@stamhoofd/backend 2.92.0 → 2.94.0

package/src/endpoints/global/email-recipients/GetEmailRecipientsEndpoint.ts

@@ -0,0 +1,164 @@
+import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
+import { assertSort, CountFilteredRequest, EmailRecipient as EmailRecipientStruct, getSortFilter, LimitedFilteredRequest, PaginatedResponse, PermissionLevel, StamhoofdFilter } from '@stamhoofd/structures';
+
+import { Decoder } from '@simonbackx/simple-encoding';
+import { SimpleError } from '@simonbackx/simple-errors';
+import { EmailRecipient } from '@stamhoofd/models';
+import { applySQLSorter, compileToSQLFilter, SQLFilterDefinitions, SQLSortDefinitions } from '@stamhoofd/sql';
+import { Context } from '../../../helpers/Context';
+import { emailRecipientsFilterCompilers } from '../../../sql-filters/email-recipients';
+import { emailRecipientSorters } from '../../../sql-sorters/email-recipients';
+import { validateEmailRecipientFilter } from './helpers/validateEmailRecipientFilter';
+
+type Params = Record<string, never>;
+type Query = LimitedFilteredRequest;
+type Body = undefined;
+type ResponseBody = PaginatedResponse<EmailRecipientStruct[], LimitedFilteredRequest>;
+
+const filterCompilers: SQLFilterDefinitions = emailRecipientsFilterCompilers;
+const sorters: SQLSortDefinitions<EmailRecipient> = emailRecipientSorters;
+
+export class GetEmailRecipientsEndpoint extends Endpoint<Params, Query, Body, ResponseBody> {
+    queryDecoder = LimitedFilteredRequest as Decoder<LimitedFilteredRequest>;
+
+    protected doesMatch(request: Request): [true, Params] | [false] {
+        if (request.method !== 'GET') {
+            return [false];
+        }
+
+        const params = Endpoint.parseParameters(request.url, '/email-recipients', {});
+
+        if (params) {
+            return [true, params as Params];
+        }
+        return [false];
+    }
+
+    static async buildQuery(q: CountFilteredRequest | LimitedFilteredRequest) {
+        const organization = Context.organization;
+        let scopeFilter: StamhoofdFilter | undefined = undefined;
+
+        if (organization) {
+            scopeFilter = {
+                organizationId: organization.id,
+            };
+        }
+        const canReadAllEmails = await Context.auth.canReadAllEmails(organization ?? null);
+
+        if (!canReadAllEmails) {
+            // Check if scope is correctly limited to a single email, otherwise throw an error.
+            if (!await validateEmailRecipientFilter({ filter: q.filter, permissionLevel: PermissionLevel.Read })) {
+                throw Context.auth.error({
+                    message: 'You do not have sufficient permissions to view all email recipients',
+                    human: $t(`Je hebt niet voldoende toegangsrechten om alle email ontvangers te bekijken. Filter op één specifieke e-mail.`),
+                });
+            }
+        }
+
+        const query = EmailRecipient.select();
+
+        if (scopeFilter) {
+            query.where(await compileToSQLFilter(scopeFilter, filterCompilers));
+        }
+
+        if (q.filter) {
+            query.where(await compileToSQLFilter(q.filter, filterCompilers));
+        }
+
+        if (q.search) {
+            let searchFilter: StamhoofdFilter | null = null;
+
+            searchFilter = {
+                $or: [
+                    {
+                        email: {
+                            $contains: q.search,
+                        },
+                    },
+                    {
+                        name: {
+                            $contains: q.search,
+                        },
+                    },
+                ],
+            };
+
+            if (searchFilter) {
+                query.where(await compileToSQLFilter(searchFilter, filterCompilers));
+            }
+        }
+
+        if (q instanceof LimitedFilteredRequest) {
+            if (q.pageFilter) {
+                query.where(await compileToSQLFilter(q.pageFilter, filterCompilers));
+            }
+
+            q.sort = assertSort(q.sort, [{ key: 'id' }]);
+            applySQLSorter(query, q.sort, sorters);
+            query.limit(q.limit);
+        }
+
+        return query;
+    }
+
+    static async buildData(requestQuery: LimitedFilteredRequest) {
+        const query = await GetEmailRecipientsEndpoint.buildQuery(requestQuery);
+        const recipients = await query.fetch();
+
+        let next: LimitedFilteredRequest | undefined;
+
+        if (recipients.length >= requestQuery.limit) {
+            const lastObject = recipients[recipients.length - 1];
+            const nextFilter = getSortFilter(lastObject, sorters, requestQuery.sort);
+
+            next = new LimitedFilteredRequest({
+                filter: requestQuery.filter,
+                pageFilter: nextFilter,
+                sort: requestQuery.sort,
+                limit: requestQuery.limit,
+                search: requestQuery.search,
+            });
+
+            if (JSON.stringify(nextFilter) === JSON.stringify(requestQuery.pageFilter)) {
+                console.error('Found infinite loading loop for', requestQuery);
+                next = undefined;
+            }
+        }
+
+        return new PaginatedResponse<EmailRecipientStruct[], LimitedFilteredRequest>({
+            results: recipients.map(r => r.getStructure()),
+            next,
+        });
+    }
+
+    async handle(request: DecodedRequest<Params, Query, Body>) {
+        const organization = await Context.setOptionalOrganizationScope();
+        await Context.authenticate();
+
+        if (!await Context.auth.canReadEmails(organization)) {
+            throw Context.auth.error();
+        }
+
+        const maxLimit = Context.auth.hasSomePlatformAccess() ? 1000 : 100;
+
+        if (request.query.limit > maxLimit) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be more than ' + maxLimit,
+            });
+        }
+
+        if (request.query.limit < 1) {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'limit',
+                message: 'Limit can not be less than 1',
+            });
+        }
+
+        return new Response(
+            await GetEmailRecipientsEndpoint.buildData(request.query),
+        );
+    }
+}

