@stamhoofd/backend 2.81.0 → 2.83.0

package/src/endpoints/global/email/PatchEmailEndpoint.test.ts

@@ -0,0 +1,139 @@
+import { Request } from '@simonbackx/simple-endpoints';
+import { Email, Organization, OrganizationFactory, RegistrationPeriod, RegistrationPeriodFactory, Token, User, UserFactory } from "@stamhoofd/models";
+import { EmailStatus, Email as EmailStruct, PermissionLevel, Permissions, Version } from "@stamhoofd/structures";
+import { TestUtils } from "@stamhoofd/test-utils";
+import { testServer } from "../../../../tests/helpers/TestServer";
+import { PatchEmailEndpoint } from "./PatchEmailEndpoint";
+
+const baseUrl = `/v${Version}/email`;
+
+describe('Endpoint.PatchEmailEndpoint', () => {
+    const endpoint = new PatchEmailEndpoint();
+    let period: RegistrationPeriod;
+    let organization: Organization;
+    let token: Token;
+    let user: User;
+
+    const patchEmail = async (email: EmailStruct, token: Token, organization?: Organization) => {
+        const id = email.id;
+        const request = Request.buildJson('PATCH', `${baseUrl}/${id}`, organization?.getApiHost(), email);
+        request.headers.authorization = 'Bearer ' + token.accessToken;
+        return await testServer.test(endpoint, request);
+    };
+
+    beforeEach(async () => {
+        TestUtils.setEnvironment('userMode', 'platform');
+    });
+
+    beforeAll(async () => {
+        period = await new RegistrationPeriodFactory({
+            startDate: new Date(2023, 0, 1),
+            endDate: new Date(2023, 11, 31),
+        }).create();
+
+        organization = await new OrganizationFactory({ period })
+        .create();
+
+        user = await new UserFactory({
+            organization,
+            permissions: Permissions.create({
+                level: PermissionLevel.Read,
+            }),
+        })
+        .create();
+
+        token = await Token.createToken(user);
+    });
+
+    test('Should throw error if no unsubscribe button in email html', async () => {
+        const email = new Email();
+        email.subject = 'test subject';
+        email.status = EmailStatus.Draft;
+        email.text = 'test email {{unsubscribeUrl}}';
+        email.html =  `<!DOCTYPE html>
+        <html>
+
+        <head>
+        <meta charset="utf-8" />
+        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+        <meta name="viewport" content="width=device-width,initial-scale=1.0" />
+        <title>test</title>
+        </head>
+
+        <body>
+        <p style="margin: 0; padding: 0; line-height: 1.4;">test email</p>
+        </body>
+
+        </html>`;
+        email.json = {
+            "content": [
+              {
+                "content": [
+                  {
+                    "text": "test email",
+                    "type": "text"
+                  }
+                ],
+                "type": "paragraph"
+              }
+            ],
+            "type": "doc"
+        };
+        email.userId = user.id;
+        email.organizationId = organization.id;
+
+        await email.save();
+
+        const body = EmailStruct.create({...email, fromAddress:'test@test.be', status: EmailStatus.Sending})
+
+        await expect(async () => await patchEmail(body, token, organization))
+        .rejects
+        .toThrow('Missing unsubscribe button');
+    })
+
+    test('Should throw error if no unsubscribe button in email text', async () => {
+        const email = new Email();
+        email.subject = 'test subject';
+        email.status = EmailStatus.Draft;
+        email.text = 'test email';
+        email.html =  `<!DOCTYPE html>
+        <html>
+
+        <head>
+        <meta charset="utf-8" />
+        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+        <meta name="viewport" content="width=device-width,initial-scale=1.0" />
+        <title>test</title>
+        </head>
+
+        <body>
+        <p style="margin: 0; padding: 0; line-height: 1.4;">test email {{unsubscribeUrl}}</p>
+        </body>
+
+        </html>`;
+        email.json = {
+            "content": [
+              {
+                "content": [
+                  {
+                    "text": "test email",
+                    "type": "text"
+                  }
+                ],
+                "type": "paragraph"
+              }
+            ],
+            "type": "doc"
+        };
+        email.userId = user.id;
+        email.organizationId = organization.id;
+
+        await email.save();
+
+        const body = EmailStruct.create({...email, fromAddress:'test@test.be', status: EmailStatus.Sending})
+
+        await expect(async () => await patchEmail(body, token, organization))
+        .rejects
+        .toThrow('Missing unsubscribe button');
+    })
+})

package/src/endpoints/global/email/PatchEmailEndpoint.ts

@@ -2,19 +2,15 @@ import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-
 import { Email } from '@stamhoofd/models';
 import { EmailPreview, EmailStatus, Email as EmailStruct } from '@stamhoofd/structures';
 
