@stamhoofd/backend 2.85.3 → 2.86.0

package/.nvmrc

@@ -1 +1 @@
-20.12
+22

package/index.ts

@@ -1,237 +1,15 @@
 import backendEnv from '@stamhoofd/backend-env';
-backendEnv.load({ service: 'api' });
 
-import { Column, Database, Migration } from '@simonbackx/simple-database';
-import { CORSPreflightEndpoint, Router, RouterServer } from '@simonbackx/simple-endpoints';
-import { CORSMiddleware, LogMiddleware, VersionMiddleware } from '@stamhoofd/backend-middleware';
-import { Email } from '@stamhoofd/email';
-import { loadLogger } from '@stamhoofd/logging';
-import { Version } from '@stamhoofd/structures';
-import { sleep } from '@stamhoofd/utility';
-
-import { startCrons, stopCrons, waitForCrons } from '@stamhoofd/crons';
-import { Platform } from '@stamhoofd/models';
-import { resumeEmails } from './src/helpers/EmailResumer';
-import { GlobalHelper } from './src/helpers/GlobalHelper';
-import { SetupStepUpdater } from './src/helpers/SetupStepUpdater';
-import { ContextMiddleware } from './src/middleware/ContextMiddleware';
-import { AuditLogService } from './src/services/AuditLogService';
-import { BalanceItemService } from './src/services/BalanceItemService';
-import { DocumentService } from './src/services/DocumentService';
-import { FileSignService } from './src/services/FileSignService';
-import { PlatformMembershipService } from './src/services/PlatformMembershipService';
-import { UniqueUserService } from './src/services/UniqueUserService';
-import { QueueHandler } from '@stamhoofd/queues';
-import { SimpleError } from '@simonbackx/simple-errors';
-
-process.on('unhandledRejection', (error: Error) => {
-    console.error('unhandledRejection');
-    console.error(error.message, error.stack);
+backendEnv.load({ service: 'api' }).catch((error) => {
+    console.error('Failed to load environment:', error);
     process.exit(1);
-});
-
-// Set version of saved structures
-Column.setJSONVersion(Version);
-
-// Set timezone
-process.env.TZ = 'UTC';
-
-// Quick check
-if (new Date().getTimezoneOffset() !== 0) {
-    throw new Error('Process should always run in UTC timezone');
-}
-
-const seeds = async () => {
-    try {
-        // Internal
-        await AuditLogService.disable(async () => {
-            await Migration.runAll(__dirname + '/src/seeds');
-        });
-    }
-    catch (e) {
-        console.error('Failed to run seeds:');
-        console.error(e);
+}).then(async () => {
+    if (STAMHOOFD.environment === 'development') {
+        const { run } = await import('./src/migrate');
+        await run();
     }
-};
-const bootTime = process.hrtime();
-
-const start = async () => {
-    console.log('Running server at v' + Version);
-    loadLogger();
-
-    await GlobalHelper.load();
-    await UniqueUserService.check();
-
-    // Init platform shared struct: otherwise permissions won't work with missing responsibilities
-    console.log('Loading platform...');
-    await Platform.loadCaches();
-
-    const router = new Router();
-
-    console.log('Loading endpoints...');
-
-    // Note: we should load endpoints one by once to have a reliable order of url matching
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/global/*');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/admin/*');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/auth');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/organization/dashboard/*');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/organization/registration');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/organization/webshops');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/organization/shared');
-    await router.loadAllEndpoints(__dirname + '/src/endpoints/organization/shared/*');
-
-    router.endpoints.push(new CORSPreflightEndpoint());
-
-    console.log('Creating router...');
-    const routerServer = new RouterServer(router);
-    routerServer.verbose = false;
-
-    // Log requests and errors
-    routerServer.addRequestMiddleware(LogMiddleware);
-    routerServer.addResponseMiddleware(LogMiddleware);
-
-    routerServer.addResponseMiddleware(FileSignService);
-    routerServer.addRequestMiddleware(FileSignService);
-
-    // Contexts
-    routerServer.addRequestMiddleware(ContextMiddleware);
-
-    // Add version headers and minimum version
-    const versionMiddleware = new VersionMiddleware({
-        latestVersions: {
-            android: STAMHOOFD.LATEST_ANDROID_VERSION,
-            ios: STAMHOOFD.LATEST_IOS_VERSION,
-            web: Version,
-        },
-        minimumVersion: 331,
-    });
-    routerServer.addRequestMiddleware(versionMiddleware);
-    routerServer.addResponseMiddleware(versionMiddleware);
-
-    // Add CORS headers
-    routerServer.addResponseMiddleware(CORSMiddleware);
-
-    console.log('Loading loaders...');
-
-    // Register Excel loaders
-    await import('./src/excel-loaders');
-
-    // Register Email Recipient loaders
-    await import('./src/email-recipient-loaders/members');
-    await import('./src/email-recipient-loaders/registrations');
-    await import('./src/email-recipient-loaders/orders');
-    await import('./src/email-recipient-loaders/receivable-balances');
-    await import('./src/excel-loaders/registrations');
-
-    console.log('Opening port...');
-    routerServer.listen(STAMHOOFD.PORT ?? 9090);
-
-    const hrend = process.hrtime(bootTime);
-    console.log('🟢 HTTP server started in ' + Math.ceil(hrend[0] * 1000 + hrend[1] / 1000000) + 'ms');
-
-    resumeEmails().catch(console.error);
-
-    if (routerServer.server) {
-        // Default timeout is a bit too short
-        routerServer.server.timeout = 61000;
-    }
-
-    let shuttingDown = false;
-    const shutdown = async () => {
-        if (shuttingDown) {
-            return;
-        }
-        shuttingDown = true;
-        console.log('Shutting down...');
-        // Disable keep alive
-        routerServer.defaultHeaders = Object.assign(routerServer.defaultHeaders, { Connection: 'close' });
-        if (routerServer.server) {
-            routerServer.server.headersTimeout = 5000;
-            routerServer.server.keepAliveTimeout = 1;
-        }
-
-        stopCrons();
-
-        if (STAMHOOFD.environment === 'development') {
-            setTimeout(() => {
-                console.error('Forcing exit after 5 seconds');
-                process.exit(1);
-            }, 5000);
-        }
-
-        try {
-            await routerServer.close();
-            console.log('HTTP server stopped');
-        }
-        catch (err) {
-            console.error('Failed to stop HTTP server:');
-            console.error(err);
-        }
-
-        await BalanceItemService.flushAll();
-        await waitForCrons();
-        QueueHandler.abortAll(
-            new SimpleError({
-                code: 'SHUTDOWN',
-                message: 'Shutting down',
-                statusCode: 503,
-            }),
-        );
-        await QueueHandler.awaitAll();
-
-        try {
-            while (Email.currentQueue.length > 0) {
-                console.log(`${Email.currentQueue.length} emails still in queue. Waiting 500ms...`);
-                await sleep(500);
-            }
-        }
-        catch (err) {
-            console.error('Failed to wait for emails to finish:');
-            console.error(err);
-        }
-
-        try {
-            await Database.end();
-            console.log('MySQL connections closed');
-        }
-        catch (err) {
-            console.error('Failed to close MySQL connection:');
-            console.error(err);
-        }
-
-        // Should not be needed, but added for security as sometimes a promise hangs somewhere
-        process.exit(0);
-    };
-
-    process.on('SIGTERM', () => {
-        console.info('SIGTERM signal received.');
-        shutdown().catch((e) => {
-            console.error(e);
-            process.exit(1);
-        });
-    });
-
-    process.on('SIGINT', () => {
-        console.info('SIGINT signal received.');
-        shutdown().catch((e) => {
-            console.error(e);
-            process.exit(1);
-        });
-    });
-
-    // Register crons
-    await import('./src/crons');
-
-    AuditLogService.listen();
-    PlatformMembershipService.listen();
-    DocumentService.listen();
-    SetupStepUpdater.listen();
-
-    startCrons();
-    seeds().catch(console.error);
-};
-
-start().catch((error) => {
-    console.error('unhandledRejection', error);
+    await import('./src/boot');
+}).catch((error) => {
+    console.error('Failed to start the API:', error);
     process.exit(1);
 });

