@stamhoofd/backend 2.101.0 → 2.103.0

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.101.0",
+    "version": "2.103.0",
     "main": "./dist/index.js",
     "exports": {
         ".": {
@@ -45,14 +45,14 @@
         "@simonbackx/simple-encoding": "2.22.0",
         "@simonbackx/simple-endpoints": "1.20.1",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.101.0",
-        "@stamhoofd/backend-middleware": "2.101.0",
-        "@stamhoofd/email": "2.101.0",
-        "@stamhoofd/models": "2.101.0",
-        "@stamhoofd/queues": "2.101.0",
-        "@stamhoofd/sql": "2.101.0",
-        "@stamhoofd/structures": "2.101.0",
-        "@stamhoofd/utility": "2.101.0",
+        "@stamhoofd/backend-i18n": "2.103.0",
+        "@stamhoofd/backend-middleware": "2.103.0",
+        "@stamhoofd/email": "2.103.0",
+        "@stamhoofd/models": "2.103.0",
+        "@stamhoofd/queues": "2.103.0",
+        "@stamhoofd/sql": "2.103.0",
+        "@stamhoofd/structures": "2.103.0",
+        "@stamhoofd/utility": "2.103.0",
         "archiver": "^7.0.1",
         "axios": "^1.8.2",
         "cookie": "^0.7.0",
@@ -70,5 +70,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "1eeeabc23e86e699d54f09fb385b5c32b4618723"
+    "gitHead": "81c0e08f64f5c9a32a513cf6cfd2d48e3601f1a8"
 }

package/src/crons.ts

@@ -2,7 +2,7 @@ import { Database } from '@simonbackx/simple-database';
 import { Group, Organization, Payment, Registration, STPackage, Webshop } from '@stamhoofd/models';
 import { PaymentMethod, PaymentProvider, PaymentStatus } from '@stamhoofd/structures';
 import { Formatter } from '@stamhoofd/utility';
-
+import { SQL } from '@stamhoofd/sql';
 import { registerCron } from '@stamhoofd/crons';
 import { checkSettlements } from './helpers/CheckSettlements';
 import { PaymentService } from './services/PaymentService';
@@ -124,36 +124,31 @@ async function checkWebshopDNS() {
 // Keep checking pending paymetns for 3 days
 async function checkPayments() {
     if (STAMHOOFD.environment === 'development') {
-        return;
+        // return;
     }
 
     const timeout = 60 * 1000 * 31;
 
     // TODO: only select the ID + organizationId
-    const payments = await Payment.where({
-        status: {
-            sign: 'IN',
-            value: [PaymentStatus.Created, PaymentStatus.Pending],
-        },
-        method: {
-            sign: 'IN',
-            value: [PaymentMethod.Bancontact, PaymentMethod.iDEAL, PaymentMethod.Payconiq, PaymentMethod.CreditCard],
-        },
-        // Check all payments that are 11 minutes old and are still pending
-        createdAt: {
-            sign: '<',
-            value: new Date(new Date().getTime() - timeout),
-        },
-    }, {
-        limit: 100,
-
-        // Return oldest payments first
-        // If at some point, they are still pending after 1 day, their status should change to failed
-        sort: [{
-            column: 'createdAt',
-            direction: 'ASC',
-        }],
-    });
+    const payments = await Payment.select()
+        .where(
+            SQL.where('method', [
+                PaymentMethod.Bancontact, PaymentMethod.iDEAL, PaymentMethod.Payconiq, PaymentMethod.CreditCard,
+            ])
+                .and('status', [PaymentStatus.Created, PaymentStatus.Pending])
+                .and('createdAt', '<', new Date(new Date().getTime() - timeout)),
+        )
+        // For payconiq payments, we have a shorter timeout of 1 minute if they are still in the 'created' state (not scanned)
+        .orWhere(
+            SQL.where('method', [
+                PaymentMethod.Payconiq,
+            ])
+                .and('status', [PaymentStatus.Created])
+                .and('createdAt', '<', new Date(new Date().getTime() - 60 * 1000)),
+        )
+        .orderBy('createdAt', 'ASC')
+        .limit(200)
+        .fetch();
 
