* fix cohersion of values only in rest
* fix tests
* Update late-pans-draw.md
* default back to keep old behavior
* fmt
* combined mapValuesDeep into deepMap and cleaned function up.
* ran formatter
* Update .changeset/fine-boats-brush.md
---------
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
Co-authored-by: daedalus <44623501+ComfortablyCoding@users.noreply.github.com>
* fix cohersion of values only in rest
* fix tests
* Update late-pans-draw.md
* default back to keep old behavior
* fmt
* slight test cleanup
* test name
* fix carrying up logical op in filter
* Update changeset
* Add nested logical operators test
* Try to fix the nested case
* add more tests and clean up code
---------
Co-authored-by: ian <licitdev@gmail.com>
* WIP start on migrations
* Add migration
* Don't insert if there's no rows
* Use service to read/write permissions
* Use payload service rather than itemsservice
* Start on downgrade command
* Update system data structure
* Update migrations to keep structure flat
* Remove icon from policies
* Drop policies table on downgrade
* Rearchitect migrations to structure v3
* Add down migration
* Update system fields
* Add policy to fields import
* Fix public role attachment
* Update packages/system-data/src/fields/index.ts
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Update packages/system-data/src/fields/policies.yaml
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Add nested roles
* Remove unused step
* Use two o2ms instead of m2a for attachments
* Update system data
* Implement permission policies in the API (#22384)
* Update system data structure
* Update migrations to keep structure flat
* Remove icon from policies
* Drop policies table on downgrade
* Rearchitect migrations to structure v3
* Add down migration
* Update system fields
* Add policy to fields import
* Fix public role attachment
* Update packages/system-data/src/fields/index.ts
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Update packages/system-data/src/fields/policies.yaml
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Add nested roles
* Remove unused step
* Use two o2ms instead of m2a for attachments
* Update system data
* [WIP] Start reorging permissions handling
* Setup field extraction
* Remove watch from vitest
* Finish fieldMap creation logic
* Add tests for utils
* Improve tests
* Improve coverage
* Split test and test:watch
* Continue on this fun
* [WIP] Setup processing
* Sort roles
* Restructure to util files for org
* Add missing util tests
* More tests
* Add cases/whencase to ast
* Start on injection logic
* Add tests for inject cases
* Add tests for process
* Add todo
* Organize run-ast
* Add clear method to kv
* Remove reliance on acc.perm
* Restructure permissions setup
* Drop perm from acc, add roles/policies
* Remove get-permissions in middleware
* Remove/comment use of acc.perm
* Add default roles/permissions
* Use knex
So we don't have to initialize the schema before we want to use the accountability system
* Use new fetching logic in get accountability
* Add new fetch global access utils
* Gotta redo based on new setup
* Replaced with new util
* Remove dropping of perm in acc
It's no longer there by default, so no need to remove here
* Temporarily comment out the enforce tfa check
* Update usage of fetch tree to use knex
* Don't store policies on accountability
* Feed in roles thru acc
* Bit of whitespace
* Rename role->policy
* Wreck some more stuff
Jk, this is splitting up the large get-ast-from-query function into smaller individual functions to make it easier to update the wildcard conversion to use permissions
* Add ability to lookup all allowed fields in col+ac
* Add note so I don't forget stuff which i will
* Handle null acc
* Introduce parseAst to itemsservice
* That cleans things up
* Replace checkAccess with validateAccess
* Remove checkaccess from service
* cleanup imports
* Whoops one more
* Leave crumbs for next time
* Implement most of the fn
* Fix various tests
* Start on test for fetch roles tree
* Add tests for fetch roles tree
* Fix process tests
* All. of. the. tests.
* Update uses of validateAccess
* Fix name in runAst
* Fix use of accountability in gql sub
* Deprecate authorization service
* Remove getPermissions use
* Drop old getpermissions
* Pass services
* Replace admin/app uses with fetch global
* Update fetch user count to pull from policies
* Remove broken admin existence checks
* Update min accountability
* Remove unused import
* Drop permissions override from controller
* Refactor reliance on acc.perm
* Replace usage of permissions in fields
* Replace usage of permissions in import/export
* Drop permissions use from relations
* Drop no longer used method
* Remove unused import
* fix type usage of pk in validate
* Fix default acc in user
* Replace use of permissions in utils
* Update reduceSchema in specs/gql
* Remove old share merging
* Remove empty file
* Remove outdated comment
* Use ctx objects for large param fns
* Add with-cache memoize util
* Add cache to fetchpermissions
* Update caching use in fetchRolesTree
* Add caching to fetchAllowedFieldMap
* Add more cache
* Refactor call signatures
* Move call signature updates
* Handle presets
* Update process call sig
* Prevent infinite recursion in roles tree lookup
* Use create util for acc
* Remove old checkIp
* Fix where equality operator
* Break EVERYTHING!
