npm - @stamhoofd/backend - Versions diffs - 2.7.0 → 2.9.0 - Mend

@stamhoofd/backend 2.7.0 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/src/endpoints/organization/dashboard/payments/GetMemberBalanceEndpoint.ts CHANGED Viewed

@@ -1,14 +1,14 @@
 import { DecodedRequest, Endpoint, Request, Response } from "@simonbackx/simple-endpoints";
 import { SimpleError } from "@simonbackx/simple-errors";
 import { BalanceItem, Group, Member } from "@stamhoofd/models";
-import { MemberBalanceItem } from "@stamhoofd/structures";
+import { BalanceItemWithPayments } from "@stamhoofd/structures";
 import { Context } from "../../../../helpers/Context";
 type Params = { id: string };
 type Query = undefined
 type Body = undefined
-type ResponseBody = MemberBalanceItem[]
+type ResponseBody = BalanceItemWithPayments[]
 export class GetMemberBalanceEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
     protected doesMatch(request: Request): [true, Params] | [false] {
@@ -42,7 +42,7 @@ export class GetMemberBalanceEndpoint extends Endpoint<Params, Query, Body, Resp
         const balanceItems = await BalanceItem.balanceItemsForUsersAndMembers(organization.id, member.users.map(u => u.id), [member.id])
         return new Response(
-            await BalanceItem.getMemberStructure(balanceItems)
+            await BalanceItem.getStructureWithPayments(balanceItems)
         );
     }
 }

package/src/endpoints/organization/dashboard/payments/GetPaymentsEndpoint.ts CHANGED Viewed

@@ -1,54 +1,17 @@
-import { AutoEncoder, Data, DateDecoder, Decoder, EnumDecoder, field, IntegerDecoder, StringDecoder } from "@simonbackx/simple-encoding";
+import { AutoEncoder, DateDecoder, EnumDecoder, field, IntegerDecoder, StringDecoder } from "@simonbackx/simple-encoding";
 import { DecodedRequest, Endpoint, Request, Response } from "@simonbackx/simple-endpoints";
 import { Organization, Payment } from "@stamhoofd/models";
 import { PaymentGeneral, PaymentMethod, PaymentProvider, PaymentStatus } from "@stamhoofd/structures";
+import { StringArrayDecoder } from "../../../../decoders/StringArrayDecoder";
 import { AuthenticatedStructures } from "../../../../helpers/AuthenticatedStructures";
 import { Context } from "../../../../helpers/Context";
+import { StringNullableDecoder } from "../../../../decoders/StringNullableDecoder";
 type Params = Record<string, never>;
 type Body = undefined
 type ResponseBody = PaymentGeneral[]
-export class StringArrayDecoder<T> implements Decoder<T[]> {
-    decoder: Decoder<T>;
-    constructor(decoder: Decoder<T>) {
-        this.decoder = decoder;
-    }
-    decode(data: Data): T[] {
-        const strValue = data.string;
-        // Split on comma
-        const parts = strValue.split(",");
-        return parts
-            .map((v, index) => {
-                return data.clone({
-                    data: v,
-                    context: data.context,
-                    field: data.addToCurrentField(index)
-                }).decode(this.decoder)
-            });
-    }
-}
-export class StringNullableDecoder<T> implements Decoder<T | null> {
-    decoder: Decoder<T>;
-    constructor(decoder: Decoder<T>) {
-        this.decoder = decoder;
-    }
-    decode(data: Data): T | null {
-        if (data.value === 'null') {
-            return null;
-        }
-        return data.decode(this.decoder);
-    }
-}
 class Query extends AutoEncoder {
     /**

