@stamhoofd/backend 2.74.0 → 2.75.1

package/index.ts

@@ -3,7 +3,6 @@ backendEnv.load();
 
 import { Column, Database, Migration } from '@simonbackx/simple-database';
 import { CORSPreflightEndpoint, Router, RouterServer } from '@simonbackx/simple-endpoints';
-import { I18n } from '@stamhoofd/backend-i18n';
 import { CORSMiddleware, LogMiddleware, VersionMiddleware } from '@stamhoofd/backend-middleware';
 import { Email } from '@stamhoofd/email';
 import { loadLogger } from '@stamhoofd/logging';
@@ -13,10 +12,12 @@ import { sleep } from '@stamhoofd/utility';
 import { startCrons, stopCrons, waitForCrons } from '@stamhoofd/crons';
 import { Platform } from '@stamhoofd/models';
 import { resumeEmails } from './src/helpers/EmailResumer';
+import { GlobalHelper } from './src/helpers/GlobalHelper';
 import { SetupStepUpdater } from './src/helpers/SetupStepUpdater';
 import { ContextMiddleware } from './src/middleware/ContextMiddleware';
 import { AuditLogService } from './src/services/AuditLogService';
 import { DocumentService } from './src/services/DocumentService';
+import { FileSignService } from './src/services/FileSignService';
 import { PlatformMembershipService } from './src/services/PlatformMembershipService';
 
 process.on('unhandledRejection', (error: Error) => {
@@ -52,7 +53,8 @@ const seeds = async () => {
 const start = async () => {
     console.log('Running server at v' + Version);
     loadLogger();
-    await I18n.load();
+    await GlobalHelper.load();
+
     const router = new Router();
     await router.loadAllEndpoints(__dirname + '/src/endpoints/global/*');
     await router.loadAllEndpoints(__dirname + '/src/endpoints/admin/*');
@@ -72,6 +74,9 @@ const start = async () => {
     routerServer.addRequestMiddleware(LogMiddleware);
     routerServer.addResponseMiddleware(LogMiddleware);
 
+    routerServer.addResponseMiddleware(FileSignService);
+    routerServer.addRequestMiddleware(FileSignService);
+
     // Contexts
     routerServer.addRequestMiddleware(ContextMiddleware);
 

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.74.0",
+    "version": "2.75.1",
     "main": "./dist/index.js",
     "exports": {
         ".": {
@@ -33,18 +33,18 @@
     "dependencies": {
         "@bwip-js/node": "^4.5.1",
         "@mollie/api-client": "3.7.0",
-        "@simonbackx/simple-database": "1.28.0",
-        "@simonbackx/simple-encoding": "2.19.0",
-        "@simonbackx/simple-endpoints": "1.15.0",
+        "@simonbackx/simple-database": "1.29.0",
+        "@simonbackx/simple-encoding": "2.20.0",
+        "@simonbackx/simple-endpoints": "1.19.0",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.74.0",
-        "@stamhoofd/backend-middleware": "2.74.0",
-        "@stamhoofd/email": "2.74.0",
-        "@stamhoofd/models": "2.74.0",
-        "@stamhoofd/queues": "2.74.0",
-        "@stamhoofd/sql": "2.74.0",
-        "@stamhoofd/structures": "2.74.0",
-        "@stamhoofd/utility": "2.74.0",
+        "@stamhoofd/backend-i18n": "2.75.1",
+        "@stamhoofd/backend-middleware": "2.75.1",
+        "@stamhoofd/email": "2.75.1",
+        "@stamhoofd/models": "2.75.1",
+        "@stamhoofd/queues": "2.75.1",
+        "@stamhoofd/sql": "2.75.1",
+        "@stamhoofd/structures": "2.75.1",
+        "@stamhoofd/utility": "2.75.1",
         "archiver": "^7.0.1",
         "aws-sdk": "^2.885.0",
         "axios": "1.6.8",
@@ -64,5 +64,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "3a77692b8163f10c231785de2f720c423a909762"
+    "gitHead": "4c6a7f14c62e4832885325d02c5aaeeccf27568b"
 }

package/src/crons/update-cached-balances.ts

@@ -5,8 +5,7 @@ registerCron('updateCachedBalances', updateCachedBalances);
 