Jk just cleaning up the structure some more, and removing the dep injection in favor of mocking
* Fix build
* Add missing module tests
* Don't crash on missing parent
* Fix role lookup
* add missing type annotation
* use logical-OR assignment and avoid a memory allocation
* Attach admin policy in default admin creation
* Fix admin check
* Add todo for later
* rm code duplication
* fix test
it was missing the new `roles`
* add types and fix type error
policies dont [yet] have an icon
* move spread order to avoid potential future mishaps
new default keys would override the manually set keys, potentially leading to unintended behavior
* reduce allocations, add escape hatch to loop and type db-row
* Implement case/when
* Clean up comments
* Optimize perm fetching in allowed f
* Move apply case when to util fn
* Optimize fetch-allowed-fields
* Add fetch inconsistent util
* Allow nulls
* Remove obsolete getCacheKey
* Remove unused import
* Update getAccountabilityForRole test
* Update fetchGlobalAccess test with one more test case + fix other test case
* Type cleanup
* Fix "admin access means automatic app access" in fetchGlobalAccessForQuery
* Clean up and expand fetch-inconsistent-field-map.test.ts
* Test uncached functions
* Test uncached
* Remove cases usage in parse-current-level
* Only consider non-null rules in inject cases
* Fix parseCurrentLevel call
* Move service imports into functions to avoid circular imports
* Ensure that we test that an error is thrown in processAst test
* Add failing test case for flattenFilter
* Ensure uniqueness in extractPathsFromQuery
* Early exit in validatePath
* Add additional test case for process payload test
* Update validateCollectionAccess test
* Clean up validate-item-access.test.ts
* Remove redundant initializer
* Use createDefaultAccountability
* Fix fetch-user-count.test.ts
* Cleanup unused default initializer
* Add empty cases to subfilter in _relationCount
* Drop AccessService and PermissionsService usage from services
* Found some more PermissionsServices
* Fix a few more tests
* Add nested role relation
* Fix query invocation in aggregate and group queries
* Fix role property name in auth/refresh
* Add some missing relations for permissions, access and roles
* Add m2o relation from permissions to policy
* Add m2o relation access to role, user, policy
* Allow fetchPermissions to fetch all permissions and not just those limited by an action
* Add parent to Role type
* Make sure that admin users see all fields
* Add access and policies controller, add util methods to policies and access service
* Change name and description of public policy, update description of admin policy and add on delete trigger.
* Make sure access row uuids are auto generated
* optimize kvredis clear function and add a unit test
to be fair: unit test is also testing implementation details but thats a problem there in general and for future us
* Add minimal app permission and dynamic variable injection to the permission fetching
* Fix m2o collection name in extractFieldsFromChildren
* Make sure to clone permission before injecting dynamic variables
* Actually do the cloning in with withAppMinimalPermissions since people might missbehave with the permissions obtained from PermissionsService.readByQuery so it better to go the source of the problem
* Use knex transaction in createOne -> processPayload - otherwise deadlock
* Make sure to respect '*' field in allowed fields
* Fix extractFieldsFromChildren for o2m as well - classic
* Fix allowed field check in `FieldsService.readAll` to account for multiple permissions for collection+action
* Skip case/when if `allowedFields` includes '*'
* Restructure the way the current users permissions are returned
* add ability to clear all keys from memory cache
* add test for clear method
* add await to clear function
* Clear permissions caches on changes to policy attachments (directus_access) and policy updates (directus_policies) and permissions updates (directus_permissions)
* Make the public role a real role rather than a virtual one
* Inject the public role, we're it previously was `null`
* Revert adding a fix public role
* remove unused variable
* Ensure that a user without a role can still use the /me util endpoints
* Make sure that the /me endpoints always return minimal information, similar to /users/me
* Some fixes after merging main
* Update api/src/permissions/utils/with-cache.ts
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
* Avoid broken role query for now
* Skip related collection `parseFields` if user has no permissions
* Ensure same call order as in `convertWildcards`
* Create default admin policy and connect it in cli init command
* Remove obsolete middleware mock in app.test.ts
