npm - @stamhoofd/backend - Versions diffs - 2.115.1 → 2.117.0 - Mend

@stamhoofd/backend 2.115.1 → 2.117.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (284) hide show

package/src/helpers/AdminPermissionChecker.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { AutoEncoderPatchType, PatchMap } from '@simonbackx/simple-encoding';
 import { isSimpleError, isSimpleErrors, SimpleError } from '@simonbackx/simple-errors';
-import { BalanceItem, CachedBalance, Document, Email, EmailTemplate, Event, EventNotification, Group, Member, MemberPlatformMembership, MemberWithRegistrations, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, User, Webshop } from '@stamhoofd/models';
+import { BalanceItem, CachedBalance, Document, Email, EmailTemplate, Event, EventNotification, Group, Member, MemberPlatformMembership, MemberWithRegistrations, MemberWithUsers, MemberWithUsersAndRegistrations, MemberWithUsersRegistrationsAndGroups, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, User, Webshop } from '@stamhoofd/models';
 import { AccessRight, EmailTemplate as EmailTemplateStruct, EventPermissionChecker, FinancialSupportSettings, GroupCategory, GroupStatus, GroupType, MemberWithRegistrationsBlob, PermissionLevel, PermissionsResourceType, Platform as PlatformStruct, ReceivableBalanceType, RecordSettings, ResourcePermissions, UitpasNumberDetails, UitpasSocialTariff, UitpasSocialTariffStatus } from '@stamhoofd/structures';
 import { Formatter } from '@stamhoofd/utility';
 import { MemberRecordStore } from '../services/MemberRecordStore.js';
@@ -16,7 +16,7 @@ export class AdminPermissionChecker {
     /**
      * The member that is linked to this user = is this user
      */
-    member: MemberWithRegistrations | null = null;
+    member: MemberWithUsersRegistrationsAndGroups | null = null;
     platform: PlatformStruct;
     organizationCache: Map<string, Organization | Promise<Organization | undefined>> = new Map();
@@ -361,7 +361,7 @@ export class AdminPermissionChecker {
         return await this.hasFullAccess(organizationId);
     }
-    async canAccessMember(member: MemberWithRegistrations, permissionLevel: PermissionLevel = PermissionLevel.Read) {
+    async canAccessMember(member: MemberWithUsersAndRegistrations, permissionLevel: PermissionLevel = PermissionLevel.Read) {
         if (permissionLevel !== PermissionLevel.Full && this.isUserManager(member)) {
             return true;
         }
@@ -407,7 +407,7 @@ export class AdminPermissionChecker {
      * The server will temporarily grant the user access to this member, and store this in the server
      * memory. This is required for adding new members to an organization (first add member -> then patch with registrations, which requires write access).
      */
-    async temporarilyGrantMemberAccess(member: MemberWithRegistrations, permissionLevel: PermissionLevel = PermissionLevel.Write) {
+    async temporarilyGrantMemberAccess(member: MemberWithUsersRegistrationsAndGroups, permissionLevel: PermissionLevel = PermissionLevel.Write) {
         console.log('Temporarily granting access to member', member.id, 'for user', this.user.id);
         addTemporaryMemberAccess(this.user.id, member.id, permissionLevel);
     }
@@ -415,11 +415,11 @@ export class AdminPermissionChecker {
     /**
      * Only full admins can delete members permanently
      */
-    async canDeleteMember(member: MemberWithRegistrations) {
+    async canDeleteMember(member: MemberWithUsersAndRegistrations) {
         if (member.registrations.length === 0 && this.isUserManager(member)) {
             const cachedBalance = await CachedBalance.getForObjects([member.id], null, ReceivableBalanceType.member);
             if (cachedBalance.length === 0 || (cachedBalance[0].amountOpen === 0 && cachedBalance[0].amountPending === 0)) {
-                const platformMemberships = await MemberPlatformMembership.where({ memberId: member.id });
+                const platformMemberships = await MemberPlatformMembership.select().where('memberId', member.id).fetch();
                 if (platformMemberships.length === 0) {
                     return true;
                 }
@@ -436,7 +436,7 @@ export class AdminPermissionChecker {
     /**
      * Note: only checks admin permissions. Users that 'own' this member can also access it but that does not use the AdminPermissionChecker
