Rework collections flow to include permissions/accountability

2026-02-12 01:54:55 -05:00 · 2020-07-31 16:09:35 -04:00
parent 3895e36710
commit eefa74c821
2 changed files with 239 additions and 56 deletions
--- a/api/src/routes/collections.ts
+++ b/api/src/routes/collections.ts
@@ -2,8 +2,6 @@ import { Router } from 'express';
 import asyncHandler from 'express-async-handler';
 import sanitizeQuery from '../middleware/sanitize-query';
 import CollectionsService from '../services/collections';
-import { schemaInspector } from '../database';
-import { CollectionNotFoundException } from '../exceptions';
 import useCollection from '../middleware/use-collection';

 const router = Router();
@@ -24,10 +22,9 @@ router.post(
 router.get(
 	'/',
 	useCollection('directus_collections'),
-	sanitizeQuery,
 	asyncHandler(async (req, res) => {
 		const collectionsService = new CollectionsService({ accountability: req.accountability });
-		const collections = await collectionsService.readByQuery(req.sanitizedQuery);
+		const collections = await collectionsService.readByQuery();

 		res.json({ data: collections || null });
 	})
@@ -38,17 +35,25 @@ router.get(
 	useCollection('directus_collections'),
 	sanitizeQuery,
 	asyncHandler(async (req, res) => {
-		/** @todo move this validation to CollectionsService methods */
-		const exists = await schemaInspector.hasTable(req.params.collection);
-		if (exists === false) throw new CollectionNotFoundException(req.params.collection);
-
 		const collectionsService = new CollectionsService({ accountability: req.accountability });
+		const collectionKey = req.params.collection.includes(',')
+			? req.params.collection.split(',')
+			: req.params.collection;
+		const collection = await collectionsService.readByKey(collectionKey as any);
+		res.json({ data: collection || null });
+	})
+);

-		const collection = await collectionsService.readByKey(
-			req.params.collection,
-			req.sanitizedQuery
-		);
-
+router.patch(
+	'/:collection',
+	useCollection('directus_collections'),
+	asyncHandler(async (req, res) => {
+		const collectionsService = new CollectionsService({ accountability: req.accountability });
+		const collectionKey = req.params.collection.includes(',')
+			? req.params.collection.split(',')
+			: req.params.collection;
+		await collectionsService.update(req.body, collectionKey as any);
+		const collection = await collectionsService.readByKey(collectionKey as any);
 		res.json({ data: collection || null });
 	})
 );
@@ -57,13 +62,11 @@ router.delete(
 	'/:collection',
 	useCollection('directus_collections'),
 	asyncHandler(async (req, res) => {
-		/** @todo move this validation to CollectionsService methods */
-		if ((await schemaInspector.hasTable(req.params.collection)) === false) {
-			throw new CollectionNotFoundException(req.params.collection);
-		}
-
 		const collectionsService = new CollectionsService({ accountability: req.accountability });
-		await collectionsService.delete(req.params.collection);
+		const collectionKey = req.params.collection.includes(',')
+			? req.params.collection.split(',')
+			: req.params.collection;
+		await collectionsService.delete(collectionKey as any);

 		res.end();
 	})