npm - @stamhoofd/backend - Versions diffs - 1.0.0 - Mend

@stamhoofd/backend 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (150) hide show

package/src/endpoints/organization/dashboard/organization/GetRegisterCodeEndpoint.ts ADDED Viewed

@@ -0,0 +1,65 @@
+import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
+import { Organization, RegisterCode, STCredit, UsedRegisterCode } from '@stamhoofd/models';
+import { RegisterCodeStatus, UsedRegisterCode as UsedRegisterCodeStruct } from '@stamhoofd/structures';
+import { Context } from '../../../../helpers/Context';
+type Params = Record<string, never>;
+type Query = undefined;
+type Body = undefined;
+type ResponseBody = RegisterCodeStatus;
+export class GetRegisterCodeEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method != "GET") {
+            return [false];
+        }
+        const params = Endpoint.parseParameters(request.url, "/register-code", {});
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+    async handle(_: DecodedRequest<Params, Query, Body>) {
+        const organization = await Context.setOrganizationScope();
+        await Context.authenticate()
+        if (!await Context.auth.hasSomeAccess(organization.id)) {
+            throw Context.auth.error()
+        }
+        const codes = await RegisterCode.where({ organizationId: organization.id })
+        let code = codes[0]
+        if (codes.length == 0) {
+            code = new RegisterCode()
+            code.organizationId = organization.id
+            code.description = "Doorverwezen door "+ organization.name
+            code.value = 2500
+            await code.generateCode()
+            await code.save()
+        }
+        const usedCodes = await UsedRegisterCode.getAll(code.code)
+        const allOrganizations = await Organization.getByIDs(...usedCodes.flatMap(u => u.organizationId ? [u.organizationId] : []))
+        const allCredits = await STCredit.getByIDs(...usedCodes.flatMap(u => u.creditId ? [u.creditId] : []))
+        return new Response(RegisterCodeStatus.create({
+            code: code.code,
+            value: code.value,
+            invoiceValue: code.invoiceValue,
+            usedCodes: usedCodes.map(c => {
+                return UsedRegisterCodeStruct.create({
+                    id: c.id,
+                    organizationName: allOrganizations.find(o => o.id === c.organizationId)?.name ?? "Onbekend",
+                    createdAt: c.createdAt,
+                    creditValue: (c.creditId ? allCredits.find(credit => credit.id === c.creditId)?.change : null) ?? null
+                })
+            })
+        }))
+    }
+}

package/src/endpoints/organization/dashboard/organization/PatchOrganizationEndpoint.test.ts ADDED Viewed

@@ -0,0 +1,281 @@
+import { AutoEncoderPatchType, PatchableArray } from '@simonbackx/simple-encoding';
+import { Request } from "@simonbackx/simple-endpoints";
+import { GroupFactory, OrganizationFactory, Token, UserFactory } from '@stamhoofd/models';
+import { Group, GroupGenderType, GroupPatch, GroupPrivateSettings, GroupSettings, GroupSettingsPatch, Organization, PermissionLevel, PermissionRole, PermissionRoleDetailed, Permissions, PermissionsResourceType, ResourcePermissions } from '@stamhoofd/structures';
+import { testServer } from '../../../../../tests/helpers/TestServer';
+import { PatchOrganizationEndpoint } from './PatchOrganizationEndpoint';
+describe("Endpoint.PatchOrganization", () => {
+    // Test endpoint
+    const endpoint = new PatchOrganizationEndpoint();
+    test("Change the name of the organization", async () => {
+        const organization = await new OrganizationFactory({}).create()
+        const user = await new UserFactory({ organization, permissions: Permissions.create({ level: PermissionLevel.Full }) }).create()
+        //const groups = await new GroupFactory({ organization }).createMultiple(2)
+        const token = await Token.createToken(user)
+        const r = Request.buildJson("PATCH", "/v2/organization", organization.getApiHost(), {
+            id: organization.id,
+            name: "My crazy name"
+        });
+        r.headers.authorization = "Bearer "+token.accessToken
+        const response = await testServer.test(endpoint, r);
+        expect(response.body).toBeDefined();
+        if (!(response.body instanceof Organization)) {
+            throw new Error("Expected Organization")
+        }
+        expect(response.body.id).toEqual(organization.id)
+        expect(response.body.name).toEqual("My crazy name")
+    });
+    test("Can't change organization as a normal user", async () => {
+        const organization = await new OrganizationFactory({}).create()
+        const user = await new UserFactory({ organization }).create()
+        const token = await Token.createToken(user)
+        const r = Request.buildJson("PATCH", "/organization", organization.getApiHost(), {
+            id: organization.id,
+            name: "My crazy name"
+        });
+        r.headers.authorization = "Bearer " + token.accessToken
+        await expect(testServer.test(endpoint, r)).rejects.toThrow(/permissions/i);
+    });
+    test("Can't change organization as a user with read access", async () => {
