npm - @stamhoofd/backend - Versions diffs - 2.118.1 → 2.120.0 - Mend

@stamhoofd/backend 2.118.1 → 2.120.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (362) hide show

package/src/helpers/AdminPermissionChecker.ts CHANGED Viewed

@@ -1,8 +1,12 @@
-import { AutoEncoderPatchType, PatchMap } from '@simonbackx/simple-encoding';
+import type { AutoEncoderPatchType } from '@simonbackx/simple-encoding';
+import { PatchMap } from '@simonbackx/simple-encoding';
 import { isSimpleError, isSimpleErrors, SimpleError } from '@simonbackx/simple-errors';
-import { BalanceItem, CachedBalance, Document, Email, EmailTemplate, Event, EventNotification, Group, Member, MemberPlatformMembership, MemberWithRegistrations, MemberWithUsers, MemberWithUsersAndRegistrations, MemberWithUsersRegistrationsAndGroups, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, User, Webshop } from '@stamhoofd/models';
-import { AccessRight, EmailTemplate as EmailTemplateStruct, EventPermissionChecker, FinancialSupportSettings, GroupCategory, GroupStatus, GroupType, MemberWithRegistrationsBlob, PermissionLevel, PermissionsResourceType, Platform as PlatformStruct, ReceivableBalanceType, RecordSettings, ResourcePermissions, UitpasNumberDetails, UitpasSocialTariff, UitpasSocialTariffStatus } from '@stamhoofd/structures';
+import type { BalanceItem, Document, Email, EmailTemplate, MemberWithUsers, MemberWithUsersAndRegistrations, MemberWithUsersRegistrationsAndGroups, Order, OrganizationRegistrationPeriod, User } from '@stamhoofd/models';
+import { CachedBalance, Event, EventNotification, Group, Member, MemberPlatformMembership, Organization, Payment, Registration, Webshop } from '@stamhoofd/models';
+import type { GroupCategory, MemberWithRegistrationsBlob, Platform as PlatformStruct, RecordAnswer, RecordSettings, ResourcePermissions } from '@stamhoofd/structures';
+import { AccessRight, EmailTemplate as EmailTemplateStruct, EventPermissionChecker, FinancialSupportSettings, GroupStatus, GroupType, PermissionLevel, PermissionsResourceType, ReceivableBalanceType, UitpasNumberDetails, UitpasSocialTariff, UitpasSocialTariffStatus } from '@stamhoofd/structures';
 import { Formatter } from '@stamhoofd/utility';
+import type { RecordCacheEntry } from '../services/MemberRecordStore.js';
 import { MemberRecordStore } from '../services/MemberRecordStore.js';
 import { addTemporaryMemberAccess, hasTemporaryMemberAccess } from './TemporaryMemberAccess.js';
@@ -11,7 +15,7 @@ import { addTemporaryMemberAccess, hasTemporaryMemberAccess } from './TemporaryM
  * This helps when dependencies of permissions change, such as parent categories for groups
  */
 export class AdminPermissionChecker {
-    organization: Organization | null;
+    readonly organization: Organization | null;
     user: User;
     /**
      * The member that is linked to this user = is this user
@@ -21,6 +25,7 @@ export class AdminPermissionChecker {
     organizationCache: Map<string, Organization | Promise<Organization | undefined>> = new Map();
     groupsCache: Map<string, Group | null | Promise<Group | null>> = new Map();
+    webshopsCache: Map<string, Webshop | null | Promise<Webshop | null>> = new Map();
     constructor(user: User, platform: PlatformStruct, organization?: Organization) {
         this.user = user;
@@ -74,7 +79,6 @@ export class AdminPermissionChecker {
             return await cache;
         }
-        console.log('Get group', groupId);
         const promise = Group.select()
             .where('id', groupId)
             .first(false);
@@ -106,7 +110,6 @@ export class AdminPermissionChecker {
         }
         if (remainingIds.length > 0) {
-            console.log('Get groups', remainingIds);
             const promise = Group.select()
                 .where('id', remainingIds)
                 .fetch();
@@ -125,6 +128,22 @@ export class AdminPermissionChecker {
         return cached;
     }
+    async getWebshop(webshopId: string): Promise<Webshop | null> {
+        const cache = this.webshopsCache.get(webshopId);
+        if (cache !== undefined) {
+            return await cache;
+        }
+        const promise = Webshop.select()
+            .where('id', webshopId)
+            .first(false);
+        this.webshopsCache.set(webshopId, promise);
+        const webshop = await promise;
+        this.webshopsCache.set(webshopId, webshop);
+        return webshop;
+    }
     cacheGroup(group: Group) {