     console.log('[DELAYED PAYMENTS] Checking pending payments: ' + payments.length);
 

package/src/email-recipient-loaders/receivable-balances.ts

@@ -14,7 +14,7 @@ async function fetch(query: LimitedFilteredRequest, subfilter: StamhoofdFilter |
 
     const recipients: EmailRecipient[] = [];
     for (const balance of result.results) {
-        const balanceItemModels = await CachedBalance.balanceForObjects(balance.organizationId, [balance.object.id], balance.objectType, true);
+        const balanceItemModels = balance.objectType === ReceivableBalanceType.organization ? (await CachedBalance.balanceForObjects(balance.organizationId, [balance.object.id], balance.objectType)) : [];
         const balanceItems = balanceItemModels.map(i => i.getStructure());
 
         const filteredContacts = balance.object.contacts.filter(c => compiledFilter(c));
@@ -22,7 +22,7 @@ async function fetch(query: LimitedFilteredRequest, subfilter: StamhoofdFilter |
             for (const email of contact.emails) {
                 const recipient = EmailRecipient.create({
                     objectId: balance.id, // Note: not set member, user or organization id here - should be the queryable balance id
-                    userId: balance.objectType === ReceivableBalanceType.user ? balance.object.id : null,
+                    userId: balance.objectType === ReceivableBalanceType.user || balance.objectType === ReceivableBalanceType.userWithoutMembers ? balance.object.id : null,
                     memberId: balance.objectType === ReceivableBalanceType.member ? balance.object.id : null,
                     firstName: contact.firstName,
                     lastName: contact.lastName,
@@ -32,15 +32,22 @@ async function fetch(query: LimitedFilteredRequest, subfilter: StamhoofdFilter |
                             token: 'objectName',
                             value: balance.object.name,
                         }),
-                        Replacement.create({
-                            token: 'outstandingBalance',
-                            value: Formatter.price(balance.amountOpen),
-                        }),
-                        Replacement.create({
-                            token: 'balanceTable',
-                            value: '',
-                            html: BalanceItemStruct.getDetailsHTMLTable(balanceItems),
-                        }),
+                        ...(
+                            balance.objectType === ReceivableBalanceType.organization
+                                ? [
+                                        Replacement.create({
+                                            token: 'outstandingBalance',
+                                            value: Formatter.price(balance.amountOpen),
+                                        }),
+                                        Replacement.create({
+                                            token: 'balanceTable',
+                                            value: '',
+                                            html: BalanceItemStruct.getDetailsHTMLTable(balanceItems),
+                                        }),
+                                    ]
+                                : []
+                        ),
+
                         ...(contact.meta && contact.meta.url && typeof contact.meta.url === 'string'
                             ? [Replacement.create({
                                     token: 'paymentUrl',

package/src/endpoints/global/events/PatchEventsEndpoint.ts

@@ -59,6 +59,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 putGroup,
                 putGroup.organizationId,
                 period,
+                { allowedIds: [putGroup.id] },
             );
         }
         else {

package/src/endpoints/global/members/helpers/validateGroupFilter.ts

@@ -1,5 +1,4 @@
 import { SimpleError } from '@simonbackx/simple-errors';
-import { Group } from '@stamhoofd/models';
 import { FilterWrapperMarker, PermissionLevel, StamhoofdFilter, unwrapFilter, WrapperFilter } from '@stamhoofd/structures';
 import { Context } from '../../../../helpers/Context';
 
@@ -55,17 +54,22 @@ export async function validateGroupFilter({ filter, permissionLevel, key }: { fi
         }
     }
 
-    const groups = await Group.getByIDs(...groupIds as string[]);
-    Context.auth.cacheGroups(groups);
+    const groups = await Context.auth.getGroups(groupIds as string[]);
 