package/migrations.ts

@@ -1,35 +1,13 @@
 import backendEnv from '@stamhoofd/backend-env';
-backendEnv.load();
 
-import { Column, Migration } from '@simonbackx/simple-database';
-import { Version } from '@stamhoofd/structures';
-import path from 'path';
-
-Column.setJSONVersion(Version);
-process.env.TZ = 'UTC';
-
-const emailPath = require.resolve('@stamhoofd/email');
-const modelsPath = require.resolve('@stamhoofd/models');
-
-// Validate UTC timezone
-if (new Date().getTimezoneOffset() !== 0) {
-    throw new Error('Process should always run in UTC timezone');
-}
-
-const start = async () => {
-    // External migrations
-    await Migration.runAll(path.dirname(modelsPath) + '/migrations');
-    await Migration.runAll(path.dirname(emailPath) + '/migrations');
-
-    // Internal
-    await Migration.runAll(__dirname + '/src/migrations');
-};
-
-start()
-    .catch((error) => {
-        console.error('unhandledRejection', error);
-        process.exit(1);
-    })
-    .finally(() => {
-        process.exit();
-    });
+backendEnv.load({ service: 'api' }).catch((error) => {
+    console.error('Failed to load environment:', error);
+    process.exit(1);
+}).then(async () => {
+    const { run } = await import('./src/migrate');
+    await run();
+    process.exit(0);
+}).catch((error) => {
+    console.error('Failed to run migrations:', error);
+    process.exit(1);
+});