package/src/endpoints/global/email-recipients/helpers/validateEmailRecipientFilter.ts

@@ -0,0 +1,64 @@
+import { SimpleError } from '@simonbackx/simple-errors';
+import { Email } from '@stamhoofd/models';
+import { FilterWrapperMarker, PermissionLevel, StamhoofdFilter, unwrapFilter, WrapperFilter } from '@stamhoofd/structures';
+import { Context } from '../../../../helpers/Context';
+
+export async function validateEmailRecipientFilter({ filter, permissionLevel }: { filter: StamhoofdFilter; permissionLevel: PermissionLevel }) {
+    // Require presence of a filter
+    const requiredFilter: WrapperFilter = {
+        emailId: FilterWrapperMarker,
+    };
+
+    const unwrapped = unwrapFilter(filter, requiredFilter);
+    if (!unwrapped.match) {
+        return false;
+    }
+
+    const emailIds = typeof unwrapped.markerValue === 'string'
+        ? [unwrapped.markerValue]
+        : unwrapFilter(unwrapped.markerValue as StamhoofdFilter, {
+            $in: FilterWrapperMarker,
+        })?.markerValue;
+
+    if (!Array.isArray(emailIds)) {
+        throw new SimpleError({
+            code: 'invalid_field',
+            field: 'filter',
+            message: 'You must filter on an email id of the email recipients you are trying to access',
+            human: $t(`Je hebt niet voldoende toegangsrechten om alle email ontvangers te bekijken.`),
+        });
+    }
+
+    if (emailIds.length === 0) {
+        throw new SimpleError({
+            code: 'invalid_field',
+            field: 'filter',
+            message: 'Filtering on an empty list of email ids is not supported',
+        });
+    }
+
+    for (const emailId of emailIds) {
+        if (typeof emailId !== 'string') {
+            throw new SimpleError({
+                code: 'invalid_field',
+                field: 'filter',
+                message: 'Invalid email ID in filter',
+            });
+        }
+    }
+
+    const emails = await Email.getByIDs(...emailIds as string[]);
+
+    console.log('Fetching recipients for emails', emails.map(g => g.subject));
+
+    for (const email of emails) {
+        if (!await Context.auth.canAccessEmail(email, permissionLevel)) {
+            throw Context.auth.error({
+                message: 'You do not have access to this email',
+                human: $t(`Je hebt geen toegangsrechten tot de ontvangers van deze email`),
+            });
+        }
+    }
+
+    return true;
+}

package/src/endpoints/global/members/PatchOrganizationMembersEndpoint.ts

@@ -966,7 +966,11 @@ export class PatchOrganizationMembersEndpoint extends Endpoint<Params, Query, Bo
     }
 
     static shouldCheckIfMemberIsDuplicate(put: Member): boolean {
-        if (put.details.firstName.length <= 3 && put.details.lastName.length <= 3) {
+        if (put.details.firstName === '???') {
+            return false;
+        }
+
+        if (put.details.name.length <= 3) {
             return false;
         }
 

package/src/endpoints/global/registration-periods/GetRegistrationPeriodsEndpoint.ts