package/src/endpoints/organization/dashboard/payments/PatchBalanceItemsEndpoint.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import { DecodedRequest, Endpoint, Request, Response } from "@simonbackx/simple-
 import { SimpleError } from "@simonbackx/simple-errors";
 import { BalanceItem, Member, Order, Registration, User } from '@stamhoofd/models';
 import { QueueHandler } from '@stamhoofd/queues';
-import { BalanceItemStatus, MemberBalanceItem, PermissionLevel } from "@stamhoofd/structures";
+import { BalanceItemStatus, BalanceItemType, BalanceItemWithPayments, PermissionLevel } from "@stamhoofd/structures";
 import { Formatter } from '@stamhoofd/utility';
 import { Context } from '../../../../helpers/Context';
@@ -11,11 +11,11 @@ import { Context } from '../../../../helpers/Context';
 type Params = Record<string, never>;
 type Query = undefined;
-type Body = PatchableArrayAutoEncoder<MemberBalanceItem>
-type ResponseBody = MemberBalanceItem[]
+type Body = PatchableArrayAutoEncoder<BalanceItemWithPayments>
+type ResponseBody = BalanceItemWithPayments[]
 export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
-    bodyDecoder = new PatchableArrayDecoder(MemberBalanceItem as Decoder<MemberBalanceItem>, MemberBalanceItem.patchType() as Decoder<AutoEncoderPatchType<MemberBalanceItem>>, StringDecoder)
+    bodyDecoder = new PatchableArrayDecoder(BalanceItemWithPayments as Decoder<BalanceItemWithPayments>, BalanceItemWithPayments.patchType() as Decoder<AutoEncoderPatchType<BalanceItemWithPayments>>, StringDecoder)
     protected doesMatch(request: Request): [true, Params] | [false] {
         if (request.method != "PATCH") {
@@ -53,7 +53,10 @@ export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, Res
                 // Create a new balance item
                 const model = new BalanceItem();
                 model.description = put.description;
-                model.price = put.price;
+                model.amount = put.amount;
+                model.type = BalanceItemType.Other
+                model.unitPrice = put.unitPrice;
+                model.amount = put.amount;
                 model.organizationId = organization.id;
                 model.createdAt = put.createdAt;
                 model.status = put.status === BalanceItemStatus.Hidden ? BalanceItemStatus.Hidden : BalanceItemStatus.Pending;
@@ -75,19 +78,6 @@ export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, Res
                     })
                 }
-                if (put.registration) {
-                    const registration = await Registration.getByID(put.registration.id)
-                    if (!registration || registration.memberId !== model.memberId || registration.organizationId !== organization.id) {
-                        throw new SimpleError({
-                            code: 'invalid_field',
-                            message: 'Registration not found',
-                            field: 'registration'
-                        })
-                    }
-                    model.registrationId = registration.id
-                    registrationIds.push(registration.id)
-                }
                 await model.save();
                 returnedModels.push(model);
             }
@@ -101,6 +91,15 @@ export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, Res
                         message: 'BalanceItem not found'
                     })
                 }
+                if (patch.unitPrice !== undefined) {
+                    throw new SimpleError({
+                        code: 'invalid_field',
+                        message: 'You cannot change the unit price of a balance item',
+                        human: 'Het is niet mogelijk om de eenheidsprijs van een openstaande schuld te wijzigen. Je kan de openstaande schuld verwijderen en opnieuw aanmaken indien noodzakelijk.'
+                    })
+                }
                 // Check permissions
                 if (model.memberId) {
                     // Update old
@@ -123,30 +122,16 @@ export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, Res
                     model.createdAt = patch.createdAt
                 }
-                if (patch.registration) {
-                    const registration = await Registration.getByID(patch.registration.id)
-                    if (!registration || registration.memberId !== model.memberId || registration.organizationId !== organization.id) {
-                        throw new SimpleError({
-                            code: 'invalid_field',
-                            message: 'Registration not found',
-                            field: 'registration'
-                        })
-                    }
-                    model.registrationId = registration.id
-                    // Update new
-                    registrationIds.push(model.registrationId)
-                } else if (patch.registration === null) {
-                    model.registrationId = null
-                }
                 model.description = patch.description ?? model.description;
-                model.price = patch.price ?? model.price;
+                model.unitPrice = patch.unitPrice ?? model.unitPrice;
+                model.amount = patch.amount ?? model.amount;
                 if (model.orderId) {
                     // Not allowed to change this
                     const order = await Order.getByID(model.orderId)
                     if (order) {
-                        model.price = order.totalToPay
+                        model.unitPrice = order.totalToPay
+                        model.amount = 1
                     }
                 }
@@ -167,7 +152,7 @@ export class PatchBalanceItemsEndpoint extends Endpoint<Params, Query, Body, Res
         await Registration.updateOutstandingBalance(Formatter.uniqueArray(registrationIds), organization.id)
          return new Response(
-            await BalanceItem.getMemberStructure(returnedModels)
+            await BalanceItem.getStructureWithPayments(returnedModels)
         );
     }

