@stamhoofd/backend 2.34.0 → 2.35.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@stamhoofd/backend",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.35.0",
|
|
4
4
|
"main": "./dist/index.js",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -36,14 +36,14 @@
|
|
|
36
36
|
"@simonbackx/simple-encoding": "2.15.1",
|
|
37
37
|
"@simonbackx/simple-endpoints": "1.14.0",
|
|
38
38
|
"@simonbackx/simple-logging": "^1.0.1",
|
|
39
|
-
"@stamhoofd/backend-i18n": "2.
|
|
40
|
-
"@stamhoofd/backend-middleware": "2.
|
|
41
|
-
"@stamhoofd/email": "2.
|
|
42
|
-
"@stamhoofd/models": "2.
|
|
43
|
-
"@stamhoofd/queues": "2.
|
|
44
|
-
"@stamhoofd/sql": "2.
|
|
45
|
-
"@stamhoofd/structures": "2.
|
|
46
|
-
"@stamhoofd/utility": "2.
|
|
39
|
+
"@stamhoofd/backend-i18n": "2.35.0",
|
|
40
|
+
"@stamhoofd/backend-middleware": "2.35.0",
|
|
41
|
+
"@stamhoofd/email": "2.35.0",
|
|
42
|
+
"@stamhoofd/models": "2.35.0",
|
|
43
|
+
"@stamhoofd/queues": "2.35.0",
|
|
44
|
+
"@stamhoofd/sql": "2.35.0",
|
|
45
|
+
"@stamhoofd/structures": "2.35.0",
|
|
46
|
+
"@stamhoofd/utility": "2.35.0",
|
|
47
47
|
"archiver": "^7.0.1",
|
|
48
48
|
"aws-sdk": "^2.885.0",
|
|
49
49
|
"axios": "1.6.8",
|
|
@@ -60,5 +60,5 @@
|
|
|
60
60
|
"postmark": "4.0.2",
|
|
61
61
|
"stripe": "^16.6.0"
|
|
62
62
|
},
|
|
63
|
-
"gitHead": "
|
|
63
|
+
"gitHead": "ce74626930b06206cdb56bf3dd52b8a03522f093"
|
|
64
64
|
}
|
|
@@ -256,6 +256,24 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
|
|
|
256
256
|
events.push(event)
|
|
257
257
|
}
|
|
258
258
|
|
|
259
|
+
for (const id of request.body.getDeletes()) {
|
|
260
|
+
const event = await Event.getByID(id);
|
|
261
|
+
if (!event) {
|
|
262
|
+
throw new SimpleError({ code: "not_found", message: "Event not found", statusCode: 404 });
|
|
263
|
+
}
|
|
264
|
+
|
|
265
|
+
if (!(await Context.auth.canAccessEvent(event, PermissionLevel.Full))) {
|
|
266
|
+
throw Context.auth.error()
|
|
267
|
+
}
|
|
268
|
+
|
|
269
|
+
if(event.groupId) {
|
|
270
|
+
await PatchOrganizationRegistrationPeriodsEndpoint.deleteGroup(event.groupId)
|
|
271
|
+
event.groupId = null;
|
|
272
|
+
}
|
|
273
|
+
|
|
274
|
+
await event.delete();
|
|
275
|
+
}
|
|
276
|
+
|
|
259
277
|
return new Response(
|
|
260
278
|
await AuthenticatedStructures.events(events)
|
|
261
279
|
);
|
|
@@ -992,16 +992,21 @@ export class AdminPermissionChecker {
|
|
|
992
992
|
})
|
|
993
993
|
}
|
|
994
994
|
|
|
995
|
-
if (data.details.securityCode !== undefined) {
|
|
996
|
-
// Unset silently
|
|
997
|
-
data.details.securityCode = undefined
|
|
998
|
-
}
|
|
999
|
-
|
|
1000
995
|
const hasRecordAnswers = !!data.details.recordAnswers;
|
|
1001
996
|
const hasNotes = data.details.notes !== undefined;
|
|
1002
997
|
const isSetFinancialSupportTrue = data.details.shouldApplyReducedPrice;
|
|
1003
998
|
const isUserManager = this.isUserManager(member);
|
|
1004
999
|
|
|
1000
|
+
if (data.details.securityCode !== undefined) {
|
|
1001
|
+
const hasFullAccess = await this.canAccessMember(member, PermissionLevel.Full);
|
|
1002
|
+
|
|
1003
|
+
// can only be set to null, and only if can access member with full access
|
|
1004
|
+
if(!hasFullAccess || data.details.securityCode !== null) {
|
|
1005
|
+
// Unset silently
|
|
1006
|
+
data.details.securityCode = undefined
|
|
1007
|
+
}
|
|
1008
|
+
}
|
|
1009
|
+
|
|
1005
1010
|
if (hasRecordAnswers) {
|
|
1006
1011
|
if (!(data.details.recordAnswers instanceof PatchMap)) {
|
|
1007
1012
|
throw new SimpleError({
|