+        const organization = await new OrganizationFactory({}).create()
+        const user = await new UserFactory({ organization, permissions: Permissions.create({ level: PermissionLevel.Read }) }).create()
+        const token = await Token.createToken(user)
+        const r = Request.buildJson("PATCH", "/organization", organization.getApiHost(), {
+            id: organization.id,
+            name: "My crazy name"
+        });
+        r.headers.authorization = "Bearer " + token.accessToken
+        await expect(testServer.test(endpoint, r)).rejects.toThrow(/permissions/i);
+    });
+    test("Change the name of a group with access", async () => {
+        const organization = await new OrganizationFactory({}).create()
+        const role = PermissionRoleDetailed.create({
+            name: "Role"
+        })
+        organization.privateMeta.roles.push(
+            role
+        )
+        const groups = await new GroupFactory({ organization }).createMultiple(2)
+        role.resources.set(PermissionsResourceType.Groups, new Map())
+        role.resources.get(PermissionsResourceType.Groups)!.set(groups[0].id, ResourcePermissions.create({
+            level: PermissionLevel.Full
+        }))
+        await organization.save()
+        const validPermissions = [
+            Permissions.create({
+                level: PermissionLevel.None,
+                roles: [PermissionRole.create(role)]
+            }),
+            Permissions.create({
+                level: PermissionLevel.Full
+            }),
+        ]
+        for (const permission of validPermissions) {
+            const user = await new UserFactory({ organization,
+                permissions: permission
+            }).create()
+            const token = await Token.createToken(user)
+            const changes = new PatchableArray<string, Group, AutoEncoderPatchType<Group>>()
+            changes.addPatch(GroupPatch.create({
+                id: groups[0].id,
+                settings: GroupSettingsPatch.create({
+                    name: "My crazy group name",
+                })
+            }))
+            const r = Request.buildJson("PATCH", "/organization", organization.getApiHost(), {
+                id: organization.id,
+                groups: changes.encode({ version: 2 }),
+            });
+            r.headers.authorization = "Bearer " + token.accessToken
+            const response = await testServer.test(endpoint, r);
+            expect(response.body).toBeDefined();
+            if (!(response.body instanceof Organization)) {
+                throw new Error("Expected Organization")
+            }
+            expect(response.body.id).toEqual(organization.id)
+            expect(response.body.groups.find(g => g.id == groups[0].id)!.settings.name).toEqual("My crazy group name")
+        }
+    });
+    test("Can't change name of group without access", async () => {
+         const organization = await new OrganizationFactory({}).create()
+        const role = PermissionRoleDetailed.create({
+            name: "Role"
+        })
+        const role2 = PermissionRoleDetailed.create({
+            name: "Role2"
+        })
+        organization.privateMeta.roles.push(
+            role,
+            role2
+        )
+        await organization.save()
+        const groups = await new GroupFactory({ organization }).createMultiple(2)
+        groups[0].privateSettings.permissions.write.push(PermissionRole.create(role))
+        await groups[0].save()
+        groups[0].privateSettings.permissions.read.push(PermissionRole.create(role2))
+        await groups[0].save()
+        const invalidPermissions = [
+            Permissions.create({
+                level: PermissionLevel.Read,
+                roles: [PermissionRole.create(role)]
+            }),
+            Permissions.create({
+                level: PermissionLevel.None,
+                roles: [PermissionRole.create(role2)]
+            }),
+            Permissions.create({
+                level: PermissionLevel.Write,
+                roles: [PermissionRole.create(role2), PermissionRole.create(role)]
+            }),
+            Permissions.create({
+                level: PermissionLevel.Write
+            }),
+            Permissions.create({
+                level: PermissionLevel.Read
+            }),
+            null
+        ]
+        for (const permission of invalidPermissions) {
+            const user = await new UserFactory({
+                    organization,
+                    permissions: permission
+            }).create()
+                const token = await Token.createToken(user)
+                const changes = new PatchableArray<string, Group, AutoEncoderPatchType<Group>>()
+                changes.addPatch(GroupPatch.create({
+                    id: groups[0].id,
+                    settings: GroupSettingsPatch.create({
+                        name: "My crazy group name",
+                    })
+                }))
+                const r = Request.buildJson("PATCH", "/organization", organization.getApiHost(), {
+                    id: organization.id,
+                    groups: changes.encode({ version: 2 }),
+                });