package/src/endpoints/organization/dashboard/registration-periods/PatchOrganizationRegistrationPeriodsEndpoint.ts CHANGED Viewed

@@ -274,6 +274,7 @@ export class PatchOrganizationRegistrationPeriodsEndpoint extends Endpoint<Param
                 }
             }
         }
         await model.updateOccupancy()
         await model.save();

package/src/endpoints/organization/dashboard/webshops/PatchWebshopOrdersEndpoint.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import { DecodedRequest, Endpoint, Request, Response } from "@simonbackx/simple-
 import { SimpleError } from "@simonbackx/simple-errors";
 import { BalanceItem, BalanceItemPayment, Order, Payment, Token, Webshop } from '@stamhoofd/models';
 import { QueueHandler } from '@stamhoofd/queues';
-import { BalanceItemStatus, OrderStatus, PaymentMethod, PaymentStatus, PermissionLevel, PrivateOrder, PrivatePayment,Webshop as WebshopStruct } from "@stamhoofd/structures";
+import { BalanceItemRelation, BalanceItemRelationType, BalanceItemStatus, BalanceItemType, OrderStatus, PaymentMethod, PaymentStatus, PermissionLevel, PrivateOrder, PrivatePayment,Webshop as WebshopStruct } from "@stamhoofd/structures";
 import { Context } from '../../../../helpers/Context';
@@ -157,11 +157,21 @@ export class PatchWebshopOrdersEndpoint extends Endpoint<Params, Query, Body, Re
                         // Create balance item
                         const balanceItem = new BalanceItem();
                         balanceItem.orderId = order.id;
-                        balanceItem.price = totalPrice
+                        balanceItem.type = BalanceItemType.Order;
+                        balanceItem.unitPrice = totalPrice
                         balanceItem.description = webshop.meta.name
                         balanceItem.pricePaid = 0
                         balanceItem.organizationId = organization.id;
                         balanceItem.status = BalanceItemStatus.Pending;
+                        balanceItem.relations = new Map([
+                            [
+                                BalanceItemRelationType.Webshop,
+                                BalanceItemRelation.create({
+                                    id: webshop.id,
+                                    name: webshop.meta.name,
+                                })
+                            ]
+                        ])
                         await balanceItem.save();
                         // Create one balance item payment to pay it in one payment
@@ -245,7 +255,7 @@ export class PatchWebshopOrdersEndpoint extends Endpoint<Params, Query, Body, Re
                     const items = await BalanceItem.where({ orderId: model.id })
                     if (items.length >= 1) {
                         model.markUpdated()
-                        items[0].price = model.totalToPay
+                        items[0].unitPrice = model.totalToPay
                         items[0].description = model.generateBalanceDescription(webshop)
                         items[0].updateStatus();
                         await items[0].save()
@@ -258,7 +268,7 @@ export class PatchWebshopOrdersEndpoint extends Endpoint<Params, Query, Body, Re
                         model.markUpdated()
                         const balanceItem = new BalanceItem();
                         balanceItem.orderId = model.id;
-                        balanceItem.price = model.totalToPay
+                        balanceItem.unitPrice = model.totalToPay
                         balanceItem.description = model.generateBalanceDescription(webshop)
                         balanceItem.pricePaid = 0
                         balanceItem.organizationId = organization.id;