      */
-    async canAccessRegistration(registration: Registration, permissionLevel: PermissionLevel = PermissionLevel.Read, checkMember: boolean | MemberWithRegistrations = true) {
+    async canAccessRegistration(registration: Registration, permissionLevel: PermissionLevel = PermissionLevel.Read, checkMember: boolean | MemberWithUsersRegistrationsAndGroups = true) {
         if (registration.deactivatedAt || !registration.registeredAt) {
             if (!checkMember) {
                 // We can't grant access to a member because of a deactivated registration
@@ -840,7 +840,7 @@ export class AdminPermissionChecker {
         return false;
     }
-    async canLinkBalanceItemToMember(member: MemberWithRegistrations) {
+    async canLinkBalanceItemToMember(member: MemberWithUsersAndRegistrations) {
         if (!this.checkScope(member.organizationId)) {
             return false;
         }
@@ -928,8 +928,11 @@ export class AdminPermissionChecker {
         return this.hasFullAccess(organizationId);
     }
-    async canAccessEmailBounces(organizationId: string) {
-        return this.hasSomeAccess(organizationId);
+    async canAccessEmailBounces(organizationId: string | null) {
+        if (organizationId) {
+            return this.hasSomeAccess(organizationId);
+        }
+        return this.hasSomePlatformAccess();
     }
     async canSendEmails(organizationId: Organization | string | null) {
@@ -1105,14 +1108,14 @@ export class AdminPermissionChecker {
         return !!organizationPermissions && organizationPermissions.hasAccess(level);
     }
-    isUserManager(member: MemberWithRegistrations) {
+    isUserManager(member: MemberWithUsers) {
         return !!member.users.find(u => u.id === this.user.id);
     }
     /**
      * Return a list of RecordSettings the current user can view or edit
      */
-    async hasFinancialMemberAccess(member: MemberWithRegistrations, level: PermissionLevel = PermissionLevel.Read, organizationId?: string): Promise<boolean> {
+    async hasFinancialMemberAccess(member: MemberWithUsersAndRegistrations, level: PermissionLevel = PermissionLevel.Read, organizationId?: string): Promise<boolean> {
         const isUserManager = this.isUserManager(member);
         if (isUserManager && level === PermissionLevel.Read) {
@@ -1197,7 +1200,7 @@ export class AdminPermissionChecker {
     /**
      * Return a list of RecordSettings the current user can view or edit
      */
-    async hasNRNAccess(member: MemberWithRegistrations, level: PermissionLevel = PermissionLevel.Read): Promise<boolean> {
+    async hasNRNAccess(member: MemberWithUsersAndRegistrations, level: PermissionLevel = PermissionLevel.Read): Promise<boolean> {
         const isUserManager = this.isUserManager(member);
         if (isUserManager) {
@@ -1319,7 +1322,7 @@ export class AdminPermissionChecker {
         };
     }
-    async checkRecordAccess(member: MemberWithRegistrations, recordId: string, level: PermissionLevel = PermissionLevel.Read): Promise<{ canAccess: false; record: RecordSettings | null } | { canAccess: true; record: RecordSettings }> {
+    async checkRecordAccess(member: MemberWithUsersRegistrationsAndGroups, recordId: string, level: PermissionLevel = PermissionLevel.Read): Promise<{ canAccess: false; record: RecordSettings | null } | { canAccess: true; record: RecordSettings }> {
         const record = await MemberRecordStore.getRecord(recordId);
         if (!record) {
             return {
@@ -1452,7 +1455,7 @@ export class AdminPermissionChecker {
     /**
      * Changes data inline
      */
-    async filterMemberData(member: MemberWithRegistrations, data: MemberWithRegistrationsBlob, options?: { forAdminCartCalculation?: boolean }): Promise<MemberWithRegistrationsBlob> {
+    async filterMemberData(member: MemberWithUsersRegistrationsAndGroups, data: MemberWithRegistrationsBlob, options?: { forAdminCartCalculation?: boolean }): Promise<MemberWithRegistrationsBlob> {
         const cloned = data.clone();
         for (const [key, value] of cloned.details.recordAnswers.entries()) {
@@ -1511,7 +1514,7 @@ export class AdminPermissionChecker {
     /**
      * Only for creating new members
      */
-    filterMemberPut(member: MemberWithRegistrations, data: MemberWithRegistrationsBlob, options: { asUserManager: boolean }) {
