Merge branch 'main' into feature-rate-limiting

2026-02-07 11:55:12 -05:00 · 2020-09-08 12:31:57 -04:00
parent 6b0b96591c 8811d2a3b4
commit 7f1f105349
248 changed files with 3387 additions and 34724 deletions
--- a/api/src/services/fields.ts
+++ b/api/src/services/fields.ts
@@ -40,9 +40,10 @@ export default class FieldsService {
 		if (collection) {
 			fields = (await nonAuthorizedItemsService.readByQuery({
 				filter: { collection: { _eq: collection } },
+				limit: -1,
 			})) as FieldMeta[];
 		} else {
-			fields = (await nonAuthorizedItemsService.readByQuery({})) as FieldMeta[];
+			fields = (await nonAuthorizedItemsService.readByQuery({ limit: -1 })) as FieldMeta[];
 		}

 		fields = (await this.payloadService.processValues('read', fields)) as FieldMeta[];
@@ -101,11 +102,16 @@ export default class FieldsService {

 		// Filter the result so we only return the fields you have read access to
 		if (this.accountability && this.accountability.admin !== true) {
-			const permissions = await this.knex.select('collection', 'fields').from('directus_permissions').where({ role: this.accountability.role, action: 'read' });
+			const permissions = await this.knex
+				.select('collection', 'fields')
+				.from('directus_permissions')
+				.where({ role: this.accountability.role, action: 'read' });
 			const allowedFieldsInCollection: Record<string, string[]> = {};

 			permissions.forEach((permission) => {
-				allowedFieldsInCollection[permission.collection] = (permission.fields || '').split(',');
+				allowedFieldsInCollection[permission.collection] = (permission.fields || '').split(
+					','
+				);
 			});

 			if (collection && allowedFieldsInCollection.hasOwnProperty(collection) === false) {
@@ -113,7 +119,8 @@ export default class FieldsService {
 			}

 			return result.filter((field) => {
-				if (allowedFieldsInCollection.hasOwnProperty(field.collection) === false) return false;
+				if (allowedFieldsInCollection.hasOwnProperty(field.collection) === false)
+					return false;
 				const allowedFields = allowedFieldsInCollection[field.collection];
 				if (allowedFields[0] === '*') return true;
 				return allowedFields.includes(field.field);
@@ -131,8 +138,9 @@ export default class FieldsService {
 				.where({
 					role: this.accountability.role,
 					collection,
-					action: 'read'
-				}).first();
+					action: 'read',
+				})
+				.first();

 			if (!permissions) throw new ForbiddenException();
 			if (permissions.fields !== '*') {
@@ -245,13 +253,23 @@ export default class FieldsService {
 				.from('directus_fields')
 				.where({ collection, field: field.field })
 				.first();
-			if (!record) throw new FieldNotFoundException(collection, field.field);

-			await this.itemsService.update({
-				...field.meta,
-				collection: collection,
-				field: field.field,
-			}, record.id);
+			if (record) {
+				await this.itemsService.update(
+					{
+						...field.meta,
+						collection: collection,
+						field: field.field,
+					},
+					record.id
+				);
+			} else {
+				await this.itemsService.create({
+					...field.meta,
+					collection: collection,
+					field: field.field,
+				});
+			}
 		}

 		return field.field;
@@ -281,10 +299,14 @@ export default class FieldsService {
 			const isM2O = relation.many_collection === collection && relation.many_field === field;

 			if (isM2O) {
-				await this.knex('directus_relations').delete().where({ many_collection: collection, many_field: field });
+				await this.knex('directus_relations')
+					.delete()
+					.where({ many_collection: collection, many_field: field });
 				await this.deleteField(relation.one_collection, relation.one_field);
 			} else {
-				await this.knex('directus_relations').update({ one_field: null }).where({ one_collection: collection, one_field: field });
+				await this.knex('directus_relations')
+					.update({ one_field: null })
+					.where({ one_collection: collection, one_field: field });
 			}
 		}
 	}