+import { AutoEncoderPatchType, Decoder, patchObject } from '@simonbackx/simple-encoding';
 import { SimpleError } from '@simonbackx/simple-errors';
 import { Context } from '../../../helpers/Context';
-import { AutoEncoderPatchType, Decoder, patchObject } from '@simonbackx/simple-encoding';
 
 type Params = { id: string };
 type Query = undefined;
 type Body = AutoEncoderPatchType<EmailStruct>;
 type ResponseBody = EmailPreview;
 
-/**
- * One endpoint to create, patch and delete groups. Usefull because on organization setup, we need to create multiple groups at once. Also, sometimes we need to link values and update multiple groups at once
- */
-
 export class PatchEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
     bodyDecoder = EmailStruct.patchType() as Decoder<AutoEncoderPatchType<EmailStruct>>;
 
@@ -44,7 +40,7 @@ export class PatchEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBo
             throw new SimpleError({
                 code: 'not_found',
                 human: 'Email not found',
-                message: 'Deze e-mail bestaat niet of is verwijderd',
+                message: $t(`9ddb6616-f62d-4c91-82a9-e5cf398e4c4a`),
                 statusCode: 404,
             });
         }
@@ -53,7 +49,7 @@ export class PatchEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBo
             throw new SimpleError({
                 code: 'not_draft',
                 human: 'Email is not a draft',
-                message: 'Deze e-mail is al verzonden en kan niet meer aangepast worden',
+                message: $t(`298b5a46-2899-4aa1-89df-9b634c20806b`),
                 statusCode: 400,
             });
         }
@@ -107,6 +103,33 @@ export class PatchEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBo
 
         if (request.body.status === EmailStatus.Sending || request.body.status === EmailStatus.Sent) {
             model.throwIfNotReadyToSend();
+
+            const replacement = '{{unsubscribeUrl}}';
+ 
+            if (model.html) {
+                // Check email contains an unsubscribe button
+                if (!model.html.includes(replacement)) {
+                    throw new SimpleError({
+                        code: "missing_unsubscribe_button",
+                        message: "Missing unsubscribe button",
+                        human: $t(`dd55e04b-e5d9-4d9a-befc-443eef4175a8`),
+                        field: "html"
+                    })
+                }
+            }
+
+            if (model.text) {
+                // Check email contains an unsubscribe button
+                if (!model.text.includes(replacement)) {
+                    throw new SimpleError({
+                        code: "missing_unsubscribe_button",
+                        message: "Missing unsubscribe button",
+                        human: $t(`dd55e04b-e5d9-4d9a-befc-443eef4175a8`),
+                        field: "text"
+                    })
+                }
+            }
+
             model.send().catch(console.error);
         }
 

package/src/endpoints/global/events/GetEventNotificationsEndpoint.ts

@@ -142,7 +142,7 @@ export class GetEventNotificationsEndpoint extends Endpoint<Params, Query, Body,
 
         for (const notification of notifications) {
             if (!await Context.auth.canAccessEventNotification(notification)) {
-                throw Context.auth.error('Je hebt geen toegang om deze melding te bekijken');
+                throw Context.auth.error($t(`f18f19ca-c56b-49ad-b131-244cbebb6b1f`));
             }
         }
 

package/src/endpoints/global/events/PatchEventNotificationsEndpoint.test.ts

@@ -1,36 +1,17 @@
 import { PatchableArray, PatchMap, patchObject } from '@simonbackx/simple-encoding';
 import { Endpoint, Request } from '@simonbackx/simple-endpoints';
-import { EventNotificationFactory, EventFactory, EventNotificationTypeFactory, Organization, OrganizationFactory, Token, User, UserFactory, EmailTemplateFactory, RecordCategoryFactory, RegistrationPeriodFactory, RecordAnswerFactory, EventNotification } from '@stamhoofd/models';
-import { AccessRight, BaseOrganization, EmailTemplateType, Event, EventNotificationStatus, EventNotification as EventNotificationStruct, PermissionLevel, Permissions, PermissionsResourceType, RecordAnswer, RecordType, ResourcePermissions } from '@stamhoofd/structures';
-import { TestUtils } from '@stamhoofd/test-utils';
-import { PatchEventNotificationsEndpoint } from './PatchEventNotificationsEndpoint';
-import { testServer } from '../../../../tests/helpers/TestServer';
 import { EmailMocker } from '@stamhoofd/email';
+import { EmailTemplateFactory, EventFactory, EventNotification, EventNotificationFactory, EventNotificationTypeFactory, Organization, OrganizationFactory, RecordAnswerFactory, RecordCategoryFactory, RegistrationPeriodFactory, Token, User, UserFactory } from '@stamhoofd/models';
+import { AccessRight, BaseOrganization, EmailTemplateType, Event, EventNotificationStatus, EventNotification as EventNotificationStruct, Permissions, PermissionsResourceType, RecordType, ResourcePermissions } from '@stamhoofd/structures';
+import { SHExpect, TestUtils } from '@stamhoofd/test-utils';
+import { testServer } from '../../../../tests/helpers/TestServer';
+import { PatchEventNotificationsEndpoint } from './PatchEventNotificationsEndpoint';
 