+    filterMemberPut(member: MemberWithUsersRegistrationsAndGroups, data: MemberWithRegistrationsBlob, options: { asUserManager: boolean }) {
         if (options.asUserManager || STAMHOOFD.userMode === 'platform') {
             // A user manager cannot choose the member number + in platform mode, nobody can choose the member number
             data.details.memberNumber = null;
@@ -1526,7 +1529,7 @@ export class AdminPermissionChecker {
         }
     }
-    async filterMemberPatch(member: MemberWithRegistrations, data: AutoEncoderPatchType<MemberWithRegistrationsBlob>): Promise<AutoEncoderPatchType<MemberWithRegistrationsBlob>> {
+    async filterMemberPatch(member: MemberWithUsersRegistrationsAndGroups, data: AutoEncoderPatchType<MemberWithRegistrationsBlob>): Promise<AutoEncoderPatchType<MemberWithRegistrationsBlob>> {
         if (!data.details) {
             return data;
         }

package/src/helpers/AuthenticatedStructures.ts CHANGED Viewed

@@ -1,11 +1,10 @@
 import { SimpleError } from '@simonbackx/simple-errors';
-import { AuditLog, BalanceItem, CachedBalance, Document, Event, EventNotification, Group, Invoice, Member, MemberPlatformMembership, MemberResponsibilityRecord, MemberWithRegistrations, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, RegistrationPeriod, Ticket, User, Webshop } from '@stamhoofd/models';
-import { AuditLogReplacement, AuditLogReplacementType, AuditLog as AuditLogStruct, Company, DetailedReceivableBalance, Document as DocumentStruct, EventNotification as EventNotificationStruct, Event as EventStruct, GenericBalance, Group as GroupStruct, GroupType, InvoicedBalanceItem, InvoiceStruct, MemberPlatformMembership as MemberPlatformMembershipStruct, MembersBlob, MemberWithRegistrationsBlob, NamedObject, OrganizationRegistrationPeriod as OrganizationRegistrationPeriodStruct, Organization as OrganizationStruct, PaymentCustomer, PaymentGeneral, PermissionLevel, Platform, PrivateOrder, PrivateWebshop, ReceivableBalanceObject, ReceivableBalanceObjectContact, ReceivableBalance as ReceivableBalanceStruct, ReceivableBalanceType, RegistrationsBlob, RegistrationWithMemberBlob, TicketPrivate, UserWithMembers, WebshopPreview, Webshop as WebshopStruct } from '@stamhoofd/structures';
+import { AuditLog, BalanceItem, CachedBalance, Document, Event, EventNotification, Group, Invoice, Member, MemberPlatformMembership, MemberResponsibilityRecord, MemberWithUsersRegistrationsAndGroups, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, RegistrationPeriod, Ticket, User, Webshop } from '@stamhoofd/models';
+import { AuditLogReplacement, AuditLogReplacementType, AuditLog as AuditLogStruct, DetailedReceivableBalance, Document as DocumentStruct, EventNotification as EventNotificationStruct, Event as EventStruct, GenericBalance, Group as GroupStruct, GroupType, InvoicedBalanceItem, InvoiceStruct, MemberPlatformMembership as MemberPlatformMembershipStruct, MembersBlob, MemberWithRegistrationsBlob, NamedObject, OrganizationRegistrationPeriod as OrganizationRegistrationPeriodStruct, Organization as OrganizationStruct, PaymentCustomer, PaymentGeneral, PermissionLevel, Platform, PrivateOrder, PrivateWebshop, ReceivableBalanceObject, ReceivableBalanceObjectContact, ReceivableBalance as ReceivableBalanceStruct, ReceivableBalanceType, RegistrationsBlob, RegistrationWithMemberBlob, TicketPrivate, UserWithMembers, WebshopPreview, Webshop as WebshopStruct, BalanceItem as BalanceItemStruct } from '@stamhoofd/structures';
 import { Sorter } from '@stamhoofd/utility';
 import { SQL } from '@stamhoofd/sql';
 import { Formatter } from '@stamhoofd/utility';
-import { BalanceItemService } from '../services/BalanceItemService.js';
 import { Context } from './Context.js';
 /**
@@ -61,6 +60,9 @@ export class AuthenticatedStructures {
         const { invoicedBalanceItems } = await Invoice.loadBalanceItems(invoices);
+        const paymentModels = await Payment.select().where('invoiceId', invoices.map(i => i.id)).fetch();
+        const payments = await this.paymentsGeneral(paymentModels, false);
         return invoices.map((invoice) => {
             const items = invoicedBalanceItems.filter(i => i.invoiceId === invoice.id);
             return InvoiceStruct.create({
@@ -68,6 +70,7 @@ export class AuthenticatedStructures {
                 items: items.map((item) => {
                     return InvoicedBalanceItem.create(item);