+                r.headers.authorization = "Bearer " + token.accessToken
+                await expect(testServer.test(endpoint, r)).rejects.toThrow(/permissions/i);
+        }
+    });
+    test("Create a group with access", async () => {
+        const organization = await new OrganizationFactory({}).create()
+        const groups = await new GroupFactory({ organization }).createMultiple(2)
+        const validPermissions = [
+            Permissions.create({
+                level: PermissionLevel.Full
+            }),
+        ]
+        const invalidPermissions = [
+            Permissions.create({
+                level: PermissionLevel.Write
+            }),
+        ]
+        for (const permission of validPermissions) {
+            const user = await new UserFactory({
+                organization,
+                permissions: permission
+            }).create()
+            const token = await Token.createToken(user)
+            const changes = new PatchableArray<string, Group, AutoEncoderPatchType<Group>>()
+            const put = Group.create({
+                cycle: 0,
+                organizationId: organization.id,
+                periodId: organization.periodId,
+                settings: GroupSettings.create({
+                    name: "My crazy group name",
+                    startDate: new Date(),
+                    endDate: new Date(),
+                    registrationStartDate: new Date(),
+                    registrationEndDate: new Date(),
+                    genderType: GroupGenderType.Mixed,
+                }),
+                privateSettings: GroupPrivateSettings.create({})
+            })
+            changes.addPut(put)
+            const r = Request.buildJson("PATCH", "/v140/organization", organization.getApiHost(), {
+                id: organization.id,
+                groups: changes.encode({ version: 140 }),
+            });
+            r.headers.authorization = "Bearer " + token.accessToken
+            const response = await testServer.test(endpoint, r);
+            expect(response.body).toBeDefined();
+            if (!(response.body instanceof Organization)) {
+                throw new Error("Expected Organization")
+            }
+            expect(response.body.id).toEqual(organization.id)
+            expect(response.body.groups.map(g => g.id)).toContainEqual(put.id)
+        }
+        for (const permission of invalidPermissions) {
+            const user = await new UserFactory({
+                organization,
+                permissions: permission
+            }).create()
+            const token = await Token.createToken(user)
+            const changes = new PatchableArray<string, Group, AutoEncoderPatchType<Group>>()
+            const put = Group.create({
+                cycle: 0,
+                organizationId: organization.id,
+                periodId: organization.periodId,
+                settings: GroupSettings.create({
+                    name: "My crazy group name",
+                    startDate: new Date(),
+                    endDate: new Date(),
+                    registrationStartDate: new Date(),
+                    registrationEndDate: new Date(),
+                    genderType: GroupGenderType.Mixed,
+                })
+            })
+            changes.addPut(put)
+            const r = Request.buildJson("PATCH", "/v2/organization", organization.getApiHost(), {
+                id: organization.id,
+                groups: changes.encode({ version: 2 }),
+            });
+            r.headers.authorization = "Bearer " + token.accessToken
+            await expect(testServer.test(endpoint, r)).rejects.toThrow(/permissions/i);
+        }
+    });
+});

package/src/endpoints/organization/dashboard/organization/PatchOrganizationEndpoint.ts ADDED Viewed

@@ -0,0 +1,338 @@
+import { AutoEncoderPatchType, Decoder, ObjectData, patchObject } from '@simonbackx/simple-encoding';
+import { DecodedRequest, Endpoint, Request, Response } from "@simonbackx/simple-endpoints";
+import { SimpleError, SimpleErrors } from '@simonbackx/simple-errors';
+import { Group, Organization,PayconiqPayment, Platform, StripeAccount, Token, User, Webshop } from '@stamhoofd/models';
+import { BuckarooSettings, GroupPrivateSettings, Organization as OrganizationStruct, OrganizationPatch, PayconiqAccount, PaymentMethod, PaymentMethodHelper, PermissionLevel, Permissions, PermissionsResourceType,ResourcePermissions, UserPermissions, Version, OrganizationMetaData } from "@stamhoofd/structures";
+import { Formatter } from '@stamhoofd/utility';
+import { AuthenticatedStructures } from '../../../../helpers/AuthenticatedStructures';
+import { BuckarooHelper } from '../../../../helpers/BuckarooHelper';
+import { Context } from '../../../../helpers/Context';
+type Params = Record<string, never>;
+type Query = undefined;
+type Body = AutoEncoderPatchType<OrganizationStruct>;
+type ResponseBody = OrganizationStruct;
+/**
+ * One endpoint to create, patch and delete groups. Usefull because on organization setup, we need to create multiple groups at once. Also, sometimes we need to link values and update multiple groups at once
+ */
