diff --git a/backend/src/graphql/resolver/AdminResolver.ts b/backend/src/graphql/resolver/AdminResolver.ts deleted file mode 100644 index 80c69a864..000000000 --- a/backend/src/graphql/resolver/AdminResolver.ts +++ /dev/null @@ -1,918 +0,0 @@ -import { Context, getUser, getClientTimezoneOffset } from '@/server/context' -import { backendLogger as logger } from '@/server/logger' -import { Resolver, Query, Arg, Args, Authorized, Mutation, Ctx, Int } from 'type-graphql' -import { - getCustomRepository, - IsNull, - getConnection, - In, - MoreThan, - FindOperator, -} from '@dbTools/typeorm' -import { UserAdmin, SearchUsersResult } from '@model/UserAdmin' -import { UnconfirmedContribution } from '@model/UnconfirmedContribution' -import { AdminCreateContributions } from '@model/AdminCreateContributions' -import { AdminUpdateContribution } from '@model/AdminUpdateContribution' -import { ContributionLink } from '@model/ContributionLink' -import { ContributionLinkList } from '@model/ContributionLinkList' -import { Contribution } from '@model/Contribution' -import { RIGHTS } from '@/auth/RIGHTS' -import { UserRepository } from '@repository/User' -import AdminCreateContributionArgs from '@arg/AdminCreateContributionArgs' -import AdminUpdateContributionArgs from '@arg/AdminUpdateContributionArgs' -import SearchUsersArgs from '@arg/SearchUsersArgs' -import ContributionLinkArgs from '@arg/ContributionLinkArgs' -import { Transaction as DbTransaction } from '@entity/Transaction' -import { ContributionLink as DbContributionLink } from '@entity/ContributionLink' -import { TransactionLink, TransactionLinkResult } from '@model/TransactionLink' -import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink' -import { calculateDecay } from '@/util/decay' -import { Contribution as DbContribution } from '@entity/Contribution' -import { hasElopageBuys } from '@/util/hasElopageBuys' -import { User as dbUser } from '@entity/User' -import { User } from '@model/User' -import { TransactionTypeId } from '@enum/TransactionTypeId' -import { ContributionType } from '@enum/ContributionType' -import { ContributionStatus } from '@enum/ContributionStatus' -import Decimal from 'decimal.js-light' -import { Decay } from '@model/Decay' -import Paginated from '@arg/Paginated' -import TransactionLinkFilters from '@arg/TransactionLinkFilters' -import { Order } from '@enum/Order' -import { findUserByEmail, activationLink, printTimeDuration } from './UserResolver' -import { sendAccountActivationEmail } from '@/mailer/sendAccountActivationEmail' -import { transactionLinkCode as contributionLinkCode } from './TransactionLinkResolver' -import CONFIG from '@/config' -import { - getUserCreation, - getUserCreations, - validateContribution, - isStartEndDateValid, - updateCreations, - isValidDateString, -} from './util/creations' -import { - CONTRIBUTIONLINK_NAME_MAX_CHARS, - CONTRIBUTIONLINK_NAME_MIN_CHARS, - FULL_CREATION_AVAILABLE, - MEMO_MAX_CHARS, - MEMO_MIN_CHARS, -} from './const/const' -import { UserContact } from '@entity/UserContact' -import { ContributionMessage as DbContributionMessage } from '@entity/ContributionMessage' -import ContributionMessageArgs from '@arg/ContributionMessageArgs' -import { ContributionMessageType } from '@enum/MessageType' -import { ContributionMessage } from '@model/ContributionMessage' -import { sendContributionConfirmedEmail } from '@/mailer/sendContributionConfirmedEmail' -import { sendContributionRejectedEmail } from '@/mailer/sendContributionRejectedEmail' -import { sendAddedContributionMessageEmail } from '@/mailer/sendAddedContributionMessageEmail' -import { eventProtocol } from '@/event/EventProtocolEmitter' -import { - Event, - EventAdminContributionCreate, - EventAdminContributionDelete, - EventAdminContributionUpdate, - EventContributionConfirm, - EventSendConfirmationEmail, -} from '@/event/Event' -import { ContributionListResult } from '../model/Contribution' - -// const EMAIL_OPT_IN_REGISTER = 1 -// const EMAIL_OPT_UNKNOWN = 3 // elopage? - -@Resolver() -export class AdminResolver { - @Authorized([RIGHTS.SEARCH_USERS]) - @Query(() => SearchUsersResult) - async searchUsers( - @Args() - { searchText, currentPage = 1, pageSize = 25, filters }: SearchUsersArgs, - @Ctx() context: Context, - ): Promise { - const clientTimezoneOffset = getClientTimezoneOffset(context) - const userRepository = getCustomRepository(UserRepository) - const userFields = [ - 'id', - 'firstName', - 'lastName', - 'emailId', - 'emailContact', - 'deletedAt', - 'isAdmin', - ] - const [users, count] = await userRepository.findBySearchCriteriaPagedFiltered( - userFields.map((fieldName) => { - return 'user.' + fieldName - }), - searchText, - filters, - currentPage, - pageSize, - ) - - if (users.length === 0) { - return { - userCount: 0, - userList: [], - } - } - - const creations = await getUserCreations( - users.map((u) => u.id), - clientTimezoneOffset, - ) - - const adminUsers = await Promise.all( - users.map(async (user) => { - let emailConfirmationSend = '' - if (!user.emailContact.emailChecked) { - if (user.emailContact.updatedAt) { - emailConfirmationSend = user.emailContact.updatedAt.toISOString() - } else { - emailConfirmationSend = user.emailContact.createdAt.toISOString() - } - } - const userCreations = creations.find((c) => c.id === user.id) - const adminUser = new UserAdmin( - user, - userCreations ? userCreations.creations : FULL_CREATION_AVAILABLE, - await hasElopageBuys(user.emailContact.email), - emailConfirmationSend, - ) - return adminUser - }), - ) - return { - userCount: count, - userList: adminUsers, - } - } - - @Authorized([RIGHTS.SET_USER_ROLE]) - @Mutation(() => Date, { nullable: true }) - async setUserRole( - @Arg('userId', () => Int) - userId: number, - @Arg('isAdmin', () => Boolean) - isAdmin: boolean, - @Ctx() - context: Context, - ): Promise { - const user = await dbUser.findOne({ id: userId }) - // user exists ? - if (!user) { - logger.error(`Could not find user with userId: ${userId}`) - throw new Error(`Could not find user with userId: ${userId}`) - } - // administrator user changes own role? - const moderatorUser = getUser(context) - if (moderatorUser.id === userId) { - logger.error('Administrator can not change his own role!') - throw new Error('Administrator can not change his own role!') - } - // change isAdmin - switch (user.isAdmin) { - case null: - if (isAdmin === true) { - user.isAdmin = new Date() - } else { - logger.error('User is already a usual user!') - throw new Error('User is already a usual user!') - } - break - default: - if (isAdmin === false) { - user.isAdmin = null - } else { - logger.error('User is already admin!') - throw new Error('User is already admin!') - } - break - } - await user.save() - const newUser = await dbUser.findOne({ id: userId }) - return newUser ? newUser.isAdmin : null - } - - @Authorized([RIGHTS.DELETE_USER]) - @Mutation(() => Date, { nullable: true }) - async deleteUser( - @Arg('userId', () => Int) userId: number, - @Ctx() context: Context, - ): Promise { - const user = await dbUser.findOne({ id: userId }) - // user exists ? - if (!user) { - logger.error(`Could not find user with userId: ${userId}`) - throw new Error(`Could not find user with userId: ${userId}`) - } - // moderator user disabled own account? - const moderatorUser = getUser(context) - if (moderatorUser.id === userId) { - logger.error('Moderator can not delete his own account!') - throw new Error('Moderator can not delete his own account!') - } - // soft-delete user - await user.softRemove() - const newUser = await dbUser.findOne({ id: userId }, { withDeleted: true }) - return newUser ? newUser.deletedAt : null - } - - @Authorized([RIGHTS.UNDELETE_USER]) - @Mutation(() => Date, { nullable: true }) - async unDeleteUser(@Arg('userId', () => Int) userId: number): Promise { - const user = await dbUser.findOne({ id: userId }, { withDeleted: true }) - if (!user) { - logger.error(`Could not find user with userId: ${userId}`) - throw new Error(`Could not find user with userId: ${userId}`) - } - if (!user.deletedAt) { - logger.error('User