@stamhoofd/backend 2.106.0 → 2.107.0

package/index.ts

@@ -8,7 +8,12 @@ backendEnv.load({ service: 'api' }).catch((error) => {
         const { run } = await import('./src/migrate');
         await run();
     }
-    await import('./src/boot');
+    const { boot } = await import('./src/boot');
+
+    boot({ killProcess: true }).catch((error) => {
+        console.error('unhandledRejection', error);
+        process.exit(1);
+    });
 }).catch((error) => {
     console.error('Failed to start the API:', error);
     process.exit(1);

package/package.json

@@ -1,10 +1,16 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.106.0",
+    "version": "2.107.0",
     "main": "./dist/index.js",
     "exports": {
         ".": {
             "require": "./dist/index.js"
+        },
+        "./src/migrate": {
+            "require": "./dist/src/migrate.js"
+        },
+        "./src/boot": {
+            "require": "./dist/src/boot.js"
         }
     },
     "license": "UNLICENCED",
@@ -41,18 +47,18 @@
         "@aws-sdk/s3-request-presigner": "3.823.0",
         "@bwip-js/node": "^4.5.1",
         "@mollie/api-client": "3.7.0",
-        "@simonbackx/simple-database": "1.33.0",
+        "@simonbackx/simple-database": "1.34.0",
         "@simonbackx/simple-encoding": "2.22.0",
         "@simonbackx/simple-endpoints": "1.20.1",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.106.0",
-        "@stamhoofd/backend-middleware": "2.106.0",
-        "@stamhoofd/email": "2.106.0",
-        "@stamhoofd/models": "2.106.0",
-        "@stamhoofd/queues": "2.106.0",
-        "@stamhoofd/sql": "2.106.0",
-        "@stamhoofd/structures": "2.106.0",
-        "@stamhoofd/utility": "2.106.0",
+        "@stamhoofd/backend-i18n": "2.107.0",
+        "@stamhoofd/backend-middleware": "2.107.0",
+        "@stamhoofd/email": "2.107.0",
+        "@stamhoofd/models": "2.107.0",
+        "@stamhoofd/queues": "2.107.0",
+        "@stamhoofd/sql": "2.107.0",
+        "@stamhoofd/structures": "2.107.0",
+        "@stamhoofd/utility": "2.107.0",
         "archiver": "^7.0.1",
         "axios": "^1.8.2",
         "cookie": "^0.7.0",
@@ -70,5 +76,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "56fde0bd7b4d4ff0c3a4cd07924dcfe78a438215"
+    "gitHead": "54cbfe3b2fb090aa83c556be9eda97be712a9c71"
 }

package/src/boot.ts

@@ -6,8 +6,10 @@ import { loadLogger } from '@stamhoofd/logging';
 import { Version } from '@stamhoofd/structures';
 import { sleep } from '@stamhoofd/utility';
 
+import { SimpleError } from '@simonbackx/simple-errors';
 import { startCrons, stopCrons, waitForCrons } from '@stamhoofd/crons';
 import { Platform } from '@stamhoofd/models';
+import { QueueHandler } from '@stamhoofd/queues';
 import { resumeEmails } from './helpers/EmailResumer';
 import { GlobalHelper } from './helpers/GlobalHelper';
 import { SetupStepUpdater } from './helpers/SetupStepUpdater';
@@ -17,10 +19,8 @@ import { BalanceItemService } from './services/BalanceItemService';
 import { DocumentService } from './services/DocumentService';
 import { FileSignService } from './services/FileSignService';
 import { PlatformMembershipService } from './services/PlatformMembershipService';
-import { UniqueUserService } from './services/UniqueUserService';
-import { QueueHandler } from '@stamhoofd/queues';
-import { SimpleError } from '@simonbackx/simple-errors';
 import { UitpasService } from './services/uitpas/UitpasService';
+import { UniqueUserService } from './services/UniqueUserService';
 
 process.on('unhandledRejection', (error: Error) => {
     console.error('unhandledRejection');
@@ -59,8 +59,11 @@ function productionLog(message: string) {
     }
 }
 
