npm - @stamhoofd/backend - Versions diffs - 2.39.1 → 2.40.0 - Mend

@stamhoofd/backend 2.39.1 → 2.40.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (198) hide show

package/src/helpers/MembershipHelper.ts CHANGED Viewed

@@ -8,38 +8,37 @@ export class MembershipHelper {
         let c = 0;
         let id: string = '';
-        const tag = "updateAllMemberships";
+        const tag = 'updateAllMemberships';
         const batch = 100;
         QueueHandler.cancel(tag);
         await QueueHandler.schedule(tag, async () => {
             console.log('Starting updateAllMemberships');
-            await logger.setContext({tags: ['silent-seed', 'seed']}, async () => {
-                while(true) {
+            await logger.setContext({ tags: ['silent-seed', 'seed'] }, async () => {
+                while (true) {
                     const rawMembers = await Member.where({
                         id: {
                             value: id,
-                            sign: '>'
-                        }
-                    }, {limit: batch, sort: ['id']});
+                            sign: '>',
+                        },
+                    }, { limit: batch, sort: ['id'] });
                     if (rawMembers.length === 0) {
                         break;
                     }
                     const promises: Promise<any>[] = [];
                     for (const member of rawMembers) {
                         promises.push((async () => {
                             await Member.updateMembershipsForId(member.id, true);
                             c++;
-                            if (c%10000 === 0) {
+                            if (c % 10000 === 0) {
                                 process.stdout.write(c + ' members updated\n');
                             }
-                        })())
+                        })());
                     }
                     await Promise.all(promises);
@@ -49,7 +48,7 @@ export class MembershipHelper {
                         break;
                     }
                 }
-            })
-        })
+            });
+        });
     }
 }

package/src/helpers/OpenIDConnectHelper.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { DecodedRequest, Response } from "@simonbackx/simple-endpoints";
-import { isSimpleError, isSimpleErrors, SimpleError } from "@simonbackx/simple-errors";
-import { Organization, Token, User } from "@stamhoofd/models";
-import { LoginProviderType, OpenIDClientConfiguration, Token as TokenStruct } from "@stamhoofd/structures";
-import crypto from "crypto";
+import { DecodedRequest, Response } from '@simonbackx/simple-endpoints';
+import { isSimpleError, isSimpleErrors, SimpleError } from '@simonbackx/simple-errors';
+import { Organization, Token, User } from '@stamhoofd/models';
+import { LoginProviderType, OpenIDClientConfiguration, Token as TokenStruct } from '@stamhoofd/structures';
+import crypto from 'crypto';
 import { generators, Issuer } from 'openid-client';
-import { CookieHelper } from "./CookieHelper";
+import { CookieHelper } from './CookieHelper';
 async function randomBytes(size: number): Promise<Buffer> {
     return new Promise((resolve, reject) => {
@@ -20,28 +20,28 @@ async function randomBytes(size: number): Promise<Buffer> {
 }
 type SessionContext = {
-    expires: Date,
-    code_verifier: string,
-    state: string,
-    nonce: string
-    redirectUri: string,
-    spaState: string,
-    providerType: LoginProviderType
+    expires: Date;
+    code_verifier: string;
+    state: string;
+    nonce: string;
+    redirectUri: string;
+    spaState: string;
+    providerType: LoginProviderType;
 };
 export class OpenIDConnectHelper {
-    organization: Organization
-    configuration: OpenIDClientConfiguration
+    organization: Organization;
+    configuration: OpenIDClientConfiguration;
-    static sessionStorage = new Map<string, SessionContext>()
+    static sessionStorage = new Map<string, SessionContext>();
     constructor(organization, configuration: OpenIDClientConfiguration) {
-        this.organization = organization
-        this.configuration = configuration
+        this.organization = organization;
+        this.configuration = configuration;
     }
     get redirectUri() {
-        return 'https://' + this.organization.id + '.' + STAMHOOFD.domains.api + '/openid/callback'
+        return 'https://' + this.organization.id + '.' + STAMHOOFD.domains.api + '/openid/callback';
     }
     async getClient() {
@@ -59,41 +59,41 @@ export class OpenIDConnectHelper {
     }
     static async storeSession(response: Response<any>, data: SessionContext) {
-        const sessionId = (await randomBytes(192)).toString("base64");
+        const sessionId = (await randomBytes(192)).toString('base64');
         // Delete expired sessions
         for (const [key, value] of this.sessionStorage) {
             if (value.expires < new Date()) {
-                this.sessionStorage.delete(key)
+                this.sessionStorage.delete(key);
             }
         }