is not deleted') - throw new Error('User is not deleted') - } - await user.recover() - return null - } - - @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTION]) - @Mutation(() => [Number]) - async adminCreateContribution( - @Args() { email, amount, memo, creationDate }: AdminCreateContributionArgs, - @Ctx() context: Context, - ): Promise { - logger.info( - `adminCreateContribution(email=${email}, amount=${amount}, memo=${memo}, creationDate=${creationDate})`, - ) - const clientTimezoneOffset = getClientTimezoneOffset(context) - if (!isValidDateString(creationDate)) { - logger.error(`invalid Date for creationDate=${creationDate}`) - throw new Error(`invalid Date for creationDate=${creationDate}`) - } - const emailContact = await UserContact.findOne({ - where: { email }, - withDeleted: true, - relations: ['user'], - }) - if (!emailContact) { - logger.error(`Could not find user with email: ${email}`) - throw new Error(`Could not find user with email: ${email}`) - } - if (emailContact.deletedAt) { - logger.error('This emailContact was deleted. Cannot create a contribution.') - throw new Error('This emailContact was deleted. Cannot create a contribution.') - } - if (emailContact.user.deletedAt) { - logger.error('This user was deleted. Cannot create a contribution.') - throw new Error('This user was deleted. Cannot create a contribution.') - } - if (!emailContact.emailChecked) { - logger.error('Contribution could not be saved, Email is not activated') - throw new Error('Contribution could not be saved, Email is not activated') - } - - const event = new Event() - const moderator = getUser(context) - logger.trace('moderator: ', moderator.id) - const creations = await getUserCreation(emailContact.userId, clientTimezoneOffset) - logger.trace('creations:', creations) - const creationDateObj = new Date(creationDate) - logger.trace('creationDateObj:', creationDateObj) - validateContribution(creations, amount, creationDateObj, clientTimezoneOffset) - const contribution = DbContribution.create() - contribution.userId = emailContact.userId - contribution.amount = amount - contribution.createdAt = new Date() - contribution.contributionDate = creationDateObj - contribution.memo = memo - contribution.moderatorId = moderator.id - contribution.contributionType = ContributionType.ADMIN - contribution.contributionStatus = ContributionStatus.PENDING - - logger.trace('contribution to save', contribution) - - await DbContribution.save(contribution) - - const eventAdminCreateContribution = new EventAdminContributionCreate() - eventAdminCreateContribution.userId = moderator.id - eventAdminCreateContribution.amount = amount - eventAdminCreateContribution.contributionId = contribution.id - await eventProtocol.writeEvent( - event.setEventAdminContributionCreate(eventAdminCreateContribution), - ) - - return getUserCreation(emailContact.userId, clientTimezoneOffset) - } - - @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTIONS]) - @Mutation(() => AdminCreateContributions) - async adminCreateContributions( - @Arg('pendingCreations', () => [AdminCreateContributionArgs]) - contributions: AdminCreateContributionArgs[], - @Ctx() context: Context, - ): Promise { - let success = false - const successfulContribution: string[] = [] - const failedContribution: string[] = [] - for (const contribution of contributions) { - await this.adminCreateContribution(contribution, context) - .then(() => { - successfulContribution.push(contribution.email) - success = true - }) - .catch(() => { - failedContribution.push(contribution.email) - }) - } - return { - success, - successfulContribution, - failedContribution, - } - } - - @Authorized([RIGHTS.ADMIN_UPDATE_CONTRIBUTION]) - @Mutation(() => AdminUpdateContribution) - async adminUpdateContribution( - @Args() { id, email, amount, memo, creationDate }: AdminUpdateContributionArgs, - @Ctx() context: Context, - ): Promise { - const clientTimezoneOffset = getClientTimezoneOffset(context) - const emailContact = await UserContact.findOne({ - where: { email }, - withDeleted: true, - relations: ['user'], - }) - if (!emailContact) { - logger.error(`Could not find UserContact with email: ${email}`) - throw new Error(`Could not find UserContact with email: ${email}`) - } - const user = emailContact.user - if (!user) { - logger.error(`Could not find User to emailContact: ${email}`) - throw new Error(`Could not find User to emailContact: ${email}`) - } - if (user.deletedAt) { - logger.error(`User was deleted (${email})`) - throw new Error(`User was deleted (${email})`) - } - - const moderator = getUser(context) - - const contributionToUpdate = await DbContribution.findOne({ - where: { id, confirmedAt: IsNull() }, - }) - if (!contributionToUpdate) { - logger.error('No contribution found to given id.') - throw new Error('No contribution found to given id.') - } - - if (contributionToUpdate.userId !== user.id) { - logger.error('user of the pending contribution and send user does not correspond') - throw new Error('user of the pending contribution and send user does not correspond') - } - - if (contributionToUpdate.moderatorId === null) { - logger.error('An admin is not allowed to update a user contribution.') - throw new Error('An admin is not allowed to update a user contribution.') - } - - const creationDateObj = new Date(creationDate) - let creations = await getUserCreation(user.id, clientTimezoneOffset) - - if (contributionToUpdate.contributionDate.getMonth() === creationDateObj.getMonth()) { - creations = updateCreations(creations, contributionToUpdate, clientTimezoneOffset) - } else { - logger.error('Currently the month of the contribution cannot change.') - throw new Error('Currently the month of the contribution cannot change.') - } - - // all possible cases not to be true are thrown in this function - validateContribution(creations, amount, creationDateObj, clientTimezoneOffset) - contributionToUpdate.amount = amount - contributionToUpdate.memo = memo - contributionToUpdate.contributionDate = new Date(creationDate) - contributionToUpdate.moderatorId = moderator.id - contributionToUpdate.contributionStatus = ContributionStatus.PENDING - - await DbContribution.save(contributionToUpdate) - - const result = new AdminUpdateContribution() - result.amount = amount - result.memo = contributionToUpdate.memo - result.date = contributionToUpdate.contributionDate - - result.creation = await getUserCreation(user.id, clientTimezoneOffset) - - const event = new Event() - const eventAdminContributionUpdate = new EventAdminContributionUpdate() - eventAdminContributionUpdate.userId = user.id - eventAdminContributionUpdate.amount = amount - eventAdminContributionUpdate.contributionId = contributionToUpdate.id - await eventProtocol.writeEvent( - event.setEventAdminContributionUpdate(eventAdminContributionUpdate), - ) - - return result - } - - @Authorized([RIGHTS.LIST_UNCONFIRMED_CONTRIBUTIONS]) - @Query(() => [UnconfirmedContribution]) - async listUnconfirmedContributions(@Ctx() context: Context): Promise { - const clientTimezoneOffset = getClientTimezoneOffset(context) - const contributions = await getConnection() - .createQueryBuilder() - .select('c') - .from(DbContribution, 'c') - .leftJoinAndSelect('c.messages', 'm') - .where({ confirmedAt: IsNull() }) - .getMany() - - if (contributions.length === 0) { - return [] - } - - const userIds = contributions.map((p) => p.userId) - const userCreations = await getUserCreations(userIds, clientTimezoneOffset) - const users = await dbUser.find({ - where: { id: In(userIds) }, - withDeleted: true, - relations: ['emailContact'], - }) - - return contributions.map((contribution) => { - const user = users.find((u) => u.id === contribution.userId) - const creation = userCreations.find((c) => c.id === contribution.userId) - - return new UnconfirmedContribution( - contribution, - user, - creation ? creation.creations : FULL_CREATION_AVAILABLE, - ) - }) - } - - @Authorized([RIGHTS.ADMIN_DELETE_CONTRIBUTION]) - @Mutation(() => Boolean) - async adminDeleteContribution( - @Arg('id', () => Int) id: