directus 9.7.0 → 9.9.0

package/dist/services/graphql.js

@@ -5,20 +5,22 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GraphQLService = exports.GraphQLDate = exports.GraphQLGeoJSON = void 0;
 const argon2_1 = __importDefault(require("argon2"));
-const validate_query_1 = require("../utils/validate-query");
 const graphql_1 = require("graphql");
 const graphql_compose_1 = require("graphql-compose");
 const lodash_1 = require("lodash");
 const ms_1 = __importDefault(require("ms"));
 const cache_1 = require("../cache");
+const constants_1 = require("../constants");
 const database_1 = __importDefault(require("../database"));
 const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const extensions_1 = require("../extensions");
 const types_1 = require("../types");
+const generate_hash_1 = require("../utils/generate-hash");
 const get_graphql_type_1 = require("../utils/get-graphql-type");
 const reduce_schema_1 = require("../utils/reduce-schema");
 const sanitize_query_1 = require("../utils/sanitize-query");
+const validate_query_1 = require("../utils/validate-query");
 const activity_1 = require("./activity");
 const authentication_1 = require("./authentication");
 const collections_1 = require("./collections");
@@ -26,9 +28,9 @@ const fields_1 = require("./fields");
 const files_1 = require("./files");
 const folders_1 = require("./folders");
 const items_1 = require("./items");
+const notifications_1 = require("./notifications");
 const permissions_1 = require("./permissions");
 const presets_1 = require("./presets");
-const notifications_1 = require("./notifications");
 const relations_1 = require("./relations");
 const revisions_1 = require("./revisions");
 const roles_1 = require("./roles");
@@ -40,8 +42,6 @@ const tfa_1 = require("./tfa");
 const users_1 = require("./users");
 const utils_1 = require("./utils");
 const webhooks_1 = require("./webhooks");
-const generate_hash_1 = require("../utils/generate-hash");
-const constants_1 = require("../constants");
 const GraphQLVoid = new graphql_1.GraphQLScalarType({
     name: 'Void',
     description: 'Represents NULL values',
@@ -235,6 +235,14 @@ class GraphQLService {
         function getTypes(action) {
             var _a, _b, _c, _d, _e;
             const CollectionTypes = {};
+            const CountFunctions = schemaComposer.createObjectTC({
+                name: 'count_functions',
+                fields: {
+                    count: {
+                        type: graphql_1.GraphQLInt,
+                    },
+                },
+            });
             const DateFunctions = schemaComposer.createObjectTC({
                 name: 'date_functions',
                 fields: {
@@ -328,6 +336,15 @@ class GraphQLService {
                                 },
                             };
                         }
+                        if (field.type === 'json' || field.type === 'alias') {
+                            acc[`${field.field}_func`] = {
+                                type: CountFunctions,
+                                resolve: (obj) => {
+                                    const funcFields = Object.keys(CountFunctions.getFields()).map((key) => `${field.field}_${key}`);
+                                    return (0, lodash_1.mapKeys)((0, lodash_1.pick)(obj, funcFields), (_value, key) => key.substring(field.field.length + 1));
+                                },
+                            };
+                        }
                         return acc;
                     }, {}),
                 });
@@ -550,6 +567,14 @@ class GraphQLService {
                     },
                 },
             });
+            const CountFunctionFilterOperators = schemaComposer.createInputTC({
+                name: 'count_function_filter_operators',
+                fields: {
+                    count: {
+                        type: NumberFilterOperators,
+                    },
+                },
+            });
             const DateFunctionFilterOperators = schemaComposer.createInputTC({
                 name: 'date_function_filter_operators',
                 fields: {
@@ -634,6 +659,11 @@ class GraphQLService {
                                 type: DateTimeFunctionFilterOperators,
                             };
                         }
+                        if (field.type === 'json' || field.type === 'alias') {
+                            acc[`${field.field}_func`] = {
+                                type: CountFunctionFilterOperators,
+                            };
+                        }
                         return acc;
                     }, {}),
                 });
@@ -1308,7 +1338,7 @@ class GraphQLService {
         return result;
     }
     injectSystemResolvers(schemaComposer, { CreateCollectionTypes, ReadCollectionTypes, UpdateCollectionTypes, DeleteCollectionTypes, }, schema) {
-        var _a, _b, _c, _d, _e;
+        var _a, _b, _c, _d, _e, _f;
         const AuthTokens = schemaComposer.createObjectTC({
             name: 'auth_tokens',
             fields: {
@@ -2131,7 +2161,7 @@ class GraphQLService {
                 },
             });
         }
-        if ('directus_users' in schema.update.collections) {
+        if ('directus_users' in schema.update.collections && ((_c = this.accountability) === null || _c === void 0 ? void 0 : _c.user)) {
             schemaComposer.Mutation.addFields({
                 update_users_me: {
                     type: ReadCollectionTypes['directus_users'],
@@ -2160,7 +2190,7 @@ class GraphQLService {
         if ('directus_activity' in schema.create.collections) {
             schemaComposer.Mutation.addFields({
                 create_comment: {
-                    type: (_c = ReadCollectionTypes['directus_activity']) !== null && _c !== void 0 ? _c : graphql_1.GraphQLBoolean,
+                    type: (_d = ReadCollectionTypes['directus_activity']) !== null && _d !== void 0 ? _d : graphql_1.GraphQLBoolean,
                     args: {
                         collection: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
                         item: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLID),
@@ -2192,7 +2222,7 @@ class GraphQLService {
         if ('directus_activity' in schema.update.collections) {
             schemaComposer.Mutation.addFields({
                 update_comment: {
-                    type: (_d = ReadCollectionTypes['directus_activity']) !== null && _d !== void 0 ? _d : graphql_1.GraphQLBoolean,
+                    type: (_e = ReadCollectionTypes['directus_activity']) !== null && _e !== void 0 ? _e : graphql_1.GraphQLBoolean,
                     args: {
                         id: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLID),
                         comment: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
@@ -2235,7 +2265,7 @@ class GraphQLService {
         if ('directus_files' in schema.create.collections) {
             schemaComposer.Mutation.addFields({
                 import_file: {
-                    type: (_e = ReadCollectionTypes['directus_files']) !== null && _e !== void 0 ? _e : graphql_1.GraphQLBoolean,
+                    type: (_f = ReadCollectionTypes['directus_files']) !== null && _f !== void 0 ? _f : graphql_1.GraphQLBoolean,
                     args: {
                         url: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
                         data: (0, graphql_compose_1.toInputObjectType)(CreateCollectionTypes['directus_files']).setTypeName('create_directus_files_input'),