package/src/endpoints/organization/webshops/PlaceOrderEndpoint.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import { I18n } from '@stamhoofd/backend-i18n';
 import { Email } from '@stamhoofd/email';
 import { BalanceItem, BalanceItemPayment, MolliePayment, MollieToken, Order, PayconiqPayment, Payment, RateLimiter, Webshop, WebshopDiscountCode } from '@stamhoofd/models';
 import { QueueHandler } from '@stamhoofd/queues';
-import { BalanceItemStatus, Order as OrderStruct, OrderData, OrderResponse, Payment as PaymentStruct, PaymentMethod, PaymentMethodHelper, PaymentProvider, PaymentStatus, Version, Webshop as WebshopStruct,WebshopAuthType } from "@stamhoofd/structures";
+import { BalanceItemStatus, Order as OrderStruct, OrderData, OrderResponse, Payment as PaymentStruct, PaymentMethod, PaymentMethodHelper, PaymentProvider, PaymentStatus, Version, Webshop as WebshopStruct,WebshopAuthType, BalanceItemType, BalanceItemRelationType, BalanceItemRelation } from "@stamhoofd/structures";
 import { Formatter } from '@stamhoofd/utility';
 import { BuckarooHelper } from '../../../helpers/BuckarooHelper';
@@ -182,12 +182,22 @@ export class PlaceOrderEndpoint extends Endpoint<Params, Query, Body, ResponseBo
                 // Create balance item
                 const balanceItem = new BalanceItem();
+                balanceItem.type = BalanceItemType.Order;
                 balanceItem.orderId = order.id;
-                balanceItem.price = totalPrice
+                balanceItem.unitPrice = totalPrice
                 balanceItem.description = webshop.meta.name
                 balanceItem.pricePaid = 0
                 balanceItem.organizationId = organization.id;
                 balanceItem.status = BalanceItemStatus.Hidden;
+                balanceItem.relations = new Map([
+                    [
+                        BalanceItemRelationType.Webshop,
+                        BalanceItemRelation.create({
+                            id: webshop.id,
+                            name: webshop.meta.name,
+                        })
+                    ]
+                ])
                 await balanceItem.save();
                 // Create one balance item payment to pay it in one payment

