const value = tagMatches[1].trim();
-        if (value.toLowerCase().indexOf('<rdf:bag>') === 0) {
+        const value = tagMatches[1]?.trim();
+        if (value?.toLowerCase().indexOf('<rdf:bag>') === 0) {
             const r = new RegExp('<rdf:li>(.*?)</rdf:li>', 'smig');
             let match = r.exec(value);
             const result = [];
@@ -65,7 +65,7 @@ function parseXmp(buffer) {
             xmp[x] = result;
         }
         else {
-            xmp[x] = value.replace(/<[^>]*>?/gm, '').trim();
+            xmp[x] = value?.replace(/<[^>]*>?/gm, '').trim();
         }
     });
     return xmp;

package/dist/utils/reduce-schema.js CHANGED Viewed

@@ -56,7 +56,7 @@ function reduceSchema(schema, permissions, actions = ['create', 'read', 'update'
         if (relation.related_collection &&
             (Object.keys(allowedFieldsInCollection).includes(relation.related_collection) === false ||
                 // Ignore legacy permissions with an empty fields array
-                allowedFieldsInCollection[relation.related_collection].length === 0)) {
+                allowedFieldsInCollection[relation.related_collection]?.length === 0)) {
             collectionsAllowed = false;
         }
         if (relation.meta?.one_allowed_collections &&
@@ -64,15 +64,15 @@ function reduceSchema(schema, permissions, actions = ['create', 'read', 'update'
             collectionsAllowed = false;
         }
         if (!allowedFieldsInCollection[relation.collection] ||
-            (allowedFieldsInCollection[relation.collection].includes('*') === false &&
-                allowedFieldsInCollection[relation.collection].includes(relation.field) === false)) {
+            (allowedFieldsInCollection[relation.collection]?.includes('*') === false &&
+                allowedFieldsInCollection[relation.collection]?.includes(relation.field) === false)) {
             fieldsAllowed = false;
         }
         if (relation.related_collection &&
             relation.meta?.one_field &&
             (!allowedFieldsInCollection[relation.related_collection] ||
-                (allowedFieldsInCollection[relation.related_collection].includes('*') === false &&
-                    allowedFieldsInCollection[relation.related_collection].includes(relation.meta?.one_field) === false))) {
+                (allowedFieldsInCollection[relation.related_collection]?.includes('*') === false &&
+                    allowedFieldsInCollection[relation.related_collection]?.includes(relation.meta?.one_field) === false))) {
             fieldsAllowed = false;
         }
         return collectionsAllowed && fieldsAllowed;