directus 9.3.0 → 9.4.3

package/dist/database/system-data/relations/relations.yaml

@@ -12,6 +12,9 @@ defaults:
   sort_field: null
 
 data:
+  - many_collection: directus_collections
+    many_field: group
+    one_collection: directus_collections
   - many_collection: directus_users
     many_field: role
     one_collection: directus_roles
@@ -73,6 +76,9 @@ data:
   - many_collection: directus_sessions
     many_field: user
     one_collection: directus_users
+  - many_collection: directus_sessions
+    many_field: share
+    one_collection: directus_shares
   - many_collection: directus_settings
     many_field: storage_default_folder
     one_collection: directus_folders
@@ -88,3 +94,12 @@ data:
   - many_collection: directus_notifications
     many_field: sender
     one_collection: directus_users
+  - many_collection: directus_shares
+    many_field: role
+    one_collection: directus_roles
+  - many_collection: directus_shares
+    many_field: collection
+    one_collection: directus_collections
+  - many_collection: directus_shares
+    many_field: user_created
+    one_collection: directus_users

package/dist/env.js

@@ -20,7 +20,7 @@ const defaults = {
     PORT: 8055,
     PUBLIC_URL: '/',
     MAX_PAYLOAD_SIZE: '100kb',
-    DB_EXCLUDE_TABLES: 'spatial_ref_sys',
+    DB_EXCLUDE_TABLES: 'spatial_ref_sys,sysdiagrams',
     STORAGE_LOCATIONS: 'local',
     STORAGE_LOCAL_DRIVER: 'local',
     STORAGE_LOCAL_ROOT: './uploads',
@@ -52,6 +52,7 @@ const defaults = {
     AUTH_PROVIDERS: '',
     AUTH_DISABLE_DEFAULT: false,
     EXTENSIONS_PATH: './extensions',
+    EXTENSIONS_AUTO_RELOAD: false,
     EMAIL_FROM: 'no-reply@directus.io',
     EMAIL_TRANSPORT: 'sendmail',
     EMAIL_SENDMAIL_NEW_LINE: 'unix',
@@ -61,6 +62,8 @@ const defaults = {
     ASSETS_TRANSFORM_MAX_CONCURRENT: 1,
     ASSETS_TRANSFORM_IMAGE_MAX_DIMENSION: 6000,
     ASSETS_TRANSFORM_MAX_OPERATIONS: 5,
+    IP_TRUST_PROXY: true,
+    IP_CUSTOM_HEADER: false,
     SERVE_APP: true,
 };
 // Allows us to force certain environment variable into a type, instead of relying

package/dist/extensions.d.ts

@@ -2,22 +2,27 @@ import { Router } from 'express';
 import { AppExtensionType, ExtensionType } from '@directus/shared/types';
 export declare function getExtensionManager(): ExtensionManager;
 declare class ExtensionManager {
-    private isInitialized;
+    private isLoaded;
+    private isScheduleHookEnabled;
     private extensions;
     private appExtensions;
-    private apiHooks;
-    private apiEndpoints;
+    private apiExtensions;
     private apiEmitter;
     private endpointRouter;
-    private isScheduleHookEnabled;
+    private watcher;
     constructor();
-    initialize({ schedule }?: {
+    initialize({ schedule, watch }?: {
         schedule: boolean;
+        watch: boolean;
     }): Promise<void>;
     reload(): Promise<void>;
-    listExtensions(type?: ExtensionType): string[];
+    getExtensionsList(type?: ExtensionType): string[];
     getAppExtensions(type: AppExtensionType): string | undefined;
     getEndpointRouter(): Router;
+    private load;
+    private unload;
+    private initializeWatcher;
+    private updateWatchedExtensions;
     private getExtensions;
     private generateExtensionBundles;
     private getSharedDepsMapping;