                 }),
+                payments: payments.filter(p => p.invoiceId === invoice.id),
             });
         });
     }
@@ -222,8 +225,8 @@ export class AuthenticatedStructures {
             return [];
         }
-        // #region get period ids / organizations map
         const periodIdOrganizationsMap = new Map<string, Organization[]>();
+        const organizationIdsToGetWebshopsFor: string[] = [];
         for (const organization of organizations) {
             const periodId = organization.periodId;
@@ -235,47 +238,62 @@ export class AuthenticatedStructures {
                 periodIdOrganizationsMap.set(periodId, [organization]);
             }
         }
-        // #endregion
-        // #region get registration period and whether private data can be accessed for each organization
-        const organizationData: Map<string, { organizationRegistrationPeriod: OrganizationRegistrationPeriod; canAccessPrivateData: boolean }> = new Map();
-        const organizationIdsToGetWebshopsFor: string[] = [];
+        // Get registration period and whether private data can be accessed for each organization
+        const organizationData: Map<string, { organizationRegistrationPeriod: OrganizationRegistrationPeriodStruct; canAccessPrivateData: boolean }> = new Map();
+        const allPeriodIds = periodIdOrganizationsMap.keys();
+        const allPeriods = await RegistrationPeriod.getByIDs(...allPeriodIds);
+        const periodMap = new Map<string, RegistrationPeriod>(allPeriods.map(p => [p.id, p]));
         for (const [periodId, organizations] of periodIdOrganizationsMap.entries()) {
-            const organizationMap = new Map(organizations.map(o => [o.id, o]));
             const result = await OrganizationRegistrationPeriod.where({
                 periodId,
                 organizationId: {
                     sign: 'IN',
-                    value: Array.from(organizationMap.keys()),
+                    value: Formatter.uniqueArray(organizations.map(o => o.id)),
                 },
             });
+            const period = periodMap.get(periodId);
+            if (!period) {
+                console.error('Period not found for id', periodId);
+                throw new Error('Period not found for id ' + periodId);
+            }
-            const organizationRegistrationPeriods = new Map(result.map(r => [r.organizationId, r]));
+            // Automatically create missing organization periods for now
+            for (const organization of organizations) {
+                const organizationPeriodModel = result.find(r => r.organizationId === organization.id);
+                if (!organizationPeriodModel) {
+                    result.push(await organization.getPeriod());
+                }
+            }
+            // Do this onece per period, because otherwise we can't optimize fetching the groups for each period
+            const organizationRegistrationPeriods = await this.organizationRegistrationPeriods(result, [period]);
             for (const organization of organizations) {
                 const organizationId = organization.id;
-                const organizationRegistrationPeriod = organizationRegistrationPeriods.get(organizationId) ?? await organization.getPeriod();
+                const organizationPeriodModel = result.find(r => r.organizationId === organizationId);
+                if (organizationPeriodModel) {
+                    const organizationRegistrationPeriod = organizationRegistrationPeriods.find(o => o.id === organizationPeriodModel.id);
+                    if (!organizationRegistrationPeriod) {
+                        throw new Error('Organization registration period not found for id ' + organizationPeriodModel.id);
+                    }
-                // check if private data can be accessed
-                const canAccessPrivateData = await Context.optionalAuth?.canAccessPrivateOrganizationData(organization) ?? false;
-                if (canAccessPrivateData) {
-                    organizationIdsToGetWebshopsFor.push(organizationId);
+                    // check if private data can be accessed
+                    const canAccessPrivateData = await Context.optionalAuth?.canAccessPrivateOrganizationData(organization) ?? false;
+                    if (canAccessPrivateData) {