* Add validation against non-existent fields and collections to `validatePath`
* Split up permission and path existence validation and validate path existence for admin users as well
* Make applySearch not async
* Fix relation extraction and permissions for `$FOLLOW` fields
* Fix case when for related collections and query wrapping
* Rework user integrity checks for Auditus (#22737)
* Changes to user counting and integrity checks
* Ensure that user validation happens in both create one and create many
* Rename `checkType` to `flags`
* Update api/src/permissions/modules/validate-remaining-admin/validate-remaining-admin-count.ts
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Update to enum usage
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* A few more changes to enum instead of number
* One more enum type update
* Make sure to correctly override the callback when combining options
* Clean up option type
* Update api/src/services/users.ts
Co-authored-by: ian <licitdev@gmail.com>
* Only take validation shortcut for users
We can only be sure that the deletion of users does not increase any other access types count, so in all other cases we need to verify that for example the App or API users have not increased over the limit
* Make both app and admin users count against app access limit
* Update api/src/permissions/modules/validate-remaining-admin/validate-remaining-admin-count.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* One post-merge fix, two small fixes
* Simplify flag updating and callback calling
* Changing app access in a policy only requires user limit checking, not full check
* Only the status of a created user should matter to determine if a check is neccessary
* Add count alias to count query
---------
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: ian <licitdev@gmail.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
* Add roles and permissions to the app (#22654)
* Initial app changes
* Fix getRelationsForField
* Add changeset
* Remove app-permissions from role settings
* Make sure access row uuids are auto generated
* Move a few things around, set up policies m2m properly
* Show roles as tree in sidebar
Change avatar field query for user
* Show user and role count in policy table
* Default to not adding app access for a policy, makes composability less annoying
* Correctly fall back to 0 for counts
* Change the structure of current user permissions
* Start bringing back the public role
* Make the public role a real role rather than a virtual one
* Revert public role changes
* Extend list-m2m to allow for very custom junction matching and a primary key of `null`
* Remove unused
* Fix public role policy update payload
* Fix app access for users without role (which is a thing now apparently)
* Make sure that the /me endpoints always return minimal information, similar to /users/me
* Tweak nav icons
* Pull policy id from constants
* Update permissions interface design to match
New design language in figma
* Some minor adjustments
- Make chip hover border more consistent
- Add "Remove" button to remove a full row of permissions, as in the UI mockup
- Fix table layout
* Clean up a few more things
* Fix `setFullAccess`
* Align collection view icons with navigation
* Don't query 'admin_access' for role
* Fix relation extraction and permissions for `$FOLLOW` fields
* Don't show `0 Items` for child rows, but `--` instead
* Make policy detail work in nested policy creating use case
* Remove unused v-icon override
* Move system collections to separate visual table
* Navigate before refresh
Prevents a flash of the previous value to be visible in the table
* Move composable to separate file
---------
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
* Optimize types
* Clone query deep
* Optimize type order
* Throw error on invalid role id
* Rename run.js -> run-ast.js
* Re-add filesizes to telemetry report collection that got lost in the merge
* Make `systemCollections` reactive
* Use one column per action to avoid unwanted shifting if some actions are not allowed at all
* Render system and custom together
* Add divider between regular and system permissions if both have elements
* Add AccessService and PoliciesService to `getService`
* Move policy global flags fetching to util
* Move collection access fetching into util
* Remove permissions for `directus_access`, `directus_permissions` and `directus_policies` from schema permissions
* use formatted-value display for name & description in roles & policies
* Rename `process.ts` to `process-ast.ts`
* Fix process-ast import after renaming
* Perform user integrity check on item deletion
* Fix first admin creation on bootstrap
* Revert "Fix first admin creation on bootstrap"
This reverts commit bf480d023c.