         this.sessionStorage.set(sessionId, data);
         // Store
-        CookieHelper.setCookie(response, "oid_session_id", sessionId, {
+        CookieHelper.setCookie(response, 'oid_session_id', sessionId, {
             httpOnly: true,
             secure: true,
-            expires: data.expires
-        })
+            expires: data.expires,
+        });
     }
     static getSession(request: DecodedRequest<any, any, any>): SessionContext | null {
-        const sessionId = CookieHelper.getCookie(request, "oid_session_id")
+        const sessionId = CookieHelper.getCookie(request, 'oid_session_id');
         if (!sessionId) {
-            return null
+            return null;
         }
-        const session = this.sessionStorage.get(sessionId)
+        const session = this.sessionStorage.get(sessionId);
         if (!session) {
-            return null
+            return null;
         }
         if (session.expires < new Date()) {
-            return null
+            return null;
         }
-        return session
+        return session;
     }
     async startAuthCodeFlow(redirectUri: string, providerType: LoginProviderType, spaState: string, prompt: string | null = null): Promise<Response<undefined>> {
@@ -110,13 +110,13 @@ export class OpenIDConnectHelper {
             nonce,
             redirectUri,
             spaState,
-            providerType
+            providerType,
         };
         try {
             const response = new Response(undefined);
-            const client = await this.getClient()
+            const client = await this.getClient();
             await OpenIDConnectHelper.storeSession(response, session);
             const redirect = client.authorizationUrl({
@@ -127,53 +127,54 @@ export class OpenIDConnectHelper {
                 response_type: 'code',
                 state,
                 nonce,
-                prompt: prompt ?? undefined
+                prompt: prompt ?? undefined,
             });
             response.headers['location'] = redirect;
             response.status = 302;
             return response;
-        } catch (e) {
-            const message = (isSimpleError(e) || isSimpleErrors(e) ? e.getHuman() : 'Er ging iets mis.')
-            console.error('Error in openID callback', e)
-            return OpenIDConnectHelper.getErrorRedirectResponse(session, message)
+        }
+        catch (e) {
+            const message = (isSimpleError(e) || isSimpleErrors(e) ? e.getHuman() : 'Er ging iets mis.');
+            console.error('Error in openID callback', e);
+            return OpenIDConnectHelper.getErrorRedirectResponse(session, message);
         }
     }
     async callback(request: DecodedRequest<any, any, any>): Promise<Response<undefined>> {
-        const session = OpenIDConnectHelper.getSession(request)
+        const session = OpenIDConnectHelper.getSession(request);
         if (!session) {
-            throw new Error("Missing session")
+            throw new Error('Missing session');
         }
         try {
             const response = new Response(undefined);
-            const client = await this.getClient()
+            const client = await this.getClient();
             // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-            const tokenSet = await client.callback(this.redirectUri, request.body, {
+            const tokenSet = await client.callback(this.redirectUri, request.body, {
                 code_verifier: session.code_verifier,
                 state: session.state,
-                nonce: session.nonce
+                nonce: session.nonce,
             });
             console.log('received and validated tokens %j', tokenSet);
             const claims = tokenSet.claims();
             console.log('validated ID Token claims %j', claims);
             if (!claims.name) {
                 throw new SimpleError({
                     code: 'invalid_user',
-                    message: "Missing name",
-                    statusCode: 400
-                })
+                    message: 'Missing name',
+                    statusCode: 400,
+                });
             }
-            let firstName = claims.name.split(" ")[0]
-            let lastName = claims.name.split(" ").slice(1).join(" ")
+            let firstName = claims.name.split(' ')[0];
+            let lastName = claims.name.split(' ').slice(1).join(' ');
             // Get from API
             if (tokenSet.access_token) {
@@ -182,33 +183,33 @@ export class OpenIDConnectHelper {
                 if (userinfo.given_name) {
                     console.log('userinfo given_name', userinfo.given_name);
-                    firstName = userinfo.given_name
+                    firstName = userinfo.given_name;
                 }
                 if (userinfo.family_name) {
                     console.log('userinfo family_name', userinfo.family_name);
-                    lastName = userinfo.family_name
+                    lastName = userinfo.family_name;
                 }
             }
             if (!claims.email) {