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.85.3",
+    "version": "2.86.0",
     "main": "./dist/index.js",
     "exports": {
         ".": {
@@ -9,16 +9,17 @@
     },
     "license": "UNLICENCED",
     "scripts": {
-        "dev": "echo 'Waiting for shared backend packages...' && wait-on ../../shared/middleware/dist/index.js && echo 'Start building backend API' && concurrently -r 'yarn build --watch --preserveWatchOutput' \"wait-on ./dist/index.js && nodemon --quiet --inspect=5858 --watch dist --watch '../../../shared/*/dist/' --watch '../../shared/*/dist/' --ext .ts,.json,.sql,.js --watch .env.json --delay 1000ms --exec 'node --enable-source-maps ./dist/index.js' --signal SIGTERM\"",
-        "dev:backend": "yarn dev",
+        "dev": "wait-on ../../shared/middleware/dist/index.js && concurrently -r 'yarn -s build --watch --preserveWatchOutput' \"yarn -s dev:watch\"",
+        "dev:watch": "wait-on ./dist/index.js && nodemon --quiet --inspect=5858 --watch dist --watch '../../../shared/*/dist/' --watch '../../shared/*/dist/' --ext .ts,.json,.sql,.js --delay 2000ms --exec 'node --enable-source-maps ./dist/index.js' --signal SIGTERM",
+        "dev:backend": "yarn -s dev",
         "build": "rm -rf ./dist/src/migrations && rm -rf ./dist/src/seeds && tsc -b",
-        "build:full": "yarn clear && yarn build",
+        "build:full": "yarn -s clear && yarn -s build",
         "clear": "rm -rf ./dist",
-        "start": "yarn build && node --enable-source-maps ./dist/index.js",
+        "start": "yarn -s build && node --enable-source-maps ./dist/index.js",
         "test": "jest --runInBand",
         "test:build": "yarn -s build:full && yarn -s test",
-        "test:reset": "yarn build:full && jest --runInBand",
-        "migrations": "yarn build:full && node ./dist/migrations.js",
+        "test:reset": "yarn -s build:full && jest --runInBand",
+        "migrations": "yarn -s build:full && node ./dist/migrations.js",
         "lint": "eslint"
     },
     "devDependencies": {
@@ -26,7 +27,7 @@
         "@types/luxon": "3.4.2",
         "@types/mailparser": "3.4.4",
         "@types/mysql": "^2.15.20",
-        "@types/node": "^20.12",
+        "@types/node": "^22",
         "nock": "^13.5.1",
         "qs": "^6.11.2",
         "sinon": "^18.0.0"
@@ -39,22 +40,22 @@
         "@aws-sdk/s3-request-presigner": "3.823.0",
         "@bwip-js/node": "^4.5.1",
         "@mollie/api-client": "3.7.0",
-        "@simonbackx/simple-database": "1.32.0",
+        "@simonbackx/simple-database": "1.33.0",
         "@simonbackx/simple-encoding": "2.22.0",
         "@simonbackx/simple-endpoints": "1.20.1",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.85.3",
-        "@stamhoofd/backend-middleware": "2.85.3",
-        "@stamhoofd/email": "2.85.3",
-        "@stamhoofd/models": "2.85.3",
-        "@stamhoofd/queues": "2.85.3",
-        "@stamhoofd/sql": "2.85.3",
-        "@stamhoofd/structures": "2.85.3",
-        "@stamhoofd/utility": "2.85.3",
+        "@stamhoofd/backend-i18n": "2.86.0",
+        "@stamhoofd/backend-middleware": "2.86.0",
+        "@stamhoofd/email": "2.86.0",
+        "@stamhoofd/models": "2.86.0",
+        "@stamhoofd/queues": "2.86.0",
+        "@stamhoofd/sql": "2.86.0",
+        "@stamhoofd/structures": "2.86.0",
+        "@stamhoofd/utility": "2.86.0",
         "archiver": "^7.0.1",
-        "axios": "1.6.8",
+        "axios": "^1.8.2",
         "cookie": "^0.5.0",
-        "formidable": "3.5.1",
+        "formidable": "3.5.4",
         "handlebars": "^4.7.7",
         "jsonwebtoken": "9.0.0",
         "luxon": "3.4.4",
@@ -63,11 +64,10 @@
         "mysql2": "^3.14.1",
         "node-rsa": "1.1.1",
         "openid-client": "^5.4.0",
-        "postmark": "^4.0.5",
         "stripe": "^16.6.0"
     },
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "5a80111e83be35a396c48ba30d0569d9376b953a"
+    "gitHead": "e7db435d283a81bee4f7d26c2ccc61ee1df0524c"
 }