package/dist/extensions.js

@@ -44,6 +44,9 @@ const plugin_virtual_1 = __importDefault(require("@rollup/plugin-virtual"));
 const plugin_alias_1 = __importDefault(require("@rollup/plugin-alias"));
 const url_1 = require("./utils/url");
 const get_module_default_1 = __importDefault(require("./utils/get-module-default"));
+const lodash_1 = require("lodash");
+const chokidar_1 = __importDefault(require("chokidar"));
+const utils_1 = require("@directus/shared/utils");
 let extensionManager;
 function getExtensionManager() {
     if (extensionManager) {
@@ -55,19 +58,66 @@ function getExtensionManager() {
 exports.getExtensionManager = getExtensionManager;
 class ExtensionManager {
     constructor() {
-        this.isInitialized = false;
+        this.isLoaded = false;
+        this.isScheduleHookEnabled = true;
         this.extensions = [];
         this.appExtensions = {};
-        this.apiHooks = [];
-        this.apiEndpoints = [];
-        this.isScheduleHookEnabled = true;
+        this.apiExtensions = { hooks: [], endpoints: [] };
+        this.watcher = null;
         this.apiEmitter = new emitter_1.Emitter();
         this.endpointRouter = (0, express_1.Router)();
     }
-    async initialize({ schedule } = { schedule: true }) {
+    async initialize({ schedule, watch } = { schedule: true, watch: true }) {
         this.isScheduleHookEnabled = schedule;
-        if (this.isInitialized)
-            return;
+        if (watch) {
+            this.initializeWatcher();
+        }
+        if (!this.isLoaded) {
+            await this.load();
+            this.updateWatchedExtensions(this.extensions);
+            const loadedExtensions = this.getExtensionsList();
+            if (loadedExtensions.length > 0) {
+                logger_1.default.info(`Loaded extensions: ${loadedExtensions.join(', ')}`);
+            }
+        }
+    }
+    async reload() {
+        if (this.isLoaded) {
+            logger_1.default.info('Reloading extensions');
+            const prevExtensions = (0, lodash_1.clone)(this.extensions);
+            await this.unload();
+            await this.load();
+            const added = this.extensions.filter((extension) => !prevExtensions.some((prevExtension) => extension.path === prevExtension.path));
+            const removed = prevExtensions.filter((prevExtension) => !this.extensions.some((extension) => prevExtension.path === extension.path));
+            this.updateWatchedExtensions(added, removed);
+            const addedExtensions = added.map((extension) => extension.name);
+            const removedExtensions = removed.map((extension) => extension.name);
+            if (addedExtensions.length > 0) {
+                logger_1.default.info(`Added extensions: ${addedExtensions.join(', ')}`);
+            }
+            if (removedExtensions.length > 0) {
+                logger_1.default.info(`Removed extensions: ${removedExtensions.join(', ')}`);
+            }
+        }
+        else {
+            logger_1.default.warn('Extensions have to be loaded before they can be reloaded');
+        }
+    }
+    getExtensionsList(type) {
+        if (type === undefined) {
+            return this.extensions.map((extension) => extension.name);
+        }
+        else {
+            return this.extensions.filter((extension) => extension.type === type).map((extension) => extension.name);
+        }
+    }
+    getAppExtensions(type) {
+        return this.appExtensions[type];
+    }
+    getEndpointRouter() {
+        return this.endpointRouter;
+    }
+    async load() {
         try {
             await (0, node_1.ensureExtensionDirs)(env_1.default.EXTENSIONS_PATH, env_1.default.SERVE_APP ? constants_1.EXTENSION_TYPES : constants_1.API_EXTENSION_TYPES);
             this.extensions = await this.getExtensions();
@@ -81,38 +131,42 @@ class ExtensionManager {
         if (env_1.default.SERVE_APP) {
             this.appExtensions = await this.generateExtensionBundles();
         }
-        const loadedExtensions = this.listExtensions();
-        if (loadedExtensions.length > 0) {
-            logger_1.default.info(`Loaded extensions: ${loadedExtensions.join(', ')}`);
-        }
-        this.isInitialized = true;
+        this.isLoaded = true;
     }
-    async reload() {
-        if (!this.isInitialized)
-            return;
-        logger_1.default.info('Reloading extensions');
+    async unload() {
         this.unregisterHooks();
         this.unregisterEndpoints();
         this.apiEmitter.offAll();
         if (env_1.default.SERVE_APP) {
             this.appExtensions = {};
         }
-        this.isInitialized = false;
-        await this.initialize();
+        this.isLoaded = false;
     }
-    listExtensions(type) {
-        if (type === undefined) {
-            return this.extensions.map((extension) => extension.name);
-        }
-        else {
-            return this.extensions.filter((extension) => extension.type === type).map((extension) => extension.name);
+    initializeWatcher() {
+        if (env_1.default.EXTENSIONS_AUTO_RELOAD && env_1.default.NODE_ENV !== 'development' && !this.watcher) {
+            logger_1.default.info('Watching extensions for changes...');
+            const localExtensionPaths = (env_1.default.SERVE_APP ? constants_1.EXTENSION_TYPES : constants_1.API_EXTENSION_TYPES).map((type) => path_1.default.resolve(env_1.default.EXTENSIONS_PATH, (0, utils_1.pluralize)(type)));