 const baseUrl = `/event-notifications`;
 const endpoint = new PatchEventNotificationsEndpoint();
 type EndpointType = typeof endpoint;
 type Body = EndpointType extends Endpoint<any, any, infer B, any> ? B : never;
 
-const errorWithCode = (code: string) => expect.objectContaining({ code }) as jest.Constructable;
-const errorWithMessage = (message: string) => expect.objectContaining({ message }) as jest.Constructable;
-const simpleError = (data: {
-    code?: string;
-    message?: string;
-    field?: string;
-}) => {
-    const d = {
-        code: data.code ?? expect.any(String),
-        message: data.message ?? expect.any(String),
-        field: data.field ?? expect.anything(),
-    };
-
-    if (!data.field) {
-        delete d.field;
-    }
-    return expect.objectContaining(d) as jest.Constructable;
-};
-
 const minimumUserPermissions = Permissions.create({
     resources: new Map([
         [PermissionsResourceType.Groups, new Map([
@@ -169,7 +150,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'invalid_field', field: 'typeId' }),
+            SHExpect.simpleError({ code: 'invalid_field', field: 'typeId' }),
         );
     });
 
@@ -194,7 +175,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'invalid_field', field: 'events' }),
+            SHExpect.simpleError({ code: 'invalid_field', field: 'events' }),
         );
     });
 
@@ -228,7 +209,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
             }),
         );
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'invalid_period', field: 'startDate' }),
+            SHExpect.simpleError({ code: 'invalid_period', field: 'startDate' }),
         );
     });
 
@@ -256,7 +237,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'invalid_field', field: 'events' }),
+            SHExpect.simpleError({ code: 'invalid_field', field: 'events' }),
         );
     });
 
@@ -416,7 +397,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -442,7 +423,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -468,7 +449,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -494,7 +475,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -520,7 +501,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -603,7 +584,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 
@@ -991,7 +972,7 @@ describe('Endpoint.PatchEventNotificationsEndpoint', () => {
         );
 
         await expect(TestRequest.patch({ body, user, organization })).rejects.toThrow(
-            simpleError({ code: 'permission_denied' }),
+            SHExpect.simpleError({ code: 'permission_denied' }),
         );
     });
 });

package/src/endpoints/global/events/PatchEventNotificationsEndpoint.ts

@@ -69,7 +69,7 @@ export class PatchEventNotificationsEndpoint extends Endpoint<Params, Query, Bod
                     throw new SimpleError({
                         code: 'invalid_field',
                         message: 'Invalid event',
-                        human: 'Dit evenement bestaat niet of is niet van jouw organisatie',
+                        human: $t(`4275fbbe-9921-454e-852c-9c53a9803f1f`),
                         field: 'events',
                     });
                 }

package/src/endpoints/global/events/PatchEventsEndpoint.ts

@@ -63,7 +63,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty groups',
-                    human: 'Kies minstens één leeftijdsgroep',
+                    human: $t(`93faf169-b78d-4ad2-b13b-3b974267a632`),
                 });
             }
 
@@ -71,7 +71,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty default age groups',
-                    human: 'Kies minstens één standaard leeftijdsgroep',
+                    human: $t(`2712befc-5cc5-4013-b8df-ec0861a82c36`),
                 });
             }
 
@@ -79,7 +79,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty organization tag ids',
-                    human: 'Kies minstens één tag',
+                    human: $t(`30230574-2956-4e40-ba11-5523c24c0af8`),
                 });
             }
 
@@ -136,7 +136,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'not_found',
                     message: 'Event not found',
-                    human: 'De activiteit werd niet gevonden',
+                    human: $t(`c5f3d2c3-9d7a-473d-ba91-63ce104a2de5`),
                 });
             }
 