-const start = async () => {
+export const boot = async (options: { killProcess: boolean }) => {
     productionLog('Running server at v' + Version);
+    productionLog('Running server at port ' + STAMHOOFD.PORT);
+    productionLog('Running server on DB ' + process.env.DB_DATABASE); // note, should always use process env here
+
     loadLogger();
 
     await GlobalHelper.load();
@@ -77,6 +80,8 @@ const start = async () => {
     // Note: we should load endpoints one by once to have a reliable order of url matching
     await router.loadAllEndpoints(__dirname + '/endpoints/global/*');
     await router.loadAllEndpoints(__dirname + '/endpoints/admin/*');
+    await router.loadAllEndpoints(__dirname + '/endpoints/frontend');
+
     await router.loadAllEndpoints(__dirname + '/endpoints/auth');
     await router.loadAllEndpoints(__dirname + '/endpoints/organization/dashboard/*');
     await router.loadAllEndpoints(__dirname + '/endpoints/organization/registration');
@@ -204,24 +209,28 @@ const start = async () => {
         }
 
         // Should not be needed, but added for security as sometimes a promise hangs somewhere
-        process.exit(0);
+        if (options.killProcess) {
+            process.exit(0);
+        }
     };
 
-    process.on('SIGTERM', () => {
-        productionLog('SIGTERM signal received.');
-        shutdown().catch((e) => {
-            console.error(e);
-            process.exit(1);
+    if (options.killProcess) {
+        process.on('SIGTERM', () => {
+            productionLog('SIGTERM signal received.');
+            shutdown().catch((e) => {
+                console.error(e);
+                process.exit(1);
+            });
         });
-    });
 
-    process.on('SIGINT', () => {
-        productionLog('SIGINT signal received.');
-        shutdown().catch((e) => {
-            console.error(e);
-            process.exit(1);
+        process.on('SIGINT', () => {
+            productionLog('SIGINT signal received.');
+            shutdown().catch((e) => {
+                console.error(e);
+                process.exit(1);
+            });
         });
-    });
+    }
 
     // Register crons
     await import('./crons');
@@ -234,9 +243,6 @@ const start = async () => {
 
     startCrons();
     seeds().catch(console.error);
-};
 
-start().catch((error) => {
-    console.error('unhandledRejection', error);
-    process.exit(1);
-});
+    return { shutdown };
+};

package/src/endpoints/frontend/FrontendEnvironmentEndpoint.ts

@@ -0,0 +1,89 @@
+import {
+    DecodedRequest,
+    Endpoint,
+    Request,
+    Response,
+} from '@simonbackx/simple-endpoints';
+import { SimpleError } from '@simonbackx/simple-errors';
+import { Version } from '@stamhoofd/structures';
+
+type Params = Record<string, never>;
+type Query = undefined;
+type Body = undefined;
+type ResponseBody = string;
+
+export class FrontendEnvironmentEndpoint extends Endpoint<
+    Params,
+    Query,
+    Body,
+    ResponseBody
+> {
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method !== 'GET') {
+            return [false];
+        }
+
+        if (STAMHOOFD.environment !== 'test') {
+            // Disallow exposing environments outside of tests (even in development!)
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(
+            request.url,
+            '/frontend-environment',
+            {},
+        );
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    async handle(_request: DecodedRequest<Params, Query, Body>) {
+        const env: SharedEnvironment = {
+            environment: STAMHOOFD.environment,
+            domains: STAMHOOFD.domains,
+            locales: STAMHOOFD.locales,
+            userMode: STAMHOOFD.userMode,
+            translationNamespace: STAMHOOFD.translationNamespace,
+            platformName: STAMHOOFD.platformName,
+            fixedCountry: STAMHOOFD.fixedCountry,
+            singleOrganization: STAMHOOFD.singleOrganization,
+        };
+
+        const frontendEnv: FrontendSpecificEnvironment = {
+            VERSION: '0.0.0',
+            MOLLIE_CLIENT_ID: '',
+        };
+
+        // Load keys that could be defined in STAMHOOFD, but where typescript will complain about because the server
+        // normally does not have access to this. Playwright is the exception where it is possible.
+        const keys: (keyof FrontendSpecificEnvironment)[] = [
+            'PORT',
+            'VERSION',
+            'NOLT_URL',
+            'FEEDBACK_URL',
+            'MOLLIE_CLIENT_ID',
+            'APP_UPDATE_SERVER_URL',
+            'APP_UPDATE_PRODUCTION_SERVER_URL',
+            'APP_UPDATE_STAGING_SERVER_URL',
+            'APP_UPDATE_DEVELOPMENT_SERVER_URL',
+            'CHANGELOG_URL',
+            'ILLUSTRATIONS_NAMESPACE',
+            'ILLUSTRATIONS_COLORS',
+            'PLAUSIBLE_DOMAIN',
+            'REDIRECT_LOGIN_DOMAIN',
+            'memberDocumentationPage',
+        ];
+        for (const key of keys) {
+            (frontendEnv as any)[key] = (STAMHOOFD as any)[key];
+        }
+
+        const code = `window.STAMHOOFD = ${JSON.stringify({ ...env, ...frontendEnv })};`;
+        const response = new Response(code);
+        response.status = 200;
+        response.headers['Content-Type'] = 'application/javascript';
+        return response;
+    }
+}

