@stamhoofd/models 2.74.0 → 2.75.0

package/src/migrations/1739017508-event-notifications.sql

@@ -0,0 +1,25 @@
+CREATE TABLE `event_notifications` (
+    `id` varchar(36) NOT NULL DEFAULT '',
+    `typeId` varchar(36) NOT NULL,
+    `periodId` varchar(36) NOT NULL,
+    `startDate` datetime NOT NULL,
+    `endDate` datetime NOT NULL,
+    `status` varchar(36) NOT NULL,
+    `feedbackText` text NULL,
+    `organizationId` varchar(36) DEFAULT NULL,
+    `recordAnswers` json NOT NULL DEFAULT ('{"value": {}, "version": 0}'),
+    `createdBy` varchar(36) DEFAULT NULL,
+    `submittedBy` varchar(36) DEFAULT NULL,
+    `createdAt` datetime NOT NULL,
+    `updatedAt` datetime NOT NULL,
+    PRIMARY KEY (`id`),
+    KEY `organizationId` (`organizationId`),
+    KEY `periodId` (`periodId`),
+    KEY `createdBy` (`createdBy`),
+    KEY `submittedBy` (`submittedBy`),
+    KEY `startDate` (`startDate`) USING BTREE,
+    CONSTRAINT `organizationId` FOREIGN KEY (`organizationId`) REFERENCES `organizations` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT `createdBy` FOREIGN KEY (`createdBy`) REFERENCES `users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE,
+    CONSTRAINT `submittedBy` FOREIGN KEY (`submittedBy`) REFERENCES `users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE,
+    CONSTRAINT `periodId` FOREIGN KEY (`periodId`) REFERENCES `registration_periods` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci;

package/src/migrations/1739017509-event-notifications-link.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `_event_notifications_events` (
+    `id` bigint unsigned NOT NULL AUTO_INCREMENT,
+    `event_notificationsId` varchar(36) NOT NULL,
+    `eventsId` varchar(36) NOT NULL,
+    PRIMARY KEY (`id`),
+    KEY `event_notificationsId` (`event_notificationsId`),
+    KEY `eventsId` (`eventsId`),
+    CONSTRAINT `event_notificationsId` FOREIGN KEY (`event_notificationsId`) REFERENCES `event_notifications` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT `eventsId` FOREIGN KEY (`eventsId`) REFERENCES `events` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci;

package/src/migrations/1739282590-event-notifications-submitted-at.sql

@@ -0,0 +1,3 @@
+ALTER TABLE `event_notifications`
+ADD COLUMN `submittedAt` datetime NULL AFTER `submittedBy`,
+ADD INDEX `submittedAt` (`submittedAt` DESC) USING BTREE;

package/src/models/DocumentTemplate.ts

@@ -432,7 +432,9 @@ export class DocumentTemplate extends QueryableModel {
             for (const document of existingDocuments) {
                 await this.updateDocumentWithAnswers(document, fieldAnswers);
                 document.data.name = this.settings.name;
-                document.data.description = description;
+                if (existingDocuments.length === 1) {
+                    document.data.description = description;
+                }
                 if (document.status === DocumentStatus.Draft || document.status === DocumentStatus.Published) {
                     document.status = this.status;
                 }

package/src/models/EventNotification.ts

@@ -0,0 +1,77 @@
+import { column, ManyToManyRelation } from '@simonbackx/simple-database';
+import { MapDecoder, StringDecoder } from '@simonbackx/simple-encoding';
+import { QueryableModel } from '@stamhoofd/sql';
+import { EventNotificationStatus, RecordAnswer, RecordAnswerDecoder } from '@stamhoofd/structures';
+import { v4 as uuidv4 } from 'uuid';
+import { Event } from './Event';
+
+export class EventNotification extends QueryableModel {
+    static table = 'event_notifications';
+
+    @column({ primary: true, type: 'string', beforeSave(value) {
+        return value ?? uuidv4();
+    } })
+    id!: string;
+
+    @column({ type: 'string' })
+    typeId: string;
+
+    @column({ type: 'string' })
+    periodId: string;
+
+    @column({ type: 'datetime' })
+    startDate: Date;
+
+    @column({ type: 'datetime' })
+    endDate: Date;
+
+    @column({ type: 'string' })
+    status = EventNotificationStatus.Draft;
+
+    /**
+     * Feedback on a review, e.g. when it is declined (explains which changes need to be made).
+     * It is only visible when the status is not 'accepted' or 'pending'.
+     */
+    @column({ type: 'string', nullable: true })
+    feedbackText: string | null = null;
+
+    @column({ type: 'string' })
+    organizationId: string;
+
+    @column({ type: 'json', decoder: new MapDecoder(StringDecoder, RecordAnswerDecoder) })
+    recordAnswers: Map<string, RecordAnswer> = new Map();
+
+    @column({ type: 'string', nullable: true })
+    createdBy: string | null = null;
+
+    @column({ type: 'string', nullable: true })
+    submittedBy: string | null = null;
+
+    @column({ type: 'datetime', nullable: true })
+    submittedAt: Date | null = null;
+
+    @column({
+        type: 'datetime', beforeSave(old?: any) {
+            if (old !== undefined) {
+                return old;
+            }
+            const date = new Date();
+            date.setMilliseconds(0);
+            return date;
+        },
+    })
+    createdAt: Date;
+
+    @column({
+        type: 'datetime', beforeSave() {
+            const date = new Date();
+            date.setMilliseconds(0);
+            return date;
+        },
+        skipUpdate: true,
+    })
+    updatedAt: Date;
+
+    // Note: all relations should point to their parents, not the other way around to avoid reference cycles
+    static events = new ManyToManyRelation(EventNotification, Event, 'events');
+}