@@ -5,6 +5,7 @@ import { Decoder } from '@simonbackx/simple-encoding';
 import { SimpleError } from '@simonbackx/simple-errors';
 import { RegistrationPeriod } from '@stamhoofd/models';
 import { applySQLSorter, compileToSQLFilter, SQLFilterDefinitions, SQLSortDefinitions } from '@stamhoofd/sql';
+import { Context } from '../../../helpers/Context';
 import { registrationPeriodFilterCompilers } from '../../../sql-filters/registration-periods';
 import { registrationPeriodSorters } from '../../../sql-sorters/registration-periods';
 
@@ -33,9 +34,24 @@ export class GetRegistrationPeriodsEndpoint extends Endpoint<Params, Query, Body
     }
 
     static async buildQuery(q: CountFilteredRequest | LimitedFilteredRequest) {
-        const scopeFilter: StamhoofdFilter | undefined = undefined;
+        let scopeFilter: StamhoofdFilter | undefined = undefined;
         const query = RegistrationPeriod.select();
 
+        if (STAMHOOFD.userMode === 'organization') {
+            const organization = Context.organization;
+
+            if (!organization) {
+                throw new SimpleError({
+                    code: 'no_organization',
+                    message: 'Organization is undefined on Context',
+                });
+            }
+
+            scopeFilter = {
+                organizationId: organization.id,
+            };
+        }
+
         if (scopeFilter) {
             query.where(await compileToSQLFilter(scopeFilter, filterCompilers));
         }
@@ -127,6 +143,8 @@ export class GetRegistrationPeriodsEndpoint extends Endpoint<Params, Query, Body
             });
         }
 
+        await Context.setUserOrganizationScope();
+
         return new Response(
             await GetRegistrationPeriodsEndpoint.buildData(request.query),
         );

package/src/endpoints/global/registration-periods/PatchRegistrationPeriodsEndpoint.ts

@@ -92,9 +92,8 @@ export class PatchRegistrationPeriodsEndpoint extends Endpoint<Params, Query, Bo
                 }
             }
 
-            await period.setPreviousPeriodId();
-
             await period.save();
+            await period.updatePreviousNextPeriods();
             periods.push(period);
         }
 
@@ -138,7 +137,7 @@ export class PatchRegistrationPeriodsEndpoint extends Endpoint<Params, Query, Bo
                 model.settings = patchObject(model.settings, patch.settings);
             }
 
-            await model.setPreviousPeriodId();
+            await model.updatePreviousNextPeriods();
             await model.save();
 
             // Schedule patch of all groups in this period
@@ -156,23 +155,13 @@ export class PatchRegistrationPeriodsEndpoint extends Endpoint<Params, Query, Bo
                 });
             }
 
-            // Get before deleting the model
-            const updateWhere = await RegistrationPeriod.where({ previousPeriodId: model.id });
-
             // Now delete the model
             await model.delete();
-
-            // Update all previous period ids
-            await AuditLogService.setContext({ source: AuditLogSource.System }, async () => {
-                for (const period of updateWhere) {
-                    await period.setPreviousPeriodId();
-                    await period.save();
-                }
-            });
+            await RegistrationPeriod.updatePreviousNextPeriods(model.organizationId);
         }
 
         // Clear platform cache
-        Platform.clearCache();
+        await Platform.clearCache();
 
         return new Response(
             periods.map(p => p.getStructure()),

package/src/endpoints/organization/dashboard/registration-periods/PatchOrganizationRegistrationPeriodsEndpoint.ts

@@ -531,6 +531,8 @@ export class PatchOrganizationRegistrationPeriodsEndpoint extends Endpoint<Param
         model.type = struct.type;
         model.settings.period = period.getBaseStructure();
         model.settings.endDate = period.endDate;
+        model.settings.registeredMembers = 0;
+        model.settings.reservedMembers = 0;
 
         // Note: start date is curomizable, as long as it stays between period start and end
         if (model.settings.startDate < period.startDate || model.settings.startDate > period.endDate) {

package/src/helpers/AdminPermissionChecker.ts

@@ -883,6 +883,10 @@ export class AdminPermissionChecker {
             return false;
         }
 