package/dist/services/items.js

@@ -496,6 +496,7 @@ class ItemsService {
         if ((opts === null || opts === void 0 ? void 0 : opts.emitEvents) !== false) {
             emitter_1.default.emitAction(this.eventScope === 'items' ? ['items.delete', `${this.collection}.items.delete`] : `${this.eventScope}.delete`, {
                 payload: keys,
+                keys: keys,
                 collection: this.collection,
             }, {
                 // This hook is called async. If we would pass the transaction here, the hook can be

package/dist/services/payload.d.ts

@@ -10,6 +10,7 @@ declare type Transformers = {
         payload: Partial<Item>;
         accountability: Accountability | null;
         specials: string[];
+        helpers: Helpers;
     }) => Promise<any>;
 };
 /**

package/dist/services/payload.js

@@ -37,7 +37,7 @@ class PayloadService {
                 }
                 return value;
             },
-            async boolean({ action, value }) {
+            async 'cast-boolean'({ action, value }) {
                 if (action === 'read') {
                     if (value === true || value === 1 || value === '1') {
                         return true;
@@ -51,7 +51,7 @@ class PayloadService {
                 }
                 return value;
             },
-            async json({ action, value }) {
+            async 'cast-json'({ action, value }) {
                 if (action === 'read') {
                     if (typeof value === 'string') {
                         try {
@@ -89,17 +89,17 @@ class PayloadService {
                     return (accountability === null || accountability === void 0 ? void 0 : accountability.role) || null;
                 return value;
             },
-            async 'date-created'({ action, value }) {
+            async 'date-created'({ action, value, helpers }) {
                 if (action === 'create')
-                    return new Date();
+                    return new Date(helpers.date.writeTimestamp(new Date().toISOString()));
                 return value;
             },
-            async 'date-updated'({ action, value }) {
+            async 'date-updated'({ action, value, helpers }) {
                 if (action === 'update')
-                    return new Date();
+                    return new Date(helpers.date.writeTimestamp(new Date().toISOString()));
                 return value;
             },
-            async csv({ action, value }) {
+            async 'cast-csv'({ action, value }) {
                 if (Array.isArray(value) === false && typeof value !== 'string')
                     return;
                 if (action === 'read' && Array.isArray(value) === false) {
@@ -181,6 +181,7 @@ class PayloadService {
                     payload,
                     accountability,
                     specials: fieldSpecials,
+                    helpers: this.helpers,
                 });
             }
         }
@@ -233,21 +234,23 @@ class PayloadService {
                         value = new Date(value);
                     }
                     if (dateColumn.type === 'timestamp') {
-                        const newValue = value.toISOString();
+                        const newValue = this.helpers.date.readTimestampString(value.toISOString());
                         payload[name] = newValue;
                     }
                     if (dateColumn.type === 'dateTime') {
-                        const year = String(value.getUTCFullYear());
-                        const month = String(value.getUTCMonth() + 1).padStart(2, '0');
-                        const date = String(value.getUTCDate()).padStart(2, '0');
-                        const hours = String(value.getUTCHours()).padStart(2, '0');
-                        const minutes = String(value.getUTCMinutes()).padStart(2, '0');
-                        const seconds = String(value.getUTCSeconds()).padStart(2, '0');
-                        const newValue = `${year}-${month}-${date}T${hours}:${minutes}:${seconds}`;
+                        const year = String(value.getFullYear());
+                        const month = String(value.getMonth() + 1).padStart(2, '0');
+                        const day = String(value.getDate()).padStart(2, '0');
+                        const hours = String(value.getHours()).padStart(2, '0');