 async function updateCachedBalances() {
     // Check if between 3 - 6 AM
-    if ((new Date().getHours() > 6 || new Date().getHours() < 3) && STAMHOOFD.environment !== 'development') {
-        console.log('Not between 3 and 6 AM, skipping.');
+    if ((new Date().getHours() > 6 || new Date().getHours() < 3)) {
         return;
     }
 

package/src/endpoints/admin/organizations/GetOrganizationsEndpoint.ts

@@ -2,7 +2,7 @@ import { Decoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
 import { Organization } from '@stamhoofd/models';
-import { SQL, compileToSQLFilter, compileToSQLSorter } from '@stamhoofd/sql';
+import { SQL, compileToSQLFilter, applySQLSorter } from '@stamhoofd/sql';
 import { CountFilteredRequest, LimitedFilteredRequest, Organization as OrganizationStruct, PaginatedResponse, PermissionLevel, StamhoofdFilter, assertSort, getSortFilter } from '@stamhoofd/structures';
 
 import { SQLResultNamespacedRow } from '@simonbackx/simple-database';
@@ -90,7 +90,7 @@ export class GetOrganizationsEndpoint extends Endpoint<Params, Query, Body, Resp
             }
 
             q.sort = assertSort(q.sort, [{ key: 'id' }]);
-            query.orderBy(compileToSQLSorter(q.sort, sorters));
+            applySQLSorter(query, q.sort, sorters);
             query.limit(q.limit);
         }
 

package/src/endpoints/auth/CreateAdminEndpoint.ts

@@ -74,15 +74,10 @@ export class CreateAdminEndpoint extends Endpoint<Params, Query, Body, ResponseB
         }
 
         if (organization) {
-            admin.permissions = UserPermissions.limitedPatch(admin.permissions, request.body.permissions, organization.id);
+            admin.permissions = UserPermissions.limitedAdd(admin.permissions, request.body.permissions, organization.id);
         }
         else {
-            if (admin.permissions) {
-                admin.permissions.patchOrPut(request.body.permissions);
-            }
-            else {
-                admin.permissions = request.body.permissions.isPut() ? request.body.permissions : null;
-            }
+            admin.permissions = UserPermissions.add(admin.permissions, request.body.permissions);
         }
 
         if (!admin.firstName && request.body.firstName) {
@@ -114,12 +109,10 @@ export class CreateAdminEndpoint extends Endpoint<Params, Query, Body, ResponseB
         await sendEmailTemplate(organization, {
             recipients: [
                 Recipient.create({
+                    firstName: admin.firstName,
+                    lastName: admin.lastName,
                     email,
                     replacements: [
-                        Replacement.create({
-                            token: 'greeting',
-                            value: admin.firstName ? `Dag ${admin.firstName},` : 'Hallo!',
-                        }),
                         Replacement.create({
                             token: 'resetUrl',
                             value: recoveryUrl,
@@ -136,10 +129,6 @@ export class CreateAdminEndpoint extends Endpoint<Params, Query, Body, ResponseB
                             token: 'validUntil',
                             value: dateTime,
                         }),
-                        Replacement.create({
-                            token: 'email',
-                            value: admin.email,
-                        }),
                     ],
                 }),
             ],

package/src/endpoints/auth/OpenIDConnectStartEndpoint.ts

@@ -30,11 +30,6 @@ export class OpenIDConnectStartEndpoint extends Endpoint<Params, Query, Body, Re
         // Check webshop and/or organization
         await Context.setUserOrganizationScope();
         await Context.optionalAuthenticate({ allowWithoutAccount: false });
-        console.log('Full start connect body;', await request.request.body);
-
-        if (Context.user) {
-            console.log('User:', Context.user);
-        }
         const service = await SSOService.fromContext(request.body.provider);
         return await service.validateAndStartAuthCodeFlow(request.body);
     }

package/src/endpoints/global/audit-logs/GetAuditLogsEndpoint.ts

@@ -2,7 +2,7 @@ import { Decoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
 import { AuditLog } from '@stamhoofd/models';
-import { SQL, SQLFilterDefinitions, SQLSortDefinitions, compileToSQLFilter, compileToSQLSorter } from '@stamhoofd/sql';
+import { SQL, SQLFilterDefinitions, SQLSortDefinitions, compileToSQLFilter, applySQLSorter } from '@stamhoofd/sql';
 import { AuditLog as AuditLogStruct, CountFilteredRequest, LimitedFilteredRequest, PaginatedResponse, StamhoofdFilter, assertSort, getSortFilter } from '@stamhoofd/structures';
 