                 throw new SimpleError({
                     code: 'invalid_user',
-                    message: "Missing email address",
-                    statusCode: 400
-                })
+                    message: 'Missing email address',
+                    statusCode: 400,
+                });
             }
             if (!claims.sub) {
                 throw new SimpleError({
                     code: 'invalid_user',
-                    message: "Missing sub",
-                    statusCode: 400
-                })
+                    message: 'Missing sub',
+                    statusCode: 400,
+                });
             }
             // Get user from database
-            let user = await User.getOrganizationLevelUser(this.organization.id, claims.email)
+            let user = await User.getOrganizationLevelUser(this.organization.id, claims.email);
             if (!user) {
                 // Create a new user
                 user = await User.registerSSO(this.organization, {
@@ -218,53 +219,55 @@ export class OpenIDConnectHelper {
                     lastName,
                     type: session.providerType,
                     sub: claims.sub,
-                })
+                });
                 if (!user) {
                     throw new SimpleError({
                         code: 'invalid_user',
-                        message: "Failed to create user",
-                        statusCode: 500
-                    })
+                        message: 'Failed to create user',
+                        statusCode: 500,
+                    });
                 }
-            } else {
+            }
+            else {
                 // Update name
                 if (!user.firstName || !user.hasPasswordBasedAccount()) {
-                    user.firstName = firstName
+                    user.firstName = firstName;
                 }
                 if (!user.lastName || !user.hasPasswordBasedAccount()) {
-                    user.lastName = lastName
+                    user.lastName = lastName;
                 }
-                user.linkLoginProvider(session.providerType, claims.sub)
-                await user.save()
+                user.linkLoginProvider(session.providerType, claims.sub);
+                await user.save();
             }
             const token = await Token.createExpiredToken(user);
             if (!token) {
                 throw new SimpleError({
-                    code: "error",
-                    message: "Could not generate token",
-                    human: "Er ging iets mis bij het aanmelden",
-                    statusCode: 500
+                    code: 'error',
+                    message: 'Could not generate token',
+                    human: 'Er ging iets mis bij het aanmelden',
+                    statusCode: 500,
                 });
             }
             const st = new TokenStruct(token);
             // Redirect back to webshop
-            const redirectUri = new URL(session.redirectUri)
-            redirectUri.searchParams.set("oid_rt", st.refreshToken)
-            redirectUri.searchParams.set("s", session.spaState)
+            const redirectUri = new URL(session.redirectUri);
+            redirectUri.searchParams.set('oid_rt', st.refreshToken);
+            redirectUri.searchParams.set('s', session.spaState);
             response.headers['location'] = redirectUri.toString();
             response.status = 302;
             return response;
-        } catch (e) {
-            const message = (isSimpleError(e) || isSimpleErrors(e) ? e.getHuman() : 'Er ging iets mis.')
-            console.error('Error in openID callback', e)
-            return OpenIDConnectHelper.getErrorRedirectResponse(session, message)
+        }
+        catch (e) {
+            const message = (isSimpleError(e) || isSimpleErrors(e) ? e.getHuman() : 'Er ging iets mis.');
+            console.error('Error in openID callback', e);
+            return OpenIDConnectHelper.getErrorRedirectResponse(session, message);
         }
     }
@@ -272,13 +275,13 @@ export class OpenIDConnectHelper {
         const response = new Response(undefined);
         // Redirect back to webshop
-        const redirectUri = new URL(session.redirectUri)
-        redirectUri.searchParams.set("s", session.spaState)
-        redirectUri.searchParams.set("error", errorMessage)
+        const redirectUri = new URL(session.redirectUri);
+        redirectUri.searchParams.set('s', session.spaState);
+        redirectUri.searchParams.set('error', errorMessage);
         response.headers['location'] = redirectUri.toString();
         response.status = 302;
         return response;
     }
-}
+}

package/src/helpers/PeriodHelper.ts CHANGED Viewed

@@ -1,52 +1,50 @@
-import { Group, Member, MemberResponsibilityRecord, Organization, OrganizationRegistrationPeriod, Platform, RegistrationPeriod } from "@stamhoofd/models";
-import { AuthenticatedStructures } from "./AuthenticatedStructures";