+                        organizationIdsToGetWebshopsFor.push(organization.id);
+                    }
+                    organizationData.set(organizationId, { organizationRegistrationPeriod, canAccessPrivateData });
+                }
+                else {
+                    // Should never happen
+                    throw new Error('Organization registration period model not found for organization id ' + organizationId + ' and period id ' + periodId);
                 }
-                organizationData.set(organizationId, { organizationRegistrationPeriod, canAccessPrivateData });
             }
         }
-        // #endregion
-        // #region get periods
-        const allPeriodIds = periodIdOrganizationsMap.keys();
-        const allPeriods = await RegistrationPeriod.getByIDs(...allPeriodIds);
-        const periodMap = new Map<string, RegistrationPeriod>(allPeriods.map(p => [p.id, p]));
-        // #endregion
-        // #region get webshop previews
+        // Get webshop previews
         const webshops = organizationIdsToGetWebshopsFor.length > 0
             ? await Webshop.where(
                 {
@@ -306,9 +324,8 @@ export class AuthenticatedStructures {
                 webshopPreviews.set(organizationId, [preview]);
             }
         }
-        // #endregion
-        // #region create organization structs
+        // Create organization structs
         const results: OrganizationStruct[] = [];
         for (const organization of organizations) {
@@ -327,7 +344,7 @@ export class AuthenticatedStructures {
             let result: OrganizationStruct;
-            const period = await this.organizationRegistrationPeriod(data.organizationRegistrationPeriod, [registrationPeriod]);
+            const period = data.organizationRegistrationPeriod;
             const baseStruct = organization.getBaseStructure();
             if (data.canAccessPrivateData) {
@@ -347,7 +364,6 @@ export class AuthenticatedStructures {
             results.push(result);
         }
-        // #endregion
         return results;
     }
@@ -365,7 +381,7 @@ export class AuthenticatedStructures {
     static async userWithMembers(user: User): Promise<UserWithMembers> {
         const members = await Member.getMembersWithRegistrationForUser(user);
-        const filtered: MemberWithRegistrations[] = [];
+        const filtered: MemberWithUsersRegistrationsAndGroups[] = [];
         for (const member of members) {
             if (await Context.auth.canAccessMember(member, PermissionLevel.Read)) {
                 filtered.push(member);
@@ -403,28 +419,142 @@ export class AuthenticatedStructures {
         return structs;
     }
-    static async members(members: MemberWithRegistrations[]): Promise<MemberWithRegistrationsBlob[]> {
+    static async members(members: MemberWithUsersRegistrationsAndGroups[]): Promise<MemberWithRegistrationsBlob[]> {
         return (await this.membersBlob(members, false)).members;
     }
-    static async membersBlob(members: MemberWithRegistrations[], includeContextOrganization = false, includeUser?: User, options?: { forAdminCartCalculation?: boolean }): Promise<MembersBlob> {
+    static async membersBlob(members: MemberWithUsersRegistrationsAndGroups[], includeContextOrganization = false, includeUser?: User, options?: { forAdminCartCalculation?: boolean }): Promise<MembersBlob> {
         if (members.length === 0 && !includeUser) {
             return MembersBlob.create({ members: [], organizations: [] });
         }
         const organizations = new Map<string, Organization>();
+        const relevantPeriodIds = Formatter.uniqueArray([
+            Platform.shared.period.previousPeriodId,
+            Platform.shared.period.id,
+            Platform.shared.period.nextPeriodId,
+            Context.organization?.periodId ?? null,
+        ].filter(id => id !== null)) as string[];
         const registrationIds = Formatter.uniqueArray(members.flatMap(m => m.registrations.map(r => r.id)));
-        if (Context.organization) {
-            await BalanceItemService.flushCaches(Context.organization.id);
+        // This code is a bit messy, we need to optimize it a bit. But it is this complex because it tries
+        // to load as many relations as possible in advance in one go, to avoid doing queries inside the loops.
+        // this is very important as this method is called very often.