+            this.watcher = chokidar_1.default.watch([path_1.default.resolve('.', 'package.json'), ...localExtensionPaths], {
+                ignoreInitial: true,
+            });
+            this.watcher
+                .on('add', () => this.reload())
+                .on('change', () => this.reload())
+                .on('unlink', () => this.reload());
         }
     }
-    getAppExtensions(type) {
-        return this.appExtensions[type];
-    }
-    getEndpointRouter() {
-        return this.endpointRouter;
+    updateWatchedExtensions(added, removed = []) {
+        if (this.watcher) {
+            const toPackageExtensionPaths = (extensions) => extensions
+                .filter((extension) => !extension.local)
+                .map((extension) => extension.type !== 'pack'
+                ? path_1.default.resolve(extension.path, extension.entrypoint || '')
+                : path_1.default.resolve(extension.path, 'package.json'));
+            const addedPackageExtensionPaths = toPackageExtensionPaths(added);
+            const removedPackageExtensionPaths = toPackageExtensionPaths(removed);
+            this.watcher.add(addedPackageExtensionPaths);
+            this.watcher.unwatch(removedPackageExtensionPaths);
+        }
     }
     async getExtensions() {
         const packageExtensions = await (0, node_1.getPackageExtensions)('.', env_1.default.SERVE_APP ? constants_1.EXTENSION_PACKAGE_TYPES : constants_1.API_EXTENSION_PACKAGE_TYPES);
@@ -141,12 +195,13 @@ class ExtensionManager {
         return bundles;
     }
     async getSharedDepsMapping(deps) {
-        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist'));
+        const appDir = await fs_extra_1.default.readdir(path_1.default.join((0, node_1.resolvePackage)('@directus/app'), 'dist', 'assets'));
         const depsMapping = {};
         for (const dep of deps) {
-            const depName = appDir.find((file) => dep.replace(/\//g, '_') === file.substring(0, file.indexOf('.')));
+            const depRegex = new RegExp(`${(0, lodash_1.escapeRegExp)(dep.replace(/\//g, '_'))}\\.[0-9a-f]{8}\\.entry\\.js`);
+            const depName = appDir.find((file) => depRegex.test(file));
             if (depName) {
-                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', depName);
+                const depUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'assets', depName);
                 depsMapping[dep] = depUrl.toString({ rootRelative: true });
             }
             else {
@@ -186,7 +241,7 @@ class ExtensionManager {
         const registerFunctions = {
             filter: (event, handler) => {
                 emitter_1.default.onFilter(event, handler);
-                this.apiHooks.push({
+                this.apiExtensions.hooks.push({
                     type: 'filter',
                     path: hookPath,
                     event,
@@ -195,7 +250,7 @@ class ExtensionManager {
             },
             action: (event, handler) => {
                 emitter_1.default.onAction(event, handler);
-                this.apiHooks.push({
+                this.apiExtensions.hooks.push({
                     type: 'action',
                     path: hookPath,
                     event,
@@ -204,7 +259,7 @@ class ExtensionManager {
             },
             init: (event, handler) => {
                 emitter_1.default.onInit(event, handler);
-                this.apiHooks.push({
+                this.apiExtensions.hooks.push({
                     type: 'init',
                     path: hookPath,
                     event,
@@ -223,7 +278,7 @@ class ExtensionManager {
                             }
                         }
                     });
-                    this.apiHooks.push({
+                    this.apiExtensions.hooks.push({
                         type: 'schedule',
                         path: hookPath,
                         task,
@@ -261,12 +316,12 @@ class ExtensionManager {
             logger: logger_1.default,
             getSchema: get_schema_1.getSchema,
         });
-        this.apiEndpoints.push({
+        this.apiExtensions.endpoints.push({
             path: endpointPath,
         });
     }
     unregisterHooks() {
-        for (const hook of this.apiHooks) {
+        for (const hook of this.apiExtensions.hooks) {
             switch (hook.type) {
                 case 'filter':
                     emitter_1.default.offFilter(hook.event, hook.handler);
@@ -278,18 +333,18 @@ class ExtensionManager {
                     emitter_1.default.offInit(hook.event, hook.handler);
                     break;
                 case 'schedule':
-                    hook.task.destroy();
+                    hook.task.stop();
                     break;
             }
             delete require.cache[require.resolve(hook.path)];
         }
-        this.apiHooks = [];
+        this.apiExtensions.hooks = [];
     }
     unregisterEndpoints() {
-        for (const endpoint of this.apiEndpoints) {
+        for (const endpoint of this.apiExtensions.endpoints) {
             delete require.cache[require.resolve(endpoint.path)];
         }
         this.endpointRouter.stack = [];
-        this.apiEndpoints = [];
+        this.apiExtensions.endpoints = [];
     }
 }