         this.groupsCache.set(group.id, group);
     }
@@ -141,7 +160,7 @@ export class AdminPermissionChecker {
     }
     error(humanOrData?: string | { message: string; human?: string }): SimpleError {
-        const human = typeof humanOrData === 'string' ? humanOrData : (humanOrData?.human ?? $t(`ab071f11-e05b-4bd9-9370-cd4f220c1b54`));
+        const human = typeof humanOrData === 'string' ? humanOrData : (humanOrData?.human ?? $t(`%Fg`));
         const message = typeof humanOrData === 'string' ? humanOrData : (humanOrData?.message ?? 'You do not have permissions for this action');
         return new SimpleError({
@@ -153,14 +172,14 @@ export class AdminPermissionChecker {
     }
     memberNotFoundOrNoAccess(): SimpleError {
-        return this.notFoundOrNoAccess($t('d24814a3-aedc-4569-9ab3-f854027c4e9f'));
+        return this.notFoundOrNoAccess($t('%CA'));
     }
     notFoundOrNoAccess(message?: string): SimpleError {
         return new SimpleError({
             code: 'not_found',
             message: 'Resource not found or no access',
-            human: message ?? $t(`8a8bb10d-9a78-48d0-8589-65d95331530e`),
+            human: message ?? $t(`%Fh`),
             statusCode: 404,
         });
     }
@@ -799,7 +818,7 @@ export class AdminPermissionChecker {
         }
         if (template.webshopId) {
-            const webshop = await Webshop.getByID(template.webshopId);
+            const webshop = await this.getWebshop(template.webshopId);
             if (!webshop || !(await this.canAccessWebshop(webshop, PermissionLevel.Full))) {
                 return false;
             }
@@ -808,7 +827,7 @@ export class AdminPermissionChecker {
         }
         if (template.groupId) {
-            const group = await Group.getByID(template.groupId);
+            const group = await this.getGroup(template.groupId);
             if (!group || !(await this.canAccessGroup(group, PermissionLevel.Full))) {
                 return false;
             }
@@ -1255,8 +1274,33 @@ export class AdminPermissionChecker {
         return false;
     }
+    private async getSingleRecord(id: string): Promise<RecordCacheEntry | null> {
+        // For userMode organization the records should not be cached
+        if (STAMHOOFD.userMode === 'organization') {
+            if (this.organization) {
+                for (const recordCategory of this.organization.meta.recordsConfiguration.recordCategories) {
+                    for (const record of recordCategory.getAllRecords()) {
+                        if (id === record.id) {
+                            return {
+                                record,
+                                rootCategoryId: recordCategory.id,
+                                organizationId: this.organization.id
+                            }
+                        }
+                    }
+                }
+                return null;
+            }
+            // should never get called if no organization
+            console.error('getRecord called without an organization');
+            return null;
+        }
+        return MemberRecordStore.getRecord(id);
+    }
     async canFilterMembersOnRecordId(recordId: string): Promise<{ canAccess: false; record: RecordSettings | null } | { canAccess: true; record: RecordSettings }> {
-        const record = await MemberRecordStore.getRecord(recordId);
+        const record = await this.getSingleRecord(recordId);
         if (!record) {
             return {
                 canAccess: false,
@@ -1322,87 +1366,142 @@ export class AdminPermissionChecker {
         };
     }
-    async checkRecordAccess(member: MemberWithUsersRegistrationsAndGroups, recordId: string, level: PermissionLevel = PermissionLevel.Read): Promise<{ canAccess: false; record: RecordSettings | null } | { canAccess: true; record: RecordSettings }> {
-        const record = await MemberRecordStore.getRecord(recordId);
-        if (!record) {
-            return {
-                canAccess: false,
-                record: null,
-            };
+    private async loopRecordAnswerSettingsAccess<T extends RecordAnswer | AutoEncoderPatchType<RecordAnswer>>({member, level, recordAnswers, callback }:
+        {
+            member: MemberWithUsersRegistrationsAndGroups,
+            level: PermissionLevel,
+            recordAnswers: PatchMap<string, T | null | undefined> |  Map<string, T>