+        // Load responsibilities
+        const responsibilities = members.length > 0
+            ? await MemberResponsibilityRecord.select()
+                .where('memberId', members.map(m => m.id))
+                .where(SQL.where('endDate', null).or('endDate', '>', new Date()))
+                .fetch()
+            : [];
+        const platformMemberships = members.length > 0
+            ? await MemberPlatformMembership.select()
+                .where('memberId', members.map(m => m.id))
+                .where('deletedAt', null)
+                .where('periodId', relevantPeriodIds)
+                .fetch()
+            : [];
+        // Load organizations
+        const organizationIds = responsibilities.map(r => r.organizationId)
+            .concat(
+                platformMemberships.map(r => r.organizationId),
+            )
+            .filter(id => id !== null);
+        if (includeUser) {
+            for (const organizationId of includeUser.permissions?.organizationPermissions.keys() ?? []) {
+                if (includeContextOrganization || organizationId !== Context.auth.organization?.id) {
+                    organizationIds.push(organizationId);
+                }
+            }
+        }
+        if (STAMHOOFD.singleOrganization && !Context.auth.organization) {
+            organizationIds.push(STAMHOOFD.singleOrganization);
+        }
+        const membershipOrganizationId = Platform.shared.membershipOrganizationId;
+        if (membershipOrganizationId && Context.auth.hasSomePlatformAccess()) {
+            if (await Context.auth.hasSomeAccess(membershipOrganizationId)) {
+                organizationIds.push(membershipOrganizationId);
+            }
+        }
+        for (const member of members) {
+            for (const registration of member.registrations) {
+                organizationIds.push(registration.organizationId);
+            }
+        }
+        // Now fetch organizations
+        // todo: optimize this
+        for (const id of organizationIds) {
+            if (includeContextOrganization || id !== Context.auth.organization?.id) {
+                const found = organizations.get(id);
+                if (!found) {
+                    const organization = await Context.auth.getOrganization(id);
+                    organizations.set(organization.id, organization);
+                }
+            }
+        }
+        // Already fetch these organizations fully, because then we can reuse the groups in here
+        const activeOrganizations: Organization[] = [];
+        for (const organization of organizations.values()) {
+            if (organization.active || await Context.auth.hasFullAccess(organization.id)) {
+                activeOrganizations.push(organization);
+            }
+        }
+        const organizationStructs = await this.organizations(activeOrganizations);
+        let groupIds = Formatter.uniqueArray(
+            [
+                ...members.flatMap(m => m.registrations.map(r => r.groupId)).filter(id => id !== null),
+                ...responsibilities.map(r => r.groupId).filter(id => id !== null),
+            ],
+        );
+        // Set gropus that we already loaded
+        const allGroups = new Map<string, GroupStruct>();
+        for (const organization of organizationStructs) {
+            for (const group of organization.period.groups) {
+                allGroups.set(group.id, group);
+            }
+        }
+        const preloadedGroupModels: Map<string, Group> = new Map();
+        for (const member of members) {
+            for (const registration of member.registrations) {
+                if (!allGroups.has(registration.groupId) && !preloadedGroupModels.has(registration.groupId)) {
+                    preloadedGroupModels.set(registration.group.id, registration.group);
+                }
+            }
         }
+        // Remove duplicates and already loaded ones
+        groupIds = groupIds.filter(id => !allGroups.has(id) && !preloadedGroupModels.has(id));
+        const groups = groupIds.length > 0 ? [...preloadedGroupModels.values(), ...await Group.getByIDs(...groupIds)] : [...preloadedGroupModels.values()];
+        if (groupIds.length > 0 && STAMHOOFD.environment === 'development') {
+            console.log('Doing extra group query for groups', groupIds);
+        }
+        const groupStructs = await this.groups(groups);
+        for (const group of groupStructs) {
+            allGroups.set(group.id, group);
+        }
         const balances = await CachedBalance.getForObjects(registrationIds, null, ReceivableBalanceType.registration);
         const memberIds = members.map(m => m.id);
         const allMemberBalances = Context.organization
             ? (await CachedBalance.getForObjects(memberIds, Context.organization.id, ReceivableBalanceType.member))