number, - @Ctx() context: Context, - ): Promise { - const contribution = await DbContribution.findOne(id) - if (!contribution) { - logger.error(`Contribution not found for given id: ${id}`) - throw new Error('Contribution not found for given id.') - } - const moderator = getUser(context) - if ( - contribution.contributionType === ContributionType.USER && - contribution.userId === moderator.id - ) { - throw new Error('Own contribution can not be deleted as admin') - } - const user = await dbUser.findOneOrFail( - { id: contribution.userId }, - { relations: ['emailContact'] }, - ) - contribution.contributionStatus = ContributionStatus.DELETED - contribution.deletedBy = moderator.id - await contribution.save() - const res = await contribution.softRemove() - - const event = new Event() - const eventAdminContributionDelete = new EventAdminContributionDelete() - eventAdminContributionDelete.userId = contribution.userId - eventAdminContributionDelete.amount = contribution.amount - eventAdminContributionDelete.contributionId = contribution.id - await eventProtocol.writeEvent( - event.setEventAdminContributionDelete(eventAdminContributionDelete), - ) - sendContributionRejectedEmail({ - senderFirstName: moderator.firstName, - senderLastName: moderator.lastName, - recipientEmail: user.emailContact.email, - recipientFirstName: user.firstName, - recipientLastName: user.lastName, - contributionMemo: contribution.memo, - contributionAmount: contribution.amount, - overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, - }) - - return !!res - } - - @Authorized([RIGHTS.CONFIRM_CONTRIBUTION]) - @Mutation(() => Boolean) - async confirmContribution( - @Arg('id', () => Int) id: number, - @Ctx() context: Context, - ): Promise { - const clientTimezoneOffset = getClientTimezoneOffset(context) - const contribution = await DbContribution.findOne(id) - if (!contribution) { - logger.error(`Contribution not found for given id: ${id}`) - throw new Error('Contribution not found to given id.') - } - const moderatorUser = getUser(context) - if (moderatorUser.id === contribution.userId) { - logger.error('Moderator can not confirm own contribution') - throw new Error('Moderator can not confirm own contribution') - } - const user = await dbUser.findOneOrFail( - { id: contribution.userId }, - { withDeleted: true, relations: ['emailContact'] }, - ) - if (user.deletedAt) { - logger.error('This user was deleted. Cannot confirm a contribution.') - throw new Error('This user was deleted. Cannot confirm a contribution.') - } - const creations = await getUserCreation(contribution.userId, clientTimezoneOffset, false) - validateContribution( - creations, - contribution.amount, - contribution.contributionDate, - clientTimezoneOffset, - ) - - const receivedCallDate = new Date() - - const queryRunner = getConnection().createQueryRunner() - await queryRunner.connect() - await queryRunner.startTransaction('REPEATABLE READ') // 'READ COMMITTED') - try { - const lastTransaction = await queryRunner.manager - .createQueryBuilder() - .select('transaction') - .from(DbTransaction, 'transaction') - .where('transaction.userId = :id', { id: contribution.userId }) - .orderBy('transaction.balanceDate', 'DESC') - .getOne() - logger.info('lastTransaction ID', lastTransaction ? lastTransaction.id : 'undefined') - - let newBalance = new Decimal(0) - let decay: Decay | null = null - if (lastTransaction) { - decay = calculateDecay( - lastTransaction.balance, - lastTransaction.balanceDate, - receivedCallDate, - ) - newBalance = decay.balance - } - newBalance = newBalance.add(contribution.amount.toString()) - - const transaction = new DbTransaction() - transaction.typeId = TransactionTypeId.CREATION - transaction.memo = contribution.memo - transaction.userId = contribution.userId - transaction.previous = lastTransaction ? lastTransaction.id : null - transaction.amount = contribution.amount - transaction.creationDate = contribution.contributionDate - transaction.balance = newBalance - transaction.balanceDate = receivedCallDate - transaction.decay = decay ? decay.decay : new Decimal(0) - transaction.decayStart = decay ? decay.start : null - await queryRunner.manager.insert(DbTransaction, transaction) - - contribution.confirmedAt = receivedCallDate - contribution.confirmedBy = moderatorUser.id - contribution.transactionId = transaction.id - contribution.contributionStatus = ContributionStatus.CONFIRMED - await queryRunner.manager.update(DbContribution, { id: contribution.id }, contribution) - - await queryRunner.commitTransaction() - logger.info('creation commited successfuly.') - sendContributionConfirmedEmail({ - senderFirstName: moderatorUser.firstName, - senderLastName: moderatorUser.lastName, - recipientFirstName: user.firstName, - recipientLastName: user.lastName, - recipientEmail: user.emailContact.email, - contributionMemo: contribution.memo, - contributionAmount: contribution.amount, - overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, - }) - } catch (e) { - await queryRunner.rollbackTransaction() - logger.error(`Creation was not successful: ${e}`) - throw new Error(`Creation was not successful.`) - } finally { - await queryRunner.release() - } - - const event = new Event() - const eventContributionConfirm = new EventContributionConfirm() - eventContributionConfirm.userId = user.id - eventContributionConfirm.amount = contribution.amount - eventContributionConfirm.contributionId = contribution.id - await eventProtocol.writeEvent(event.setEventContributionConfirm(eventContributionConfirm)) - return true - } - - @Authorized([RIGHTS.CREATION_TRANSACTION_LIST]) - @Query(() => ContributionListResult) - async creationTransactionList( - @Args() - { currentPage = 1, pageSize = 25, order = Order.DESC }: Paginated, - @Arg('userId', () => Int) userId: number, - ): Promise { - const offset = (currentPage - 1) * pageSize - const [contributionResult, count] = await getConnection() - .createQueryBuilder() - .select('c') - .from(DbContribution, 'c') - .leftJoinAndSelect('c.user', 'u') - .where(`user_id = ${userId}`) - .limit(pageSize) - .offset(offset) - .orderBy('c.created_at', order) - .getManyAndCount() - - return new ContributionListResult( - count, - contributionResult.map((contribution) => new Contribution(contribution, contribution.user)), - ) - // return userTransactions.map((t) => new Transaction(t, new User(user), communityUser)) - } - - @Authorized([RIGHTS.SEND_ACTIVATION_EMAIL]) - @Mutation(() => Boolean) - async sendActivationEmail(@Arg('email') email: string): Promise { - email = email.trim().toLowerCase() - // const user = await dbUser.findOne({ id: emailContact.userId }) - const user = await findUserByEmail(email) - if (!user) { - logger.error(`Could not find User to emailContact: ${email}`) - throw new Error(`Could not find User to emailContact: ${email}`) - } - if (user.deletedAt) { - logger.error(`User with emailContact: ${email} is deleted.`) - throw new Error(`User with emailContact: ${email} is deleted.`) - } - const emailContact = user.emailContact - if (emailContact.deletedAt) { - logger.error(`The emailContact: ${email} of htis User is deleted.`) - throw new Error(`The emailContact: ${email} of htis User is deleted.