+            callback: (result: { canAccess: false; record: RecordSettings | null } | { canAccess: true; record: RecordSettings }, entry: [keys: string, value: T | null | undefined]) => void
+        }): Promise<void>
+    {
+        if (STAMHOOFD.userMode !== 'platform') {
+            let organization = this.organization;
+            if (!organization) {
+                // normally this should not happen
+                console.error('loopRecordAnswerSettingsAccess called without an organization set');
+                let organizationId = member.organizationId;
+                if (!organizationId) {
+                    if (member.registrations.length === 0) {
+                        // no access to any records (theoretically a global admin should have access, but normally this case should not happen)
+                        for (const entry of recordAnswers.entries()) {
+                            callback({canAccess: false, record: null}, entry);
+                        }
+                        return;
+                    }
+                    // in userMode organization a member can only be linked to 1 organization
+                    organizationId = member.registrations[0].organizationId;
+                }
+                organization = await this.getOrganization(organizationId);
+            }
+            const organizationId = organization.id;
+            const map = new Map<string, RecordCacheEntry>()
+            // create map
+            for (const category of organization.meta.recordsConfiguration.recordCategories) {
+                const rootCategoryId = category.id;
+                for (const record of category.getAllRecords()) {
+                    map.set(record.id, {
+                        record,
+                        organizationId,
+                        rootCategoryId,
+                    });
+                }
+            }
+            for (const entry of recordAnswers.entries()) {
+                const key = entry[0];
+                const cachedRecordEntry = map.get(key);
+                if (cachedRecordEntry) {
+                    const canAccess = await this.checkRecordAccess({
+                        member,
+                        record: cachedRecordEntry.record,
+                        organizationId: cachedRecordEntry.organizationId,
+                        rootCategoryId: cachedRecordEntry.rootCategoryId,
+                        level
+                    });
+                    callback({canAccess, record: cachedRecordEntry.record}, entry);
+                } else {
+                    callback({canAccess: false, record: null}, entry);
+                }
+            }
+            return;
         }
-        if (!this.checkScope(record.organizationId)) {
-            return {
-                canAccess: false,
-                record: record.record,
-            };
+        // userMode platform
+         for (const entry of recordAnswers.entries()) {
+            const key = entry[0];
+            const cachedRecordEntry = await MemberRecordStore.getRecord(key);
+            if (cachedRecordEntry) {
+                const canAccess = await this.checkRecordAccess({
+                    member,
+                    record: cachedRecordEntry.record,
+                    organizationId: cachedRecordEntry.organizationId,
+                    rootCategoryId: cachedRecordEntry.rootCategoryId,
+                    level
+                });
+                callback({canAccess, record: cachedRecordEntry.record}, entry);
+            } else {
+                callback({canAccess: false, record: null}, entry);
+            }
+        }
+    }
+    private async checkRecordAccess({member, level, record, organizationId, rootCategoryId}: {member: MemberWithUsersRegistrationsAndGroups, record: RecordSettings, organizationId: string | null, rootCategoryId: string, level: PermissionLevel}): Promise<boolean> {
+        if (!this.checkScope(organizationId)) {
+            return false
         }
         const isUserManager = this.isUserManager(member);
         if (isUserManager) {
-            if (record.record.checkPermissionForUserManager(level)) {
-                return {
-                    canAccess: true,
-                    record: record.record,
-                };
+            if (record.checkPermissionForUserManager(level)) {
+                return true;
             }
         }
         if (!this.user.permissions) {