 import { AuthenticatedStructures } from '../../../helpers/AuthenticatedStructures';
@@ -82,7 +82,7 @@ export class GetAuditLogsEndpoint extends Endpoint<Params, Query, Body, Response
             }
 
             q.sort = assertSort(q.sort, [{ key: 'id' }]);
-            query.orderBy(compileToSQLSorter(q.sort, sorters));
+            applySQLSorter(query, q.sort, sorters);
             query.limit(q.limit);
         }
 

package/src/endpoints/global/events/GetEventNotificationsCountEndpoint.ts

@@ -0,0 +1,43 @@
+import { Decoder } from '@simonbackx/simple-encoding';
+import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
+import { CountFilteredRequest, CountResponse } from '@stamhoofd/structures';
+
+import { Context } from '../../../helpers/Context';
+import { GetEventNotificationsEndpoint } from './GetEventNotificationsEndpoint';
+
+type Params = Record<string, never>;
+type Query = CountFilteredRequest;
+type Body = undefined;
+type ResponseBody = CountResponse;
+
+export class GetEventNotificationsCountEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    queryDecoder = CountFilteredRequest as Decoder<CountFilteredRequest>;
+
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method !== 'GET') {
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(request.url, '/event-notifications/count', {});
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+        await Context.setOptionalOrganizationScope();
+        await Context.authenticate();
+        const query = await GetEventNotificationsEndpoint.buildQuery(request.query);
+
+        const count = await query
+            .count();
+
+        return new Response(
+            CountResponse.create({
+                count,
+            }),
+        );
+    }
+}