package/dist/middleware/authenticate.js

@@ -27,6 +27,7 @@ const database_1 = __importDefault(require("../database"));
 const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const get_ip_from_req_1 = require("../utils/get-ip-from-req");
 const is_directus_jwt_1 = __importDefault(require("../utils/is-directus-jwt"));
 /**
  * Verify the passed JWT and assign the user ID and role to `req`
@@ -37,7 +38,7 @@ const authenticate = (0, async_handler_1.default)(async (req, res, next) => {
         role: null,
         admin: false,
         app: false,
-        ip: req.ip.startsWith('::ffff:') ? req.ip.substring(7) : req.ip,
+        ip: (0, get_ip_from_req_1.getIPFromReq)(req),
         userAgent: req.get('user-agent'),
     };
     const database = (0, database_1.default)();
@@ -58,22 +59,12 @@ const authenticate = (0, async_handler_1.default)(async (req, res, next) => {
                     throw err;
                 }
             }
-            const user = await database
-                .select('directus_users.role', 'directus_roles.admin_access', 'directus_roles.app_access')
-                .from('directus_users')
-                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
-                .where({
-                'directus_users.id': payload.id,
-                status: 'active',
-            })
-                .first();
-            if (!user) {
-                throw new exceptions_1.InvalidCredentialsException();
-            }
+            req.accountability.share = payload.share;
+            req.accountability.share_scope = payload.share_scope;
             req.accountability.user = payload.id;
-            req.accountability.role = user.role;
-            req.accountability.admin = user.admin_access === true || user.admin_access == 1;
-            req.accountability.app = user.app_access === true || user.app_access == 1;
+            req.accountability.role = payload.role;
+            req.accountability.admin = payload.admin_access === true || payload.admin_access == 1;
+            req.accountability.app = payload.app_access === true || payload.app_access == 1;
         }
         else {
             // Try finding the user with the provided token

package/dist/middleware/check-ip.js

@@ -7,13 +7,16 @@ exports.checkIP = void 0;
 const database_1 = __importDefault(require("../database"));
 const exceptions_1 = require("../exceptions");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
-exports.checkIP = (0, async_handler_1.default)(async (req, res, next) => {
+exports.checkIP = (0, async_handler_1.default)(async (req, _res, next) => {
     const database = (0, database_1.default)();
-    const role = await database
-        .select('ip_access')
-        .from('directus_roles')
-        .where({ id: req.accountability.role })
-        .first();
+    const query = database.select('ip_access').from('directus_roles');
+    if (req.accountability.role) {
+        query.where({ id: req.accountability.role });
+    }
+    else {
+        query.whereNull('id');
+    }
+    const role = await query.first();
     const ipAllowlist = ((role === null || role === void 0 ? void 0 : role.ip_access) || '').split(',').filter((ip) => ip);
     if (ipAllowlist.length > 0 && ipAllowlist.includes(req.accountability.ip) === false)
         throw new exceptions_1.InvalidIPException();

package/dist/middleware/rate-limiter.js

@@ -9,6 +9,7 @@ const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const rate_limiter_1 = require("../rate-limiter");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const get_ip_from_req_1 = require("../utils/get-ip-from-req");
 const validate_env_1 = require("../utils/validate-env");
 let checkRateLimit = (req, res, next) => next();
 if (env_1.default.RATE_LIMITER_ENABLED === true) {
@@ -16,7 +17,7 @@ if (env_1.default.RATE_LIMITER_ENABLED === true) {
     exports.rateLimiter = (0, rate_limiter_1.createRateLimiter)();
     checkRateLimit = (0, async_handler_1.default)(async (req, res, next) => {
         try {
-            await exports.rateLimiter.consume(req.ip, 1);
+            await exports.rateLimiter.consume((0, get_ip_from_req_1.getIPFromReq)(req), 1);
         }
         catch (rateLimiterRes) {
             if (rateLimiterRes instanceof Error)