@@ -146,7 +146,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Cannot patch organizationCache',
-                    human: 'Je kan de organizationCache niet aanpassen via een patch',
+                    human: $t(`74e6eba6-596c-4e55-b178-b2a5fdbca581`),
                     field: 'meta.organizationCache',
                 });
             }
@@ -166,7 +166,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty groups',
-                    human: 'Kies minstens één leeftijdsgroep',
+                    human: $t(`93faf169-b78d-4ad2-b13b-3b974267a632`),
                 });
             }
 
@@ -174,7 +174,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty default age groups',
-                    human: 'Kies minstens één standaard leeftijdsgroep',
+                    human: $t(`2712befc-5cc5-4013-b8df-ec0861a82c36`),
                 });
             }
 
@@ -182,7 +182,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_field',
                     message: 'Empty organization tag ids',
-                    human: 'Kies minstens één tag',
+                    human: $t(`30230574-2956-4e40-ba11-5523c24c0af8`),
                 });
             }
 
@@ -320,7 +320,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
             throw new SimpleError({
                 code: 'invalid_field',
                 message: 'Invalid typeId',
-                human: 'Dit type activiteit wordt niet ondersteund',
+                human: $t(`6b36fc82-d88c-49cc-ae94-4653ad37b3e3`),
                 field: 'typeId',
             });
         }
@@ -334,7 +334,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
             throw new SimpleError({
                 code: 'invalid_field',
                 message: 'Name is too short',
-                human: 'Vul een naam voor je activiteit in',
+                human: $t(`53a66432-0bf5-4193-9eb8-dbd52d86a1f8`),
                 field: 'name',
             });
         }
@@ -343,7 +343,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
             throw new SimpleError({
                 code: 'invalid_dates',
                 message: 'End date is before start date',
-                human: 'De einddatum moet na de startdatum liggen',
+                human: $t(`318924c0-7a79-4cfa-b206-ffc27c4d32b7`),
                 field: 'endDate',
             });
         }
@@ -360,7 +360,10 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'minimum_days',
                     message: 'An event with this type has a minimum of ' + type.minimumDays + ' days',
-                    human: 'Een ' + type.name + ' moet minimum ' + Formatter.pluralText(type.minimumDays, 'dag', 'dagen') + ' duren',
+                    human: $t(`04ff85c0-eb98-46b8-975b-8fd136ddc49a`, {
+                        name: type.name,
+                        days: Formatter.pluralText(type.minimumDays, $t(`a6279389-a070-49c9-a085-bb312555e419`), $t(`fca0ce20-d696-4966-a50c-441f54f046c4`)),
+                    }),
                     field: 'startDate',
                 });
             }
@@ -369,7 +372,10 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'maximum_days',
                     message: 'An event with this type has a maximum of ' + type.maximumDays + ' days',
-                    human: 'Een ' + type.name + ' mag maximaal ' + Formatter.pluralText(type.maximumDays, 'dag', 'dagen') + ' duren',
+                    human: $t(`a7d005aa-ceaa-4323-8fac-a02fce174023`, {
+                        name: type.name,
+                        days: Formatter.pluralText(type.maximumDays, $t(`a6279389-a070-49c9-a085-bb312555e419`), $t(`fca0ce20-d696-4966-a50c-441f54f046c4`)),
+                    }),
                     field: 'startDate',
                 });
             }
@@ -393,7 +399,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                     throw new SimpleError({
                         code: 'type_maximum_reached',
                         message: 'Maximum number of events with this type reached',
-                        human: 'Het maximum aantal voor ' + type.name + ' is bereikt (' + type.maximum + ')',
+                        human: $t(`fb7df531-0f89-4841-b685-7b2cfb5b507d`) + ' ' + type.name + ' ' + $t(`073d20dc-88f3-4145-89f5-13cc8ad90207`) + type.maximum + ')',
                         field: 'typeId',
                     });
                 }
@@ -402,7 +408,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
                 throw new SimpleError({
                     code: 'invalid_period',
                     message: 'No period found for this start date',
-                    human: 'Oeps, je kan nog geen evenementen van dit type aanmaken in deze periode',
+                    human: $t(`7a38bf9d-4df7-4827-85dc-327ffe6cd50a`),
                     field: 'startDate',
                 });
             }
@@ -420,7 +426,7 @@ export class PatchEventsEndpoint extends Endpoint<Params, Query, Body, ResponseB
             throw new SimpleError({
                 code: 'invalid_field',
                 message: 'Empty number',
-                human: 'De locatie is verplicht voor deze soort activiteit.',
+                human: $t(`6b72f8bd-cd5b-423f-a556-be102d3c22e9`),
                 field: 'event_required',
             });
         }

package/src/endpoints/global/files/ExportToExcelEndpoint.ts

@@ -65,7 +65,7 @@ export class ExportToExcelEndpoint extends Endpoint<Params, Query, Body, Respons
             throw new SimpleError({
                 code: 'not_allowed',
                 message: 'Export is pending',
-                human: 'Je hebt momenteel al een Excel export lopen. Wacht tot die klaar is voor je een nieuwe export start.',
+                human: $t(`a77e6624-bd1f-4374-af5a-d25cc60ee4da`),
                 statusCode: 403,
             });
         }

package/src/endpoints/global/files/UploadFile.ts

@@ -58,7 +58,7 @@ export class UploadFile extends Endpoint<Params, Query, Body, ResponseBody> {
         await Context.setOptionalOrganizationScope();
         const { user } = await Context.authenticate();
 
