directus 9.6.0 → 9.8.0

package/dist/database/system-data/fields/roles.yaml

@@ -25,24 +25,24 @@ fields:
 
   - field: app_access
     interface: boolean
-    special: boolean
+    special: cast-boolean
     width: half
 
   - field: admin_access
     interface: boolean
-    special: boolean
+    special: cast-boolean
     width: half
 
   - field: ip_access
     interface: tags
     options:
       placeholder: $t:field_options.directus_roles.ip_access
-    special: csv
+    special: cast-csv
     width: full
 
   - field: enforce_tfa
     interface: boolean
-    special: boolean
+    special: cast-boolean
     width: half
 
   - field: users

package/dist/database/system-data/fields/settings.yaml

@@ -32,7 +32,18 @@ fields:
     translations:
       language: en-US
       translations: Website
-    width: full
+    width: half
+
+  - field: default_language
+    interface: system-language
+    options:
+      iconRight: language
+      placeholder: en-US
+      includeProjectDefault: false
+    translations:
+      language: en-US
+      translations: Default Language
+    width: half
 
   - field: branding_divider
     interface: presentation-divider
@@ -121,7 +132,7 @@ fields:
 
   - field: module_bar
     interface: system-modules
-    special: json
+    special: cast-json
 
   - field: security_divider
     interface: presentation-divider
@@ -297,7 +308,7 @@ fields:
                 ]
             width: full
       template: '{{key}}'
-    special: json
+    special: cast-json
     width: full
 
   - field: map_divider
@@ -322,7 +333,7 @@ fields:
 
   - field: basemaps
     interface: list
-    special: json
+    special: cast-json
     options:
       template: '{{name}}'
       fields:
@@ -378,3 +389,7 @@ fields:
             interface: input
             options:
               placeholder: $t:fields.directus_settings.attribution_placeholder
+
+  - field: translation_strings
+    special: cast-json
+    hidden: true

package/dist/database/system-data/fields/users.yaml

@@ -50,7 +50,7 @@ fields:
 
   - field: tags
     interface: tags
-    special: json
+    special: cast-json
     width: full
     options:
       iconRight: local_offer
@@ -93,7 +93,7 @@ fields:
   - field: email_notifications
     interface: boolean
     width: half
-    special: boolean
+    special: cast-boolean
 
   - field: admin_divider
     interface: presentation-divider

package/dist/database/system-data/fields/webhooks.yaml

@@ -60,12 +60,12 @@ fields:
     interface: boolean
     options:
       label: $t:fields.directus_webhooks.data_label
-    special: boolean
+    special: cast-boolean
     width: half
     display: boolean
 
   - field: headers
-    special: json
+    special: cast-json
     interface: list
     options:
       template: '{{ header }}: {{ value }}'
@@ -105,7 +105,7 @@ fields:
           value: update
         - text: $t:delete_label
           value: delete
-    special: csv
+    special: cast-csv
     width: full
     display: labels
     display_options:
@@ -129,7 +129,7 @@ fields:
 
   - field: collections
     interface: system-collections
-    special: csv
+    special: cast-csv
     width: full
     display: labels
     display_options:

package/dist/env.js

@@ -35,8 +35,8 @@ const defaults = {
     REFRESH_TOKEN_COOKIE_SAME_SITE: 'lax',
     REFRESH_TOKEN_COOKIE_NAME: 'directus_refresh_token',
     ROOT_REDIRECT: './admin',
-    CORS_ENABLED: true,
-    CORS_ORIGIN: true,
+    CORS_ENABLED: false,
+    CORS_ORIGIN: false,
     CORS_METHODS: 'GET,POST,PATCH,DELETE',
     CORS_ALLOWED_HEADERS: 'Content-Type,Authorization',
     CORS_EXPOSED_HEADERS: 'Content-Range',
@@ -65,8 +65,10 @@ const defaults = {
     ASSETS_TRANSFORM_MAX_OPERATIONS: 5,
     IP_TRUST_PROXY: true,
     IP_CUSTOM_HEADER: false,
+    IMPORT_IP_DENY_LIST: '0.0.0.0',
     SERVE_APP: true,
     RELATIONAL_BATCH_SIZE: 25000,
+    EXPORT_BATCH_SIZE: 5000,
 };
 // Allows us to force certain environment variable into a type, instead of relying
 // on the auto-parsed type in processValues. ref #3705
@@ -79,6 +81,7 @@ const typeMap = {
     DB_DATABASE: 'string',
     DB_PORT: 'number',
     DB_EXCLUDE_TABLES: 'array',
+    IMPORT_IP_DENY_LIST: 'array',
 };
 let env = {
     ...defaults,
@@ -232,6 +235,7 @@ function processValues(env) {
         }
         if (String(value).includes(',')) {
             env[key] = (0, utils_1.toArray)(value);
+            continue;
         }
         // Try converting the value to a JS object. This allows JSON objects to be passed for nested
         // config flags, or custom param names (that aren't camelCased)