`) - } - - // eslint-disable-next-line @typescript-eslint/no-unused-vars - const emailSent = await sendAccountActivationEmail({ - link: activationLink(emailContact.emailVerificationCode), - firstName: user.firstName, - lastName: user.lastName, - email, - duration: printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME), - }) - - // In case EMails are disabled log the activation link for the user - if (!emailSent) { - logger.info(`Account confirmation link: ${activationLink}`) - } else { - const event = new Event() - const eventSendConfirmationEmail = new EventSendConfirmationEmail() - eventSendConfirmationEmail.userId = user.id - await eventProtocol.writeEvent( - event.setEventSendConfirmationEmail(eventSendConfirmationEmail), - ) - } - - return true - } - - @Authorized([RIGHTS.LIST_TRANSACTION_LINKS_ADMIN]) - @Query(() => TransactionLinkResult) - async listTransactionLinksAdmin( - @Args() - { currentPage = 1, pageSize = 5, order = Order.DESC }: Paginated, - @Arg('filters', () => TransactionLinkFilters, { nullable: true }) - filters: TransactionLinkFilters, - @Arg('userId', () => Int) - userId: number, - ): Promise { - const user = await dbUser.findOneOrFail({ id: userId }) - const where: { - userId: number - redeemedBy?: number | null - validUntil?: FindOperator | null - } = { - userId, - redeemedBy: null, - validUntil: MoreThan(new Date()), - } - if (filters) { - if (filters.withRedeemed) delete where.redeemedBy - if (filters.withExpired) delete where.validUntil - } - const [transactionLinks, count] = await dbTransactionLink.findAndCount({ - where, - withDeleted: filters ? filters.withDeleted : false, - order: { - createdAt: order, - }, - skip: (currentPage - 1) * pageSize, - take: pageSize, - }) - - return { - linkCount: count, - linkList: transactionLinks.map((tl) => new TransactionLink(tl, new User(user))), - } - } - - @Authorized([RIGHTS.CREATE_CONTRIBUTION_LINK]) - @Mutation(() => ContributionLink) - async createContributionLink( - @Args() - { - amount, - name, - memo, - cycle, - validFrom, - validTo, - maxAmountPerMonth, - maxPerCycle, - }: ContributionLinkArgs, - ): Promise { - isStartEndDateValid(validFrom, validTo) - if (!name) { - logger.error(`The name must be initialized!`) - throw new Error(`The name must be initialized!`) - } - if ( - name.length < CONTRIBUTIONLINK_NAME_MIN_CHARS || - name.length > CONTRIBUTIONLINK_NAME_MAX_CHARS - ) { - const msg = `The value of 'name' with a length of ${name.length} did not fulfill the requested bounderies min=${CONTRIBUTIONLINK_NAME_MIN_CHARS} and max=${CONTRIBUTIONLINK_NAME_MAX_CHARS}` - logger.error(`${msg}`) - throw new Error(`${msg}`) - } - if (!memo) { - logger.error(`The memo must be initialized!`) - throw new Error(`The memo must be initialized!`) - } - if (memo.length < MEMO_MIN_CHARS || memo.length > MEMO_MAX_CHARS) { - const msg = `The value of 'memo' with a length of ${memo.length} did not fulfill the requested bounderies min=${MEMO_MIN_CHARS} and max=${MEMO_MAX_CHARS}` - logger.error(`${msg}`) - throw new Error(`${msg}`) - } - if (!amount) { - logger.error(`The amount must be initialized!`) - throw new Error('The amount must be initialized!') - } - if (!new Decimal(amount).isPositive()) { - logger.error(`The amount=${amount} must be initialized with a positiv value!`) - throw new Error(`The amount=${amount} must be initialized with a positiv value!`) - } - const dbContributionLink = new DbContributionLink() - dbContributionLink.amount = amount - dbContributionLink.name = name - dbContributionLink.memo = memo - dbContributionLink.createdAt = new Date() - dbContributionLink.code = contributionLinkCode(dbContributionLink.createdAt) - dbContributionLink.cycle = cycle - if (validFrom) dbContributionLink.validFrom = new Date(validFrom) - if (validTo) dbContributionLink.validTo = new Date(validTo) - dbContributionLink.maxAmountPerMonth = maxAmountPerMonth - dbContributionLink.maxPerCycle = maxPerCycle - await dbContributionLink.save() - logger.debug(`createContributionLink successful!`) - return new ContributionLink(dbContributionLink) - } - - @Authorized([RIGHTS.LIST_CONTRIBUTION_LINKS]) - @Query(() => ContributionLinkList) - async listContributionLinks( - @Args() - { currentPage = 1, pageSize = 5, order = Order.DESC }: Paginated, - ): Promise { - const [links, count] = await DbContributionLink.findAndCount({ - where: [{ validTo: MoreThan(new Date()) }, { validTo: IsNull() }], - order: { createdAt: order }, - skip: (currentPage - 1) * pageSize, - take: pageSize, - }) - return { - links: links.map((link: DbContributionLink) => new ContributionLink(link)), - count, - } - } - - @Authorized([RIGHTS.DELETE_CONTRIBUTION_LINK]) - @Mutation(() => Date, { nullable: true }) - async deleteContributionLink(@Arg('id', () => Int) id: number): Promise { - const contributionLink = await DbContributionLink.findOne(id) - if (!contributionLink) { - logger.error(`Contribution Link not found to given id: ${id}`) - throw new Error('Contribution Link not found to given id.') - } - await contributionLink.softRemove() - logger.debug(`deleteContributionLink successful!`) - const newContributionLink = await DbContributionLink.findOne({ id }, { withDeleted: true }) - return newContributionLink ? newContributionLink.deletedAt : null - } - - @Authorized([RIGHTS.UPDATE_CONTRIBUTION_LINK]) - @Mutation(() => ContributionLink) - async updateContributionLink( - @Args() - { - amount, - name, - memo, - cycle, - validFrom, - validTo, - maxAmountPerMonth, - maxPerCycle, - }: ContributionLinkArgs, - @Arg('id', () => Int) id: number, - ): Promise { - const dbContributionLink = await DbContributionLink.findOne(id) - if (!dbContributionLink) { - logger.error(`Contribution Link not found to given id: ${id}`) - throw new Error('Contribution Link not found to given id.') - } - dbContributionLink.amount = amount - dbContributionLink.name = name - dbContributionLink.memo = memo - dbContributionLink.cycle = cycle - if (validFrom) dbContributionLink.validFrom = new Date(validFrom) - if (validTo) dbContributionLink.validTo = new Date(validTo) - dbContributionLink.maxAmountPerMonth = maxAmountPerMonth - dbContributionLink.maxPerCycle = maxPerCycle - await dbContributionLink.save() - logger.debug(`updateContributionLink successful!`) - return new ContributionLink(dbContributionLink) - } - - @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTION_MESSAGE]) - @Mutation(() => ContributionMessage) - async adminCreateContributionMessage( - @Args() { contributionId, message }: ContributionMessageArgs, - @Ctx() context: Context, - ): Promise { - const user = getUser(context) - if (!user.emailContact) { - user.emailContact = await UserContact.findOneOrFail({ where: { id: user.emailId } }) - } - const queryRunner = getConnection().createQueryRunner() - await queryRunner.connect() - await queryRunner.startTransaction('REPEATABLE READ') - const contributionMessage = DbContributionMessage.create() - try { - const contribution = await DbContribution.findOne({ - where: { id: contributionId }, - relations: ['user'], - }) - if (!contribution) { - logger.error('Contribution not found') - throw new Error('Contribution not found') - } - if (contribution.userId === user.id) { - logger.error('Admin can not answer on own contribution') - throw new Error('Admin can not answer on own contribution') - } - if (!contribution.user.emailContact) { - contribution.user.emailContact = await UserContact.findOneOrFail({ - where: { id: contribution.user.emailId }, - }) - } - contributionMessage.contributionId = contributionId - contributionMessage.createdAt = new Date() - contributionMessage.message = message - contributionMessage.userId = user.id - contributionMessage.type = ContributionMessageType.DIALOG - contributionMessage.isModerator = true - await queryRunner.manager.insert(DbContributionMessage, contributionMessage) - - if ( - contribution.contributionStatus === ContributionStatus.DELETED || - contribution.contributionStatus === ContributionStatus.DENIED || - contribution.contributionStatus === ContributionStatus.PENDING - ) { - contribution.contributionStatus = ContributionStatus.IN_PROGRESS - await queryRunner.manager.update(DbContribution, { id: contributionId }, contribution) - } - - await sendAddedContributionMessageEmail({ - senderFirstName: user.firstName, - senderLastName: user.lastName, - recipientFirstName: contribution.user.firstName, - recipientLastName: contribution.user.lastName, - recipientEmail: contribution.user.emailContact.email, - senderEmail: user.emailContact.email, - contributionMemo: contribution.memo, - message, - overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, - }) - await queryRunner.commitTransaction() - } catch (e) { - await queryRunner.rollbackTransaction() - logger.error(`ContributionMessage was not successful: ${e}`) - throw new Error(`ContributionMessage was not successful: ${e}`) - } finally { - await