Will be fixed by adjusting the check in access service
* Don't perform admin integrity check if a new access row is created. Only check user limits
* Don't set an alias to the raw column value if it is wrapped in a case/when
* Correctly handle aliases when in field map and case injection
---------
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Hannes Küttner <kuettner.hannes@gmail.com>
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
Co-authored-by: ian <licitdev@gmail.com>
* Remove changeset of already merged PR (#22653)
* Fix multi cache subscribe call to preserve context
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* Add max length to name for policy and role names
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* Update app/src/modules/settings/routes/policies/collection.vue
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* Organize settings sidebar for clarity
* Remove query limit override from access and policies controller
THe query limit was added previously, where the idea was to fetch all policies in the app, but since that is not required anymore we can remove the override again, which in turn fixed pagination for policies. Woop
* Rework MetaService
* Fix filtered counting (previously it did not account for left join caused by permissions filter)
* Collect permissions for current collection and dedupe access to align filter with the one used in the actual query
* Use applyFilter and an _or filter to retrieve permitted items
* Prevent certain skips in _or filters
We can only skip empty filters in `_or` if either they are not equal to the value of `cases` or if _or has exactly only exactly one empty filter
This is needed to prevent dropping joins that are required for the case/when construction. For example when having the permissions `_or: [ {}, {related_item: { id: 1} }]` all joins need to be retained
* Revert unintentional with-cache commit
* Remove check for id in children which fails on some DBs if no children are set
* Show users and roles in policy item view
* Update directus_access policy/roles + policy/users `one_deselect_action`
This ensures that the access rows are cleaned up when removing users or roles from the policy side of the relation
* Merge policy loaded from API with current edits
* Make `app_access` default to false
* Split field map into read specific and other fields
This change is necessary since process-ast is used to verify item access for actions other than `read`.
But, if a user does not have action permissions for fields used in the query filter or sort field the validation for `xByQuery` would have failed until now.
* The fields are verified separately checked against read and action specific permission.
* Updated all the tests accordingly
* Fix `hasCaseWhen` check in `getDBQuery`
Previously it was checking if `cases.length > 0` which was always true, since we always pass in at least one case (`{}`), now it checks if there are actually field nodes with a whenCase property
* Don't expose o2m fields that the user might not have access to for some items
This approach uses a flag that is introduced into the parent item db query, that uses the case/when construct to determine if a user has access to the o2m field on the specific item.
The flag is 1 if the user has access and null otherwise.
It is set in the resulting query object for all o2m fields that have a whenCase (the ones with partial access) and used when merging the nested query items into the parent items.
* Accept O2MNode as fieldNode
* Filter policies in fetchGlobalAccess by ip_access if applicable and use `withCache` util
* Filter the policies influencing the global access by ip_access filter if an ip is available
* Use `withCache` util for top level function and the two lower level functions
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
* Fix filter in roles. Again. Almost like I didn't properly test it. huh
* Add cache key stability by only picking the props that are relevant from accountability and enforcing an order in the provided options object
* Improve `fetchAllowedFields` to only return fields that are actually in the schema
* Make a local copy of `junctionFilter` in order to prevent reloads on form value changes
* Remove debug log
* Update packages/system-data/src/fields/policies.yaml
Co-authored-by: ian <licitdev@gmail.com>
* Update api/src/permissions/utils/filter-policies-by-ip.ts
Co-authored-by: ian <licitdev@gmail.com>
* Conditionally add IP to request level cache key
Add `accountability.ip` to the request level cache key if, and only if, the IP is matched by any of the `ip_access` filters of the current users policies.
This ensures that, if the request IP influences the request result, it is path of the cache key, but also not included if there are no IP filters configured for the current user.
* Update api/src/permissions/modules/fetch-policies-ip-access/fetch-policies-ip-access.ts
Co-authored-by: ian <licitdev@gmail.com>
* Make sure that fetchAllowedFields does not remove field wildcard '*'
* Temporarily disable cache key picking
* Refine cache key picking + remove `undefined` from Accountability['ip'] type
* Rename `pick` to `prepareArg`
* Define the sort field for the `directus_access` junction table
* Verify that user has access to automatically selected sort field and default to first allowed field if not
* Sort the fetched permissions to match the order of the passed in policies
* Some clean-up of TODOs and unused code
* Take care of a special case, where no fields are requested and we are still interested the correct items being returned
This surfaced when running `validateItemAccess` with an update permission that did not include the primary key field.
* 3 less
* Update api/src/database/migrations/20240328A-permissions-policies.ts
Co-authored-by: ian <licitdev@gmail.com>
* Change /permissions/me response and add corresponding types and constants
* Fix payload validation
- Field validation needs to happen for admin users as well
- Add back injection of validation rules for non-nullable fields
Tests added/adjusted accordingly
* Mark `system-permissions` interface as `system`
* Remove special handling for public policy. It's one of us now.