             : [];
-        if (includeUser) {
+        // Delete organizations that no longer exist in the permissions of the user
+        /* if (includeUser) {
             for (const organizationId of includeUser.permissions?.organizationPermissions.keys() ?? []) {
                 if (includeContextOrganization || organizationId !== Context.auth.organization?.id) {
                     const found = organizations.get(organizationId);
@@ -452,26 +582,7 @@ export class AuthenticatedStructures {
                     }
                 }
             }
-        }
-        if (includeContextOrganization && STAMHOOFD.singleOrganization && !Context.auth.organization) {
-            const found = organizations.get(STAMHOOFD.singleOrganization);
-            if (!found) {
-                const organization = await Context.auth.getOrganization(STAMHOOFD.singleOrganization);
-                organizations.set(organization.id, organization);
-            }
-        }
-        const membershipOrganizationId = Platform.shared.membershipOrganizationId;
-        if (Context.auth.hasSomePlatformAccess() && membershipOrganizationId) {
-            if (await Context.auth.hasSomeAccess(membershipOrganizationId)) {
-                const found = organizations.get(membershipOrganizationId);
-                if (!found) {
-                    const organization = await Context.auth.getOrganization(membershipOrganizationId);
-                    organizations.set(organization.id, organization);
-                }
-            }
-        }
+        } */
         const memberBlobs: MemberWithRegistrationsBlob[] = [];
         for (const member of members) {
@@ -524,7 +635,13 @@ export class AuthenticatedStructures {
                                     return GenericBalance.create(b);
                                 }))
                             : [];
-                        base.group = await this.group(r.group);
+                        const g = allGroups.get(r.groupId);
+                        if (g) {
+                            base.group = g;
+                        }
+                        else {
+                            console.error('Group not preloaded for registration', r.id, r.groupId);
+                        }
                         return base;
                     }),
@@ -538,55 +655,6 @@ export class AuthenticatedStructures {
             );
         }
-        // Load responsibilities
-        const responsibilities = members.length > 0 ? await MemberResponsibilityRecord.where({ memberId: { sign: 'IN', value: members.map(m => m.id) } }) : [];
-        const platformMemberships = members.length > 0 ? await MemberPlatformMembership.where({ deletedAt: null, memberId: { sign: 'IN', value: members.map(m => m.id) } }) : [];
-        // Load missing organizations
-        const organizationIds = Formatter.uniqueArray(responsibilities.map(r => r.organizationId).concat(platformMemberships.map(r => r.organizationId)).filter(id => id !== null));
-        for (const id of organizationIds) {
-            if (includeContextOrganization || id !== Context.auth.organization?.id) {
-                const found = organizations.get(id);
-                if (!found) {
-                    const organization = await Context.auth.getOrganization(id);
-                    organizations.set(organization.id, organization);
-                }
-            }
-        }
-        const activeOrganizations: Organization[] = [];
-        for (const organization of organizations.values()) {
-            if (organization.active || await Context.auth.hasFullAccess(organization.id)) {
-                activeOrganizations.push(organization);
-            }
-        }
-        const organizationStructs = await this.organizations(activeOrganizations);
-        // Load missing groups
-        const allGroups = new Map<string, GroupStruct>();
-        for (const organization of organizationStructs) {
-            for (const group of organization.period.groups) {
-                allGroups.set(group.id, group);
-            }
-        }
-        for (const blob of memberBlobs) {
-            for (const registration of blob.registrations) {
-                if (registration.group) {
-                    allGroups.set(registration.group.id, registration.group);
-                }
-            }
-        }
-        const groupIds = Formatter.uniqueArray(responsibilities.map(r => r.groupId).filter(id => id !== null)).filter(id => !allGroups.has(id));
-        const groups = groupIds.length > 0 ? await Group.getByIDs(...groupIds) : [];
-        const groupStructs = await this.groups(groups);
-        for (const group of groupStructs) {
-            allGroups.set(group.id, group);
-        }
         for (const blob of memberBlobs) {