queryRunner.release() - } - return new ContributionMessage(contributionMessage, user) - } -} diff --git a/backend/src/graphql/resolver/ContributionMessageResolver.ts b/backend/src/graphql/resolver/ContributionMessageResolver.ts index 0b33c4722..84eccf5ca 100644 --- a/backend/src/graphql/resolver/ContributionMessageResolver.ts +++ b/backend/src/graphql/resolver/ContributionMessageResolver.ts @@ -4,13 +4,16 @@ import { Context, getUser } from '@/server/context' import { ContributionMessage as DbContributionMessage } from '@entity/ContributionMessage' import { Arg, Args, Authorized, Ctx, Mutation, Query, Resolver } from 'type-graphql' import ContributionMessageArgs from '@arg/ContributionMessageArgs' -import { Contribution } from '@entity/Contribution' +import { Contribution as DbContribution } from '@entity/Contribution' import { ContributionMessageType } from '@enum/MessageType' import { ContributionStatus } from '@enum/ContributionStatus' import { getConnection } from '@dbTools/typeorm' import { ContributionMessage, ContributionMessageListResult } from '@model/ContributionMessage' import Paginated from '@arg/Paginated' import { Order } from '@enum/Order' +import { UserContact } from '@entity/UserContact' +import { sendAddedContributionMessageEmail } from '@/mailer/sendAddedContributionMessageEmail' +import CONFIG from '@/config' @Resolver() export class ContributionMessageResolver { @@ -26,7 +29,7 @@ export class ContributionMessageResolver { await queryRunner.startTransaction('REPEATABLE READ') const contributionMessage = DbContributionMessage.create() try { - const contribution = await Contribution.findOne({ id: contributionId }) + const contribution = await DbContribution.findOne({ id: contributionId }) if (!contribution) { throw new Error('Contribution not found') } @@ -44,7 +47,7 @@ export class ContributionMessageResolver { if (contribution.contributionStatus === ContributionStatus.IN_PROGRESS) { contribution.contributionStatus = ContributionStatus.PENDING - await queryRunner.manager.update(Contribution, { id: contributionId }, contribution) + await queryRunner.manager.update(DbContribution, { id: contributionId }, contribution) } await queryRunner.commitTransaction() } catch (e) { @@ -82,4 +85,75 @@ export class ContributionMessageResolver { ), } } + + @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTION_MESSAGE]) + @Mutation(() => ContributionMessage) + async adminCreateContributionMessage( + @Args() { contributionId, message }: ContributionMessageArgs, + @Ctx() context: Context, + ): Promise { + const user = getUser(context) + if (!user.emailContact) { + user.emailContact = await UserContact.findOneOrFail({ where: { id: user.emailId } }) + } + const queryRunner = getConnection().createQueryRunner() + await queryRunner.connect() + await queryRunner.startTransaction('REPEATABLE READ') + const contributionMessage = DbContributionMessage.create() + try { + const contribution = await DbContribution.findOne({ + where: { id: contributionId }, + relations: ['user'], + }) + if (!contribution) { + logger.error('Contribution not found') + throw new Error('Contribution not found') + } + if (contribution.userId === user.id) { + logger.error('Admin can not answer on own contribution') + throw new Error('Admin can not answer on own contribution') + } + if (!contribution.user.emailContact) { + contribution.user.emailContact = await UserContact.findOneOrFail({ + where: { id: contribution.user.emailId }, + }) + } + contributionMessage.contributionId = contributionId + contributionMessage.createdAt = new Date() + contributionMessage.message = message + contributionMessage.userId = user.id + contributionMessage.type = ContributionMessageType.DIALOG + contributionMessage.isModerator = true + await queryRunner.manager.insert(DbContributionMessage, contributionMessage) + + if ( + contribution.contributionStatus === ContributionStatus.DELETED || + contribution.contributionStatus === ContributionStatus.DENIED || + contribution.contributionStatus === ContributionStatus.PENDING + ) { + contribution.contributionStatus = ContributionStatus.IN_PROGRESS + await queryRunner.manager.update(DbContribution, { id: contributionId }, contribution) + } + + await sendAddedContributionMessageEmail({ + senderFirstName: user.firstName, + senderLastName: user.lastName, + recipientFirstName: contribution.user.firstName, + recipientLastName: contribution.user.lastName, + recipientEmail: contribution.user.emailContact.email, + senderEmail: user.emailContact.email, + contributionMemo: contribution.memo, + message, + overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, + }) + await queryRunner.commitTransaction() + } catch (e) { + await queryRunner.rollbackTransaction() + logger.error(`ContributionMessage was not successful: ${e}`) + throw new Error(`ContributionMessage was not successful: ${e}`) + } finally { + await queryRunner.release() + } + return new ContributionMessage(contributionMessage, user) + } } diff --git a/backend/src/graphql/resolver/ContributionResolver.ts b/backend/src/graphql/resolver/ContributionResolver.ts index 15bdbfc2e..6d0716915 100644 --- a/backend/src/graphql/resolver/ContributionResolver.ts +++ b/backend/src/graphql/resolver/ContributionResolver.ts @@ -1,9 +1,9 @@ import { RIGHTS } from '@/auth/RIGHTS' import { Context, getUser, getClientTimezoneOffset } from '@/server/context' import { backendLogger as logger } from '@/server/logger' -import { Contribution as dbContribution } from '@entity/Contribution' +import { Contribution as DbContribution } from '@entity/Contribution' import { Arg, Args, Authorized, Ctx, Int, Mutation, Query, Resolver } from 'type-graphql' -import { FindOperator, IsNull, getConnection } from '@dbTools/typeorm' +import { FindOperator, IsNull, In, getConnection } from '@dbTools/typeorm' import ContributionArgs from '@arg/ContributionArgs' import Paginated from '@arg/Paginated' import { Order } from '@enum/Order' @@ -11,8 +11,14 @@ import { ContributionType } from '@enum/ContributionType' import { ContributionStatus } from '@enum/ContributionStatus' import { Contribution, ContributionListResult } from '@model/Contribution' import { UnconfirmedContribution } from '@model/UnconfirmedContribution' -import { validateContribution, getUserCreation, updateCreations } from './util/creations' -import { MEMO_MAX_CHARS, MEMO_MIN_CHARS } from './const/const' +import { + getUserCreation, + getUserCreations, + validateContribution, + updateCreations, + isValidDateString, +} from './util/creations' +import { MEMO_MAX_CHARS, MEMO_MIN_CHARS, FULL_CREATION_AVAILABLE } from './const/const' import { ContributionMessage } from '@entity/ContributionMessage' import { ContributionMessageType } from '@enum/MessageType' import { @@ -20,8 +26,26 @@ import { EventContributionCreate, EventContributionDelete, EventContributionUpdate, + EventContributionConfirm, + EventAdminContributionCreate, + EventAdminContributionDelete, + EventAdminContributionUpdate, } from '@/event/Event' import { eventProtocol } from '@/event/EventProtocolEmitter' +import AdminCreateContributionArgs from '@arg/AdminCreateContributionArgs' +import AdminUpdateContributionArgs from '@arg/AdminUpdateContributionArgs' +import Decimal from 'decimal.js-light' +import CONFIG from '@/config' +import { UserContact } from '@entity/UserContact' +import { AdminCreateContributions } from '@model/AdminCreateContributions' +import { AdminUpdateContribution } from '@model/AdminUpdateContribution' +import { User as DbUser } from '@entity/User' +import { sendContributionRejectedEmail } from '@/mailer/sendContributionRejectedEmail' +import { Transaction as DbTransaction } from '@entity/Transaction' +import { Decay } from '@model/Decay' +import { TransactionTypeId } from '@enum/TransactionTypeId' +import { calculateDecay } from '@/util/decay' +import { sendContributionConfirmedEmail } from '@/mailer/sendContributionConfirmedEmail' @Resolver() export class ContributionResolver { @@ -50,7 +74,7 @@ export class ContributionResolver { const creationDateObj = new