package/dist/exceptions/database/dialects/mysql.js

@@ -38,6 +38,7 @@ function extractError(error) {
 }
 exports.extractError = extractError;
 function uniqueViolation(error) {
+    var _a, _b, _c, _d, _e;
     const betweenQuotes = /'([^']+)'/g;
     const matches = error.sqlMessage.match(betweenQuotes);
     if (!matches)
@@ -49,13 +50,13 @@ function uniqueViolation(error) {
      */
     /** MySQL 8+ style error message */
     if (matches[1].includes('.')) {
-        const collection = matches[1].slice(1, -1).split('.')[0];
+        const collection = (_a = matches[1]) === null || _a === void 0 ? void 0 : _a.slice(1, -1).split('.')[0];
         let field = null;
-        const indexName = matches[1].slice(1, -1).split('.')[1];
+        const indexName = (_b = matches[1]) === null || _b === void 0 ? void 0 : _b.slice(1, -1).split('.')[1];
         if ((indexName === null || indexName === void 0 ? void 0 : indexName.startsWith(`${collection}_`)) && indexName.endsWith('_unique')) {
-            field = indexName.slice(collection.length + 1, -7);
+            field = indexName === null || indexName === void 0 ? void 0 : indexName.slice(collection.length + 1, -7);
         }
-        const invalid = matches[0].slice(1, -1);
+        const invalid = (_c = matches[0]) === null || _c === void 0 ? void 0 : _c.slice(1, -1);
         return new record_not_unique_1.RecordNotUniqueException(field, {
             collection,
             field,
@@ -64,13 +65,13 @@ function uniqueViolation(error) {
     }
     else {
         /** MySQL 5.7 style error message */
-        const indexName = matches[1].slice(1, -1);
+        const indexName = (_d = matches[1]) === null || _d === void 0 ? void 0 : _d.slice(1, -1);
         const collection = indexName.split('_')[0];
         let field = null;
         if ((indexName === null || indexName === void 0 ? void 0 : indexName.startsWith(`${collection}_`)) && indexName.endsWith('_unique')) {
-            field = indexName.slice(collection.length + 1, -7);
+            field = indexName === null || indexName === void 0 ? void 0 : indexName.slice(collection.length + 1, -7);
         }
-        const invalid = matches[0].slice(1, -1);
+        const invalid = (_e = matches[0]) === null || _e === void 0 ? void 0 : _e.slice(1, -1);
         return new record_not_unique_1.RecordNotUniqueException(field, {
             collection,
             field,
@@ -79,57 +80,61 @@ function uniqueViolation(error) {
     }
 }
 function numericValueOutOfRange(error) {
+    var _a, _b;
     const betweenTicks = /`([^`]+)`/g;
     const betweenQuotes = /'([^']+)'/g;
     const tickMatches = error.sql.match(betweenTicks);
     const quoteMatches = error.sqlMessage.match(betweenQuotes);
     if (!tickMatches || !quoteMatches)
         return error;
-    const collection = tickMatches[0].slice(1, -1);
-    const field = quoteMatches[0].slice(1, -1);
+    const collection = (_a = tickMatches[0]) === null || _a === void 0 ? void 0 : _a.slice(1, -1);
+    const field = (_b = quoteMatches[0]) === null || _b === void 0 ? void 0 : _b.slice(1, -1);
