mirror of
https://github.com/directus/directus.git
synced 2026-04-25 03:00:53 -04:00
dbf35a1736
* Add directus_shares * Don't check for usage limit on refresh * Add all endpoints to the shares controller * Move route `/auth/shared` to `/shared/auth` * Add password protection * Add `share` action in permissions * Add `shares/:pk/info` * Start on shared-view * Add basic styling for full shared view * Fixed migrations * Add inline style for shared view * Allow title override * Finish /info endpoint for shares * Add basic UUID validation to share/info endpont * Add UUID validation to other routes * Add not found state * Cleanup /extract/finish share login endpoint * Cleanup auth * Added `share_start` and `share_end` * Add share sidebar details. * Allow share permissions configuration * Hide the `new_share` button for unauthorized users * Fix uses_left displayed value * Show expired / upcoming shares * Improved expired/upcoming styling * Fixed share login query * Fix check-ip and get-permissions middlewares behaviour when role is null * Simplify cache key * Fix typescript linting issues * Handle app auth flow for shared page * Fixed /users/me response * Show when user is authenticated * Try showing item drawer in shared page * Improved shared card styling * Add shares permissions and change share card styling * Pull in schema/permissions on share * Create getPermissionForShare file * Change getPermissionsForShare signature * Render form + item on share after auth * Finalize public front end * Handle fake o2m field in applyQuery * [WIP] * New translations en-US.yaml (Bulgarian) (#10585) * smaller label height (#10587) * Update to the latest Material Icons (#10573) The icons are based on https://fonts.google.com/icons * New translations en-US.yaml (Arabic) (#10593) * New translations en-US.yaml (Arabic) (#10594) * New translations en-US.yaml (Portuguese, Brazilian) (#10604) * New translations en-US.yaml (French) (#10605) * New translations en-US.yaml (Italian) (#10613) * fix M2A list not updating (#10617) * Fix filters * Add admin filter on m2o role selection * Add admin filter on m2o role selection * Add o2m permissions traversing * Finish relational tree permissions generation * Handle implicit a2o relation * Update implicit relation regex * Fix regex * Fix implicitRelation unnesting for new regex * Fix implicitRelation length check * Rename m2a to a2o internally * Add auto-gen permissions for a2o * [WIP] Improve share UX * Add ctx menu options * Add share dialog * Add email notifications * Tweak endpoint * Tweak file interface disabled state * Add nicer invalid state to password input * Dont return info for expired/upcoming shares * Tweak disabled state for relational interfaces * Fix share button for non admin roles * Show/hide edit/delete based on permissions to shares * Fix imports of mutationtype * Resolve (my own) suggestions * Fix migration for ms sql * Resolve last suggestion Co-authored-by: Oreilles <oreilles.github@nitoref.io> Co-authored-by: Oreilles <33065839+oreilles@users.noreply.github.com> Co-authored-by: Ben Haynes <ben@rngr.org> Co-authored-by: Thien Nguyen <72242664+tatthien@users.noreply.github.com> Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
141 lines
4.0 KiB
TypeScript
141 lines
4.0 KiB
TypeScript
import { appAccessMinimalPermissions } from '../database/system-data/app-access-permissions';
|
|
import { ItemsService, QueryOptions } from '../services/items';
|
|
import { AbstractServiceOptions, Item, PrimaryKey, MutationOptions } from '../types';
|
|
import { Query, PermissionsAction } from '@directus/shared/types';
|
|
import { filterItems } from '../utils/filter-items';
|
|
import Keyv from 'keyv';
|
|
import { getCache } from '../cache';
|
|
|
|
export class PermissionsService extends ItemsService {
|
|
systemCache: Keyv<any>;
|
|
|
|
constructor(options: AbstractServiceOptions) {
|
|
super('directus_permissions', options);
|
|
|
|
const { systemCache } = getCache();
|
|
|
|
this.systemCache = systemCache;
|
|
}
|
|
|
|
getAllowedFields(action: PermissionsAction, collection?: string): Record<string, string[]> {
|
|
const results =
|
|
this.accountability?.permissions?.filter((permission) => {
|
|
let matchesCollection = true;
|
|
|
|
if (collection) {
|
|
matchesCollection = permission.collection === collection;
|
|
}
|
|
|
|
const matchesAction = permission.action === action;
|
|
|
|
return collection ? matchesCollection && matchesAction : matchesAction;
|
|
}) ?? [];
|
|
|
|
const fieldsPerCollection: Record<string, string[]> = {};
|
|
|
|
for (const result of results) {
|
|
const { collection, fields } = result;
|
|
if (!fieldsPerCollection[collection]) fieldsPerCollection[collection] = [];
|
|
fieldsPerCollection[collection].push(...(fields ?? []));
|
|
}
|
|
|
|
return fieldsPerCollection;
|
|
}
|
|
|
|
async readByQuery(query: Query, opts?: QueryOptions): Promise<Partial<Item>[]> {
|
|
const result = await super.readByQuery(query, opts);
|
|
|
|
if (Array.isArray(result) && this.accountability && this.accountability.app === true) {
|
|
result.push(
|
|
...filterItems(
|
|
appAccessMinimalPermissions.map((permission) => ({
|
|
...permission,
|
|
role: this.accountability!.role,
|
|
})),
|
|
query.filter
|
|
)
|
|
);
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
async readMany(keys: PrimaryKey[], query: Query = {}, opts?: QueryOptions): Promise<Partial<Item>[]> {
|
|
const result = await super.readMany(keys, query, opts);
|
|
|
|
if (this.accountability && this.accountability.app === true) {
|
|
result.push(
|
|
...filterItems(
|
|
appAccessMinimalPermissions.map((permission) => ({
|
|
...permission,
|
|
role: this.accountability!.role,
|
|
})),
|
|
query.filter
|
|
)
|
|
);
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
async createOne(data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.createOne(data, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async createMany(data: Partial<Item>[], opts?: MutationOptions) {
|
|
const res = await super.createMany(data, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async updateByQuery(query: Query, data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.updateByQuery(query, data, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async updateOne(key: PrimaryKey, data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.updateOne(key, data, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async updateMany(keys: PrimaryKey[], data: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.updateMany(keys, data, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async upsertOne(payload: Partial<Item>, opts?: MutationOptions) {
|
|
const res = await super.upsertOne(payload, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async upsertMany(payloads: Partial<Item>[], opts?: MutationOptions) {
|
|
const res = await super.upsertMany(payloads, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async deleteByQuery(query: Query, opts?: MutationOptions) {
|
|
const res = await super.deleteByQuery(query, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async deleteOne(key: PrimaryKey, opts?: MutationOptions) {
|
|
const res = await super.deleteOne(key, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
|
|
async deleteMany(keys: PrimaryKey[], opts?: MutationOptions) {
|
|
const res = await super.deleteMany(keys, opts);
|
|
await this.systemCache.clear();
|
|
return res;
|
|
}
|
|
}
|