- Add `icon` field to policies
- Add notice to the public role
* Rename migration to most recent date
* Clear permissions cache in `clearSystemCache`
* Make `getDBQuery` not async
* Set the sort field to `null` if the user does not have any allowed fields, not even the primary key
* Handle the case where `null` is returned as item edits by the permission detail drawer and remove the existing item, if any.
* Prevent role recursion (this is a simple check right now and I would expect it to fail on nested role updates that do funky stuff)
* Add overflow to permissions table
* Ensure fields are always passed to validation-errors
When v-form is used with the `collection` prop, instead of directly
passing fields via `fields` prop, the validation-errors component
didn't receive any field information.
This is fixed, by passing down the "finalFields" from `useForm`.
This is not directly related to 'auditus', but since it seems like this will be the
only place (so far) where we want to show validation-errors on a system
collection, I'm committing here.
* Outsource 'useSave' for roles, exactly as in policies
* Clean-up policies & roles item views
- Remove leftover styles, use clearer naming 'content'
- Fix types (policies was using role type)
- Show validation errors, handle errors on save & delete
- Use loading state of v-form (to have some indicator and less layout shift)
* Mark name field in policy & role as required
That way, an indicator is shown in the form, and value is checked when
editing via drawer
* remove role filter from public registration m2o
roles dont have access fields anymore, simply allow admin roles for now
* Remove overflow again. It broke
* Add cache purging for permission related updates.
* Add `dropForeign` in migration
Fixes migration on MySQL
* Add parsed field name to field map instead of raw field name
This fixes filtering & sorting with function as keys, e.g. `year(date_updated)`
* Account for $FOLLOW field filters earlier and don't confuse them with functions (see prev commit)
* Update migration to also work with CockroachDB
Instead of altering the `policy` column on `directus_permissions` to add the NOT NULL constraint it needs to be created with NOT NULL in the first place, as this will fail in CockroachDB.
That means we need to drop the foreign key constraint for the role column in order to update to `null` `role` to the public policy ID before we copy the values into the `policy` column
* Fix typo
* Add icon to default admin policy
* Be more clear about where the public role applies
* Update api/src/permissions/lib/fetch-policies.ts
Co-authored-by: ian <licitdev@gmail.com>
* Update api/src/permissions/lib/fetch-policies.test.ts
Co-authored-by: ian <licitdev@gmail.com>
* Enable GH workflows
* Make eslint happy, cleanup and improve role sidebar in users view
* Fix wrong suggestion application and move comments in block
* Format files
* Update isFullPermission test
* Clean up policy filter logic
* Flip order in test
* Update mocking in user/flows store tests
* Update expected results of a lot of api tests that changed during development (all stay true to the original idea)
* Update parseFilter test
* Update injectCases test
* Manually set parent to `null` if a role gets deleted and remove the `SET NULL` on delete action.
The `SET NULL` action causes problems problems on OracleDB
* Fix limit check for new users w/o "status" field
status defaults to "active", thus if the field is not in payload, the
user limit check needs to be triggered
* Fixed migration "inconsistent datatypes: expected - got CLOB" error in oracle
* Update extractFieldsFromChildren test
* Fix `count(o2m)` type queries
* Update UsersService tests
- Adapt to new user integrity logic
- Add basic ItemsService tests to ensure user integrity checks take
place
* Move withAppMinimalPermissions to appropriate dir
* Fixed boolean logic error for graphql counting
* Make sure that relational function aliases are recognized as `functionField`
* Fix permission for relational functions
Before this functions that operated on a o2m field like `count(o2m)` did not respect permissions on the related collection.
Now function field nodes have a cases list as well and correctly get the cases injected for the related collection.
The permissions are then correctly injected in the query that is passed down to the relational count function helper.