package/dist/middleware/respond.js

@@ -77,9 +77,12 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
     if (Buffer.isBuffer(res.locals.payload)) {
         return res.end(res.locals.payload);
     }
-    else {
+    else if (res.locals.payload) {
         return res.json(res.locals.payload);
     }
+    else {
+        return res.status(204).end();
+    }
 });
 function getDateFormatted() {
     const date = new Date();

package/dist/services/activity.d.ts

@@ -1,5 +1,6 @@
 import { AbstractServiceOptions, PrimaryKey, Item } from '../types';
-import { ItemsService, MutationOptions } from './index';
+import { ItemsService } from './items';
+import { MutationOptions } from '../types';
 import { NotificationsService } from './notifications';
 import { UsersService } from './users';
 export declare class ActivityService extends ItemsService {

package/dist/services/activity.js

@@ -5,7 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ActivityService = void 0;
 const types_1 = require("../types");
-const index_1 = require("./index");
+const items_1 = require("./items");
 const notifications_1 = require("./notifications");
 const users_1 = require("./users");
 const authorization_1 = require("./authorization");
@@ -16,7 +16,7 @@ const user_name_1 = require("../utils/user-name");
 const lodash_1 = require("lodash");
 const env_1 = __importDefault(require("../env"));
 const uuid_validate_1 = __importDefault(require("uuid-validate"));
-class ActivityService extends index_1.ItemsService {
+class ActivityService extends items_1.ItemsService {
     constructor(options) {
         super('directus_activity', options);
         this.notificationsService = new notifications_1.NotificationsService({ schema: this.schema });

package/dist/services/assets.js

@@ -52,9 +52,6 @@ class AssetsService {
             .from('directus_settings')
             .first();
         const systemPublicKeys = Object.values(publicSettings || {});
-        if (systemPublicKeys.includes(id) === false && ((_a = this.accountability) === null || _a === void 0 ? void 0 : _a.admin) !== true) {
-            await this.authorizationService.checkAccess('read', 'directus_files', id);
-        }
         /**
          * This is a little annoying. Postgres will error out if you're trying to search in `where`
          * with a wrong type. In case of directus_files where id is a uuid, we'll have to verify the
@@ -63,6 +60,9 @@ class AssetsService {
         const isValidUUID = (0, uuid_validate_1.default)(id, 4);
         if (isValidUUID === false)
             throw new exceptions_1.ForbiddenException();
+        if (systemPublicKeys.includes(id) === false && ((_a = this.accountability) === null || _a === void 0 ? void 0 : _a.admin) !== true) {
+            await this.authorizationService.checkAccess('read', 'directus_files', id);
+        }
         const file = (await this.knex.select('*').from('directus_files').where({ id }).first());
         if (!file)
             throw new exceptions_1.ForbiddenException();

package/dist/services/authentication.d.ts

@@ -1,6 +1,6 @@
 import { Knex } from 'knex';
 import { ActivityService } from './activity';
-import { AbstractServiceOptions, SchemaOverview } from '../types';
+import { AbstractServiceOptions, SchemaOverview, LoginResult } from '../types';
 import { Accountability } from '@directus/shared/types';
 export declare class AuthenticationService {
     knex: Knex;
@@ -14,12 +14,7 @@ export declare class AuthenticationService {
      * Password is optional to allow usage of this function within the SSO flow and extensions. Make sure
      * to handle password existence checks elsewhere
      */
-    login(providerName: string | undefined, payload: Record<string, any>, otp?: string): Promise<{
-        accessToken: any;
-        refreshToken: any;
-        expires: any;
-        id?: any;
-    }>;
+    login(providerName: string | undefined, payload: Record<string, any>, otp?: string): Promise<LoginResult>;
     refresh(refreshToken: string): Promise<Record<string, any>>;
     logout(refreshToken: string): Promise<void>;
     verifyPassword(userID: string, password: string): Promise<void>;