-    console.log('Fetching members for groups', groups.map(g => g.settings.name.toString()));
+    console.log('Fetching members for groups before', groups.map(g => g.settings.name.toString()));
 
     for (const group of groups) {
         if (!await Context.auth.canAccessGroup(group, permissionLevel)) {
-            throw Context.auth.error({
-                message: 'You do not have access to this group',
-                human: $t(`45eedf49-0f0a-442c-a0bd-7881c2682698`, { groupName: group.settings.name }),
-            });
+            if (permissionLevel !== PermissionLevel.Read || !group.settings.implicitlyAllowViewRegistrations) {
+                throw Context.auth.error({
+                    message: 'You do not have access to this group',
+                    human: $t(`45eedf49-0f0a-442c-a0bd-7881c2682698`, { groupName: group.settings.name }),
+                });
+            }
+            else {
+                // Return false so we add additional scope filters (only view overlap)
+                return false;
+            }
         }
     }
 

package/src/endpoints/global/registration/GetRegistrationsEndpoint.ts

@@ -99,14 +99,26 @@ export class GetRegistrationsEndpoint extends Endpoint<Params, Query, Body, Resp
                     if (await Context.auth.hasFullAccess(organization.id, permissionLevel)) {
                         // Can access full history for now
                         scopeFilter = {
-                            organizationId: organization.id,
+                            member: {
+                                registrations: {
+                                    $elemMatch: {
+                                        organizationId: organization.id,
+                                    },
+                                },
+                            },
                         };
                     }
                     else {
                         // Can only access current period
                         scopeFilter = {
-                            organizationId: organization.id,
-                            periodId: organization.periodId,
+                            member: {
+                                registrations: {
+                                    $elemMatch: {
+                                        organizationId: organization.id,
+                                        periodId: organization.periodId,
+                                    },
+                                },
+                            },
                         };
                     }
                 }
@@ -130,8 +142,14 @@ export class GetRegistrationsEndpoint extends Endpoint<Params, Query, Body, Resp
                     }
 
                     scopeFilter = {
-                        groupId: {
-                            $in: groupIds,
+                        member: {
+                            registrations: {
+                                $elemMatch: {
+                                    groupId: {
+                                        $in: groupIds,
+                                    },
+                                },
+                            },
                         },
                     };
                 }
@@ -196,8 +214,13 @@ export class GetRegistrationsEndpoint extends Endpoint<Params, Query, Body, Resp
         }
 
         for (const registration of data) {
-            if (!await Context.auth.canAccessRegistration(registration, permissionLevel)) {
-                throw Context.auth.error();
+            if (registration.group.settings.implicitlyAllowViewRegistrations) {
+                // okay, only need to check if we can access the members (next step)
+            }
+            else {
+                if (!await Context.auth.canAccessRegistration(registration, permissionLevel)) {
+                    throw Context.auth.error();
+                }
             }
         }
 

package/src/endpoints/global/registration/GetUserPayableBalanceEndpoint.ts

@@ -1,6 +1,6 @@
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { CachedBalance, Organization } from '@stamhoofd/models';
-import { PayableBalance, PayableBalanceCollection } from '@stamhoofd/structures';
+import { PayableBalance, PayableBalanceCollection, ReceivableBalanceType } from '@stamhoofd/structures';
 
 import { Formatter } from '@stamhoofd/utility';
 import { AuthenticatedStructures } from '../../../helpers/AuthenticatedStructures';
@@ -31,12 +31,12 @@ export class GetUserPayableBalanceEndpoint extends Endpoint<Params, Query, Body,
         const organization = await Context.setUserOrganizationScope();
         const { user } = await Context.authenticate();
 
-        return new Response(await GetUserPayableBalanceEndpoint.getBillingStatusForObjects([user.id], organization));
+        return new Response(await GetUserPayableBalanceEndpoint.getBillingStatusForObjects([user.id], organization, ReceivableBalanceType.user));
     }
 
-    static async getBillingStatusForObjects(objectIds: string[], organization?: Organization | null) {
+    static async getBillingStatusForObjects(objectIds: string[], organization: Organization | null, objectType: ReceivableBalanceType) {
         // Load cached balances
-        const receivableBalances = await CachedBalance.getForObjects(objectIds, organization?.id);
+        const receivableBalances = await CachedBalance.getForObjects(objectIds, organization?.id, objectType);
 
         const organizationIds = Formatter.uniqueArray(receivableBalances.map(b => b.organizationId));