+        if (email.deletedAt) {
+            return false;
+        }
+
         if (email.userId === this.user.id) {
             // User can always read their own emails
             // Note; for sending we'll always need to use 'canSendEmailsFrom' externally

package/src/helpers/AuthenticatedStructures.ts

@@ -604,7 +604,7 @@ export class AuthenticatedStructures {
 
             const registration = memberBlob.registrations.find(r => r.id === id);
             if (!registration) {
-                throw new Error('Registration not found');
+                throw new Error('Registration not found: ' + id);
             }
 
             return RegistrationWithMemberBlob.create({

package/src/helpers/EmailResumer.ts

@@ -6,7 +6,7 @@ import { ContextInstance } from './Context';
 export async function resumeEmails() {
     const query = SQL.select()
         .from(SQL.table(Email.table))
-        .where(SQL.column('status'), EmailStatus.Sending);
+        .where(SQL.column('status'), [EmailStatus.Sending, EmailStatus.Queued]);
 
     const result = await query.fetch();
     const emails = Email.fromRows(result, Email.table);
@@ -28,7 +28,7 @@ export async function resumeEmails() {
 
         try {
             await ContextInstance.startForUser(user, organization, async () => {
-                await email.send();
+                await email.resumeSending();
             });
         }
         catch (e) {

package/src/seeds/1755790070-fill-email-recipient-errors.ts

@@ -0,0 +1,96 @@
+import { Migration } from '@simonbackx/simple-database';
+import { SimpleError, SimpleErrors } from '@simonbackx/simple-errors';
+import { EmailRecipient } from '@stamhoofd/models';
+
+function stringToError(message: string) {
+    if (message === 'Recipient has hard bounced') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'email_skipped_hard_bounce',
+                message: 'The recipient has hard bounced. This means that the email address is invalid or no longer exists.',
+                human: $t(`af49a569-ce88-48d9-ac37-81e594e16c03`),
+            }),
+        );
+    }
+
+    if (message === 'Recipient has marked as spam') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'email_skipped_spam',
+                message: 'Recipient has marked as spam',
+                human: $t(`e6523f56-397e-4127-8bf7-8396f6f25a62`),
+            }),
+        );
+    }
+
+    if (message === 'Recipient has unsubscribed') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'email_skipped_unsubscribed',
+                message: 'Recipient has unsubscribed',
+                human: $t('De ontvanger heeft zich afgemeld voor e-mails'),
+            }),
+        );
+    }
+
+    if (message === 'Recipient has unsubscribed from marketing') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'email_skipped_unsubscribed',
+                message: 'Recipient has unsubscribed from marketing',
+                human: $t('De ontvanger heeft zich afgemeld voor e-mails'),
+            }),
+        );
+    }
+
+    if (message === 'All recipients are filtered due to hard bounce or spam') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'all_filtered',
+                message: 'All recipients are filtered due to hard bounce or spam',
+                human: $t('Deze ontvanger komt voor op de gedeelde bounce of spamlijst. De ontvanger was eerder permanent onbereikbaar of heeft eerder een e-mail als spam gemarkeerd.'),
+            }),
+        );
+    }
+
+    if (message === 'Invalid email address') {
+        return new SimpleErrors(
+            new SimpleError({
+                code: 'invalid_email_address',
+                message: 'Invalid email address',
+                human: $t(`cbbff442-758c-4f76-b8c2-26bb176fefcc`),
+            }),
+        );
+    }
+
+    return new SimpleErrors(
+        new SimpleError({
+            code: 'unknown_error',
+            message: message,
+        }),
+    );
+}
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment === 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    console.log('Start setting failError object on email recipients.');
+
+    const batchSize = 100;
+    let count = 0;
+
+    for await (const r of EmailRecipient.select()
+        .whereNot('failErrorMessage', null).limit(batchSize).all()) {
+        if (!r.failErrorMessage) {
+            continue;
+        }
+        r.failError = stringToError(r.failErrorMessage);
+        await r.save();
+        count++;
+    }
+
+    console.log('Finished saving ' + count + ' recipients with error object.');
+});

package/src/seeds/1756115432-remove-old-drafts.ts

@@ -0,0 +1,16 @@
+import { Migration } from '@simonbackx/simple-database';
+import { Email } from '@stamhoofd/models';
+import { EmailStatus } from '@stamhoofd/structures';
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment === 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    const { affectedRows } = await Email.delete()
+        .where('status', EmailStatus.Draft)
+        .where('createdAt', '<', new Date(Date.now() - 1000 * 60 * 60 * 24 * 30)) // older than 30 days
+        .delete();
+    console.log('Deleted ' + affectedRows + ' old draft emails.');
+});