Date(creationDate) validateContribution(creations, amount, creationDateObj, clientTimezoneOffset) - const contribution = dbContribution.create() + const contribution = DbContribution.create() contribution.userId = user.id contribution.amount = amount contribution.createdAt = new Date() @@ -60,7 +84,7 @@ export class ContributionResolver { contribution.contributionStatus = ContributionStatus.PENDING logger.trace('contribution to save', contribution) - await dbContribution.save(contribution) + await DbContribution.save(contribution) const eventCreateContribution = new EventContributionCreate() eventCreateContribution.userId = user.id @@ -79,7 +103,7 @@ export class ContributionResolver { ): Promise { const event = new Event() const user = getUser(context) - const contribution = await dbContribution.findOne(id) + const contribution = await DbContribution.findOne(id) if (!contribution) { logger.error('Contribution not found for given id') throw new Error('Contribution not found for given id.') @@ -128,7 +152,7 @@ export class ContributionResolver { const [contributions, count] = await getConnection() .createQueryBuilder() .select('c') - .from(dbContribution, 'c') + .from(DbContribution, 'c') .leftJoinAndSelect('c.messages', 'm') .where(where) .withDeleted() @@ -152,7 +176,7 @@ export class ContributionResolver { const [dbContributions, count] = await getConnection() .createQueryBuilder() .select('c') - .from(dbContribution, 'c') + .from(DbContribution, 'c') .innerJoinAndSelect('c.user', 'u') .orderBy('c.createdAt', order) .limit(pageSize) @@ -185,7 +209,7 @@ export class ContributionResolver { const user = getUser(context) - const contributionToUpdate = await dbContribution.findOne({ + const contributionToUpdate = await DbContribution.findOne({ where: { id: contributionId, confirmedAt: IsNull() }, }) if (!contributionToUpdate) { @@ -240,7 +264,7 @@ export class ContributionResolver { contributionToUpdate.contributionDate = new Date(creationDate) contributionToUpdate.contributionStatus = ContributionStatus.PENDING contributionToUpdate.updatedAt = new Date() - dbContribution.save(contributionToUpdate) + DbContribution.save(contributionToUpdate) const event = new Event() @@ -252,4 +276,404 @@ export class ContributionResolver { return new UnconfirmedContribution(contributionToUpdate, user, creations) } + + @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTION]) + @Mutation(() => [Number]) + async adminCreateContribution( + @Args() { email, amount, memo, creationDate }: AdminCreateContributionArgs, + @Ctx() context: Context, + ): Promise { + logger.info( + `adminCreateContribution(email=${email}, amount=${amount}, memo=${memo}, creationDate=${creationDate})`, + ) + const clientTimezoneOffset = getClientTimezoneOffset(context) + if (!isValidDateString(creationDate)) { + logger.error(`invalid Date for creationDate=${creationDate}`) + throw new Error(`invalid Date for creationDate=${creationDate}`) + } + const emailContact = await UserContact.findOne({ + where: { email }, + withDeleted: true, + relations: ['user'], + }) + if (!emailContact) { + logger.error(`Could not find user with email: ${email}`) + throw new Error(`Could not find user with email: ${email}`) + } + if (emailContact.deletedAt) { + logger.error('This emailContact was deleted. Cannot create a contribution.') + throw new Error('This emailContact was deleted. Cannot create a contribution.') + } + if (emailContact.user.deletedAt) { + logger.error('This user was deleted. Cannot create a contribution.') + throw new Error('This user was deleted. Cannot create a contribution.') + } + if (!emailContact.emailChecked) { + logger.error('Contribution could not be saved, Email is not activated') + throw new Error('Contribution could not be saved, Email is not activated') + } + + const event = new Event() + const moderator = getUser(context) + logger.trace('moderator: ', moderator.id) + const creations = await getUserCreation(emailContact.userId, clientTimezoneOffset) + logger.trace('creations:', creations) + const creationDateObj = new Date(creationDate) + logger.trace('creationDateObj:', creationDateObj) + validateContribution(creations, amount, creationDateObj, clientTimezoneOffset) + const contribution = DbContribution.create() + contribution.userId = emailContact.userId + contribution.amount = amount + contribution.createdAt = new Date() + contribution.contributionDate = creationDateObj + contribution.memo = memo + contribution.moderatorId = moderator.id + contribution.contributionType = ContributionType.ADMIN + contribution.contributionStatus = ContributionStatus.PENDING + + logger.trace('contribution to save', contribution) + + await DbContribution.save(contribution) + + const eventAdminCreateContribution = new EventAdminContributionCreate() + eventAdminCreateContribution.userId = moderator.id + eventAdminCreateContribution.amount = amount + eventAdminCreateContribution.contributionId = contribution.id + await eventProtocol.writeEvent( + event.setEventAdminContributionCreate(eventAdminCreateContribution), + ) + + return getUserCreation(emailContact.userId, clientTimezoneOffset) + } + + @Authorized([RIGHTS.ADMIN_CREATE_CONTRIBUTIONS]) + @Mutation(() => AdminCreateContributions) + async adminCreateContributions( + @Arg('pendingCreations', () => [AdminCreateContributionArgs]) + contributions: AdminCreateContributionArgs[], + @Ctx() context: Context, + ): Promise { + let success = false + const successfulContribution: string[] = [] + const failedContribution: string[] = [] + for (const contribution of contributions) { + await this.adminCreateContribution(contribution, context) + .then(() => { + successfulContribution.push(contribution.email) + success = true + }) + .catch(() => { + failedContribution.push(contribution.email) + }) + } + return { + success, + successfulContribution, + failedContribution, + } + } + + @Authorized([RIGHTS.ADMIN_UPDATE_CONTRIBUTION]) + @Mutation(() => AdminUpdateContribution) + async adminUpdateContribution( + @Args() { id, email, amount, memo, creationDate }: AdminUpdateContributionArgs, + @Ctx() context: Context, + ): Promise { + const clientTimezoneOffset = getClientTimezoneOffset(context) + const emailContact = await UserContact.findOne({ + where: { email }, + withDeleted: true, + relations: ['user'], + }) + if (!emailContact) { + logger.error(`Could not find UserContact with email: ${email}`) + throw new Error(`Could not find UserContact with email: ${email}`) + } + const user = emailContact.user + if (!user) { + logger.error(`Could not find User to emailContact: ${email}`) + throw new Error(`Could not find User to emailContact: ${email}`) + } + if (user.deletedAt) { + logger.error(`User was deleted (${email})`) + throw new Error(`User was deleted (${email})`) + } + + const moderator = getUser(context) + + const contributionToUpdate = await DbContribution.findOne({ + where: { id, confirmedAt: IsNull() }, + }) + if (!contributionToUpdate) { + logger.error('No contribution found to given id.') + throw new Error('No contribution found to given id.') + } + + if (contributionToUpdate.userId !