package/src/helpers/AdminPermissionChecker.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { AutoEncoderPatchType, PatchMap } from "@simonbackx/simple-encoding"
 import { SimpleError } from "@simonbackx/simple-errors"
 import { BalanceItem, Document, DocumentTemplate, EmailTemplate, Event, Group, Member, MemberWithRegistrations, Order, Organization, Payment, Registration, User, Webshop } from "@stamhoofd/models"
-import { AccessRight, GroupCategory, GroupStatus, MemberWithRegistrationsBlob, PermissionLevel, PermissionsResourceType, Platform as PlatformStruct, RecordCategory } from "@stamhoofd/structures"
+import { AccessRight, FinancialSupportSettings, GroupCategory, GroupStatus, MemberWithRegistrationsBlob, PermissionLevel, PermissionsResourceType, Platform as PlatformStruct, RecordCategory } from "@stamhoofd/structures"
 import { Formatter } from "@stamhoofd/utility"
 /**
@@ -207,10 +207,11 @@ export class AdminPermissionChecker {
         return await this.hasFullAccess(organizationId)
     }
-    /**
-     * Note: only checks admin permissions. Users that 'own' this member can also access it but that does not use the AdminPermissionChecker
-     */
     async canAccessMember(member: MemberWithRegistrations, permissionLevel: PermissionLevel = PermissionLevel.Read) {
+        if (this.isUserManager(member) && permissionLevel !== PermissionLevel.Full) {
+            return true;
+        }
         // Check user has permissions
         if (!this.user.permissions) {
             return false
@@ -761,18 +762,6 @@ export class AdminPermissionChecker {
                 for (const category of organization.meta.recordsConfiguration.recordCategories) {
                     recordCategories.push(category)
                 }
-                for (const [id] of organization.meta.recordsConfiguration.inheritedRecordCategories) {
-                    if (recordCategories.find(c => c.id === id)) {
-                        // Already added
-                        continue;
-                    }
-                    const category = this.platform.config.recordsConfiguration.recordCategories.find(c => c.id === id)
-                    if (category) {
-                        recordCategories.push(category)
-                    }
-                }
                 continue;
             }
@@ -788,17 +777,15 @@ export class AdminPermissionChecker {
                 }
             }
-            for (const [id] of organization.meta.recordsConfiguration.inheritedRecordCategories) {
-                if (recordCategories.find(c => c.id === id)) {
+            // Platform ones where we have been given permissions for in this organization
+            for (const category of this.platform.config.recordsConfiguration.recordCategories) {
+                if (recordCategories.find(c => c.id === category.id)) {
                     // Already added
                     continue;
                 }
-                if (permissions.hasResourceAccess(PermissionsResourceType.RecordCategories, id, level)) {
-                    const category = this.platform.config.recordsConfiguration.recordCategories.find(c => c.id === id)
-                    if (category) {
-                        recordCategories.push(category)
-                    }
+                if (permissions.hasResourceAccess(PermissionsResourceType.RecordCategories, category.id, level)) {
+                    recordCategories.push(category)
                 }
             }
         }
@@ -936,6 +923,7 @@ export class AdminPermissionChecker {
         // Has financial read access?
         if (!await this.hasFinancialMemberAccess(member, PermissionLevel.Read)) {
             cloned.details.requiresFinancialSupport = null
+            cloned.details.uitpasNumber = null
             cloned.outstandingBalance = 0
             for (const registration of cloned.registrations) {
@@ -961,8 +949,9 @@ export class AdminPermissionChecker {
         const hasRecordAnswers = !!data.details.recordAnswers;
         const hasNotes = data.details.notes !== undefined;
+        const isSetFinancialSupportTrue = data.details.requiresFinancialSupport?.value === true;
-        if(hasRecordAnswers || hasNotes) {
+        if(hasRecordAnswers || hasNotes || isSetFinancialSupportTrue) {
             const isUserManager = this.isUserManager(member);
             if (hasRecordAnswers) {
@@ -1017,6 +1006,20 @@ export class AdminPermissionChecker {
                     statusCode: 400
                 })
             }
+            if(isSetFinancialSupportTrue) {
+                const financialSupport = this.platform.config.recordsConfiguration.financialSupport;
+                const preventSelfAssignment = financialSupport?.preventSelfAssignment === true;
+                if(preventSelfAssignment) {
+                    throw new SimpleError({
+                        code: 'permission_denied',
+                        message: 'Je hebt geen toegangsrechten om de financiële status van dit lid aan te passen',
+                        human: financialSupport.preventSelfAssignmentText ?? FinancialSupportSettings.defaultPreventSelfAssignmentText,
+                        statusCode: 400
+                    });
+                }
+            }
         }
         // Has financial write access?
@@ -1029,6 +1032,14 @@ export class AdminPermissionChecker {
                 })
             }
+            if (data.details.uitpasNumber) {
+                throw new SimpleError({
+                    code: 'permission_denied',
+                    message: 'Je hebt geen toegangsrechten om het UiTPAS-nummer van dit lid aan te passen',
+                    statusCode: 400
+                })
+            }
             if (data.outstandingBalance) {
                 throw new SimpleError({
                     code: 'permission_denied',

