Remove permission.limit (#7711)

* remove permission.limit

* set limit to amount of primaryKeys

api/src/database/migrations/20210831A-remove-limit-column.ts

@@ -0,0 +1,13 @@
+import { Knex } from 'knex';
+
+export async function up(knex: Knex): Promise<void> {
+	await knex.schema.alterTable('directus_permissions', (table) => {
+		table.dropColumn('limit');
+	});
+}
+
+export async function down(knex: Knex): Promise<void> {
+	await knex.schema.alterTable('directus_permissions', (table) => {
+		table.integer('limit').unsigned();
+	});
+}

api/src/database/system-data/app-access-permissions/index.ts

@@ -8,7 +8,6 @@ const defaults: Partial<Permission> = {
 	validation: null,
 	presets: null,
 	fields: ['*'],
-	limit: null,
 	system: true,
 };
 

api/src/database/system-data/fields/permissions.yaml

@@ -15,9 +15,6 @@ fields:
   - field: role
     width: half
 
-  - field: limit
-    width: half
-
   - field: collection
     width: half
 

api/src/services/authorization.ts

@@ -171,15 +171,6 @@ export class AuthorizationService {
 				}
 
 				if (query.filter._and.length === 0) delete query.filter._and;
-
-				if (permissions.limit && query.limit && query.limit > permissions.limit) {
-					throw new ForbiddenException();
-				}
-
-				// Default to the permissions limit if limit hasn't been set
-				if (permissions.limit && !query.limit) {
-					query.limit = permissions.limit;
-				}
 			}
 		}
 	}
@@ -200,7 +191,6 @@ export class AuthorizationService {
 				action,
 				permissions: {},
 				validation: {},
-				limit: null,
 				fields: ['*'],
 				presets: {},
 			};
@@ -301,7 +291,7 @@ export class AuthorizationService {
 		};
 
 		if (Array.isArray(pk)) {
-			const result = await itemsService.readMany(pk, query, { permissionsAction: action });
+			const result = await itemsService.readMany(pk, { ...query, limit: pk.length }, { permissionsAction: action });
 			if (!result) throw new ForbiddenException();
 			if (result.length !== pk.length) throw new ForbiddenException();
 		} else {

api/src/types/permissions.ts

@@ -9,7 +9,6 @@ export type Permission = {
 	action: PermissionsAction;
 	permissions: Record<string, any>;
 	validation: Filter | null;
-	limit: number | null;
 	presets: Record<string, any> | null;
 	fields: string[] | null;
 	system?: true;

api/src/utils/merge-permissions.ts

@@ -25,7 +25,6 @@ function mergePerm(currentPerm: Permission, newPerm: Permission) {
 	let validation = currentPerm.validation;
 	let fields = currentPerm.fields;
 	let presets = currentPerm.presets;
-	let limit = currentPerm.limit;
 
 	if (newPerm.permissions) {
 		if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === '_or') {
@@ -73,16 +72,11 @@ function mergePerm(currentPerm: Permission, newPerm: Permission) {
 		presets = merge({}, presets, newPerm.presets);
 	}
 
-	if (newPerm.limit && newPerm.limit > (currentPerm.limit || 0)) {
-		limit = newPerm.limit;
-	}
-
 	return {
 		...currentPerm,
 		permissions,
 		validation,
 		fields,
 		presets,
-		limit,
 	};
 }