* Fix mock in withAppMinimalPermissions test
* Update RolesService tests
Copied and commented out old checks from roles to policies, so we can
re-check later on
* Add preliminary changesets
* Reword changeset to "Policies"
* Update .changeset/strong-numbers-warn.md
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Policies Documentation (#22729)
Co-authored-by: Hannes Küttner <kuettner.hannes@gmail.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
* Reformat docs
* SDK functions for auditus (#22795)
* Updated sdk types
* added policy commands
* prettier
* Added new and missing websocket subscription hooks
* Added missing endpoints
* Added missing graphql endpoints
* prettier
* Added changesets
* updated changesets
* Update .changeset/nine-geckos-jog.md
* Update api/src/services/graphql/index.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/create/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/create/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/read/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/read/roles.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/read/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/read/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/rest/commands/read/policies.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/schema/policy.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Update sdk/src/schema/policy.ts
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
---------
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
---------
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Hannes Küttner <kuettner.hannes@gmail.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
Co-authored-by: ian <licitdev@gmail.com>
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
Co-authored-by: Kevin Lewis <kvn@lws.io>
* Improve env variable casting for already typed variables configured through .[c]js files
* Revert back to using dedicated toX functions and extended toBoolean to handle boolean type values
* Some additions to test and removed some redundant code in toBoolean
* Fix test case name
* Add changeset
* Change changeset
* Fix initial value for boolean filter types in search interface
* Clean-up comments in getFilterOperatorsForType
* Add changeset
* Use operator for comparition
Co-authored-by: ian <licitdev@gmail.com>
* Adjust changeset
---------
Co-authored-by: ian <licitdev@gmail.com>
* start setting up types
* Add types for sandbox flag
* Add initial secure API extensions implementation
* Remove erroneous file
* Delete old exec implementation
* Read sandbox from extension manifest
* Rename \0virtual to @directus/virtual-ent4y
* Test register exec
* Add exec function using ivm callback
* Throw error on invalid type
* Make extensions individually unregisterable
* Remove support for secure bundle extensions
* Rework context passing to fix async
* Remove unused promise.resolve
* Start implementing secure extension register and context functions
* Rename secure to sandbox
* Only dispose isolate on catastrophic error
* Use callback copy option instead of explicit ExternalCopy
* Add registerOperation handler
* Add registerRoute handler
* Rename some return values
* Rename sandbox registration file
* Expose utils through sdk import
* Remove unused files
* Rename timeout to sleep for consistency with flows
* Make registerRoute method uppercase
* Add request util
* Abort process on catastrophic error
* Update api extension sdk import name
* Add variables for reference parameters for consistency
* Add permissions to request util
* Fix non-determinism when registering sandboxed extensions
* Improve stack trace readability
* Initialize isolated-vm for Vitest
* Format files
* Fix request options undefined check
* Always copy host function result into isolate
* Split up host function reference generation
* Add workaround for async error from host not thrown in isolate
* Use undefined instead of null as first argument to apply
* Abort process if sandbox has reached memory limit
* Reorganize files
* Use type error for assertion
* Use typeerrors in sdk generators, restructure some more
* Document
* Add changeset
---------
Co-authored-by: Nicola Krumschmidt <nicola.krumschmidt@freenet.de>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* Setup boilerplate for extensions page
* Allow reading all extensions from the root endpoint
* Add basic sidebar info detail
* Render list of extensions
* Move extensions manager to folder
* Move stuff related to extensions to @directus/extensions
* Import extensions utils/types/etc from ext. package
* Resolve last imports
* Temp remove settings pane
Different PR!
* Add changeset
* Run formatter
* Fix import in test
* Redact env values in revisions for Flows
* Add unit tests
* Create cold-maps-teach.md
* Redact string type envs only
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* Fix linting
* Update test for non-string env
* Ignore zero length strings
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* Add replacementFn to include key of redacted value
* Update cold-maps-teach.md
* Remove case insensitivity
* Update changeset
* Rework
* Add utils to changeset
* Add unit test
* Rename to getRedactedString and add REDACTED_TEXT
* Consistent naming
---------
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
* add docs to eslint
* update prettier ignore
* fix vitepress linting
* eslint ignore fixes
* prettier run
* update prettier ignore
* fix formatting
* enable linting of markdown files
* revert format command change
* fix irregular whitespace
* update dictionary
* (Changelog) Create four-boxes-shake.md
* Rework ESLint / Prettier setup
- Disable js/ts/vue files for Prettier to ensure linting/formatting is
only happening via ESLint
- Rework formatting of code blocks in md files
- Disable formatting of code blocks in md files under '/docs' by Prettier
- Instead use "eslint-plugin-markdown" to format & __lint__ js*/ts*/vue such code blocks
- Replace unmaintained "eslint-plugin-md" plugin by official "eslint-plugin-markdown" plugin
- I'll check whether we can use this to format other code blocks
(json, html, ...) as well
- Restructure, clean-up and apply some fixes to the ESLint config
(Note: Not ready for flat config yet since not supported by
vscode-eslint)
- Enable cache for ESLint / Prettier in scripts
- Clean-up ignore file
- Explicit folder declaration (.../)
- Don't ignore all 'extensions' folders in ESLint (only
'/api/extensions/')
- Enable formatting in '/.github' folder
* Fix all formatting issues with Prettier
* Update md files under /docs/.typedocs
* Fix lint issues in vue/js files
* ESLint / Prettier config revision v2
Enable Prettier for md code blocks, but only as warnings since it can
get into the way with Vitepress md extensions like '[!code ...]'