+export class PatchOrganizationEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    bodyDecoder = OrganizationPatch as Decoder<AutoEncoderPatchType<OrganizationStruct>>
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method != "PATCH") {
+            return [false];
+        }
+        const params = Endpoint.parseParameters(request.url, "/organization", {});
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+        const organization = await Context.setOrganizationScope();
+        const {user} = await Context.authenticate()
+        if (!await Context.auth.hasSomeAccess(organization.id)) {
+            throw Context.auth.error()
+        }
+        // check if organization ID matches
+        if (request.body.id !== organization.id) {
+            throw new SimpleError({
+                code: "invalid_id",
+                message: "You cannot modify an organization with a different ID than the organization you are signed in for",
+                statusCode: 403
+            })
+        }
+        const errors = new SimpleErrors()
+        if (await Context.auth.hasFullAccess(organization.id)) {
+            organization.name = request.body.name ?? organization.name
+            if (request.body.website !== undefined) {
+                organization.website = request.body.website;
+            }
+            if (request.body.address) {
+                organization.address = organization.address.patch(request.body.address)
+            }
+            if (request.body.uri && request.body.uri !== organization.uri) {
+                const slugified = Formatter.slug(request.body.uri);
+                if (slugified.length > 100) {
+                    throw new SimpleError({
+                        code: "invalid_field",
+                        message: "Field is too long",
+                        human: "De URI van de vereniging is te lang",
+                        field: "uri"
+                    })
+                }
+                if (slugified.length < 3) {
+                    throw new SimpleError({
+                        code: "invalid_field",
+                        message: "Field is too short",
+                        human: "De URI van de vereniging is te kort",
+                        field: "uri"
+                    })
+                }
+                const alreadyExists = await Organization.getByURI(slugified);
+                if (alreadyExists) {
+                    throw new SimpleError({
+                        code: "name_taken",
+                        message: "An organization with the same URI already exists",
+                        human: "Er bestaat al een vereniging met dezelfde URI. Voeg bijvoorbeeld de naam van je gemeente toe.",
+                        field: "uri",
+                    });
+                }
+                organization.uri = slugified
+            }
+            if (request.body.privateMeta && request.body.privateMeta.isPatch()) {
+                organization.privateMeta.emails = request.body.privateMeta.emails.applyTo(organization.privateMeta.emails)
+                organization.privateMeta.roles = request.body.privateMeta.roles.applyTo(organization.privateMeta.roles)
+                organization.privateMeta.privateKey = request.body.privateMeta.privateKey ?? organization.privateMeta.privateKey
+                organization.privateMeta.featureFlags = patchObject(organization.privateMeta.featureFlags, request.body.privateMeta.featureFlags);
+                if (request.body.privateMeta.mollieProfile !== undefined) {
+                    organization.privateMeta.mollieProfile = patchObject(organization.privateMeta.mollieProfile, request.body.privateMeta.mollieProfile)
+                }
+                if (request.body.privateMeta.useTestPayments !== undefined) {
+                    organization.privateMeta.useTestPayments = request.body.privateMeta.useTestPayments
+                }
+                // Apply payconiq patch
+                if (request.body.privateMeta.payconiqAccounts !== undefined) {
+                    organization.privateMeta.payconiqAccounts = patchObject(organization.privateMeta.payconiqAccounts, request.body.privateMeta.payconiqAccounts)
+                    for (const account of organization.privateMeta.payconiqAccounts) {
+                        if (account.merchantId === null) {
+                            const payment = await PayconiqPayment.createTest(organization, account)
+                            if (!payment) {
+                                throw new SimpleError({
+                                    code: "invalid_field",
+                                    message: "De API-key voor Payconiq is niet geldig. Kijk eens na of je wel de juiste key hebt ingevuld.",
+                                    field: "payconiqAccounts"
+                                })
+                            }
+                            // Save merchant id
+                            const decoded = PayconiqAccount.decode(
+                                new ObjectData({
+                                    ...(payment as any).creditor,
+                                    id: account.id,
+                                    apiKey: account.apiKey,