-            return {
-                canAccess: false,
-                record: record.record,
-            };
+            return false;
         }
-        if (record.organizationId) {
-            const organizationPermissions = await this.getOrganizationPermissions(record.organizationId);
-            if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, record.rootCategoryId, level)) {
-                return {
-                    canAccess: true,
-                    record: record.record,
-                };
+        if (organizationId) {
+            const organizationPermissions = await this.getOrganizationPermissions(organizationId);
+            if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, rootCategoryId, level)) {
+                return true;
             }
         }
         else {
             // Also check current scoped organization
             if (this.organization) {
                 const organizationPermissions = await this.getOrganizationPermissions(this.organization.id);
-                if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, record.rootCategoryId, level)) {
-                    return {
-                        canAccess: true,
-                        record: record.record,
-                    };
+                if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, rootCategoryId, level)) {
+                    return true;
                 }
             }
         }
         // 2. Check platform permissions
-        if (this.platformPermissions?.hasResourceAccess(PermissionsResourceType.RecordCategories, record.rootCategoryId, level)) {
-            return {
-                canAccess: true,
-                record: record.record,
-            };
+        if (this.platformPermissions?.hasResourceAccess(PermissionsResourceType.RecordCategories, rootCategoryId, level)) {
+            return true;
         }
         // All member access, means also having access to record categories of non-registered members
         if (this.canAccessAllPlatformMembers(level)) { // needs to be full to also inherit record category access
-            return {
-                canAccess: true,
-                record: record.record,
-            };
+            return true;
         }
         if (hasTemporaryMemberAccess(this.user.id, member.id, PermissionLevel.Full)) {
             // You created this member, so temporary can read all records in order to set the member up correctly
-            return {
-                canAccess: true,
-                record: record.record,
-            };
+            return true;
         }
         // It is possible that this is a platform admin (or an admin that has access to multiple organizations), and inherits automatic permissions for tags. So'll need to loop all the organizations where this member has an active registration for
-        if (!record.organizationId && !this.organization) {
+        if (!organizationId && !this.organization) {
             const checkedOrganizations = new Map<string, boolean>();
             for (const registration of member.registrations) {
                 const permissions = checkedOrganizations.get(registration.organizationId);
@@ -1410,22 +1509,16 @@ export class AdminPermissionChecker {
                 // Checking the organization permissions is faster (and less data lookups required), so we do that first before doing the more expensive registration access check
                 if (permissions !== undefined) {
                     if (permissions === true && await this.canAccessRegistration(registration, level)) {
-                        return {
-                            canAccess: true,
-                            record: record.record,
-                        };
+                        return true;
                     }
                     continue;
                 }
                 const organizationPermissions = await this.getOrganizationPermissions(registration.organizationId);
-                if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, record.rootCategoryId, level)) {
+                if (organizationPermissions && organizationPermissions.hasResourceAccess(PermissionsResourceType.RecordCategories, rootCategoryId, level)) {
                     checkedOrganizations.set(registration.organizationId, true);
                     if (await this.canAccessRegistration(registration, level)) {