package/src/seeds/1756115433-fill-email-recipient-organization-id.ts

@@ -0,0 +1,30 @@
+import { Migration } from '@simonbackx/simple-database';
+import { Email, EmailRecipient } from '@stamhoofd/models';
+import { SQL } from '@stamhoofd/sql';
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment === 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    console.log('Start setting organizationId object on email recipients.');
+
+    const batchSize = 100;
+    let count = 0;
+
+    for await (const email of Email.select().where('organizationId', '!=', null).limit(batchSize).all()) {
+        if (!email.organizationId) {
+            continue;
+        }
+
+        await SQL.update(EmailRecipient.table)
+            .set('organizationId', email.organizationId)
+            .where('emailId', email.id)
+            .update();
+
+        count++;
+    }
+
+    console.log('Finished saving email recipients of ' + count + ' emails with organization id.');
+});

package/src/seeds/1756293699-fill-previous-next-period-id.ts

@@ -0,0 +1,34 @@
+import { Migration } from '@simonbackx/simple-database';
+import { logger } from '@simonbackx/simple-logging';
+import { Organization, Platform, RegistrationPeriod } from '@stamhoofd/models';
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment == 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    process.stdout.write('\n');
+
+    await logger.setContext({ tags: ['seed'] }, async () => {
+        if (STAMHOOFD.userMode === 'platform') {
+            await RegistrationPeriod.updatePreviousNextPeriods(null);
+        }
+        else {
+            for await (const organization of Organization.select().all()) {
+                await RegistrationPeriod.updatePreviousNextPeriods(organization.id);
+            }
+        }
+    });
+    console.log('Updated periods');
+
+    // Now update platform
+    const platform = await Platform.getForEditing();
+    await platform.setPreviousPeriodId();
+    await platform.save();
+
+    console.log('Updated platform');
+
+    // Do something here
+    return Promise.resolve();
+});

package/src/seeds/1756303697-update-email-counts.ts

@@ -0,0 +1,76 @@
+import { Migration } from '@simonbackx/simple-database';
+import { Email, EmailRecipient } from '@stamhoofd/models';
+import { SQL, SQLAlias, SQLCount, SQLSelectAs } from '@stamhoofd/sql';
+import { EmailStatus } from '@stamhoofd/structures';
+
+export default new Migration(async () => {
+    if (STAMHOOFD.environment === 'test') {
+        console.log('skipped in tests');
+        return;
+    }
+
+    console.log('Start setting counts of emails.');
+
+    const batchSize = 100;
+    let count = 0;
+
+    for await (const email of Email.select()
+        .where('status', EmailStatus.Sent)
+        .where('succeededCount', 0)
+        .where('failedCount', 0)
+        .where('emailRecipientsCount', '!=', 0)
+        .where('emailRecipientsCount', '!=', null)
+        .where('createdAt', '<', new Date('2025-08-28 00:00:00')).limit(batchSize).all()) {
+        const query = SQL.select(
+            new SQLSelectAs(
+                new SQLCount(
+                    SQL.column('failError'),
+                ),
+                new SQLAlias('data__failedCount'),
+            ),
+            // If the current amount_due is negative, we can ignore that negative part if there is a future due item
+            new SQLSelectAs(
+                new SQLCount(
+                    SQL.column('sentAt'),
+                ),
+                new SQLAlias('data__succeededCount'),
+            ),
+        )
+            .from(EmailRecipient.table)
+            .where('emailId', email.id);
+
+        const result = await query.fetch();
+        if (result.length !== 1) {
+            console.error('Unexpected result', result);
+            continue;
+        }
+        const row = result[0]['data'];
+        if (!row) {
+            console.error('Unexpected result row', result);
+            continue;
+        }
+
+        let failedCount = row['failedCount'];
+        const succeededCount = row['succeededCount'];
+
+        if (typeof failedCount !== 'number' || typeof succeededCount !== 'number') {
+            console.error('Unexpected result values', row);
+            return;
+        }
+
+        if (email.emailRecipientsCount !== null && failedCount + succeededCount !== email.emailRecipientsCount) {
+            console.warn(`Email ${email.id} has ${email.emailRecipientsCount} recipients, but ${failedCount} failed and ${succeededCount} succeeded. Correcting failedCount to `, email.emailRecipientsCount - succeededCount);
+            failedCount = email.emailRecipientsCount - succeededCount;
+        }
+
+        // Send an update query
+        await Email.update()
+            .where('id', email.id)
+            .set('succeededCount', succeededCount)
+            .set('failedCount', failedCount)
+            .update();
+        count += 1;
+    }
+
+    console.log('Finished saving ' + count + ' emails.');
+});