             blob.responsibilities = responsibilities.filter(r => r.memberId == blob.id).map((r) => {
                 const group = allGroups.get(r.groupId ?? '') ?? null;
@@ -627,7 +695,7 @@ export class AuthenticatedStructures {
         return (await this.eventNotifications([eventNotification]))[0];
     }
-    static async registrationsBlob(registrations: (Registration & { group: Group })[], members: MemberWithRegistrations[], includeContextOrganization = false, includeUser?: User): Promise<RegistrationsBlob> {
+    static async registrationsBlob(registrations: (Registration & { group: Group })[], members: MemberWithUsersRegistrationsAndGroups[], includeContextOrganization = false, includeUser?: User): Promise<RegistrationsBlob> {
         const membersBlob = await this.membersBlob(members, includeContextOrganization, includeUser);
         const memberBlobs = membersBlob.members;
@@ -756,6 +824,10 @@ export class AuthenticatedStructures {
     }
     static async orders(orders: Order[]): Promise<PrivateOrder[]> {
+        if (orders.length === 0) {
+            return [];
+        }
         const result: PrivateOrder[] = [];
         const webshopIds = new Set(orders.map(o => o.webshopId));
@@ -775,9 +847,10 @@ export class AuthenticatedStructures {
                 });
             }
         }
+        const allBalanceItems = await BalanceItem.select().where('orderId', orders.map(o => o.id)).fetch();
         for (const order of orders) {
-            const balanceItems = await BalanceItem.where({ orderId: order.id });
+            const balanceItems = allBalanceItems.filter(b => b.orderId === order.id);
             const struct = PrivateOrder.create({
                 ...order,
@@ -1133,4 +1206,16 @@ export class AuthenticatedStructures {
         return structs;
     }
+    static async balanceItems(balanceItems: BalanceItem[]) {
+        return balanceItems.map((balanceItem) => {
+            return BalanceItemStruct.create({
+                ...balanceItem,
+            });
+        });
+    }
+    static async balanceItemsWithPayments(balanceItems: BalanceItem[]) {
+        return await BalanceItem.getStructureWithPayments(balanceItems);
+    }
 }

package/src/helpers/Context.ts CHANGED Viewed

@@ -52,6 +52,8 @@ export class AuthorizationPostBody extends AutoEncoder {
 export class ContextInstance {
     request: Request;
+    queries: { query: string; time?: number }[] = [];
+    timers: Map<string, number> = new Map();
     user?: User;
     organization?: Organization;

package/src/helpers/EmailResumer.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { Email, Organization, User } from '@stamhoofd/models';
 import { SQL } from '@stamhoofd/sql';
 import { EmailStatus } from '@stamhoofd/structures';
-import { ContextInstance } from './Context';
+import { ContextInstance } from './Context.js';
 export async function resumeEmails() {
     const query = SQL.select()

package/src/helpers/FlagMomentCleanup.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { Group, Member, MemberResponsibilityRecord, Organization, Platform, Registration } from '@stamhoofd/models';
 import { SQL, SQLWhereExists } from '@stamhoofd/sql';
 import { GroupType } from '@stamhoofd/structures';
-import { MemberUserSyncer } from './MemberUserSyncer';
+import { MemberUserSyncer } from './MemberUserSyncer.js';
 export class FlagMomentCleanup {
     /**

package/src/helpers/ForwardHandler.test.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { EmailAddress } from '@stamhoofd/email';
 import { OrganizationFactory, UserFactory } from '@stamhoofd/models';
 import { OrganizationEmail, PermissionLevel, Permissions } from '@stamhoofd/structures';
-import { ForwardHandler } from './ForwardHandler';
+import { ForwardHandler } from './ForwardHandler.js';
 describe('ForwardHandler', () => {
     it('should send to default e-mail', async () => {

package/src/helpers/ForwardHandler.ts CHANGED Viewed

@@ -111,7 +111,7 @@ export class ForwardHandler {
             return doBounce();
         }
-        console.log('Forward to ' + defaultEmail);
+        console.log('Forward to', defaultEmail);
         let html: string | undefined = undefined;

package/src/helpers/GlobalHelper.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 import { I18n } from '@stamhoofd/backend-i18n';
-import { BalanceItemService } from '../services/BalanceItemService';
-import { FileSignService } from '../services/FileSignService';
-import { MemberRecordStore } from '../services/MemberRecordStore';
-import { ContextInstance } from './Context';
+import { BalanceItemService } from '../services/BalanceItemService.js';
+import { FileSignService } from '../services/FileSignService.js';
+import { MemberRecordStore } from '../services/MemberRecordStore.js';
+import { ContextInstance } from './Context.js';
 export class GlobalHelper {
     static async load() {