-                        return {
-                            canAccess: true,
-                            record: record.record,
-                        };
+                        return true;
                     }
                 }
                 else {
@@ -1434,10 +1527,7 @@ export class AdminPermissionChecker {
             }
         }
-        return {
-            canAccess: false,
-            record: record.record,
-        };
+        return false;
     }
     /**
@@ -1458,18 +1548,22 @@ export class AdminPermissionChecker {
     async filterMemberData(member: MemberWithUsersRegistrationsAndGroups, data: MemberWithRegistrationsBlob, options?: { forAdminCartCalculation?: boolean }): Promise<MemberWithRegistrationsBlob> {
         const cloned = data.clone();
-        for (const [key, value] of cloned.details.recordAnswers.entries()) {
-            const { canAccess, record } = await this.checkRecordAccess(member, key, PermissionLevel.Read);
-            if (!canAccess) {
-                cloned.details.recordAnswers.delete(key);
-            }
-            else {
-                if (value) {
-                    // Force update
-                    value.settings = record;
+        await this.loopRecordAnswerSettingsAccess({
+            member,
+            level: PermissionLevel.Read,
+            recordAnswers: cloned.details.recordAnswers,
+            callback: ({ canAccess, record }, [key, value]) => {
+                if (!canAccess) {
+                    cloned.details.recordAnswers.delete(key);
+                }
+                else {
+                    if (value) {
+                        // Force update
+                        value.settings = record;
+                    }
                 }
             }
-        }
+        });
         const isUserManager = this.isUserManager(member);
         if (isUserManager) {
@@ -1597,21 +1691,25 @@ export class AdminPermissionChecker {
                 });
             }
-            for (const [key, value] of data.details.recordAnswers.entries()) {
-                const { canAccess, record } = await this.checkRecordAccess(member, key, PermissionLevel.Write);
-                if (!canAccess) {
-                    throw new SimpleError({
-                        code: 'permission_denied',
-                        message: $t('0823202f-8c46-445b-9b49-f171e1ae85ac', { name: record?.name ?? 'deze vraag' }),
-                        statusCode: 400,
-                    });
-                }
+            await this.loopRecordAnswerSettingsAccess({
+                member,
+                level: PermissionLevel.Write,
+                recordAnswers: data.details.recordAnswers,
+                callback: ({canAccess, record}, [_key, value]) => {
+                    if (!canAccess) {
+                        throw new SimpleError({
+                            code: 'permission_denied',
+                            message: $t('%Ff', { name: record?.name ?? 'deze vraag' }),
+                            statusCode: 400,
+                        });
+                    }
-                // Force set the value settings
-                if (value) {
-                    value.settings = record;
+                    // Force set the value settings
+                    if (value) {
+                        value.settings = record;
+                    }
                 }
-            }
+            })
         }
         const isUserManager = this.isUserManager(member);

package/src/helpers/AuthenticatedStructures.ts CHANGED Viewed

@@ -1,6 +1,8 @@
 import { SimpleError } from '@simonbackx/simple-errors';
-import { AuditLog, BalanceItem, CachedBalance, Document, Event, EventNotification, Group, Invoice, Member, MemberPlatformMembership, MemberResponsibilityRecord, MemberWithUsersRegistrationsAndGroups, Order, Organization, OrganizationRegistrationPeriod, Payment, Registration, RegistrationPeriod, Ticket, User, Webshop } from '@stamhoofd/models';