package/src/endpoints/global/events/GetEventNotificationsEndpoint.ts

@@ -0,0 +1,181 @@
+import { Decoder } from '@simonbackx/simple-encoding';
+import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
+import { SimpleError } from '@simonbackx/simple-errors';
+import { EventNotification } from '@stamhoofd/models';
+import { SQL, SQLFilterDefinitions, SQLSortDefinitions, applySQLSorter, compileToSQLFilter } from '@stamhoofd/sql';
+import { AccessRight, CountFilteredRequest, EventNotification as EventNotificationStruct, LimitedFilteredRequest, PaginatedResponse, StamhoofdFilter, assertSort, getSortFilter } from '@stamhoofd/structures';
+
+import { AuthenticatedStructures } from '../../../helpers/AuthenticatedStructures';
+import { Context } from '../../../helpers/Context';
+import { eventNotificationsFilterCompilers } from '../../../sql-filters/event-notifications';
+import { eventNotificationsSorters } from '../../../sql-sorters/event-notifications';
+import { SQLResultNamespacedRow } from '@simonbackx/simple-database';
+
+type Params = Record<string, never>;
+type Query = LimitedFilteredRequest;
+type Body = undefined;
+type ResponseBody = PaginatedResponse<EventNotificationStruct[], LimitedFilteredRequest>;
+
+const filterCompilers: SQLFilterDefinitions = eventNotificationsFilterCompilers;
+const sorters: SQLSortDefinitions<SQLResultNamespacedRow> = eventNotificationsSorters;
+
+export class GetEventNotificationsEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    queryDecoder = LimitedFilteredRequest as Decoder<LimitedFilteredRequest>;
+
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method !== 'GET') {
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(request.url, '/event-notifications', {});
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    static async buildQuery(q: CountFilteredRequest | LimitedFilteredRequest) {
+        const organization = Context.organization;
+        let scopeFilter: StamhoofdFilter | undefined = undefined;
+
+        // todo: add proper scoping and permission checking
+        if (organization) {
+            scopeFilter = {
+                organizationId: organization.id,
+            };
+        }
+
+        if (!organization) {
+            // Get all tags
+            const tags = Context.auth.getOrganizationTagsWithAccessRight(AccessRight.OrganizationEventNotificationReviewer);
+
+            if (tags !== 'all') {
+                if (tags.length === 0) {
+                    throw Context.auth.error();
+                }
+
+                scopeFilter = {
+                    organization: {
+                        $elemMatch: {
+                            tags: {
+                                $in: tags,
+                            },
+                        },
+                    },
+                };
+            }
+        }
+
+        const query = SQL
+            .select(
+                SQL.wildcard(EventNotification.table),
+            )
+            .from(
+                SQL.table(EventNotification.table),
+            );
+
+        if (scopeFilter) {
+            query.where(await compileToSQLFilter(scopeFilter, filterCompilers));
+        }
+
+        if (q.filter) {
+            query.where(await compileToSQLFilter(q.filter, filterCompilers));
+        }
+
+        if (q.search) {
+            let searchFilter: StamhoofdFilter | null = null;
+
+            searchFilter = {
+                events: {
+                    $elemMatch: {
+                        name: {
+                            $contains: q.search,
+                        },
+                    },
+                },
+            };
+
+            if (searchFilter) {
+                query.where(await compileToSQLFilter(searchFilter, filterCompilers));
+            }
+        }
+
+        if (q instanceof LimitedFilteredRequest) {
+            if (q.pageFilter) {
+                query.where(await compileToSQLFilter(q.pageFilter, filterCompilers));
+            }
+
+            q.sort = assertSort(q.sort, [{ key: 'id' }]);
+            applySQLSorter(query, q.sort, sorters);
+            query.limit(q.limit);
+        }
+
+        return query;
+    }
+
+    static async buildData(requestQuery: LimitedFilteredRequest) {
+        const query = await GetEventNotificationsEndpoint.buildQuery(requestQuery);
+        const data = await query.fetch();
+
+        const notifications = EventNotification.fromRows(data, EventNotification.table);
+
+        let next: LimitedFilteredRequest | undefined;
+
+        if (notifications.length >= requestQuery.limit) {
+            const lastObject = data[data.length - 1];
+            const nextFilter = getSortFilter(lastObject, sorters, requestQuery.sort);
+
+            next = new LimitedFilteredRequest({
+                filter: requestQuery.filter,
+                pageFilter: nextFilter,
+                sort: requestQuery.sort,
+                limit: requestQuery.limit,
+                search: requestQuery.search,
+            });
+
+            if (JSON.stringify(nextFilter) === JSON.stringify(requestQuery.pageFilter)) {
+                console.error('Found infinite loading loop for', requestQuery);
+                next = undefined;
+            }
+        }
+
+        for (const notification of notifications) {
+            if (!await Context.auth.canAccessEventNotification(notification)) {
+                throw Context.auth.error('Je hebt geen toegang om deze melding te bekijken');
+            }
+        }
+
+        return new PaginatedResponse<EventNotificationStruct[], LimitedFilteredRequest>({
+            results: await AuthenticatedStructures.eventNotifications(notifications),
+            next,
+        });
+    }
+
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+        await Context.setOptionalOrganizationScope();
+        await Context.authenticate();
+
+        const maxLimit = Context.auth.hasSomePlatformAccess() ? 1000 : 100;
+
+        if (request.query.limit > maxLimit) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be more than ' + maxLimit,
+            });
+        }
+
+        if (request.query.limit < 1) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be less than 1',
+            });
+        }
+
+        return new Response(
+            await GetEventNotificationsEndpoint.buildData(request.query),
+        );
+    }
+}

package/src/endpoints/global/events/GetEventsEndpoint.ts

@@ -2,7 +2,7 @@ import { Decoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
 import { Event } from '@stamhoofd/models';
-import { SQL, SQLFilterDefinitions, SQLSortDefinitions, compileToSQLFilter, compileToSQLSorter } from '@stamhoofd/sql';
+import { SQL, SQLFilterDefinitions, SQLSortDefinitions, compileToSQLFilter, applySQLSorter } from '@stamhoofd/sql';
 import { CountFilteredRequest, Event as EventStruct, LimitedFilteredRequest, PaginatedResponse, StamhoofdFilter, assertSort, getSortFilter } from '@stamhoofd/structures';
 
 import { AuthenticatedStructures } from '../../../helpers/AuthenticatedStructures';
@@ -88,7 +88,7 @@ export class GetEventsEndpoint extends Endpoint<Params, Query, Body, ResponseBod
             }
 
             q.sort = assertSort(q.sort, [{ key: 'id' }]);
-            query.orderBy(compileToSQLSorter(q.sort, sorters));
+            applySQLSorter(query, q.sort, sorters);
             query.limit(q.limit);
         }