     return new value_out_of_range_1.ValueOutOfRangeException(field, {
         collection,
         field,
     });
 }
 function valueLimitViolation(error) {
+    var _a, _b;
     const betweenTicks = /`([^`]+)`/g;
     const betweenQuotes = /'([^']+)'/g;
     const tickMatches = error.sql.match(betweenTicks);
     const quoteMatches = error.sqlMessage.match(betweenQuotes);
     if (!tickMatches || !quoteMatches)
         return error;
-    const collection = tickMatches[0].slice(1, -1);
-    const field = quoteMatches[0].slice(1, -1);
+    const collection = (_a = tickMatches[0]) === null || _a === void 0 ? void 0 : _a.slice(1, -1);
+    const field = (_b = quoteMatches[0]) === null || _b === void 0 ? void 0 : _b.slice(1, -1);
     return new value_too_long_1.ValueTooLongException(field, {
         collection,
         field,
     });
 }
 function notNullViolation(error) {
+    var _a, _b;
     const betweenTicks = /`([^`]+)`/g;
     const betweenQuotes = /'([^']+)'/g;
     const tickMatches = error.sql.match(betweenTicks);
     const quoteMatches = error.sqlMessage.match(betweenQuotes);
     if (!tickMatches || !quoteMatches)
         return error;
-    const collection = tickMatches[0].slice(1, -1);
-    const field = quoteMatches[0].slice(1, -1);
+    const collection = (_a = tickMatches[0]) === null || _a === void 0 ? void 0 : _a.slice(1, -1);
+    const field = (_b = quoteMatches[0]) === null || _b === void 0 ? void 0 : _b.slice(1, -1);
     return new not_null_violation_1.NotNullViolationException(field, {
         collection,
         field,
     });
 }
 function foreignKeyViolation(error) {
+    var _a, _b, _c;
     const betweenTicks = /`([^`]+)`/g;
     const betweenParens = /\(([^)]+)\)/g;
     const tickMatches = error.sqlMessage.match(betweenTicks);
     const parenMatches = error.sql.match(betweenParens);
     if (!tickMatches || !parenMatches)
         return error;
-    const collection = tickMatches[1].slice(1, -1);
-    const field = tickMatches[3].slice(1, -1);
-    const invalid = parenMatches[1].slice(1, -1);
+    const collection = (_a = tickMatches[1]) === null || _a === void 0 ? void 0 : _a.slice(1, -1);
+    const field = (_b = tickMatches[3]) === null || _b === void 0 ? void 0 : _b.slice(1, -1);
+    const invalid = (_c = parenMatches[1]) === null || _c === void 0 ? void 0 : _c.slice(1, -1);
     return new invalid_foreign_key_1.InvalidForeignKeyException(field, {
         collection,
         field,
@@ -137,12 +142,13 @@ function foreignKeyViolation(error) {
     });
 }
 function containsNullValues(error) {
+    var _a;
     const betweenTicks = /`([^`]+)`/g;
     // Normally, we shouldn't read from the executed SQL. In this case, we're altering a single
     // column, so we shouldn't have the problem where multiple columns are altered at the same time
     const tickMatches = error.sql.match(betweenTicks);
     if (!tickMatches)
         return error;
-    const field = tickMatches[1].slice(1, -1);
+    const field = (_a = tickMatches[1]) === null || _a === void 0 ? void 0 : _a.slice(1, -1);
     return new contains_null_values_1.ContainsNullValuesException(field);
 }