-import { AuditLogReplacement, AuditLogReplacementType, AuditLog as AuditLogStruct, DetailedReceivableBalance, Document as DocumentStruct, EventNotification as EventNotificationStruct, Event as EventStruct, GenericBalance, Group as GroupStruct, GroupType, InvoicedBalanceItem, InvoiceStruct, MemberPlatformMembership as MemberPlatformMembershipStruct, MembersBlob, MemberWithRegistrationsBlob, NamedObject, OrganizationRegistrationPeriod as OrganizationRegistrationPeriodStruct, Organization as OrganizationStruct, PaymentCustomer, PaymentGeneral, PermissionLevel, Platform, PrivateOrder, PrivateWebshop, ReceivableBalanceObject, ReceivableBalanceObjectContact, ReceivableBalance as ReceivableBalanceStruct, ReceivableBalanceType, RegistrationsBlob, RegistrationWithMemberBlob, TicketPrivate, UserWithMembers, WebshopPreview, Webshop as WebshopStruct, BalanceItem as BalanceItemStruct } from '@stamhoofd/structures';
+import type { AuditLog, Document, EventNotification, MemberWithUsersRegistrationsAndGroups, Order, Ticket} from '@stamhoofd/models';
+import { BalanceItem, CachedBalance, Event, Group, Invoice, Member, MemberPlatformMembership, MemberResponsibilityRecord, Organization, OrganizationRegistrationPeriod, Payment, Registration, RegistrationPeriod, User, Webshop } from '@stamhoofd/models';
+import type { PaymentGeneral} from '@stamhoofd/structures';
+import { AuditLogReplacement, AuditLogReplacementType, AuditLog as AuditLogStruct, DetailedReceivableBalance, Document as DocumentStruct, EventNotification as EventNotificationStruct, Event as EventStruct, GenericBalance, Group as GroupStruct, GroupType, InvoicedBalanceItem, InvoiceStruct, MemberPlatformMembership as MemberPlatformMembershipStruct, MembersBlob, MemberWithRegistrationsBlob, NamedObject, OrganizationRegistrationPeriod as OrganizationRegistrationPeriodStruct, Organization as OrganizationStruct, PaymentCustomer, PermissionLevel, Platform, PrivateOrder, PrivateWebshop, ReceivableBalanceObject, ReceivableBalanceObjectContact, ReceivableBalance as ReceivableBalanceStruct, ReceivableBalanceType, RegistrationsBlob, RegistrationWithMemberBlob, TicketPrivate, UserWithMembers, WebshopPreview, Webshop as WebshopStruct, BalanceItem as BalanceItemStruct } from '@stamhoofd/structures';
 import { Sorter } from '@stamhoofd/utility';
 import { SQL } from '@stamhoofd/sql';
@@ -36,7 +38,7 @@ export class AuthenticatedStructures {
                 throw new SimpleError({
                     code: 'permission_denied',
                     message: 'Permission denied',
-                    human: $t(`9f5ee239-d01b-4ee1-961b-2e3224489781`),
+                    human: $t(`%FW`),
                 });
             }
         }
@@ -803,7 +805,7 @@ export class AuthenticatedStructures {
                 throw new SimpleError({
                     code: 'organization_not_found',
                     message: 'Organization not found',
-                    human: $t(`b6f89130-e727-4f85-b3a9-18b97c4f6ab6`),
+                    human: $t(`%we`),
                 });
             }
@@ -843,7 +845,7 @@ export class AuthenticatedStructures {
                 throw new SimpleError({
                     code: 'permission_denied',
                     message: 'Permission denied',
-                    human: $t(`78cd49fe-260c-4fdc-ad83-e605734c684f`),
+                    human: $t(`%wf`),
                 });
             }
         }
@@ -878,7 +880,7 @@ export class AuthenticatedStructures {
                 throw new SimpleError({
                     code: 'permission_denied',
                     message: 'Permission denied',
-                    human: $t(`792f644d-f3eb-4772-88b9-edb88f0b6773`),
+                    human: $t(`%wg`),
                 });
             }
         }
@@ -911,7 +913,7 @@ export class AuthenticatedStructures {
                 throw new SimpleError({
                     code: 'permission_denied',
                     message: 'Permission denied',
-                    human: $t(`b5079e56-2480-4ce6-a3a2-3f244540fa0e`),
+                    human: $t(`%wh`),
                 });
             }
         }
@@ -1029,7 +1031,7 @@ export class AuthenticatedStructures {
         for (const balance of balances) {
             let object = ReceivableBalanceObject.create({
                 id: balance.objectId,
-                name: $t('6c3e777c-7cd6-4566-9540-8a829c26212f'),
+                name: $t('%Gr'),
             });
             if (balance.objectType === ReceivableBalanceType.organization) {
@@ -1165,13 +1167,13 @@ export class AuthenticatedStructures {
                     if (user.permissions?.platform !== null) {
                         userStruct = NamedObject.create({
                             id: '',
-                            name: $t(`da016ffd-45c5-41cc-90e4-d4e81105ebe0`) + ' ' + Platform.shared.config.name,