package/src/helpers/AuthenticatedStructures.ts CHANGED Viewed

@@ -26,7 +26,7 @@ export class AuthenticatedStructures {
         }
         const {balanceItemPayments, balanceItems} = await Payment.loadBalanceItems(payments)
-        const {registrations, orders, groups} = await Payment.loadBalanceItemRelations(balanceItems);
+        const {registrations, orders} = await Payment.loadBalanceItemRelations(balanceItems);
         if (checkPermissions) {
             // Note: permission checking is moved here for performacne to avoid loading the data multiple times
@@ -41,13 +41,10 @@ export class AuthenticatedStructures {
         const includeSettlements = checkPermissions && !!Context.user && !!Context.user.permissions
-        return await Payment.getGeneralStructureFromRelations({
+        return Payment.getGeneralStructureFromRelations({
             payments,
             balanceItemPayments,
-            balanceItems,
-            registrations,
-            orders,
-            groups
+            balanceItems
         }, includeSettlements)
     }
@@ -154,6 +151,19 @@ export class AuthenticatedStructures {
         })
     }
+    static async organizations(organizations: Organization[]): Promise<OrganizationStruct[]> {
+        // for now simple loop
+        if (organizations.length > 10) {
+            console.warn('Trying to load too many organizations at once: ' + organizations.length)
+        }
+        const structs: OrganizationStruct[] = [];
+        for (const organization of organizations) {
+            structs.push(await this.organization(organization))
+        }
+        return structs
+    }
     static async adminOrganizations(organizations: Organization[]): Promise<OrganizationStruct[]> {
         const structs: OrganizationStruct[] = [];
@@ -228,7 +238,6 @@ export class AuthenticatedStructures {
                 }
             }
             const blob = member.getStructureWithRegistrations()
             memberBlobs.push(
                 await Context.auth.filterMemberData(member, blob)

package/src/helpers/Context.ts CHANGED Viewed

@@ -60,6 +60,27 @@ export class ContextInstance {
         return c;
     }
+    static async startForUser<T>(user: User, organization: Organization|null, handler: () => Promise<T>): Promise<T> {
+        const request = new Request({
+            method: 'GET',
+            url: '/',
+            host: ''
+        })
+        const context = new ContextInstance(request);
+        if (organization) {
+            context.organization = organization
+            context.i18n.switchToLocale({ country: organization.address.country })
+        }
+        context.user = user
+        context.#auth = new AdminPermissionChecker(user, await Platform.getSharedPrivateStruct(), context.organization);
+        return await this.asyncLocalStorage.run(context, async () => {
+            return await handler()
+        });
+    }
     static async start<T>(request: Request, handler: () => Promise<T>): Promise<T> {
         const context = new ContextInstance(request);

package/src/helpers/EmailResumer.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { Email } from "@stamhoofd/models";
+import { Email, Organization, User } from "@stamhoofd/models";
 import { SQL } from "@stamhoofd/sql";
 import { EmailStatus } from "@stamhoofd/structures";
+import { ContextInstance } from "./Context";
 export async function resumeEmails() {
     const query = SQL.select()
@@ -11,7 +12,26 @@ export async function resumeEmails() {
     const emails = Email.fromRows(result, Email.table);
     for (const email of emails) {
+        if (!email.userId) {
+            console.warn('Cannot retry sending email because userId is not set - which is required for setting the scope', email.id)
+            continue;
+        }
         console.log('Resuming email that has sending status on boot', email.id);
-        await email.send()
+        const user = await User.getByID(email.userId);
+        if (!user) {
+            console.warn('Cannot retry sending email because user not found', email.id)
+            continue;
+        }
+        const organization = email.organizationId ? (await Organization.getByID(email.organizationId)) : null;
+        if (organization === undefined) {
+            console.warn('Cannot retry sending email because organization not found', email.id)
+            continue;
+        }
+        await ContextInstance.startForUser(user, organization, async () => {
+            await email.send()
+        })
     }
 }