+                        const minutes = String(value.getMinutes()).padStart(2, '0');
+                        const seconds = String(value.getSeconds()).padStart(2, '0');
+                        const newValue = `${year}-${month}-${day}T${hours}:${minutes}:${seconds}`;
                         payload[name] = newValue;
                     }
                     if (dateColumn.type === 'date') {
-                        const [year, month, day] = value.toISOString().substr(0, 10).split('-');
+                        const year = String(value.getFullYear());
+                        const month = String(value.getMonth() + 1).padStart(2, '0');
+                        const day = String(value.getDate()).padStart(2, '0');
                         // Strip off the time / timezone information from a date-only value
                         const newValue = `${year}-${month}-${day}`;
                         payload[name] = newValue;
@@ -258,16 +261,16 @@ class PayloadService {
                         if (dateColumn.type === 'date') {
                             const [date] = value.split('T');
                             const [year, month, day] = date.split('-');
-                            payload[name] = new Date(Date.UTC(Number(year), Number(month) - 1, Number(day)));
+                            payload[name] = new Date(Number(year), Number(month) - 1, Number(day));
                         }
                         if (dateColumn.type === 'dateTime') {
                             const [date, time] = value.split('T');
                             const [year, month, day] = date.split('-');
                             const [hours, minutes, seconds] = time.substring(0, 8).split(':');
-                            payload[name] = new Date(Date.UTC(Number(year), Number(month) - 1, Number(day), Number(hours), Number(minutes), Number(seconds)));
+                            payload[name] = new Date(Number(year), Number(month) - 1, Number(day), Number(hours), Number(minutes), Number(seconds));
                         }
                         if (dateColumn.type === 'timestamp') {
-                            const newValue = (0, date_fns_1.parseISO)(value);
+                            const newValue = this.helpers.date.writeTimestamp(value);
                             payload[name] = newValue;
                         }
                     }
@@ -429,7 +432,7 @@ class PayloadService {
             delete: joi_1.default.array().items(joi_1.default.string(), joi_1.default.number()),
         });
         for (const relation of relationsToProcess) {
-            if (!relation.meta || !payload[relation.meta.one_field])
+            if (!relation.meta)
                 continue;
             const currentPrimaryKeyField = this.schema.collections[relation.related_collection].primary;
             const relatedPrimaryKeyField = this.schema.collections[relation.collection].primary;
@@ -441,9 +444,11 @@ class PayloadService {
             const recordsToUpsert = [];
             const savedPrimaryKeys = [];
             // Nested array of individual items
-            if (Array.isArray(payload[relation.meta.one_field])) {
-                for (let i = 0; i < (payload[relation.meta.one_field] || []).length; i++) {
-                    const relatedRecord = (payload[relation.meta.one_field] || [])[i];
+            const field = payload[relation.meta.one_field];
+            if (!field || Array.isArray(field)) {
+                const updates = field || []; // treat falsey values as removing all children
+                for (let i = 0; i < updates.length; i++) {
+                    const relatedRecord = updates[i];
                     let record = (0, lodash_1.cloneDeep)(relatedRecord);
                     if (typeof relatedRecord === 'string' || typeof relatedRecord === 'number') {
                         const existingRecord = await this.knex
@@ -507,7 +512,7 @@ class PayloadService {
             }
             // "Updates" object w/ create/update/delete
             else {
-                const alterations = payload[relation.meta.one_field];
+                const alterations = field;
                 const { error } = nestedUpdateSchema.validate(alterations);
                 if (error)
                     throw new exceptions_1.InvalidPayloadException(`Invalid one-to-many update structure: ${error.message}`);