+                            name: $t(`%wi`) + ' ' + Platform.shared.config.name,
                         });
                     }
                     else {
                         userStruct = NamedObject.create({
                             id: '',
-                            name: $t(`bd1e59c8-3d4c-4097-ab35-0ce7b20d0e50`),
+                            name: $t(`%Gr`),
                         });
                     }
                 }
@@ -1190,7 +1192,7 @@ export class AuthenticatedStructures {
                 const org = organizations.find(o => o.id === log.organizationId);
                 replacements.set('org', AuditLogReplacement.create({
                     id: log.organizationId,
-                    value: org?.name ?? $t(`cc098cc0-d849-4808-b53a-0b99755b3f99`),
+                    value: org?.name ?? $t(`%wj`),
                     type: AuditLogReplacementType.Organization,
                 }));
             }

package/src/helpers/BuckarooHelper.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { SimpleError } from '@simonbackx/simple-errors';
-import { BuckarooPayment, Payment } from '@stamhoofd/models';
+import type { Payment } from '@stamhoofd/models';
+import { BuckarooPayment } from '@stamhoofd/models';
 import { PaymentMethod, PaymentStatus } from '@stamhoofd/structures';
 import axios from 'axios';
 import crypto from 'crypto';
@@ -210,7 +211,7 @@ export class BuckarooHelper {
             throw new SimpleError({
                 code: 'buckaroo_error',
                 message: 'Failed to create payment',
-                human: $t(`08f883bb-cdc7-4d50-a35e-e2fbeaf6f284`),
+                human: $t(`%wk`),
             });
         }
     }

package/src/helpers/Context.ts CHANGED Viewed

@@ -1,10 +1,12 @@
 import { DecodedRequest, Request } from '@simonbackx/simple-endpoints';
 import { isSimpleError, SimpleError } from '@simonbackx/simple-errors';
 import { I18n } from '@stamhoofd/backend-i18n';
-import { Organization, Platform, RateLimiter, Token, User } from '@stamhoofd/models';
+import type { User } from '@stamhoofd/models';
+import { Organization, Platform, RateLimiter, Token } from '@stamhoofd/models';
 import { AsyncLocalStorage } from 'async_hooks';
-import { AutoEncoder, Decoder, field, StringDecoder } from '@simonbackx/simple-encoding';
+import type { Decoder} from '@simonbackx/simple-encoding';
+import { AutoEncoder, field, StringDecoder } from '@simonbackx/simple-encoding';
 import { ApiUserRateLimits } from '@stamhoofd/structures';
 import { AdminPermissionChecker } from './AdminPermissionChecker.js';
@@ -259,7 +261,7 @@ export class ContextInstance {
             throw new SimpleError({
                 code: 'invalid_access_token',
                 message: 'The access token is invalid',
-                human: $t(`739f88f4-e87d-4872-aef3-8124a59b160c`),
+                human: $t(`%Fi`),
                 statusCode: 401,
             });
         }
@@ -273,7 +275,7 @@ export class ContextInstance {
             throw new SimpleError({
                 code: 'expired_access_token',
                 message: 'The access token is expired',
-                human: $t(`739f88f4-e87d-4872-aef3-8124a59b160c`),
+                human: $t(`%Fi`),
                 statusCode: 401,
             });
         }
@@ -287,7 +289,7 @@ export class ContextInstance {
             throw new SimpleError({
                 code: 'not_activated',
                 message: 'This user is not yet activated',
-                human: $t(`28cf3aaf-d6b3-4325-8b01-4c0e754034ed`),
+                human: $t(`%Fj`),
                 statusCode: 401,
             });
         }
@@ -315,7 +317,7 @@ export class ContextInstance {
                 throw new SimpleError({
                     code: 'archived',
                     message: 'Platform access is required to view inactive organizations',
-                    human: $t('3e8dba08-a505-41ec-96c1-b2b5c1c17852'),
+                    human: $t('%1GR'),
                     statusCode: 401,
                 });
             }

package/src/helpers/CookieHelper.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import { Response } from '@simonbackx/simple-endpoints';
+import type { Response } from '@simonbackx/simple-endpoints';
 import cookie from 'cookie';
-import http from 'http';
+import type http from 'http';
 export type ObjectWithHeaders = {
     headers: http.IncomingHttpHeaders;