@stamhoofd/backend 2.79.4 → 2.79.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +10 -10
  2. package/src/endpoints/global/registration/RegisterMembersEndpoint.test.ts +2 -2
  3. package/src/endpoints/global/registration/RegisterMembersEndpoint.ts +4 -2
  4. package/src/helpers/AdminPermissionChecker.ts +5 -5
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@stamhoofd/backend",
3
- "version": "2.79.4",
3
+ "version": "2.79.6",
4
4
  "main": "./dist/index.js",
5
5
  "exports": {
6
6
  ".": {
@@ -38,14 +38,14 @@
38
38
  "@simonbackx/simple-encoding": "2.21.0",
39
39
  "@simonbackx/simple-endpoints": "1.19.1",
40
40
  "@simonbackx/simple-logging": "^1.0.1",
41
- "@stamhoofd/backend-i18n": "2.79.4",
42
- "@stamhoofd/backend-middleware": "2.79.4",
43
- "@stamhoofd/email": "2.79.4",
44
- "@stamhoofd/models": "2.79.4",
45
- "@stamhoofd/queues": "2.79.4",
46
- "@stamhoofd/sql": "2.79.4",
47
- "@stamhoofd/structures": "2.79.4",
48
- "@stamhoofd/utility": "2.79.4",
41
+ "@stamhoofd/backend-i18n": "2.79.6",
42
+ "@stamhoofd/backend-middleware": "2.79.6",
43
+ "@stamhoofd/email": "2.79.6",
44
+ "@stamhoofd/models": "2.79.6",
45
+ "@stamhoofd/queues": "2.79.6",
46
+ "@stamhoofd/sql": "2.79.6",
47
+ "@stamhoofd/structures": "2.79.6",
48
+ "@stamhoofd/utility": "2.79.6",
49
49
  "archiver": "^7.0.1",
50
50
  "aws-sdk": "^2.885.0",
51
51
  "axios": "1.6.8",
@@ -65,5 +65,5 @@
65
65
  "publishConfig": {
66
66
  "access": "public"
67
67
  },
68
- "gitHead": "db09440c68c3af4e7b834b2a739f717e302fbc7c"
68
+ "gitHead": "5ed5677f28e62a73283527518b8e7ac0c8b4818e"
69
69
  }
package/src/endpoints/global/registration/RegisterMembersEndpoint.test.ts CHANGED
@@ -2213,7 +2213,7 @@ describe('Endpoint.RegisterMembers', () => {
2213
2213
  // #endregion
2214
2214
 
2215
2215
  // #region act and assert
2216
- await expect(async () => await post(body, organization, token)).rejects.toThrow(new RegExp('Je hebt geen toegangsrechten om deze inschrijving te verwijderen'));
2216
+ await expect(async () => await post(body, organization, token)).rejects.toThrow(/No permission to delete this registration/);
2217
2217
  // #endregion
2218
2218
  });
2219
2219
 
@@ -2343,7 +2343,7 @@ describe('Endpoint.RegisterMembers', () => {
2343
2343
 
2344
2344
  // #region act and assert
2345
2345
  await post(body1, organization, token);
2346
- await expect(async () => await post(body2, organization, token)).rejects.toThrow(new RegExp('Oeps, één of meerdere inschrijvingen die je probeert te verwijderen was al verwijderd. Herlaad de pagina en probeer opnieuw'));
2346
+ await expect(async () => await post(body2, organization, token)).rejects.toThrow(/No permission to delete this registration/);
2347
2347
  // #endregion
2348
2348
  });
2349
2349
  });
package/src/endpoints/global/registration/RegisterMembersEndpoint.ts CHANGED
@@ -400,7 +400,8 @@ export class RegisterMembersEndpoint extends Endpoint<Params, Query, Body, Respo
400
400
  if (!await Context.auth.canAccessRegistration(existingRegistration, PermissionLevel.Write)) {
401
401
  throw new SimpleError({
402
402
  code: 'forbidden',
403
- message: 'Je hebt geen toegangsrechten om deze inschrijving te verwijderen.',
403
+ message: 'No permission to delete this registration',
404
+ human: 'Je hebt geen toegangsrechten om deze inschrijving te verwijderen.',
404
405
  statusCode: 403,
405
406
  });
406
407
  }
@@ -408,7 +409,8 @@ export class RegisterMembersEndpoint extends Endpoint<Params, Query, Body, Respo
408
409
  if (existingRegistration.deactivatedAt || !existingRegistration.registeredAt) {
409
410
  throw new SimpleError({
410
411
  code: 'invalid_data',
411
- message: 'Oeps, één of meerdere inschrijvingen die je probeert te verwijderen was al verwijderd. Herlaad de pagina en probeer opnieuw.',
412
+ message: 'Cannot delete inactive registration',
413
+ human: 'Oeps, één of meerdere inschrijvingen die je probeert te verwijderen was al verwijderd. Herlaad de pagina en probeer opnieuw.',
412
414
  });
413
415
  }
414
416
 
package/src/helpers/AdminPermissionChecker.ts CHANGED
@@ -344,6 +344,11 @@ export class AdminPermissionChecker {
344
344
  * Note: only checks admin permissions. Users that 'own' this member can also access it but that does not use the AdminPermissionChecker
345
345
  */
346
346
  async canAccessRegistration(registration: Registration, permissionLevel: PermissionLevel = PermissionLevel.Read) {
347
+ if (registration.deactivatedAt || !registration.registeredAt) {
348
+ // No full access: cannot access deactivated registrations
349
+ return false;
350
+ }
351
+
347
352
  const organizationPermissions = await this.getOrganizationPermissions(registration.organizationId);
348
353
 
349
354
  if (!organizationPermissions) {
@@ -355,11 +360,6 @@ export class AdminPermissionChecker {
355
360
  return true;
356
361
  }
357
362
 
358
- if (registration.deactivatedAt || !registration.registeredAt) {
359
- // No full access: cannot access deactivated registrations
360
- return false;
361
- }
362
-
363
363
  const allGroups = await this.getOrganizationGroups(registration.organizationId);
364
364
  const group = allGroups.find(g => g.id === registration.groupId);
365
365
  if (!group || group.deletedAt) {