package/src/models/Image.ts

@@ -24,7 +24,7 @@ export class Image extends QueryableModel {
     @column({ type: 'datetime' })
     createdAt: Date = new Date();
 
-    static async create(fileContent: string | Buffer, type: string | undefined, resolutions: ResolutionRequest[]): Promise<Image> {
+    static async create(fileContent: string | Buffer, type: string | undefined, resolutions: ResolutionRequest[], isPrivateFile: boolean = false): Promise<Image> {
         if (!STAMHOOFD.SPACES_BUCKET || !STAMHOOFD.SPACES_ENDPOINT || !STAMHOOFD.SPACES_KEY || !STAMHOOFD.SPACES_SECRET) {
             throw new SimpleError({
                 code: 'not_available',
@@ -105,7 +105,7 @@ export class Image extends QueryableModel {
                 Key: key,
                 Body: f.data,
                 ContentType: !supportsTransparency ? 'image/jpeg' : 'image/png',
-                ACL: 'public-read',
+                ACL: isPrivateFile ? 'private' : 'public-read',
             };
 
             uploadPromises.push(s3.putObject(params).promise());
@@ -115,8 +115,20 @@ export class Image extends QueryableModel {
                 server: 'https://' + STAMHOOFD.SPACES_BUCKET + '.' + STAMHOOFD.SPACES_ENDPOINT,
                 path: key,
                 size: f.info.size,
+                isPrivate: isPrivateFile,
             });
 
+            if (isPrivateFile) {
+                if (!await _file.sign()) {
+                    throw new SimpleError({
+                        code: 'failed_to_sign',
+                        message: 'Failed to sign file',
+                        human: $t('Er ging iet mis bij het uploaden van jouw bestand. Probeer het later opnieuw (foutcode: SIGN).'),
+                        statusCode: 500,
+                    });
+                }
+            }
+
             const _image = new Resolution({
                 file: _file,
                 width: f.info.width,
@@ -142,6 +154,7 @@ export class Image extends QueryableModel {
             server: 'https://' + STAMHOOFD.SPACES_BUCKET + '.' + STAMHOOFD.SPACES_ENDPOINT,
             path: key,
             size: fileContent.length,
+            // Don't set private here, as we don't allow to download this file
         });
 
         uploadPromises.push(s3.putObject(params).promise());

package/src/models/MemberPlatformMembership.ts

@@ -108,8 +108,12 @@ export class MemberPlatformMembership extends QueryableModel {
     @column({ type: 'boolean' })
     locked = false;
 
-    canDelete() {
-        if (this.balanceItemId) {
+    canDelete(hasPlatformFullAccess = false) {
+        if (this.locked) {
+            return false;
+        }
+
+        if (this.balanceItemId && !hasPlatformFullAccess) {
             return false;
         }
         return true;
@@ -150,6 +154,11 @@ export class MemberPlatformMembership extends QueryableModel {
     }
 
     async calculatePrice(member: Member, registration?: Registration) {
+        if (this.locked) {
+            // price of locked membership cannot be changed
+            return;
+        }
+
         const platform = await Platform.getSharedPrivateStruct();
         const membershipType = platform.config.membershipTypes.find(m => m.id === this.membershipTypeId);
 

package/src/models/MemberResponsibilityRecord.ts

@@ -1,5 +1,5 @@
 import { column } from '@simonbackx/simple-database';
-import { QueryableModel } from '@stamhoofd/sql';
+import { QueryableModel, SQL } from '@stamhoofd/sql';
 import { Group as GroupStruct, MemberResponsibilityRecordBase, MemberResponsibilityRecord as MemberResponsibilityRecordStruct } from '@stamhoofd/structures';
 import { v4 as uuidv4 } from 'uuid';
 