+                                }, {version: 0})
+                            )
+                            account.merchantId = decoded.merchantId
+                            account.callbackUrl = decoded.callbackUrl
+                            account.profileId = decoded.profileId
+                            account.name = decoded.name
+                            account.iban = decoded.iban
+                        }
+                    }
+                }
+                if (request.body.privateMeta.buckarooSettings !== undefined) {
+                    if (request.body.privateMeta.buckarooSettings === null) {
+                        organization.privateMeta.buckarooSettings = null;
+                    } else {
+                        organization.privateMeta.buckarooSettings = organization.privateMeta.buckarooSettings ?? BuckarooSettings.create({})
+                        organization.privateMeta.buckarooSettings.patchOrPut(request.body.privateMeta.buckarooSettings)
+                        // Validate buckaroo settings
+                        const buckaroo = new BuckarooHelper(organization.privateMeta.buckarooSettings.key, organization.privateMeta.buckarooSettings.secret, organization.privateMeta.useTestPayments ?? STAMHOOFD.environment != 'production')
+                        if (!(await buckaroo.createTest())) {
+                            throw new SimpleError({
+                                code: "invalid_field",
+                                message: "De key of secret voor Buckaroo is niet geldig. Kijk eens na of je wel de juiste key hebt ingevuld.",
+                                field: "buckarooSettings"
+                            })
+                        }
+                    }
+                }
+                if (request.body.privateMeta.registrationPaymentConfiguration?.stripeAccountId !== undefined) {
+                    if (request.body.privateMeta.registrationPaymentConfiguration.stripeAccountId !== null) {
+                        const account = await StripeAccount.getByID(request.body.privateMeta.registrationPaymentConfiguration.stripeAccountId)
+                        if (!account || account.organizationId !== organization.id) {
+                            throw new SimpleError({
+                                code: "invalid_field",
+                                message: "Het Stripe account dat je hebt gekozen bestaat niet (meer)",
+                                field: "registrationPaymentConfiguration.stripeAccountId"
+                            })
+                        }
+                    }
+                    organization.privateMeta.registrationPaymentConfiguration.stripeAccountId = request.body.privateMeta.registrationPaymentConfiguration.stripeAccountId
+                }
+            }
+            // Allow admin patches (permissions only atm). No put atm
+            if (request.body.admins) {
+                for (const patch of request.body.admins.getPatches()) {
+                    if (patch.permissions) {
+                        const admin = await User.getByID(patch.id)
+                        if (!admin || !await Context.auth.canAccessUser(admin, PermissionLevel.Full)) {
+                            throw new SimpleError({
+                                code: "invalid_field",
+                                message: "De beheerder die je wilt wijzigen bestaat niet (meer)",
+                                field: "admins"
+                            })
+                        }
+                        admin.permissions = UserPermissions.limitedPatch(admin.permissions, patch.permissions, organization.id)
+                        if (admin.id === user.id && (!admin.permissions || !admin.permissions.forOrganization(organization)?.hasFullAccess())) {
+                            throw new SimpleError({
+                                code: "permission_denied",
+                                message: "Je kan jezelf niet verwijderen als hoofdbeheerder"
+                            })
+                        }
+                        await admin.save()
+                    }
+                }
+            }
+            if (request.body.meta) {
+                const savedPackages = organization.meta.packages
+                organization.meta.patchOrPut(request.body.meta)
+                organization.meta.packages = savedPackages
+                // check payconiq + mollie
+                if (request.body.meta.registrationPaymentConfiguration) {
+                    if (!organization.privateMeta.payconiqApiKey && !organization.privateMeta.buckarooSettings?.paymentMethods.includes(PaymentMethod.Payconiq)) {
+                        const i = organization.meta.paymentMethods.findIndex(p => p == PaymentMethod.Payconiq)
+                        if (i != -1) {
+                            throw new SimpleError({
+                                code: "invalid_field",
+                                message: "Je kan Payconiq niet activeren omdat je geen Payconiq API Key hebt ingesteld. Schakel Payconiq uit voor je verder gaat.",
+                                field: "paymentMethods"
+                            })