package/src/boot.ts

@@ -0,0 +1,240 @@
+import { Column, Database, Migration } from '@simonbackx/simple-database';
+import { CORSPreflightEndpoint, Router, RouterServer } from '@simonbackx/simple-endpoints';
+import { CORSMiddleware, LogMiddleware, VersionMiddleware } from '@stamhoofd/backend-middleware';
+import { Email } from '@stamhoofd/email';
+import { loadLogger } from '@stamhoofd/logging';
+import { Version } from '@stamhoofd/structures';
+import { sleep } from '@stamhoofd/utility';
+
+import { startCrons, stopCrons, waitForCrons } from '@stamhoofd/crons';
+import { Platform } from '@stamhoofd/models';
+import { resumeEmails } from './helpers/EmailResumer';
+import { GlobalHelper } from './helpers/GlobalHelper';
+import { SetupStepUpdater } from './helpers/SetupStepUpdater';
+import { ContextMiddleware } from './middleware/ContextMiddleware';
+import { AuditLogService } from './services/AuditLogService';
+import { BalanceItemService } from './services/BalanceItemService';
+import { DocumentService } from './services/DocumentService';
+import { FileSignService } from './services/FileSignService';
+import { PlatformMembershipService } from './services/PlatformMembershipService';
+import { UniqueUserService } from './services/UniqueUserService';
+import { QueueHandler } from '@stamhoofd/queues';
+import { SimpleError } from '@simonbackx/simple-errors';
+
+process.on('unhandledRejection', (error: Error) => {
+    console.error('unhandledRejection');
+    console.error(error.message, error.stack);
+    process.exit(1);
+});
+
+// Set version of saved structures
+Column.setJSONVersion(Version);
+
+// Set timezone
+process.env.TZ = 'UTC';
+
+// Quick check
+if (new Date().getTimezoneOffset() !== 0) {
+    throw new Error('Process should always run in UTC timezone');
+}
+
+const seeds = async () => {
+    try {
+        // Internal
+        await AuditLogService.disable(async () => {
+            await Migration.runAll(__dirname + '/seeds');
+        });
+    }
+    catch (e) {
+        console.error('Failed to run seeds:');
+        console.error(e);
+    }
+};
+const bootTime = process.hrtime();
+
+function productionLog(message: string) {
+    if (STAMHOOFD.environment !== 'development') {
+        console.log(message);
+    }
+}
+
+const start = async () => {
+    productionLog('Running server at v' + Version);
+    loadLogger();
+
+    await GlobalHelper.load();
+    await UniqueUserService.check();
+
+    // Init platform shared struct: otherwise permissions won't work with missing responsibilities
+    productionLog('Loading platform...');
+    await Platform.loadCaches();
+
+    const router = new Router();
+
+    productionLog('Loading endpoints...');
+
+    // Note: we should load endpoints one by once to have a reliable order of url matching
+    await router.loadAllEndpoints(__dirname + '/endpoints/global/*');
+    await router.loadAllEndpoints(__dirname + '/endpoints/admin/*');
+    await router.loadAllEndpoints(__dirname + '/endpoints/auth');
+    await router.loadAllEndpoints(__dirname + '/endpoints/organization/dashboard/*');
+    await router.loadAllEndpoints(__dirname + '/endpoints/organization/registration');
+    await router.loadAllEndpoints(__dirname + '/endpoints/organization/webshops');
+    await router.loadAllEndpoints(__dirname + '/endpoints/organization/shared');
+    await router.loadAllEndpoints(__dirname + '/endpoints/organization/shared/*');
+
+    router.endpoints.push(new CORSPreflightEndpoint());
+
+    productionLog('Creating router...');
+    const routerServer = new RouterServer(router);
+    routerServer.verbose = false;
+
+    // Log requests and errors
+    routerServer.addRequestMiddleware(LogMiddleware);
+    routerServer.addResponseMiddleware(LogMiddleware);
+
+    routerServer.addResponseMiddleware(FileSignService);
+    routerServer.addRequestMiddleware(FileSignService);
+
+    // Contexts
+    routerServer.addRequestMiddleware(ContextMiddleware);
+
+    // Add version headers and minimum version
+    const versionMiddleware = new VersionMiddleware({
+        latestVersions: {
+            android: STAMHOOFD.LATEST_ANDROID_VERSION,
+            ios: STAMHOOFD.LATEST_IOS_VERSION,
+            web: Version,
+        },
+        minimumVersion: 331,
+    });
+    routerServer.addRequestMiddleware(versionMiddleware);
+    routerServer.addResponseMiddleware(versionMiddleware);
+
+    // Add CORS headers
+    routerServer.addResponseMiddleware(CORSMiddleware);
+
+    productionLog('Loading loaders...');
+
+    // Register Excel loaders
+    await import('./excel-loaders');
+
+    // Register Email Recipient loaders
+    await import('./email-recipient-loaders/members');
+    await import('./email-recipient-loaders/registrations');
+    await import('./email-recipient-loaders/orders');
+    await import('./email-recipient-loaders/receivable-balances');
+    await import('./excel-loaders/registrations');
+
+    productionLog('Opening port...');
+    routerServer.listen(STAMHOOFD.PORT ?? 9090);
+
+    const hrend = process.hrtime(bootTime);
+    productionLog('🟢 HTTP server started in ' + Math.ceil(hrend[0] * 1000 + hrend[1] / 1000000) + 'ms');
+
+    resumeEmails().catch(console.error);
+
+    if (routerServer.server) {
+        // Default timeout is a bit too short
+        routerServer.server.timeout = 61000;
+    }
+
+    let shuttingDown = false;
+    const shutdown = async () => {
+        if (shuttingDown) {
+            return;
+        }
+        shuttingDown = true;
+        productionLog('Shutting down...');
+        // Disable keep alive
+        routerServer.defaultHeaders = Object.assign(routerServer.defaultHeaders, { Connection: 'close' });
+        if (routerServer.server) {
+            routerServer.server.headersTimeout = 5000;
+            routerServer.server.keepAliveTimeout = 1;
+        }
+
+        stopCrons();
+
+        if (STAMHOOFD.environment === 'development') {
+            setTimeout(() => {
+                console.error('Forcing exit after 5 seconds');
+                process.exit(1);
+            }, 5000);
+        }
+
+        try {
+            await routerServer.close();
+            productionLog('HTTP server stopped');
+        }
+        catch (err) {
+            console.error('Failed to stop HTTP server:');
+            console.error(err);
+        }
+
+        await BalanceItemService.flushAll();
+        await waitForCrons();
+        QueueHandler.abortAll(
+            new SimpleError({
+                code: 'SHUTDOWN',
+                message: 'Shutting down',
+                statusCode: 503,
+            }),
+        );
+        await QueueHandler.awaitAll();
+
+        try {
+            while (Email.currentQueue.length > 0) {
+                console.log(`${Email.currentQueue.length} emails still in queue. Waiting 500ms...`);
+                await sleep(500);
+            }
+        }
+        catch (err) {
+            console.error('Failed to wait for emails to finish:');
+            console.error(err);
+        }
+
+        try {
+            await Database.end();
+            productionLog('MySQL connections closed');
+        }
+        catch (err) {
+            console.error('Failed to close MySQL connection:');
+            console.error(err);
+        }
+
+        // Should not be needed, but added for security as sometimes a promise hangs somewhere
+        process.exit(0);
+    };
+
+    process.on('SIGTERM', () => {
+        productionLog('SIGTERM signal received.');
+        shutdown().catch((e) => {
+            console.error(e);
+            process.exit(1);
+        });
+    });
+
+    process.on('SIGINT', () => {
+        productionLog('SIGINT signal received.');
+        shutdown().catch((e) => {
+            console.error(e);
+            process.exit(1);
+        });
+    });
+
+    // Register crons
+    await import('./crons');
+
+    AuditLogService.listen();
+    PlatformMembershipService.listen();
+    DocumentService.listen();
+    SetupStepUpdater.listen();
+
+    startCrons();
+    seeds().catch(console.error);
+};
+
+start().catch((error) => {
+    console.error('unhandledRejection', error);
+    process.exit(1);
+});

