github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-01-27 21:17:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix deep filters in app, fix current-user/current-role in filters

Browse Source
This commit is contained in:
rijkvanzanten
2020-11-12 14:12:05 -05:00
parent 236bde3c59
commit 0c72ee6b1d
3 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
api/src/app.ts
View File

@@ -112,6 +112,10 @@ export default async function createApp() {
app.use(rateLimiter);
}
app.use(authenticate);
app.use(checkIP);
app.use(sanitizeQuery);
app.use(cache);
@@ -120,10 +124,6 @@ export default async function createApp() {
app.use('/auth', authRouter);
app.use(authenticate);
app.use(checkIP);
app.use('/graphql', graphqlRouter);
app.use('/activity', activityRouter);

2
api/src/utils/validate-query.ts
View File

@@ -42,6 +42,8 @@ function validateFilter(filter: Query['filter']) {
for (let [key, nested] of Object.entries(filter)) {
if (key === '_and' || key === '_or') {
nested.forEach(validateFilter);
} else if (isPlainObject(nested)) {
validateFilter(nested);
} else if (key.startsWith('_')) {
const value = nested;