package/dist/services/relations.js

@@ -146,36 +146,40 @@ class RelationsService {
         if (existingRelation) {
             throw new exceptions_1.InvalidPayloadException(`Field "${relation.field}" in collection "${relation.collection}" already has an associated relationship`);
         }
-        const metaRow = {
-            ...(relation.meta || {}),
-            many_collection: relation.collection,
-            many_field: relation.field,
-            one_collection: relation.related_collection || null,
-        };
-        await this.knex.transaction(async (trx) => {
-            if (relation.related_collection) {
-                await trx.schema.alterTable(relation.collection, async (table) => {
-                    var _a;
-                    this.alterType(table, relation);
-                    const constraintName = (0, get_default_index_name_1.getDefaultIndexName)('foreign', relation.collection, relation.field);
-                    const builder = table
-                        .foreign(relation.field, constraintName)
-                        .references(`${relation.related_collection}.${this.schema.collections[relation.related_collection].primary}`);
-                    if ((_a = relation.schema) === null || _a === void 0 ? void 0 : _a.on_delete) {
-                        builder.onDelete(relation.schema.on_delete);
-                    }
+        try {
+            const metaRow = {
+                ...(relation.meta || {}),
+                many_collection: relation.collection,
+                many_field: relation.field,
+                one_collection: relation.related_collection || null,
+            };
+            await this.knex.transaction(async (trx) => {
+                if (relation.related_collection) {
+                    await trx.schema.alterTable(relation.collection, async (table) => {
+                        var _a;
+                        this.alterType(table, relation);
+                        const constraintName = (0, get_default_index_name_1.getDefaultIndexName)('foreign', relation.collection, relation.field);
+                        const builder = table
+                            .foreign(relation.field, constraintName)
+                            .references(`${relation.related_collection}.${this.schema.collections[relation.related_collection].primary}`);
+                        if ((_a = relation.schema) === null || _a === void 0 ? void 0 : _a.on_delete) {
+                            builder.onDelete(relation.schema.on_delete);
+                        }
+                    });
+                }
+                const relationsItemService = new items_1.ItemsService('directus_relations', {
+                    knex: trx,
+                    schema: this.schema,
+                    // We don't set accountability here. If you have read access to certain fields, you are
+                    // allowed to extract the relations regardless of permissions to directus_relations. This
+                    // happens in `filterForbidden` down below
                 });
-            }
-            const relationsItemService = new items_1.ItemsService('directus_relations', {
-                knex: trx,
-                schema: this.schema,
-                // We don't set accountability here. If you have read access to certain fields, you are
-                // allowed to extract the relations regardless of permissions to directus_relations. This
-                // happens in `filterForbidden` down below
+                await relationsItemService.createOne(metaRow);
             });
-            await relationsItemService.createOne(metaRow);
-        });
-        await (0, cache_1.clearSystemCache)();
+        }
+        finally {
+            await (0, cache_1.clearSystemCache)();
+        }
     }
     /**
      * Update an existing foreign key constraint
@@ -196,47 +200,51 @@ class RelationsService {
         if (!existingRelation) {
             throw new exceptions_1.InvalidPayloadException(`Field "${field}" in collection "${collection}" doesn't have a relationship.`);
         }
-        await this.knex.transaction(async (trx) => {
-            if (existingRelation.related_collection) {
-                await trx.schema.alterTable(collection, async (table) => {
-                    var _a;
-                    let constraintName = (0, get_default_index_name_1.getDefaultIndexName)('foreign', collection, field);
-                    // If the FK already exists in the DB, drop it first
-                    if (existingRelation === null || existingRelation === void 0 ? void 0 : existingRelation.schema) {
-                        constraintName = existingRelation.schema.constraint_name || constraintName;
-                        table.dropForeign(field, constraintName);
+        try {
+            await this.knex.transaction(async (trx) => {
+                if (existingRelation.related_collection) {
+                    await trx.schema.alterTable(collection, async (table) => {
+                        var _a;
+                        let constraintName = (0, get_default_index_name_1.getDefaultIndexName)('foreign', collection, field);
+                        // If the FK already exists in the DB, drop it first
+                        if (existingRelation === null || existingRelation === void 0 ? void 0 : existingRelation.schema) {
+                            constraintName = existingRelation.schema.constraint_name || constraintName;
+                            table.dropForeign(field, constraintName);
+                        }
+                        this.alterType(table, relation);
+                        const builder = table