comments
* Remove prettier-ignore comments
* Make spellchecker happy
* Remove changeset
* Revert lint setup for code blocks
There are many cases in the docs where linting / formatting of code
blocks doesn't make
sense:
- Code block is only an excerpt - linter fails
- Code block contains special comments (e.g. markdown extensions) which
needs to remain at the same place - formatting would break it
- ...
* Apply lint issues / formatting from temp lint setup
* Run formatter
* Fix merge failure
* Simplify & modernize ESLint / Prettier setup
No longer run Prettier via ESLint. Nowadays, this is the recommended
setup. There's no real need to run it this way, it's just an additional
layer.
Add VS Code settings to make the work with the new setup easier.
* Remove unused eslint disable directives
* Make editorconfig more useful
* Fix formatting issues reported by editorconfig
* Format files with Prettier
* Enable formatting of source translations file
* Format source translations file
* Remove unnecessary console error
* Remove unnecessary line
* Only ignore md files under .changeset
* Add CI reporter for Prettier
* Fail job on wrongly formatted files
* Fix format
* Test Prettier action on changed/added file
* Use simple CI format check for now & no cache
* Revert "Test Prettier action on changed/added file"
This reverts commit 4f7d8826ad.
* Introduce code blocks check for docs
* Fix code block issues
* Ignore auto-generated packages dir
* Fix comment position
* Also lint `/app/.storybook`
* Reformat modified files
---------
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
* Add split view to the private view
* add more functionality to split view
* change text
* add simple size settings
* finish basic live preview feature
* add reload functionality
* update pnpm-lock
* update to newer design
* remove console.log
* Fix height of main content
* update design
* finishing fixes
* run linter
* finishing cleanup
* rebuild lock file
* lint fix
* hide preview for collections without preview urls
* fix refresh and eslint error
* use v-text-overflow for preview url
* use bottom placement for consistency
because other buttons such as Open in New Window and Refresh shows their tooltip at the bottom.
* tiny code tweak with early return
* remove fun parts and change divider color
* fix preview for singletons
* slightly improve the refresh button feedback
* hide zoom in fullscreen/desktop view
it is disabled in fullcreen, but some users may think they can click it, so I've opted to hide it instead. Especially since switching from mobile to desktop mode always resets it to 100%.
* tiny early return tweak
* opt to fix v-select disabled state cursor
* reverse zoom scaling order
* prevent preview going out of bounds when zoomed
* fix dragging when pointer enters iframe
* reinstate previous code tweak
* regenerate lock file
* use lockfile from main
* Dear linter...
* chore: add live preview to sidebar
* docs: add frontmatter
* docs: add intro
* docs: before you start
* docs: live preview in directus
* docs: draft mode in nextjs
* docs: fetch with draft mode
* docs: preview content in directus
* docs: next steps
* docs: update
* docs: updates
* docs: add live preview to collections
* docs: add live preview to item
* docs: updates
* docs: update
* chore: updates to the nextjs guide
* chore: updates to collections
* chore: updates to items
* Nuxt 3 guide
* Small Next guide fixes
* Added tips
* Spellcheck fixes
* Rework resizement
* Move debounce to private-view
* Update Nuxt 3 guides - styling and sentence clarity.
* add refreshLivePreview custom property to window
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* remove remaining "window as any" typecasts
* Show 'grab-bar' only if wrapper is in viewport
* toggle preview instead of split in mobile view
* tweak to unwrap nested IF conditions
* do not change preview button icon when enabled
* hide grab-bar in mobile
* check main content width instead of window width
* Fix save-and-stay not updating preview url
* Update refresh button function call
* Add frame loader to prevent flashing
* Prevent scrollbar flashing when toggling splitview
* lift specific logic from v-resizable to private-view
This piece of logic was meant only for the content area and shouldn't affect every v-resizable usages
* use v-show instead of v-if to hide main content
v-resizable has an internalWidth that should not be reset when user resize the left navigation bar, as well as the form shouldn't be re-rendered
* check target to hide the grab-bar in toggle mode
as we're only hiding the target rather than disabling the wrapper, we had to check whether the target is visible as well to determine whether to show the grab-bar
* Fix zoom behaviour & remove leftovers
* remove wrapperIsVisible check
in favor of only relying on targetIsVisible check
* Revert "Add frame loader to prevent flashing"
This reverts commit e4c2d3d4bd.
