@stamhoofd/backend 2.90.3 → 2.92.0

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.90.3",
+    "version": "2.92.0",
     "main": "./dist/index.js",
     "exports": {
         ".": {
@@ -45,14 +45,14 @@
         "@simonbackx/simple-encoding": "2.22.0",
         "@simonbackx/simple-endpoints": "1.20.1",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.90.3",
-        "@stamhoofd/backend-middleware": "2.90.3",
-        "@stamhoofd/email": "2.90.3",
-        "@stamhoofd/models": "2.90.3",
-        "@stamhoofd/queues": "2.90.3",
-        "@stamhoofd/sql": "2.90.3",
-        "@stamhoofd/structures": "2.90.3",
-        "@stamhoofd/utility": "2.90.3",
+        "@stamhoofd/backend-i18n": "2.92.0",
+        "@stamhoofd/backend-middleware": "2.92.0",
+        "@stamhoofd/email": "2.92.0",
+        "@stamhoofd/models": "2.92.0",
+        "@stamhoofd/queues": "2.92.0",
+        "@stamhoofd/sql": "2.92.0",
+        "@stamhoofd/structures": "2.92.0",
+        "@stamhoofd/utility": "2.92.0",
         "archiver": "^7.0.1",
         "axios": "^1.8.2",
         "cookie": "^0.7.0",
@@ -70,5 +70,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "81248f4f4d578fb67e29c48c55ddb1a1beb12313"
+    "gitHead": "43d1edfd8061dada1d418a02691fe5fb158aca6a"
 }

package/src/audit-logs/EmailLogger.ts

@@ -1,5 +1,5 @@
-import { Email, EmailRecipient, replaceHtml } from '@stamhoofd/models';
-import { AuditLogReplacement, AuditLogReplacementType, AuditLogType, EmailStatus } from '@stamhoofd/structures';
+import { Email, EmailRecipient } from '@stamhoofd/models';
+import { AuditLogReplacement, AuditLogReplacementType, AuditLogType, EmailStatus, replaceEmailHtml } from '@stamhoofd/structures';
 import { Formatter } from '@stamhoofd/utility';
 import { ModelLogger } from './ModelLogger';
 
@@ -54,7 +54,7 @@ export const EmailLogger = new ModelLogger(Email, {
         const map = new Map([
             ['e', AuditLogReplacement.create({
                 id: model.id,
-                value: replaceHtml(model.subject ?? '', options.data.recipient?.replacements ?? []),
+                value: replaceEmailHtml(model.subject ?? '', options.data.recipient?.replacements ?? []),
                 type: AuditLogReplacementType.Email,
             })],
             ['c', AuditLogReplacement.create({
@@ -64,7 +64,7 @@ export const EmailLogger = new ModelLogger(Email, {
         ]);
         if (options.data.recipient) {
             map.set('html', AuditLogReplacement.html(
-                replaceHtml(model.html ?? '', options.data.recipient?.replacements ?? []),
+                replaceEmailHtml(model.html ?? '', options.data.recipient?.replacements ?? []),
             ));
         }
         return map;

package/src/audit-logs/ModelLogger.ts

@@ -193,7 +193,6 @@ export class ModelLogger<ModelType extends typeof Model, M extends InstanceType<
 
                     if (log.patchList.length === 0 && !log.description) {
                         // No changes or all skipped
-                        console.log('No changes after secundary filtering');
                         return false;
                     }
                 }

package/src/crons/endFunctionsOfUsersWithoutRegistration.ts

@@ -1,5 +1,6 @@
 import { registerCron } from '@stamhoofd/crons';
 import { FlagMomentCleanup } from '../helpers/FlagMomentCleanup';
+import { Platform, RegistrationPeriod } from '@stamhoofd/models';
 
 // Only delete responsibilities when the server is running during a month change.
 // Chances are almost zero that we reboot during a month change
@@ -19,6 +20,25 @@ export async function endFunctionsOfUsersWithoutRegistration() {
         return;
     }
 
+    // Check if the current period is active for more than 2 months
+    const platform = await Platform.getShared();
+    const period = await RegistrationPeriod.getByID(platform.periodId);
+    if (!period) {
+        console.warn('No active registration period found, skipping cleanup.');
+        return;
+    }
+
+    if (period.startDate > new Date(Date.now() - 1000 * 60 * 60 * 24 * 55)) {
+        console.warn('Current registration period is less than 2 months old, skipping cleanup.');
+        return;
+    }
+
+    // If period is ending within 15 days, also skip cleanup
+    if (period.endDate && period.endDate < new Date(Date.now() + 1000 * 60 * 60 * 24 * 15)) {
+        console.warn('Current registration period is ending within 15 days or has ended, skipping cleanup.');
+        return;
+    }
+
     await FlagMomentCleanup.endFunctionsOfUsersWithoutRegistration();
     lastCleanupYear = currentYear;
     lastCleanupMonth = currentMonth;

package/src/endpoints/admin/organizations/GetOrganizationsEndpoint.ts

@@ -94,6 +94,8 @@ export class GetOrganizationsEndpoint extends Endpoint<Params, Query, Body, Resp
             query.limit(q.limit);
         }
 