package/dist/logger.js

@@ -28,6 +28,7 @@ const pino_http_1 = __importStar(require("pino-http"));
 const get_config_from_env_1 = require("./utils/get-config-from-env");
 const url_1 = require("url");
 const env_1 = __importDefault(require("./env"));
+const utils_1 = require("@directus/shared/utils");
 const pinoOptions = {
     level: env_1.default.LOG_LEVEL || 'info',
     redact: {
@@ -43,7 +44,7 @@ const loggerEnvConfig = (0, get_config_from_env_1.getConfigFromEnv)('LOGGER_', '
 // Expose custom log levels into formatter function
 if (loggerEnvConfig.levels) {
     const customLogLevels = {};
-    for (const el of loggerEnvConfig.levels.split(',')) {
+    for (const el of (0, utils_1.toArray)(loggerEnvConfig.levels)) {
         const key_val = el.split(':');
         customLogLevels[key_val[0].trim()] = key_val[1].trim();
     }

package/dist/middleware/respond.js

@@ -4,16 +4,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.respond = void 0;
-const json2csv_1 = require("json2csv");
 const ms_1 = __importDefault(require("ms"));
-const stream_1 = require("stream");
 const cache_1 = require("../cache");
 const env_1 = __importDefault(require("../env"));
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
 const get_cache_key_1 = require("../utils/get-cache-key");
-const js2xmlparser_1 = require("js2xmlparser");
 const get_cache_headers_1 = require("../utils/get-cache-headers");
 const logger_1 = __importDefault(require("../logger"));
+const services_1 = require("../services");
+const get_date_formatted_1 = require("../utils/get-date-formatted");
 exports.respond = (0, async_handler_1.default)(async (req, res) => {
     var _a, _b, _c;
     const { cache } = (0, cache_1.getCache)();
@@ -39,6 +38,7 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
         res.setHeader('Vary', 'Origin, Cache-Control');
     }
     if (req.sanitizedQuery.export) {
+        const exportService = new services_1.ExportService({ accountability: req.accountability, schema: req.schema });
         let filename = '';
         if (req.collection) {
             filename += req.collection;
@@ -46,32 +46,21 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
         else {
             filename += 'Export';
         }
-        filename += ' ' + getDateFormatted();
+        filename += ' ' + (0, get_date_formatted_1.getDateFormatted)();
         if (req.sanitizedQuery.export === 'json') {
             res.attachment(`${filename}.json`);
             res.set('Content-Type', 'application/json');
-            return res.status(200).send(JSON.stringify(((_a = res.locals.payload) === null || _a === void 0 ? void 0 : _a.data) || null, null, '\t'));
+            return res.status(200).send(exportService.transform((_a = res.locals.payload) === null || _a === void 0 ? void 0 : _a.data, 'json'));
         }
         if (req.sanitizedQuery.export === 'xml') {
             res.attachment(`${filename}.xml`);
             res.set('Content-Type', 'text/xml');
-            return res.status(200).send((0, js2xmlparser_1.parse)('data', (_b = res.locals.payload) === null || _b === void 0 ? void 0 : _b.data));
+            return res.status(200).send(exportService.transform((_b = res.locals.payload) === null || _b === void 0 ? void 0 : _b.data, 'xml'));
         }
         if (req.sanitizedQuery.export === 'csv') {
             res.attachment(`${filename}.csv`);
             res.set('Content-Type', 'text/csv');
-            const stream = new stream_1.PassThrough();
-            if (!((_c = res.locals.payload) === null || _c === void 0 ? void 0 : _c.data) || res.locals.payload.data.length === 0) {
-                stream.end(Buffer.from(''));
-                return stream.pipe(res);
-            }
-            else {
-                stream.end(Buffer.from(JSON.stringify(res.locals.payload.data), 'utf-8'));
-                const json2csv = new json2csv_1.Transform({
-                    transforms: [json2csv_1.transforms.flatten({ separator: '.' })],
-                });
-                return stream.pipe(json2csv).pipe(res);
-            }
+            return res.status(200).send(exportService.transform((_c = res.locals.payload) === null || _c === void 0 ? void 0 : _c.data, 'csv'));
         }
     }
     if (Buffer.isBuffer(res.locals.payload)) {
@@ -84,13 +73,3 @@ exports.respond = (0, async_handler_1.default)(async (req, res) => {
         return res.status(204).end();
     }
 });
-function getDateFormatted() {
-    const date = new Date();
-    let month = String(date.getMonth() + 1);
-    if (month.length === 1)
-        month = '0' + month;
-    let day = String(date.getDate());
-    if (day.length === 1)
-        day = '0' + day;
-    return `${date.getFullYear()}-${month}-${day} at ${date.getHours()}.${date.getMinutes()}.${date.getSeconds()}`;
-}

package/dist/services/activity.js

@@ -16,6 +16,7 @@ const user_name_1 = require("../utils/user-name");
 const lodash_1 = require("lodash");
 const env_1 = __importDefault(require("../env"));
 const uuid_validate_1 = __importDefault(require("uuid-validate"));
+const url_1 = require("../utils/url");
 class ActivityService extends items_1.ItemsService {
     constructor(options) {
         super('directus_activity', options);
@@ -70,7 +71,9 @@ ${(0, user_name_1.userName)(sender)} has mentioned you in a comment:
 
 ${comment}
 
-<a href="${env_1.default.PUBLIC_URL}/admin/content/${data.collection}/${data.item}">Click here to view.</a>
+<a href="${new url_1.Url(env_1.default.PUBLIC_URL)
+                        .addPath('admin', 'content', data.collection, data.item)
+                        .toString()}">Click here to view.</a>
 `;
                     await this.notificationsService.createOne({
                         recipient: userID,

package/dist/services/authorization.d.ts

@@ -1,6 +1,6 @@
+import { Accountability, PermissionsAction, SchemaOverview } from '@directus/shared/types';
 import { Knex } from 'knex';
 import { AbstractServiceOptions, AST, Item, PrimaryKey } from '../types';
-import { PermissionsAction, Accountability, SchemaOverview } from '@directus/shared/types';
 import { PayloadService } from './payload';
 export declare class AuthorizationService {
     knex: Knex;