* Final tweaks
- Enhance frame zoom
- Min width for frame
- Hide main content based on overall size
(ensure it works for all browser sizes)
- Various enhancements & fixes
* Update migration date
* Create rare-bananas-melt.md
* Better naming for remaining width var
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
---------
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Esther Agbaje <folasadeagbaje@gmail.com>
Co-authored-by: Kevin Lewis <kvn@lws.io>
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: ian <licitdev@gmail.com>
* Redact additional keys in logs of Flows
* Create moody-poems-pump.md
* Move REDACTED_TEXT to constants package & update tests
* Revert "Move REDACTED_TEXT to constants package & update tests"
This reverts commit 0f5b227253.
* Update redacted value in blackbox test
* Use own redact implementation
* Move REDACTED_TEXT to constants package
* Replace outdated comment
* Fix misleading return type
Since values might change (redacted), output isn't necessarily the same type anymore
* Fix options for list & map interfaces
* Create short-boxes-rescue.md
* Outsource Vue component check to utils
* No need for explicit comparation
* Depend on `typeof` instead of `instanceof` to check Vue comp
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
* make linter happy
---------
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
* Step 1
* Step 2
* False sense of confidence
* Couple more before dinner
* Update schema package
* Update format-title
* Upgrade specs file
* Close
* Replace ts-node-dev with tsx, and various others
* Replace lodash with lodash-es
* Add lodash-es types
* Update knex import
* More fun is had
* FSE
* Consolidate repos
* Various tweaks and fixes
* Fix specs
* Remove dependency on knex-schema-inspector
* Fix wrong imports of inspector
* Move shared exceptions to new package
* Move constants to separate module
* Move types to new types package
* Use directus/types
* I believe this is no longer needed
* [WIP] Start moving utils to esm
* ESMify Shared
* Move shared utils to @directus/utils
* Use @directus/utils instead of @directus/shared/utils
* It runs!
* Use correct schemaoverview type
* Fix imports
* Fix the thing
* Start on new update-checker lib
* Use new update-check package
* Swap out directus/shared in app
* Pushing through the last bits now
* Dangerously make extensions SDK ESM
* Use @directus/types in tests
* Copy util function to test
* Fix linter config
* Add missing import
* Hot takes
* Fix build
* Curse these default exports
* No tests in constants
* Add tests
* Remove tests from types
* Add tests for exceptions
* Fix test
* Fix app tests
* Fix import in test
* Fix various tests
* Fix specs export
* Some more tests
* Remove broken integration tests
These were broken beyond repair.. They were also written before we really knew what we we're doing with tests, so I think it's better to say goodbye and start over with these
* Regenerate lockfile
* Fix imports from merge
* I create my own problems
* Make sharp play nice
* Add vitest config
* Install missing blackbox dep
* Consts shouldn't be in types
tsk tsk tsk tsk
* Fix type/const usage in extensions-sdk
* cursed.default
* Reduce circular deps
* Fix circular dep in items service
* vvv
* Trigger testing for all vendors
* Add workaround for rollup
* Prepend the file protocol for the ESM loader to be compatible with Windows
"WARN: Only URLs with a scheme in: file and data are supported by the default ESM loader. On Windows, absolute paths must be valid file:// URLs. Received protocol 'c:'"
* Fix postgres
* Schema package updates
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
* Resolve cjs/mjs extensions
* Clean-up eslint config
* fixed extension concatination
* using string interpolation for consistency
* Revert MySQL optimisation
* Revert testing for all vendors
* Replace tsx with esbuild-kit/esm-loader
Is a bit faster and we can rely on the built-in `watch` and `inspect`
functionalities of Node.js
Note: The possibility to watch other files (.env in our case) might be
added in the future, see https://github.com/nodejs/node/issues/45467
* Use exact version for esbuild-kit/esm-loader
* Fix import
---------
Co-authored-by: ian <licitdev@gmail.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