-import { PatchOrganizationRegistrationPeriodsEndpoint } from "../endpoints/organization/dashboard/registration-periods/PatchOrganizationRegistrationPeriodsEndpoint";
-import { QueueHandler } from "@stamhoofd/queues";
-import { SetupStepUpdater } from "./SetupStepsUpdater";
-import { PermissionLevel, Group as GroupStruct } from "@stamhoofd/structures";
-import { MemberUserSyncer } from "./MemberUserSyncer";
-import { SimpleError } from "@simonbackx/simple-errors";
+import { SimpleError } from '@simonbackx/simple-errors';
+import { Group, Member, MemberResponsibilityRecord, Organization, OrganizationRegistrationPeriod, Platform, RegistrationPeriod, SetupStepUpdater } from '@stamhoofd/models';
+import { QueueHandler } from '@stamhoofd/queues';
+import { Group as GroupStruct, PermissionLevel } from '@stamhoofd/structures';
+import { PatchOrganizationRegistrationPeriodsEndpoint } from '../endpoints/organization/dashboard/registration-periods/PatchOrganizationRegistrationPeriodsEndpoint';
+import { AuthenticatedStructures } from './AuthenticatedStructures';
+import { MemberUserSyncer } from './MemberUserSyncer';
 export class PeriodHelper {
     static async moveOrganizationToPeriod(organization: Organization, period: RegistrationPeriod) {
-        console.log('moveOrganizationToPeriod', organization.id, period.id)
-        await this.createOrganizationPeriodForPeriod(organization, period)
-        organization.periodId = period.id
-        await organization.save()
+        console.log('moveOrganizationToPeriod', organization.id, period.id);
+        await this.createOrganizationPeriodForPeriod(organization, period);
+        organization.periodId = period.id;
+        await organization.save();
     }
     static async stopAllResponsibilities() {
-        console.log('Stopping all responsibilities')
-        const platform = await Platform.getSharedPrivateStruct()
-        const keepPlatformResponsibilityIds = platform.config.responsibilities.filter(r => !r.organizationBased).map(r => r.id)
-        const keepResponsibilityIds = platform.config.responsibilities.filter(r => !r.organizationBased || r.permissions?.level === PermissionLevel.Full).map(r => r.id)
+        console.log('Stopping all responsibilities');
+        const platform = await Platform.getSharedPrivateStruct();
+        const keepPlatformResponsibilityIds = platform.config.responsibilities.filter(r => !r.organizationBased).map(r => r.id);
+        const keepResponsibilityIds = platform.config.responsibilities.filter(r => !r.organizationBased || r.permissions?.level === PermissionLevel.Full).map(r => r.id);
         const batchSize = 100;
-        let lastId = "";
+        let lastId = '';
         let c = 0;
         while (true) {
             const records = await MemberResponsibilityRecord.where(
                 {
-                    id: { sign: ">", value: lastId },
-                    endDate: null
+                    id: { sign: '>', value: lastId },
+                    endDate: null,
+                },
+                {
+                    limit: batchSize,
+                    sort: ['id'],
                 },
-                {
-                    limit: batchSize,
-                    sort: ["id"]
-                }
             );
             for (const record of records) {
                 lastId = record.id;
-                const invalid = keepPlatformResponsibilityIds.includes(record.responsibilityId) && record.organizationId
+                const invalid = keepPlatformResponsibilityIds.includes(record.responsibilityId) && record.organizationId;
                 if (!keepResponsibilityIds.includes(record.responsibilityId) || invalid) {
-                    record.endDate = new Date()
-                    await record.save()
+                    record.endDate = new Date();
+                    await record.save();
                     c++;
                 }
             }
@@ -54,25 +52,24 @@ export class PeriodHelper {
             if (records.length < batchSize) {
                 break;
             }
         }
-        console.log('Done: stopped all responsibilities: ' + c)
+        console.log('Done: stopped all responsibilities: ' + c);
     }
     static async syncAllMemberUsers() {
-        console.log('Syncing all members')
+        console.log('Syncing all members');
         let c = 0;
         let lastId: string = '';
-        while(true) {
+        while (true) {
             const rawMembers = await Member.where({
                 id: {
                     value: lastId,
-                    sign: '>'
-                }
-            }, {limit: 500, sort: ['id']});
+                    sign: '>',
+                },
+            }, { limit: 500, sort: ['id'] });
             if (rawMembers.length === 0) {
                 break;
@@ -87,7 +84,7 @@ export class PeriodHelper {
                     await MemberUserSyncer.onChangeMember(memberWithRegistrations);
                     c++;
-                    if (c%10000 === 0) {
+                    if (c % 10000 === 0) {
                         console.log('Synced ' + c + ' members');