@@ -53,4 +53,8 @@ export class MemberResponsibilityRecord extends QueryableModel {
             group,
         });
     }
+
+    static get whereActive() {
+        return SQL.where('startDate', '<', new Date()).and(SQL.where('endDate', null).or('endDate', '>', new Date()));
+    }
 }

package/src/models/Organization.ts

@@ -806,7 +806,7 @@ export class Organization extends QueryableModel {
     async getAdmins() {
         // Circular reference fix
         const User = (await import('./User')).User;
-        return await User.getAdmins([this.id], { verified: true });
+        return await User.getAdmins(this.id, { verified: true });
     }
 
     /**

package/src/models/User.ts

@@ -1,6 +1,6 @@
 import { column, Database, ManyToOneRelation } from '@simonbackx/simple-database';
 import { EmailInterfaceRecipient } from '@stamhoofd/email';
-import { QueryableModel } from '@stamhoofd/sql';
+import { QueryableModel, SQL, SQLExpression, SQLJsonExtract } from '@stamhoofd/sql';
 import { LoginProviderType, NewUser, Permissions, Recipient, Replacement, UserMeta, UserPermissions, User as UserStruct } from '@stamhoofd/structures';
 import argon2 from 'argon2';
 import { v4 as uuidv4 } from 'uuid';
@@ -117,15 +117,52 @@ export class User extends QueryableModel {
         });
     }
 
-    static async getAdmins(organizationIds: string[], options?: { verified?: boolean }) {
-        if (organizationIds.length == 0) {
-            return [];
+    static async getPlatformAdmins(options?: { verified?: boolean }) {
+        // Custom implementation
+        const q = User.select()
+            .where('organizationId', null)
+            .where('permissions', '!=', null)
+            .where(
+                SQL.jsonValue(SQL.column('permissions'), '$.value.globalPermissions'),
+                '!=',
+                null,
+            )
+            .where('id', '!=', '1');
+
+        if (options?.verified !== undefined) {
+            q.where('verified', options.verified);
         }
 
+        let global = await q.fetch();
+
+        // Hide api accounts
+        global = global.filter(a => !a.isApiUser);
+
+        return global;
+    }
+
+    static async getAdmins(organizationId: string, options?: { verified?: boolean }) {
         if (STAMHOOFD.userMode === 'platform') {
             // Custom implementation
-            let global = (await User.where({ organizationId: null, permissions: { sign: '!=', value: null } }));
-            global = global.filter(u => organizationIds.find(organizationId => u.permissions?.organizationPermissions.has(organizationId)));
+            const q = User.select()
+                .where('organizationId', null)
+                .where('permissions', '!=', null)
+                .where(
+                    SQL.jsonValue(
+                        SQL.jsonValue(SQL.column('permissions'), '$.value.organizationPermissions'),
+                        '$."' + organizationId + '"',
+                        true,
+                    ),
+                    '!=',
+                    null,
+                )
+            ;
+
+            if (options?.verified !== undefined) {
+                q.where('verified', options.verified);
+            }
+
+            let global = await q.fetch();
 
             // Hide api accounts
             global = global.filter(a => !a.isApiUser);
@@ -133,19 +170,21 @@ export class User extends QueryableModel {
             return global;
         }
 
-        const query: any = {
-            permissions: { sign: '!=', value: null },
-            organizationId: { sign: 'IN', value: organizationIds },
-        };
+        const q = User.select()
+            .where('organizationId', organizationId)
+            .where('permissions', '!=', null)
+        ;
 
         if (options?.verified !== undefined) {
-            query.verified = options.verified;
+            q.where('verified', options.verified);
         }
 
-        return (
+        let global = await q.fetch();
+
+        // Hide api accounts
+        global = global.filter(a => !a.isApiUser);
 
-            await User.where(query)
-        ).filter(a => !a.isApiUser);
+        return global;
     }
 
     static async getApiUsers(organizationIds: string[]) {

package/src/models/index.ts

@@ -51,6 +51,7 @@ export * from './MemberPlatformMembership';
 export * from './Email';
 export * from './EmailRecipient';
 export * from './Event';
+export * from './EventNotification';
 export * from './CachedBalance';
 export * from './AuditLog';
 export * from './MemberUser';