+                            .foreign(field, constraintName || undefined)
+                            .references(`${existingRelation.related_collection}.${this.schema.collections[existingRelation.related_collection].primary}`);
+                        if ((_a = relation.schema) === null || _a === void 0 ? void 0 : _a.on_delete) {
+                            builder.onDelete(relation.schema.on_delete);
+                        }
+                    });
+                }
+                const relationsItemService = new items_1.ItemsService('directus_relations', {
+                    knex: trx,
+                    schema: this.schema,
+                    // We don't set accountability here. If you have read access to certain fields, you are
+                    // allowed to extract the relations regardless of permissions to directus_relations. This
+                    // happens in `filterForbidden` down below
+                });
+                if (relation.meta) {
+                    if (existingRelation === null || existingRelation === void 0 ? void 0 : existingRelation.meta) {
+                        await relationsItemService.updateOne(existingRelation.meta.id, relation.meta);
                     }
-                    this.alterType(table, relation);
-                    const builder = table
-                        .foreign(field, constraintName || undefined)
-                        .references(`${existingRelation.related_collection}.${this.schema.collections[existingRelation.related_collection].primary}`);
-                    if ((_a = relation.schema) === null || _a === void 0 ? void 0 : _a.on_delete) {
-                        builder.onDelete(relation.schema.on_delete);
+                    else {
+                        await relationsItemService.createOne({
+                            ...(relation.meta || {}),
+                            many_collection: relation.collection,
+                            many_field: relation.field,
+                            one_collection: existingRelation.related_collection || null,
+                        });
                     }
-                });
-            }
-            const relationsItemService = new items_1.ItemsService('directus_relations', {
-                knex: trx,
-                schema: this.schema,
-                // We don't set accountability here. If you have read access to certain fields, you are
-                // allowed to extract the relations regardless of permissions to directus_relations. This
-                // happens in `filterForbidden` down below
-            });
-            if (relation.meta) {
-                if (existingRelation === null || existingRelation === void 0 ? void 0 : existingRelation.meta) {
-                    await relationsItemService.updateOne(existingRelation.meta.id, relation.meta);
-                }
-                else {
-                    await relationsItemService.createOne({
-                        ...(relation.meta || {}),
-                        many_collection: relation.collection,
-                        many_field: relation.field,
-                        one_collection: existingRelation.related_collection || null,
-                    });
                 }
-            }
-        });
-        await (0, cache_1.clearSystemCache)();
+            });
+        }
+        finally {
+            await (0, cache_1.clearSystemCache)();
+        }
     }
     /**
      * Delete an existing relationship
@@ -255,21 +263,25 @@ class RelationsService {
         if (!existingRelation) {
             throw new exceptions_1.InvalidPayloadException(`Field "${field}" in collection "${collection}" doesn't have a relationship.`);
         }
-        await this.knex.transaction(async (trx) => {
-            var _a;
-            const existingConstraints = await this.schemaInspector.foreignKeys();
-            const constraintNames = existingConstraints.map((key) => key.constraint_name);
-            if (((_a = existingRelation.schema) === null || _a === void 0 ? void 0 : _a.constraint_name) &&
-                constraintNames.includes(existingRelation.schema.constraint_name)) {
-                await trx.schema.alterTable(existingRelation.collection, (table) => {
-                    table.dropForeign(existingRelation.field, existingRelation.schema.constraint_name);
-                });
-            }
-            if (existingRelation.meta) {
-                await trx('directus_relations').delete().where({ many_collection: collection, many_field: field });
-            }
-        });
-        await (0, cache_1.clearSystemCache)();
+        try {
+            await this.knex.transaction(async (trx) => {
+                var _a;
+                const existingConstraints = await this.schemaInspector.foreignKeys();
+                const constraintNames = existingConstraints.map((key) => key.constraint_name);
+                if (((_a = existingRelation.schema) === null || _a === void 0 ? void 0 : _a.constraint_name) &&
+                    constraintNames.includes(existingRelation.schema.constraint_name)) {
+                    await trx.schema.alterTable(existingRelation.collection, (table) => {
+                        table.dropForeign(existingRelation.field, existingRelation.schema.constraint_name);
+                    });
+                }
+                if (existingRelation.meta) {
+                    await trx('directus_relations').delete().where({ many_collection: collection, many_field: field });
+                }
+            });
+        }
+        finally {
+            await (0, cache_1.clearSystemCache)();
+        }
     }
     /**
      * Whether or not the current user has read access to relations