package/src/crons/clearExcelCache.test.ts

@@ -131,7 +131,10 @@ describe('clearExcelCacheHelper', () => {
             dir.isDirectory = () => true;
         });
 
-        fsMock.readdir.mockReturnValue(Promise.resolve([...directories, file1]));
+        fsMock.readdir.mockReturnValue(
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
+            Promise.resolve([...directories, file1]) as any,
+        );
         // #endregion
 
         // act

package/src/crons/index.ts

@@ -1,6 +1,5 @@
 import './amazon-ses.js';
 import './clearExcelCache.js';
 import './endFunctionsOfUsersWithoutRegistration.js';
-import './postmark.js';
 import './update-cached-balances.js';
 import './balance-emails.js';

package/src/endpoints/global/members/PatchOrganizationMembersEndpoint.ts

@@ -17,6 +17,7 @@ import { SetupStepUpdater } from '../../../helpers/SetupStepUpdater';
 import { PlatformMembershipService } from '../../../services/PlatformMembershipService';
 import { RegistrationService } from '../../../services/RegistrationService';
 import { shouldCheckIfMemberIsDuplicateForPatch } from './shouldCheckIfMemberIsDuplicate';
+import { MemberNumberService } from '../../../services/MemberNumberService';
 
 type Params = Record<string, never>;
 type Query = undefined;
@@ -534,6 +535,17 @@ export class PatchOrganizationMembersEndpoint extends Endpoint<Params, Query, Bo
                 // Save if okay
                 await membership.save();
 
+                if (member.details.memberNumber === null) {
+                    try {
+                        await MemberNumberService.assignMemberNumber(member, membership);
+                    }
+                    catch (error) {
+                        console.error(`Failed to assign member number for id ${member.id}: ${error.message}`);
+                        // If the assignment of the member number fails the membership is not created but the member is registered
+                        continue;
+                    }
+                }
+
                 updateMembershipMemberIds.add(member.id);
             }
 

package/src/endpoints/organization/dashboard/organization/PatchOrganizationEndpoint.ts

@@ -356,7 +356,7 @@ export class PatchOrganizationEndpoint extends Endpoint<Params, Query, Body, Res
                 }
 
                 const maximumStart = 1000 * 60 * 60 * 24 * 31 * 2; // 2 months in advance
-                if (period.startDate > new Date(Date.now() + maximumStart)) {
+                if (period.startDate > new Date(Date.now() + maximumStart) && STAMHOOFD.environment !== 'development') {
                     throw new SimpleError({
                         code: 'invalid_field',
                         message: 'The period you want to set has not started yet',

package/src/endpoints/organization/dashboard/stripe/ConnectStripeEndpoint.ts

@@ -77,6 +77,10 @@ export class ConnectMollieEndpoint extends Endpoint<Params, Query, Body, Respons
             expressData = {};
         }
 
+        if (type === 'express') {
+            expressData.controller = undefined;
+        }
+
         // Create a new Stripe account
         const stripe = StripeHelper.getInstance();
         const account = await stripe.accounts.create({