package/src/helpers/MemberUserSyncer.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { Member, MemberResponsibilityRecord, MemberWithRegistrations, User } from "@stamhoofd/models";
 import { SQL } from "@stamhoofd/sql";
-import { Permissions, UserPermissions } from "@stamhoofd/structures";
+import { MemberDetails, Permissions, UserPermissions } from "@stamhoofd/structures";
 export class MemberUserSyncerStatic {
     /**
@@ -8,15 +8,8 @@ export class MemberUserSyncerStatic {
      * - responsibilities have changed
      * - email addresses have changed
      */
-    async onChangeMember(member: MemberWithRegistrations) {
-        const userEmails = [...member.details.alternativeEmails]
-        if (member.details.email) {
-            userEmails.push(member.details.email)
-        }
-        const unverifiedEmails: string[] = member.details.unverifiedEmails;
-        const parentAndUnverifiedEmails = member.details.parentsHaveAccess ? member.details.parents.flatMap(p => p.email ? [p.email, ...p.alternativeEmails] : p.alternativeEmails).concat(unverifiedEmails) : []
+    async onChangeMember(member: MemberWithRegistrations, unlinkUsers: boolean = false) {
+        const {userEmails, parentAndUnverifiedEmails} = this.getMemberAccessEmails(member.details)
         // Make sure all these users have access to the member
         for (const email of userEmails) {
@@ -29,14 +22,49 @@ export class MemberUserSyncerStatic {
             await this.linkUser(email, member, true)
         }
-        // Remove access of users that are not in this list
-        for (const user of member.users) {
-            if (!userEmails.includes(user.email) && !parentAndUnverifiedEmails.includes(user.email)) {
-                await this.unlinkUser(user, member)
+        if (unlinkUsers && !member.details.parentsHaveAccess) {
+            // Remove access of users that are not in this list
+            // NOTE: we should only do this once a year (preferably on the birthday of the member)
+            // only once because otherwise users loose the access to a member during the creation of the member, or when they have changed their email address
+            // users can regain access to a member after they have lost control by using the normal verification flow when detecting duplicate members
+            for (const user of member.users) {
+                if (!userEmails.includes(user.email) && !parentAndUnverifiedEmails.includes(user.email)) {
+                    await this.unlinkUser(user, member)
+                }
+            }
+        } else {
+            // Only auto unlink users that do not have an account
+            for (const user of member.users) {
+                if (!user.hasAccount() && !userEmails.includes(user.email) && !parentAndUnverifiedEmails.includes(user.email)) {
+                    await this.unlinkUser(user, member)
+                }
             }
         }
     }
+    getMemberAccessEmails(details: MemberDetails) {
+        const userEmails = [...details.alternativeEmails]
+        if (details.email) {
+            userEmails.push(details.email)
+        }
+        const unverifiedEmails: string[] = details.unverifiedEmails;
+        const parentAndUnverifiedEmails = details.parentsHaveAccess ? details.parents.flatMap(p => p.email ? [p.email, ...p.alternativeEmails] : p.alternativeEmails).concat(unverifiedEmails) : []
+        return {
+            userEmails,
+            parentAndUnverifiedEmails,
+            emails: userEmails.concat(parentAndUnverifiedEmails)
+        }
+    }
+    doesEmailHaveAccess(details: MemberDetails, email: string) {
+        const {emails} = this.getMemberAccessEmails(details)
+        return emails.includes(email)
+    }
     async onDeleteMember(member: MemberWithRegistrations) {
         for (const u of member.users) {
             console.log("Unlinking user "+u.email+" from deleted member "+member.id)

package/src/seeds/1722344160-update-membership.ts CHANGED Viewed

@@ -22,33 +22,30 @@ export default new Migration(async () => {
                 value: id,
                 sign: '>'
             }
-        }, {limit: 100, sort: ['id']});
-        // const members = await Member.getByIDs(...rawMembers.map(m => m.id));
-        for (const member of rawMembers) {
-            const memberWithRegistrations = await Member.getWithRegistrations(member.id);
-            if(memberWithRegistrations) {
-                await memberWithRegistrations.updateMemberships();
-                await memberWithRegistrations.save();
-            } else {
-                throw new Error("Member with registrations not found: " + member.id);
-            }
-            c++;
-            if (c%1000 === 0) {
-                process.stdout.write('.');
-            }
-            if (c%10000 === 0) {
-                process.stdout.write('\n');
-            }
-        }
+        }, {limit: 500, sort: ['id']});
         if (rawMembers.length === 0) {
             break;
         }
+        const promises: Promise<any>[] = [];
+        for (const member of rawMembers) {
+            promises.push((async () => {
+                await Member.updateMembershipsForId(member.id, true);
+                c++;
+                if (c%1000 === 0) {
+                    process.stdout.write('.');
+                }
+                if (c%10000 === 0) {
+                    process.stdout.write('\n');
+                }
+            })())
+        }
+        await Promise.all(promises);
         id = rawMembers[rawMembers.length - 1].id;
     }