+                        }
+                    }
+                    // check payconiq + mollie
+                    if (!organization.privateMeta.mollieOnboarding || !organization.privateMeta.mollieOnboarding.canReceivePayments) {
+                        let stripe: StripeAccount | undefined = undefined
+                        if (organization.privateMeta.registrationPaymentConfiguration.stripeAccountId) {
+                            stripe = await StripeAccount.getByID(organization.privateMeta.registrationPaymentConfiguration.stripeAccountId)
+                        }
+                        const i = organization.meta.paymentMethods.findIndex(p => {
+                            if (p === PaymentMethod.Payconiq) return
+                            if (p === PaymentMethod.Transfer) return
+                            if (p === PaymentMethod.PointOfSale) return
+                            if (!organization.privateMeta.buckarooSettings?.paymentMethods.includes(p)) {
+                                if (!stripe?.meta.paymentMethods.includes(p)) {
+                                    return true
+                                }
+                            }
+                        })
+                        if (i != -1) {
+                            throw new SimpleError({
+                                code: "invalid_field",
+                                message: "Je kan "+PaymentMethodHelper.getName(organization.meta.paymentMethods[i])+" niet activeren omdat je daarvoor nog niet aangesloten bent bij een betaalpartner. Schakel "+PaymentMethodHelper.getName(organization.meta.paymentMethods[i])+" uit voor je verder gaat.",
+                                field: "paymentMethods"
+                            })
+                        }
+                    }
+                }
+                if (request.body.meta?.tags) {
+                    if (!Context.auth.hasPlatformFullAccess()) {
+                        throw Context.auth.error()
+                    }
+                    const cleanedPatch = OrganizationMetaData.patch({
+                        tags: request.body.meta.tags as any
+                    })
+                    const platform = await Platform.getShared()
+                    const patchedMeta = organization.meta.patch(cleanedPatch);
+                    for (const tag of patchedMeta.tags) {
+                        if (!platform.config.tags.find(t => t.id === tag)) {
+                            throw new SimpleError({ code: "invalid_tag", message: "Invalid tag", statusCode: 400 });
+                        }
+                    }
+                    // Sort tags based on platform config order
+                    patchedMeta.tags.sort((a, b) => {
+                        const aIndex = platform.config.tags.findIndex(t => t.id === a);
+                        const bIndex = platform.config.tags.findIndex(t => t.id === b);
+                        return aIndex - bIndex;
+                    })
+                    organization.meta.tags = patchedMeta.tags;
+                }
+            }
+            if (request.body.uri) {
+                if (!Context.auth.hasPlatformFullAccess()) {
+                    throw Context.auth.error()
+                }
+                const uriExists = await Organization.getByURI(request.body.uri);
+                if (uriExists && uriExists.id !== organization.id) {
+                    throw new SimpleError({
+                        code: "name_taken",
+                        message: "An organization with the same name already exists",
+                        human: "Er bestaat al een vereniging met dezelfde URI. Pas deze aan zodat deze uniek is, en controleer of deze vereniging niet al bestaat.",
+                        field: "name",
+                    });
+                }
+                organization.uri = request.body.uri
+            }
+            // Save the organization
+            await organization.save()
+        } else {
+            if (request.body.name || request.body.address) {
+                throw new SimpleError({
+                    code: "permission_denied",
+                    message: "You do not have permissions to edit the organization settings",
+                    statusCode: 403
+                })
+            }
+        }
+        // Only needed for permissions atm, so no put or delete here
+        for (const struct of request.body.webshops.getPatches()) {
+            const model = await Webshop.getByID(struct.id)
+            if (!model || !await Context.auth.canAccessWebshop(model, PermissionLevel.Full)) {
+                errors.addError(
+                    Context.auth.error('Je hebt geen toegangsrechten om deze webshop te wijzigen')
+                )
+                continue;
+            }
+            if (struct.meta) {
+                model.meta.patchOrPut(struct.meta)
+            }
+            if (struct.privateMeta) {
+                model.privateMeta.patchOrPut(struct.privateMeta)
+            }
+            await model.save();
+        }
+        errors.throwIfNotEmpty()
+        return new Response(await AuthenticatedStructures.organization(organization));
+    }
+}