                     }
                 })());
@@ -97,50 +94,50 @@ export class PeriodHelper {
             lastId = rawMembers[rawMembers.length - 1].id;
         }
-        console.log('Done: synced all members: ' + c)
-   }
+        console.log('Done: synced all members: ' + c);
+    }
     static async createOrganizationPeriodForPeriod(organization: Organization, period: RegistrationPeriod) {
-        const oPeriods = await OrganizationRegistrationPeriod.where({ periodId: period.id, organizationId: organization.id }, {limit: 1})
+        const oPeriods = await OrganizationRegistrationPeriod.where({ periodId: period.id, organizationId: organization.id }, { limit: 1 });
         if (oPeriods.length) {
             // Already created
-            return oPeriods[0]
+            return oPeriods[0];
         }
-        const currentPeriod = await organization.getPeriod()
+        const currentPeriod = await organization.getPeriod();
         if (currentPeriod.periodId === period.id) {
-            return currentPeriod
+            return currentPeriod;
         }
-        const struct = await AuthenticatedStructures.organizationRegistrationPeriod(currentPeriod)
+        const struct = await AuthenticatedStructures.organizationRegistrationPeriod(currentPeriod);
-        const duplicate = struct.duplicate(period.getStructure())
-        return await PatchOrganizationRegistrationPeriodsEndpoint.createOrganizationPeriod(organization, duplicate)
+        const duplicate = struct.duplicate(period.getStructure());
+        return await PatchOrganizationRegistrationPeriodsEndpoint.createOrganizationPeriod(organization, duplicate);
     }
     static async moveAllOrganizationsToPeriod(period: RegistrationPeriod) {
-        const tag = "moveAllOrganizationsToPeriod";
+        const tag = 'moveAllOrganizationsToPeriod';
         if (QueueHandler.isRunning(tag)) {
             throw new SimpleError({
                 code: 'move_period_pending',
-                message: 'Er is al een jaarovergang bezig. Wacht tot deze klaar is.'
-            })
+                message: 'Er is al een jaarovergang bezig. Wacht tot deze klaar is.',
+            });
         }
         const batchSize = 10;
         await QueueHandler.schedule(tag, async () => {
-            let lastId = "";
+            let lastId = '';
             while (true) {
                 const organizations = await Organization.where(
                     {
-                        id: { sign: ">", value: lastId },
+                        id: { sign: '>', value: lastId },
+                    },
+                    {
+                        limit: batchSize,
+                        sort: ['id'],
                     },
-                    {
-                        limit: batchSize,
-                        sort: ["id"]
-                    }
                 );
                 for (const organization of organizations) {
@@ -151,20 +148,19 @@ export class PeriodHelper {
                 if (organizations.length < batchSize) {
                     break;
                 }
             }
-            await this.stopAllResponsibilities()
-            await this.syncAllMemberUsers()
+            await this.stopAllResponsibilities();
+            await this.syncAllMemberUsers();
         });
         // When done: update setup steps
-        await SetupStepUpdater.updateSetupStepsForAllOrganizationsInCurrentPeriod()
+        await SetupStepUpdater.updateSetupStepsForAllOrganizationsInCurrentPeriod();
     }
     static async updateGroupsInPeriod(period: RegistrationPeriod) {
-        const tag = "updateGroupsInPeriod-"+period.id;
+        const tag = 'updateGroupsInPeriod-' + period.id;
         if (QueueHandler.isRunning(tag)) {
             return;
         }
@@ -173,29 +169,28 @@ export class PeriodHelper {
         const batchSize = 100;
         await QueueHandler.schedule(tag, async () => {
-            let lastId = "";
+            let lastId = '';
             while (true) {
                 const groups = await Group.where(
                     {
-                        id: { sign: ">", value: lastId },
-                        periodId: period.id
+                        id: { sign: '>', value: lastId },
+                        periodId: period.id,
+                    },
+                    {
+                        limit: batchSize,
+                        sort: ['id'],
                     },
-                    {
-                        limit: batchSize,
-                        sort: ["id"]
-                    }
                 );
                 for (const group of groups) {
-                    await PatchOrganizationRegistrationPeriodsEndpoint.patchGroup(GroupStruct.patch({id: group.id}), period);
+                    await PatchOrganizationRegistrationPeriodsEndpoint.patchGroup(GroupStruct.patch({ id: group.id }), period);
                     lastId = group.id;
                 }
                 if (groups.length < batchSize) {
                     break;
                 }
             }
         });
     }