-        if (!Context.auth.canUpload()) {
+        if (!Context.auth.canUpload({ private: request.query.isPrivate })) {
             throw Context.auth.error();
         }
 
@@ -126,6 +126,18 @@ export class UploadFile extends Endpoint<Params, Query, Body, ResponseBody> {
             prefix += '/';
         }
 
+        prefix += (STAMHOOFD.environment ?? 'development') === 'development' ? ('development/') : ('');
+
+        // Prepend user id to the file path
+        if (request.query.isPrivate && user) {
+            // Private files
+            prefix += 'users/' + user.id + '/';
+        }
+        else {
+            // Public files
+            prefix += 'p/';
+        }
+
         // Also include the source, in private mode
         const fileId = uuidv4();
         let uploadExt = '';
@@ -162,7 +174,7 @@ export class UploadFile extends Endpoint<Params, Query, Body, ResponseBody> {
         }
 
         const filenameWithoutExt = file.originalFilename?.split('.').slice(0, -1).join('.') ?? fileId;
-        const key = prefix + (STAMHOOFD.environment ?? 'development') + '/' + fileId + '/' + (Formatter.slug(filenameWithoutExt) + (uploadExt ? ('.' + uploadExt) : ''));
+        const key = prefix + fileId + '/' + (Formatter.slug(filenameWithoutExt) + (uploadExt ? ('.' + uploadExt) : ''));
         const params = {
             Bucket: STAMHOOFD.SPACES_BUCKET,
             Key: key,

package/src/endpoints/global/files/UploadImage.ts

@@ -64,7 +64,7 @@ export class UploadImage extends Endpoint<Params, Query, Body, ResponseBody> {
         await Context.setOptionalOrganizationScope();
         const { user } = await Context.authenticate();
 
-        if (!Context.auth.canUpload()) {
+        if (!Context.auth.canUpload({ private: request.query.isPrivate })) {
             throw Context.auth.error();
         }
 
@@ -131,7 +131,7 @@ export class UploadImage extends Endpoint<Params, Query, Body, ResponseBody> {
         });
 
         const fileContent = await fs.readFile(file.filepath);
-        const image = await Image.create(fileContent, file.mimetype ?? undefined, resolutions, request.query.isPrivate);
+        const image = await Image.create(fileContent, file.mimetype ?? undefined, resolutions, request.query.isPrivate, user);
         return new Response(ImageStruct.create(image));
     }
 }

package/src/endpoints/global/members/GetMemberFamilyEndpoint.ts

@@ -55,7 +55,7 @@ export class GetMemberFamilyEndpoint extends Endpoint<Params, Query, Body, Respo
 
                 // Check access to this member (this will automatically give access to the family)
                 if (!await Context.auth.canAccessMember(member)) {
-                    throw Context.auth.error('Je hebt geen toegang tot dit lid');
+                    throw Context.auth.error($t(`c9797487-3e24-4686-9bdc-2a7ec9cee8ed`));
                 }
                 validatedMembers.push(member);
                 continue;
@@ -67,7 +67,7 @@ export class GetMemberFamilyEndpoint extends Endpoint<Params, Query, Body, Respo
         }
 
         if (!foundMember) {
-            throw Context.auth.error('Je hebt geen toegang tot dit lid');
+            throw Context.auth.error($t(`c9797487-3e24-4686-9bdc-2a7ec9cee8ed`));
         }
 
         return new Response(

package/src/endpoints/global/members/GetMembersEndpoint.ts

@@ -245,7 +245,7 @@ export class GetMembersEndpoint extends Endpoint<Params, Query, Body, ResponseBo
                 throw new SimpleError({
                     code: 'timeout',
                     message: 'Query took too long',
-                    human: 'Deze opzoeking is te complex en duurt te lang. Probeer een eenvoudigere zoekopdracht of probeer terug op een rustiger tijdstip.',
+                    human: $t(`dce51638-6129-448b-8a15-e6d778f3a76a`),
                 });
             }
             throw error;