package/src/migrate.ts

@@ -0,0 +1,65 @@
+import chalk from 'chalk';
+
+import { Column, DatabaseInstance, Migration } from '@simonbackx/simple-database';
+import { Version } from '@stamhoofd/structures';
+import path from 'path';
+
+Column.setJSONVersion(Version);
+process.env.TZ = 'UTC';
+
+const emailPath = require.resolve('@stamhoofd/email');
+const modelsPath = require.resolve('@stamhoofd/models');
+
+// Validate UTC timezone
+if (new Date().getTimezoneOffset() !== 0) {
+    throw new Error('Process should always run in UTC timezone');
+}
+
+const start = async () => {
+    if (!STAMHOOFD.DB_DATABASE) {
+        throw new Error('STAMHOOFD.DB_DATABASE is not set');
+    }
+
+    let killSignalReceived = false;
+    const handler = () => {
+        // Ignore
+        console.error('Ignoring SIGTERM signal during migration');
+        killSignalReceived = true;
+    };
+
+    process.on('SIGTERM', handler);
+    process.on('SIGINT', handler);
+
+    // Create database if not exists
+    const query = 'CREATE DATABASE IF NOT EXISTS `' + STAMHOOFD.DB_DATABASE + '` DEFAULT CHARACTER SET = `utf8mb4` DEFAULT COLLATE = `utf8mb4_0900_ai_ci`';
+
+    // Create a non-focused datbase instance to run the query without selecting a database
+    const globalDatabase = new DatabaseInstance({
+        database: null,
+    });
+
+    await globalDatabase.statement(query);
+
+    // External migrations
+    await Migration.runAll(path.dirname(modelsPath) + '/migrations');
+    await Migration.runAll(path.dirname(emailPath) + '/migrations');
+
+    // Internal
+    await Migration.runAll(__dirname + '/src/migrations');
+
+    if (killSignalReceived) {
+        console.error(chalk.red('Killing process due to received signal during migration'));
+        process.exit(1);
+    }
+
+    process.off('SIGTERM', handler);
+    process.off('SIGINT', handler);
+};
+
+export async function run() {
+    await start()
+        .catch((error) => {
+            console.error('unhandledRejection', error);
+            process.exit(1);
+        });
+}

package/src/seeds/0000000001-development-user.ts

@@ -0,0 +1,49 @@
+import { Migration } from '@simonbackx/simple-database';
+import { User } from '@stamhoofd/models';
+import { NewUser, PermissionLevel, Permissions, UserPermissions } from '@stamhoofd/structures';
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment !== 'development') {
+        console.log('Skipped');
+        return;
+    }
+
+    // Check if total users is 0
+    const totalUsers = await User.select().count();
+    if (totalUsers > 0) {
+        console.log('Skipped, users already exist');
+        return;
+    }
+
+    // Create a development user with platform level admin access
+    const user = await User.register(
+        null, // No organization
+        NewUser.create({
+            id: '00000000-0000-4000-8000-000000000000',
+            firstName: 'Stamhoofd',
+            lastName: 'Development',
+            email: 'hallo@stamhoofd.be',
+            password: 'stamhoofd',
+        }),
+        { allowPlatform: true },
+    );
+
+    if (!user) {
+        throw new Error('Failed to create development user');
+    }
+
+    user.verified = true;
+    user.permissions = UserPermissions.create({
+        globalPermissions: Permissions.create({
+            level: PermissionLevel.Full,
+        }),
+    });
+    await user.save();
+
+    console.log('Created a new development user:');
+    console.log('E-mail:', user.email);
+    console.log('Password: stamhoofd');
+
+    // Do something here
+    return Promise.resolve();
+});

package/src/seeds/1750090030-records-configuration.ts

@@ -0,0 +1,22 @@
+import { Migration } from '@simonbackx/simple-database';
+import { Organization } from '@stamhoofd/models';
+
+export async function startRecordsConfigurationMigration() {
+    for await (const organization of Organization.select().all()) {
+        await organization.save();
+    }
+}
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment === 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    if (STAMHOOFD.platformName.toLowerCase() !== 'stamhoofd') {
+        console.log('skipped for platform (only runs for Stamhoofd): ' + STAMHOOFD.platformName);
+        return;
+    }
+
+    await startRecordsConfigurationMigration();
+});

package/src/services/BalanceItemService.ts

@@ -182,29 +182,14 @@ export const BalanceItemService = {
 
     async markPaid(balanceItem: BalanceItem, payment: Payment | null, organization: Organization) {
         await this.markDue(balanceItem);
+        let shouldMarkUpdated = true;
 
-        if (balanceItem.paidAt) {
-            // Already ran side effects
-            // If we for example deleted a related order or registration - and we still have the balance item, mark it as paid again, we don't want to reactivate the order or registration
-            await this.markUpdated(balanceItem, payment, organization);
-            return;
-        }
-
-        // It is possible this balance item was earlier paid
-        // and later the regigstration / order has been canceled and it became a negative balance item - which as some point has been reembursed and marked as 'paid'
-        // in that case, we should be careful not to mark the registration as valid again
-
-        // If registration
-        if (balanceItem.registrationId) {
-            if (balanceItem.type === BalanceItemType.Registration) {
-                await RegistrationService.markValid(balanceItem.registrationId);
-            }
-        }
-
-        // If order
+        // For orders, we should always call markPaid on the order - it is safe to call this multiple times
+        // we need to call it multiple times, in case the order was previously marked unpaid, and then paid again - then we'll need to recreate the tickets
         if (balanceItem.orderId) {
             const order = await Order.getByID(balanceItem.orderId);
             if (order) {
+                shouldMarkUpdated = false;
                 await order.markPaid(payment, organization);
 
                 // Save number in balance description
@@ -219,6 +204,26 @@ export const BalanceItemService = {
             }
         }
 