+        console.log('GetOrganizationsEndpoint query', query.getSQL());
+
         return query;
     }
 

package/src/endpoints/global/email/CreateEmailEndpoint.ts

@@ -1,10 +1,10 @@
 import { Decoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
-import { Email, EmailTemplate, RateLimiter } from '@stamhoofd/models';
-import { EmailPreview, EmailStatus, Email as EmailStruct, Version, EmailTemplate as EmailTemplateStruct } from '@stamhoofd/structures';
+import { Email, Platform, RateLimiter } from '@stamhoofd/models';
+import { EmailPreview, EmailStatus, Email as EmailStruct, EmailTemplate as EmailTemplateStruct } from '@stamhoofd/structures';
 
 import { Context } from '../../../helpers/Context';
-import { SQL } from '@stamhoofd/sql';
+import { SimpleError } from '@simonbackx/simple-errors';
 
 type Params = Record<string, never>;
 type Query = undefined;
@@ -65,8 +65,11 @@ export class CreateEmailEndpoint extends Endpoint<Params, Query, Body, ResponseB
         const organization = await Context.setOptionalOrganizationScope();
         const { user } = await Context.authenticate();
 
-        if (!Context.auth.canSendEmails()) {
-            throw Context.auth.error();
+        if (!await Context.auth.canSendEmails(organization)) {
+            throw Context.auth.error({
+                message: 'Cannot send emails',
+                human: $t('f7b7ac75-f7df-49cc-8961-b2478d9683e3'),
+            });
         }
 
         const model = new Email();
@@ -80,8 +83,28 @@ export class CreateEmailEndpoint extends Endpoint<Params, Query, Body, ResponseB
         model.json = request.body.json;
         model.status = request.body.status;
         model.attachments = request.body.attachments;
-        model.fromAddress = request.body.fromAddress;
-        model.fromName = request.body.fromName;
+
+        const list = organization ? organization.privateMeta.emails : (await Platform.getShared()).privateConfig.emails;
+        const sender = list.find(e => e.id === request.body.senderId);
+        if (sender) {
+            if (!await Context.auth.canSendEmailsFrom(organization, sender.id)) {
+                throw Context.auth.error({
+                    message: 'Cannot send emails from this sender',
+                    human: $t('1b509614-30b0-484c-af72-57d4bc9ea788'),
+                });
+            }
+            model.senderId = sender.id;
+            model.fromAddress = sender.email;
+            model.fromName = sender.name;
+        }
+        else {
+            throw new SimpleError({
+                code: 'invalid_sender',
+                human: 'Sender not found',
+                message: $t(`94adb4e0-2ef1-4ee8-9f02-5a76efa51c1d`),
+                statusCode: 400,
+            });
+        }
 
         model.validateAttachments();
 