== user.id) { + logger.error('user of the pending contribution and send user does not correspond') + throw new Error('user of the pending contribution and send user does not correspond') + } + + if (contributionToUpdate.moderatorId === null) { + logger.error('An admin is not allowed to update a user contribution.') + throw new Error('An admin is not allowed to update a user contribution.') + } + + const creationDateObj = new Date(creationDate) + let creations = await getUserCreation(user.id, clientTimezoneOffset) + + if (contributionToUpdate.contributionDate.getMonth() === creationDateObj.getMonth()) { + creations = updateCreations(creations, contributionToUpdate, clientTimezoneOffset) + } else { + logger.error('Currently the month of the contribution cannot change.') + throw new Error('Currently the month of the contribution cannot change.') + } + + // all possible cases not to be true are thrown in this function + validateContribution(creations, amount, creationDateObj, clientTimezoneOffset) + contributionToUpdate.amount = amount + contributionToUpdate.memo = memo + contributionToUpdate.contributionDate = new Date(creationDate) + contributionToUpdate.moderatorId = moderator.id + contributionToUpdate.contributionStatus = ContributionStatus.PENDING + + await DbContribution.save(contributionToUpdate) + + const result = new AdminUpdateContribution() + result.amount = amount + result.memo = contributionToUpdate.memo + result.date = contributionToUpdate.contributionDate + + result.creation = await getUserCreation(user.id, clientTimezoneOffset) + + const event = new Event() + const eventAdminContributionUpdate = new EventAdminContributionUpdate() + eventAdminContributionUpdate.userId = user.id + eventAdminContributionUpdate.amount = amount + eventAdminContributionUpdate.contributionId = contributionToUpdate.id + await eventProtocol.writeEvent( + event.setEventAdminContributionUpdate(eventAdminContributionUpdate), + ) + + return result + } + + @Authorized([RIGHTS.LIST_UNCONFIRMED_CONTRIBUTIONS]) + @Query(() => [UnconfirmedContribution]) + async listUnconfirmedContributions(@Ctx() context: Context): Promise { + const clientTimezoneOffset = getClientTimezoneOffset(context) + const contributions = await getConnection() + .createQueryBuilder() + .select('c') + .from(DbContribution, 'c') + .leftJoinAndSelect('c.messages', 'm') + .where({ confirmedAt: IsNull() }) + .getMany() + + if (contributions.length === 0) { + return [] + } + + const userIds = contributions.map((p) => p.userId) + const userCreations = await getUserCreations(userIds, clientTimezoneOffset) + const users = await DbUser.find({ + where: { id: In(userIds) }, + withDeleted: true, + relations: ['emailContact'], + }) + + return contributions.map((contribution) => { + const user = users.find((u) => u.id === contribution.userId) + const creation = userCreations.find((c) => c.id === contribution.userId) + + return new UnconfirmedContribution( + contribution, + user, + creation ? creation.creations : FULL_CREATION_AVAILABLE, + ) + }) + } + + @Authorized([RIGHTS.ADMIN_DELETE_CONTRIBUTION]) + @Mutation(() => Boolean) + async adminDeleteContribution( + @Arg('id', () => Int) id: number, + @Ctx() context: Context, + ): Promise { + const contribution = await DbContribution.findOne(id) + if (!contribution) { + logger.error(`Contribution not found for given id: ${id}`) + throw new Error('Contribution not found for given id.') + } + const moderator = getUser(context) + if ( + contribution.contributionType === ContributionType.USER && + contribution.userId === moderator.id + ) { + throw new Error('Own contribution can not be deleted as admin') + } + const user = await DbUser.findOneOrFail( + { id: contribution.userId }, + { relations: ['emailContact'] }, + ) + contribution.contributionStatus = ContributionStatus.DELETED + contribution.deletedBy = moderator.id + await contribution.save() + const res = await contribution.softRemove() + + const event = new Event() + const eventAdminContributionDelete = new EventAdminContributionDelete() + eventAdminContributionDelete.userId = contribution.userId + eventAdminContributionDelete.amount = contribution.amount + eventAdminContributionDelete.contributionId = contribution.id + await eventProtocol.writeEvent( + event.setEventAdminContributionDelete(eventAdminContributionDelete), + ) + sendContributionRejectedEmail({ + senderFirstName: moderator.firstName, + senderLastName: moderator.lastName, + recipientEmail: user.emailContact.email, + recipientFirstName: user.firstName, + recipientLastName: user.lastName, + contributionMemo: contribution.memo, + contributionAmount: contribution.amount, + overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, + }) + + return !!res + } + + @Authorized([RIGHTS.CONFIRM_CONTRIBUTION]) + @Mutation(() => Boolean) + async confirmContribution( + @Arg('id', () => Int) id: number, + @Ctx() context: Context, + ): Promise { + const clientTimezoneOffset = getClientTimezoneOffset(context) + const contribution = await DbContribution.findOne(id) + if (!contribution) { + logger.error(`Contribution not found for given id: ${id}`) + throw new Error('Contribution not found to given id.') + } + const moderatorUser = getUser(context) + if (moderatorUser.id === contribution.userId) { + logger.error('Moderator can not confirm own contribution') + throw new Error('Moderator can not confirm own contribution') + } + const user = await DbUser.findOneOrFail( + { id: contribution.userId }, + { withDeleted: true, relations: ['emailContact'] }, + ) + if (user.deletedAt) { + logger.error('This user was deleted. Cannot confirm a contribution.') + throw new Error('This user was deleted. Cannot confirm a contribution.') + } + const creations = await getUserCreation(contribution.userId, clientTimezoneOffset, false) + validateContribution( + creations, + contribution.amount, + contribution.contributionDate, + clientTimezoneOffset, + ) + + const receivedCallDate = new Date() + + const queryRunner = getConnection().createQueryRunner() + await queryRunner.connect() + await queryRunner.startTransaction('REPEATABLE READ') // 'READ COMMITTED') + try { + const lastTransaction = await queryRunner.manager + .createQueryBuilder() + .select('transaction') + .from(DbTransaction, 'transaction') + .where('transaction.userId = :id', { id: contribution.userId }) + .orderBy('transaction.balanceDate', 'DESC') + .getOne() + logger.info('lastTransaction ID', lastTransaction ? lastTransaction.id : 'undefined') + + let newBalance = new Decimal(0) + let decay: Decay | null = null + if (lastTransaction) { + decay = calculateDecay( + lastTransaction.balance, + lastTransaction.balanceDate, + receivedCallDate, + ) + newBalance = decay.balance + } + newBalance = newBalance.add(contribution.amount.toString()) + + const transaction = new DbTransaction() + transaction.typeId = TransactionTypeId.CREATION + transaction.memo = contribution.memo + transaction.userId = contribution.userId + transaction.previous = lastTransaction ? lastTransaction.id : null + transaction.amount = contribution.amount + transaction.creationDate = contribution.contributionDate + transaction.balance = newBalance + transaction.balanceDate = receivedCallDate + transaction.decay = decay ? decay.decay : new Decimal(0) + transaction.decayStart = decay ? decay.start : null + await queryRunner.manager.insert(DbTransaction, transaction) + + contribution.confirmedAt = receivedCallDate + contribution.confirmedBy = moderatorUser.id + contribution.transactionId = transaction.id + contribution.contributionStatus = ContributionStatus.CONFIRMED + await queryRunner.manager.update(DbContribution, { id: contribution.id }, contribution) + + await queryRunner.commitTransaction() + logger.info('creation commited successfuly.') + sendContributionConfirmedEmail({ + senderFirstName: moderatorUser.firstName, + senderLastName: moderatorUser.lastName, + recipientFirstName: user.firstName, + recipientLastName: user.lastName, + recipientEmail: user.emailContact.email, + contributionMemo: contribution.memo, + contributionAmount: contribution.amount, + overviewURL: CONFIG.EMAIL_LINK_OVERVIEW, + }) + } catch (e) { + await queryRunner.rollbackTransaction() + logger.error(`Creation was not successful: ${e}`) + throw new Error(`Creation was not successful.