+        if (balanceItem.paidAt) {
+            // Already ran side effects
+            // If we for example deleted a related order or registration - and we still have the balance item, mark it as paid again, we don't want to reactivate the order or registration
+            if (shouldMarkUpdated) {
+                await this.markUpdated(balanceItem, payment, organization);
+            }
+            return;
+        }
+
+        // It is possible this balance item was earlier paid
+        // and later the regigstration / order has been canceled and it became a negative balance item - which as some point has been reembursed and marked as 'paid'
+        // in that case, we should be careful not to mark the registration as valid again
+
+        // If registration
+        if (balanceItem.registrationId) {
+            if (balanceItem.type === BalanceItemType.Registration) {
+                await RegistrationService.markValid(balanceItem.registrationId);
+            }
+        }
+
         balanceItem.paidAt = new Date();
         await balanceItem.save();
     },

package/src/services/PlatformMembershipService.ts

@@ -280,6 +280,18 @@ export class PlatformMembershipService {
                     // Check if already have the same membership
                     // if that is the case, we'll keep that one and update the price + dates if the organization matches the cheapest/earliest membership
                     let didFind: MemberPlatformMembership | null = null;
+
+                    // First, try to find any undeletable membership - use this as the priority one and delete all others that can be deleted
+                    // Check if we do have the same membership for a different organization that cannot be deleted (locked)
+                    // This is to prevent creating duplicate memberships
+                    for (const m of activeMemberships) {
+                        if (m.membershipTypeId === cheapestMembership.membership.id && m.locked) {
+                            didFind = m;
+                            break;
+                        }
+                    }
+
+                    // Then update all memberships from the same organization for the selected registration date range
                     for (const m of activeMemberships) {
                         if (m.membershipTypeId === cheapestMembership.membership.id && m.organizationId === cheapestMembership.registration.organizationId) {
                             if (!m.locked) {
@@ -295,12 +307,14 @@ export class PlatformMembershipService {
                                 }
                                 await m.save();
                             }
-                            didFind = m;
-                            break;
+
+                            if (!didFind) {
+                                didFind = m;
+                            }
                         }
                     }
 
-                    // Delete all other generated memberships that are not the cheapest one
+                    // Delete all other generated memberships that are not the chosen one
                     for (const m of activeMemberships) {
                         if (m.id !== didFind?.id) {
                             if (!m.locked && (m.generated || m.membershipTypeId === cheapestMembership.membership.id)) {
@@ -327,6 +341,7 @@ export class PlatformMembershipService {
                         }
                     }
 
+                    // We already have a membership, don't create a new one
                     if (didFind) {
                         continue;
                     }