package/src/endpoints/global/billing/ActivatePackagesEndpoint.ts

@@ -0,0 +1,30 @@
+/* import { Decoder } from '@simonbackx/simple-encoding';
+import { DecodedRequest, Endpoint, Request } from '@simonbackx/simple-endpoints';
+import { IDRegisterCheckout, RegisterResponse } from '@stamhoofd/structures';
+
+type Params = Record<string, never>;
+type Query = undefined;
+type Body = IDRegisterCheckout;
+type ResponseBody = RegisterResponse;
+
+export class ActivatePackagesEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    bodyDecoder = Body as Decoder<Body>;
+
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method != 'POST') {
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(request.url, '/billing/activate-packages', {});
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+
+    }
+}
+*/

package/src/endpoints/global/members/PatchOrganizationMembersEndpoint.ts

@@ -89,11 +89,12 @@ export class PatchOrganizationMembersEndpoint extends Endpoint<Params, Query, Bo
             if (organization && STAMHOOFD.userMode !== 'platform') {
                 member.organizationId = organization.id;
             }
-
+            const securityCode = struct.details.securityCode; // will get cleared after the filter
+            Context.auth.filterMemberPut(member, struct, {asUserManager: false});
             struct.details.cleanData();
             member.details = struct.details;
 
-            const duplicate = await PatchOrganizationMembersEndpoint.checkDuplicate(member, struct.details.securityCode, 'put');
+            const duplicate = await PatchOrganizationMembersEndpoint.checkDuplicate(member, securityCode, 'put');
             if (duplicate) {
                 // Merge data
                 member = duplicate;

package/src/endpoints/global/registration/PatchUserMembersEndpoint.ts

@@ -1,7 +1,7 @@
 import { AutoEncoderPatchType, Decoder, isEmptyPatch, PatchableArrayAutoEncoder, PatchableArrayDecoder, StringDecoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
-import { Document, Member, RateLimiter } from '@stamhoofd/models';
+import { Document, Group, Member, RateLimiter, Registration } from '@stamhoofd/models';
 import { MemberDetails, MembersBlob, MemberWithRegistrationsBlob } from '@stamhoofd/structures';
 
 import { AuthenticatedStructures } from '../../../helpers/AuthenticatedStructures';
@@ -9,6 +9,7 @@ import { Context } from '../../../helpers/Context';
 import { MemberUserSyncer } from '../../../helpers/MemberUserSyncer';
 import { PatchOrganizationMembersEndpoint } from '../../global/members/PatchOrganizationMembersEndpoint';
 import { shouldCheckIfMemberIsDuplicateForPatch } from '../members/shouldCheckIfMemberIsDuplicate';
+import { OneToManyRelation } from '@simonbackx/simple-database';
 type Params = Record<string, never>;
 type Query = undefined;
 type Body = PatchableArrayAutoEncoder<MemberWithRegistrationsBlob>;
@@ -52,16 +53,20 @@ export class PatchUserMembersEndpoint extends Endpoint<Params, Query, Body, Resp
         for (const put of request.body.getPuts()) {
             const struct = put.put;
 
-            const member = new Member();
+            const member = new Member()
+                .setManyRelation(Member.registrations as any as OneToManyRelation<'registrations', Member, Registration & { group: Group }>, [])
+                .setManyRelation(Member.users, []);
             member.id = struct.id;
             member.organizationId = organization?.id ?? null;
 
+            const securityCode = struct.details.securityCode; // will get cleared after the filter
+            Context.auth.filterMemberPut(member, struct, {asUserManager: true});
             struct.details.cleanData();
             member.details = struct.details;
 
             this.throwIfInvalidDetails(member.details);
 
-            const duplicate = await PatchOrganizationMembersEndpoint.checkDuplicate(member, struct.details.securityCode, 'put');
+            const duplicate = await PatchOrganizationMembersEndpoint.checkDuplicate(member, securityCode, 'put');
             if (duplicate) {
                 addedMembers.push(duplicate);
                 continue;