package/src/endpoints/global/email/GetAdminEmailsEndpoint.ts

@@ -0,0 +1,207 @@
+import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
+import { assertSort, CountFilteredRequest, EmailPreview, EmailStatus, getSortFilter, LimitedFilteredRequest, PaginatedResponse, StamhoofdFilter } from '@stamhoofd/structures';
+
+import { Decoder } from '@simonbackx/simple-encoding';
+import { SimpleError } from '@simonbackx/simple-errors';
+import { Email, Platform } from '@stamhoofd/models';
+import { applySQLSorter, compileToSQLFilter, SQLFilterDefinitions, SQLSortDefinitions } from '@stamhoofd/sql';
+import { Context } from '../../../helpers/Context';
+import { emailFilterCompilers } from '../../../sql-filters/emails';
+import { emailSorters } from '../../../sql-sorters/emails';
+
+type Params = Record<string, never>;
+type Query = LimitedFilteredRequest;
+type Body = undefined;
+type ResponseBody = PaginatedResponse<EmailPreview[], LimitedFilteredRequest>;
+
+const filterCompilers: SQLFilterDefinitions = emailFilterCompilers;
+const sorters: SQLSortDefinitions<Email> = emailSorters;
+
+export class GetAdminEmailsEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    queryDecoder = LimitedFilteredRequest as Decoder<LimitedFilteredRequest>;
+
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method !== 'GET') {
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(request.url, '/email', {});
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    static async buildQuery(q: CountFilteredRequest | LimitedFilteredRequest) {
+        const organization = Context.organization;
+        const user = Context.user;
+        if (!user) {
+            throw new Error('Not authenticated');
+        }
+
+        let scopeFilter: StamhoofdFilter | undefined = undefined;
+
+        const canReadAllEmails = await Context.auth.canReadAllEmails(organization ?? null);
+        scopeFilter = {
+            organizationId: organization?.id ?? null,
+        };
+
+        if (!canReadAllEmails) {
+            const senders = organization ? organization.privateMeta.emails : (await Platform.getShared()).privateConfig.emails;
+            const ids: string[] = [];
+            for (const sender of senders) {
+                if (await Context.auth.canReadAllEmails(organization ?? null, sender.id)) {
+                    ids.push(sender.id);
+                }
+            }
+            if (ids.length === 0) {
+                throw Context.auth.error();
+            }
+
+            scopeFilter = {
+                $and: [
+                    {
+                        organizationId: organization?.id ?? null,
+                    },
+                    {
+                        $or: [
+                            {
+                                senderId: {
+                                    $in: ids,
+                                },
+                                status: {
+                                    $neq: EmailStatus.Draft,
+                                },
+                            },
+                            {
+                                userId: user.id,
+                            },
+                        ],
+                    },
+                ],
+            };
+        }
+        else {
+            scopeFilter = {
+                $and: [
+                    {
+                        organizationId: organization?.id ?? null,
+                    },
+                    {
+                        $or: [
+                            {
+                                status: {
+                                    $neq: EmailStatus.Draft,
+                                },
+                            },
+                            {
+                                userId: user.id,
+                            },
+                        ],
+                    },
+                ],
+            };
+        }
+
+        const query = Email.select();
+
+        if (scopeFilter) {
+            query.where(await compileToSQLFilter(scopeFilter, filterCompilers));
+        }
+
+        if (q.filter) {
+            query.where(await compileToSQLFilter(q.filter, filterCompilers));
+        }
+
+        if (q.search) {
+            let searchFilter: StamhoofdFilter | null = null;
+
+            searchFilter = {
+                subject: {
+                    $contains: q.search,
+                },
+            };
+
+            if (searchFilter) {
+                query.where(await compileToSQLFilter(searchFilter, filterCompilers));
+            }
+        }
+
+        if (q instanceof LimitedFilteredRequest) {
+            if (q.pageFilter) {
+                query.where(await compileToSQLFilter(q.pageFilter, filterCompilers));
+            }
+
+            q.sort = assertSort(q.sort, [{ key: 'id' }]);
+            applySQLSorter(query, q.sort, sorters);
+            query.limit(q.limit);
+        }
+
+        console.log('Building query for GetAdminEmailsEndpoint', query.getSQL());
+
+        return query;
+    }
+
+    static async buildData(requestQuery: LimitedFilteredRequest) {
+        const query = await GetAdminEmailsEndpoint.buildQuery(requestQuery);
+        const emails = await query.fetch();
+
+        let next: LimitedFilteredRequest | undefined;
+
+        if (emails.length >= requestQuery.limit) {
+            const lastObject = emails[emails.length - 1];
+            const nextFilter = getSortFilter(lastObject, sorters, requestQuery.sort);
+
+            next = new LimitedFilteredRequest({
+                filter: requestQuery.filter,
+                pageFilter: nextFilter,
+                sort: requestQuery.sort,
+                limit: requestQuery.limit,
+                search: requestQuery.search,
+            });
+
+            if (JSON.stringify(nextFilter) === JSON.stringify(requestQuery.pageFilter)) {
+                console.error('Found infinite loading loop for', requestQuery);
+                next = undefined;
+            }
+        }
+
+        return new PaginatedResponse<EmailPreview[], LimitedFilteredRequest>({
+            results: await Promise.all(emails.map(email => email.getPreviewStructure())),
+            next,
+        });
+    }
+
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+        const organization = await Context.setOptionalOrganizationScope();
+        await Context.authenticate();
+
+        if (!await Context.auth.canReadEmails(organization)) {
+            // This is a first fast check, we'll limit it later in the scope query
+            throw Context.auth.error();
+        }
+
+        const maxLimit = Context.auth.hasSomePlatformAccess() ? 1000 : 100;
+
+        if (request.query.limit > maxLimit) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be more than ' + maxLimit,
+            });
+        }
+
+        if (request.query.limit < 1) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be less than 1',
+            });
+        }
+
+        return new Response(
+            await GetAdminEmailsEndpoint.buildData(request.query),
+        );
+    }
+}

package/src/endpoints/global/email/GetEmailEndpoint.ts

@@ -32,7 +32,7 @@ export class GetEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBody
         const organization = await Context.setOptionalOrganizationScope();
         const { user } = await Context.authenticate();
 
-        if (!Context.auth.canSendEmails()) {
+        if (!await Context.auth.canReadEmails(organization)) {
             throw Context.auth.error();
         }
 
@@ -46,6 +46,10 @@ export class GetEmailEndpoint extends Endpoint<Params, Query, Body, ResponseBody
             });
         }
 
+        if (!await Context.auth.canAccessEmail(model)) {
+            throw Context.auth.error();
+        }
+
         return new Response(await model.getPreviewStructure());
     }
 }