package/src/crons/postmark.ts

@@ -1,223 +0,0 @@
-import { Email, EmailAddress } from '@stamhoofd/email';
-import { AuditLog, Organization } from '@stamhoofd/models';
-import { DateTime } from 'luxon';
-
-import { registerCron } from '@stamhoofd/crons';
-import { AuditLogReplacement, AuditLogReplacementType, AuditLogSource, AuditLogType } from '@stamhoofd/structures';
-
-// Importing postmark returns undefined (this is a bug, so we need to use require)
-// eslint-disable-next-line @typescript-eslint/no-require-imports
-const postmark = require('postmark') as typeof import('postmark');
-
-let lastPostmarkCheck: Date | null = null;
-let lastPostmarkIds: Set<number> = new Set();
-
-registerCron('checkPostmarkBounces', checkPostmarkBounces);
-
-async function saveLog({ email, organization, type, subType, id, response, subject, sender }: { id: number; sender: string; email: string; response: string; subject: string;organization: Organization | undefined; type: AuditLogType; subType?: string }) {
-    const log = new AuditLog();
-    log.organizationId = organization?.id ?? null;
-    log.externalId = 'postmark-bounce-' + id.toString();
-    log.type = type;
-    log.objectId = email;
-    log.source = AuditLogSource.System;
-    log.replacements = new Map([
-        ['e', AuditLogReplacement.create({
-            value: email || '',
-            type: AuditLogReplacementType.EmailAddress,
-        })],
-        ['subType', AuditLogReplacement.key(subType || 'unknown')],
-        ['response', AuditLogReplacement.longText(response)],
-        ['sender', AuditLogReplacement.create({
-            value: sender,
-            type: AuditLogReplacementType.EmailAddress,
-        })],
-    ]);
-
-    if (subject) {
-        log.replacements.set('subject', AuditLogReplacement.string(subject));
-    }
-
-    // Check if we already logged this bounce
-    const existing = await AuditLog.select().where('externalId', log.externalId).first(false);
-    if (existing) {
-        console.log('Already logged this bounce, skipping');
-        return;
-    }
-
-    await log.save();
-}
-
-async function checkPostmarkBounces() {
-    if (STAMHOOFD.environment !== 'production') {
-        return;
-    }
-
-    const token = STAMHOOFD.POSTMARK_SERVER_TOKEN;
-    if (!token) {
-        console.log('No postmark token, skipping postmark bounces');
-        return;
-    }
-    const fromDate = (lastPostmarkCheck ?? new Date(new Date().getTime() - 24 * 60 * 60 * 1000 * 2));
-    const ET = DateTime.fromJSDate(fromDate).setZone('EST').toISO({ includeOffset: false });
-
-    if (!ET) {
-        console.error('Could not convert date to EST:', fromDate);
-        return;
-    }
-    console.log('Checking bounces from Postmark since', fromDate, ET);
-    const client = new postmark.ServerClient(token);
-
-    const toDate = DateTime.now().setZone('EST').toISO({ includeOffset: false });
-
-    if (!toDate) {
-        console.error('Could not convert date to EST:', new Date());
-        return;
-    }
-
-    let offset = 0;
-    let total = 1;
-    const count = 500;
-
-    // Sadly the postmark api returns bounces in the wrong order, to make them easier fetchable so we need to fetch them all in one go every time
-    while (offset < total && offset <= 10000 - count) {
-        const bounces = await client.getBounces({
-            fromDate: ET,
-            toDate,
-            count,
-            offset,
-        });
-
-        if (bounces.TotalCount === 0) {
-            console.log('No Postmark bounces at this time');
-            return;
-        }
-
-        total = bounces.TotalCount;
-
-        console.log('Found', bounces.TotalCount, 'bounces from Postmark');
-
-        let lastId: number | null = null;
-        const idList = new Set<number>();
-        let newEventCount = 0;
-
-        for (const bounce of bounces.Bounces) {
-            idList.add(bounce.ID);
-            if (lastPostmarkIds.has(bounce.ID)) {
-                lastId = bounce.ID;
-                continue;
-            }
-            newEventCount += 1;
-
-            // Try to get the organization, if possible, else default to global blocking: "null", which is not visible for an organization, but it is applied
-            const source = bounce.From;
-            const organization = source ? await Organization.getByEmail(source) : undefined;
-            console.log(bounce);
-
-            if (bounce.Type === 'SpamComplaint' || bounce.Type === 'SpamNotification' || bounce.Type === 'VirusNotification') {
-                console.log('Postmark ' + bounce.Type + ' for: ', bounce.Email, 'from', source, 'organization', organization?.name);
-                const emailAddress = await EmailAddress.getOrCreate(bounce.Email, organization?.id ?? null);
-                emailAddress.markedAsSpam = true;
-                await emailAddress.save();
-
-                if (bounce.Type === 'VirusNotification') {
-                    await saveLog({
-                        email: bounce.Email,
-                        organization,
-                        type: AuditLogType.EmailAddressFraudComplaint,
-                        subType: bounce.Type,
-                        response: bounce.Details,
-                        id: bounce.ID,
-                        subject: bounce.Subject,
-                        sender: bounce.From,
-                    });
-                }
-                else {
-                    await saveLog({
-                        email: bounce.Email,
-                        organization,
-                        type: AuditLogType.EmailAddressMarkedAsSpam,
-                        subType: bounce.Type,
-                        response: bounce.Details,
-                        id: bounce.ID,
-                        subject: bounce.Subject,
-                        sender: bounce.From,
-                    });
-                }
-            }
-            else if (bounce.Inactive) {
-                // Block for everyone, but not visible
-                console.log('Postmark ' + bounce.Type + ' for: ', bounce.Email, 'from', source, 'organization', organization?.name);
-                const emailAddress = await EmailAddress.getOrCreate(bounce.Email, organization?.id ?? null);
-                emailAddress.hardBounce = true;
-                await emailAddress.save();
-                await saveLog({
-                    email: bounce.Email,
-                    organization,
-                    type: AuditLogType.EmailAddressHardBounced,
-                    subType: bounce.Type,
-                    response: bounce.Details,
-                    id: bounce.ID,
-                    subject: bounce.Subject,
-                    sender: bounce.From,
-                });
-            }
-            else {
-                if (bounce.Type === 'SMTPApiError' && bounce.Details.startsWith("ErrorCode: '406'")) {
-                    console.log('Email on Postmark suppression list: ' + bounce.Type + ': ', bounce.Email, 'from', source, 'organization', organization?.name);
-
-                    // We've sent a message to an email that is blocked by Postmark
-                    await saveLog({
-                        email: bounce.Email,
-                        organization,
-                        type: AuditLogType.EmailAddressHardBounced,
-                        subType: 'ExternalSuppressionList',
-                        response: bounce.Details,
-                        id: bounce.ID,
-                        subject: '', // bounce.Subject is not correct here for some reason
-                        sender: bounce.From,
-                    });
-                }
-                else {
-                    if (bounce.Type === 'SMTPApiError') {
-                        // Log internally
-                        Email.sendWebmaster({
-                            subject: 'Received an SMTPApiError from Postmark',
-                            text: 'We received an SMTPApiError for an e-mail from the organization: ' + organization?.name + '. Please check and adjust if needed.\n' + JSON.stringify(bounce, undefined, 4),
-                        });
-                    }
-                    else {
-                        console.log('Unhandled Postmark ' + bounce.Type + ': ', bounce.Email, 'from', source, 'organization', organization?.name);
-
-                        await saveLog({
-                            email: bounce.Email,
-                            organization,
-                            type: AuditLogType.EmailAddressSoftBounced,
-                            subType: bounce.Type,
-                            response: bounce.Details,
-                            id: bounce.ID,
-                            subject: bounce.Subject,
-                            sender: bounce.From,
-                        });
-                    }
-                }
-            }
-
-            const bouncedAt = new Date(bounce.BouncedAt);
-            lastPostmarkCheck = lastPostmarkCheck ? new Date(Math.max(bouncedAt.getTime(), lastPostmarkCheck.getTime())) : bouncedAt;
-
-            lastId = bounce.ID;
-        }
-
-        if (lastId && newEventCount === 0) {
-            console.log('Postmark has no new bounces');
-            // Increase timestamp by one second to avoid refetching it every time
-            if (lastPostmarkCheck) {
-                lastPostmarkCheck = new Date(lastPostmarkCheck.getTime() + 1000);
-            }
-        }
-        lastPostmarkIds = idList;
-
-        offset += bounces.Bounces.length;
-    }
-}