package/dist/services/server.js

@@ -55,6 +55,7 @@ class ServerService {
                 'project_descriptor',
                 'project_logo',
                 'project_color',
+                'default_language',
                 'public_foreground',
                 'public_background',
                 'public_note',

package/dist/services/shares.js

@@ -16,6 +16,7 @@ const users_1 = require("./users");
 const mail_1 = require("./mail");
 const user_name_1 = require("../utils/user-name");
 const md_1 = require("../utils/md");
+const url_1 = require("../utils/url");
 class SharesService extends items_1.ItemsService {
     constructor(options) {
         super('directus_shares', options);
@@ -116,7 +117,7 @@ Hello!
 
 ${(0, user_name_1.userName)(userInfo)} has invited you to view an item in ${share.collection}.
 
-[Open](${env_1.default.PUBLIC_URL}/admin/shared/${payload.share})
+[Open](${new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'shared', payload.share).toString()})
 `;
         for (const email of payload.emails) {
             await mailService.send({

package/dist/services/users.js

@@ -264,7 +264,9 @@ class UsersService extends items_1.ItemsService {
         });
         const payload = { email, scope: 'password-reset', hash: (0, utils_2.getSimpleHash)('' + user.password) };
         const token = jsonwebtoken_1.default.sign(payload, env_1.default.SECRET, { expiresIn: '1d', issuer: 'directus' });
-        const acceptURL = url ? `${url}?token=${token}` : `${env_1.default.PUBLIC_URL}/admin/reset-password?token=${token}`;
+        const acceptURL = url
+            ? new url_1.Url(url).setQuery('token', token).toString()
+            : new url_1.Url(env_1.default.PUBLIC_URL).addPath('admin', 'reset-password').setQuery('token', token);
         const subjectLine = subject ? subject : 'Password Reset Request';
         await mailService.send({
             to: email,

package/dist/types/files.d.ts

@@ -19,3 +19,11 @@ export declare type File = {
     tags: string | null;
     metadata: Record<string, any> | null;
 };
+export declare type Metadata = {
+    height?: number | undefined;
+    width?: number | undefined;
+    description?: string | undefined;
+    title?: string | undefined;
+    tags?: any | undefined;
+    metadata?: any | undefined;
+};