`) + } finally { + await queryRunner.release() + } + + const event = new Event() + const eventContributionConfirm = new EventContributionConfirm() + eventContributionConfirm.userId = user.id + eventContributionConfirm.amount = contribution.amount + eventContributionConfirm.contributionId = contribution.id + await eventProtocol.writeEvent(event.setEventContributionConfirm(eventContributionConfirm)) + return true + } + + @Authorized([RIGHTS.CREATION_TRANSACTION_LIST]) + @Query(() => ContributionListResult) + async creationTransactionList( + @Args() + { currentPage = 1, pageSize = 25, order = Order.DESC }: Paginated, + @Arg('userId', () => Int) userId: number, + ): Promise { + const offset = (currentPage - 1) * pageSize + const [contributionResult, count] = await getConnection() + .createQueryBuilder() + .select('c') + .from(DbContribution, 'c') + .leftJoinAndSelect('c.user', 'u') + .where(`user_id = ${userId}`) + .limit(pageSize) + .offset(offset) + .orderBy('c.created_at', order) + .getManyAndCount() + + return new ContributionListResult( + count, + contributionResult.map((contribution) => new Contribution(contribution, contribution.user)), + ) + // return userTransactions.map((t) => new Transaction(t, new User(user), communityUser)) + } } diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts index a5c4a5f01..9de8efa35 100644 --- a/backend/src/graphql/resolver/TransactionLinkResolver.ts +++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts @@ -1,6 +1,6 @@ import { backendLogger as logger } from '@/server/logger' import { Context, getUser, getClientTimezoneOffset } from '@/server/context' -import { getConnection } from '@dbTools/typeorm' +import { getConnection, MoreThan, FindOperator, IsNull } from '@dbTools/typeorm' import { Resolver, Args, @@ -12,9 +12,8 @@ import { Int, createUnionType, } from 'type-graphql' -import { TransactionLink } from '@model/TransactionLink' import { ContributionLink } from '@model/ContributionLink' -import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink' +import { TransactionLink as DbTransactionLink } from '@entity/TransactionLink' import { Transaction as DbTransaction } from '@entity/Transaction' import { User as dbUser } from '@entity/User' import TransactionLinkArgs from '@arg/TransactionLinkArgs' @@ -30,11 +29,22 @@ import { ContributionType } from '@enum/ContributionType' import { ContributionStatus } from '@enum/ContributionStatus' import { Contribution as DbContribution } from '@entity/Contribution' import { ContributionLink as DbContributionLink } from '@entity/ContributionLink' -import { getUserCreation, validateContribution } from './util/creations' +import { getUserCreation, validateContribution, isStartEndDateValid } from './util/creations' import { Decay } from '@model/Decay' import Decimal from 'decimal.js-light' import { TransactionTypeId } from '@enum/TransactionTypeId' import { ContributionCycleType } from '@enum/ContributionCycleType' +import { TransactionLink, TransactionLinkResult } from '@model/TransactionLink' +import TransactionLinkFilters from '@arg/TransactionLinkFilters' +import { + CONTRIBUTIONLINK_NAME_MAX_CHARS, + CONTRIBUTIONLINK_NAME_MIN_CHARS, + MEMO_MAX_CHARS, + MEMO_MIN_CHARS, +} from './const/const' +import ContributionLinkArgs from '@arg/ContributionLinkArgs' +import { transactionLinkCode as contributionLinkCode } from './TransactionLinkResolver' +import { ContributionLinkList } from '@model/ContributionLinkList' const QueryLinkResult = createUnionType({ name: 'QueryLinkResult', // the name of the GraphQL union @@ -76,7 +86,7 @@ export class TransactionLinkResolver { // validate amount await calculateBalance(user.id, holdAvailableAmount, createdDate) - const transactionLink = dbTransactionLink.create() + const transactionLink = DbTransactionLink.create() transactionLink.userId = user.id transactionLink.amount = amount transactionLink.memo = memo @@ -84,7 +94,7 @@ export class TransactionLinkResolver { transactionLink.code = transactionLinkCode(createdDate) transactionLink.createdAt = createdDate transactionLink.validUntil = validUntil - await dbTransactionLink.save(transactionLink).catch(() => { + await DbTransactionLink.save(transactionLink).catch(() => { throw new Error('Unable to save transaction link') }) @@ -99,7 +109,7 @@ export class TransactionLinkResolver { ): Promise { const user = getUser(context) - const transactionLink = await dbTransactionLink.findOne({ id }) + const transactionLink = await DbTransactionLink.findOne({ id }) if (!transactionLink) { throw new Error('Transaction Link not found!') } @@ -129,7 +139,7 @@ export class TransactionLinkResolver { ) return new ContributionLink(contributionLink) } else { - const transactionLink = await dbTransactionLink.findOneOrFail({ code }, { withDeleted: true }) + const transactionLink = await DbTransactionLink.findOneOrFail({ code }, { withDeleted: true }) const user = await dbUser.findOneOrFail({ id: transactionLink.userId }) let redeemedBy: User | null = null if (transactionLink && transactionLink.redeemedBy) { @@ -148,7 +158,7 @@ export class TransactionLinkResolver { ): Promise { const user = getUser(context) // const now = new Date() - const transactionLinks = await dbTransactionLink.find({ + const transactionLinks = await DbTransactionLink.find({ where: { userId: user.id, redeemedBy: null, @@ -318,7 +328,7 @@ export class TransactionLinkResolver { } return true } else { - const transactionLink = await dbTransactionLink.findOneOrFail({ code }) + const transactionLink = await DbTransactionLink.findOneOrFail({ code }) const linkedUser = await dbUser.findOneOrFail( { id: transactionLink.userId }, { relations: ['emailContact'] }, @@ -347,4 +357,171 @@ export class TransactionLinkResolver { return true } } + + @Authorized([RIGHTS.LIST_TRANSACTION_LINKS_ADMIN]) + @Query(() => TransactionLinkResult) + async listTransactionLinksAdmin( + @Args() + { currentPage = 1, pageSize = 5, order = Order.DESC }: Paginated, + @Arg('filters', () => TransactionLinkFilters, { nullable: true }) + filters: TransactionLinkFilters, + @Arg('userId', () => Int) + userId: number, + ): Promise { + const user = await dbUser.findOneOrFail({ id: userId }) + const where: { + userId: number + redeemedBy?: number | null + validUntil?: FindOperator | null + } = { + userId, + redeemedBy: null, + validUntil: MoreThan(new Date()), + } + if (filters) { + if (filters.withRedeemed) delete where.redeemedBy + if (filters.withExpired) delete where.validUntil + } + const [transactionLinks, count] = await DbTransactionLink.findAndCount({ + where, + withDeleted: filters ? filters.withDeleted : false, + order: { + createdAt: order, + }, + skip: (currentPage - 1) * pageSize, + take: pageSize, + }) + + return { + linkCount: count, + linkList: transactionLinks.map((tl) => new TransactionLink(tl, new User(user))), + } + } + + @Authorized([RIGHTS.CREATE_CONTRIBUTION_LINK]) + @Mutation(() => ContributionLink) + async createContributionLink( + @Args() + { + amount, + name, + memo, + cycle, + validFrom, + validTo, + maxAmountPerMonth, + maxPerCycle, + }: ContributionLinkArgs, + ): Promise { + isStartEndDateValid(validFrom, validTo) + if (!name) { + logger.error(`The name must be initialized!`) + throw new Error(`The name must be initialized!`) + } + if ( + name.length < CONTRIBUTIONLINK_NAME_MIN_CHARS || + name.length > CONTRIBUTIONLINK_NAME_MAX_CHARS + ) { + const msg = `The value of 'name' with a length of ${name.length} did not fulfill the requested bounderies min=${CONTRIBUTIONLINK_NAME_MIN_CHARS} and max=${CONTRIBUTIONLINK_NAME_MAX_CHARS}` + logger.error(`${msg}`) + throw new Error(`${msg}`) + } + if (!memo) { + logger.error(`The memo must be initialized!`) + throw new Error(`The memo must be initialized!`) + } + if (memo.length < MEMO_MIN_CHARS || memo.length > MEMO_MAX_CHARS) { + const msg = `The value of 'memo' with a length of ${memo.length} did not fulfill the requested bounderies min=${MEMO_MIN_CHARS} and max=${MEMO_MAX_CHARS}` + logger.error(`${msg}`) + throw new Error(`${msg}`) + } + if (!amount) { + logger.error(`The amount must be initialized!`) + throw new Error('The amount must be initialized!') + } + if (!new Decimal(amount).isPositive()) { + logger.error(`The amount=${amount} must be initialized with a positiv value!`) + throw new Error(`The amount=${amount} must be initialized with a positiv value!`) + } + const dbContributionLink = new DbContributionLink() + dbContributionLink.amount = amount + dbContributionLink.name = name + dbContributionLink.memo = memo + dbContributionLink.createdAt = new Date() + dbContributionLink.code = contributionLinkCode(dbContributionLink.createdAt) + dbContributionLink.cycle = cycle + if (validFrom) dbContributionLink.validFrom = new Date(validFrom) + if (validTo) dbContributionLink.validTo = new Date(validTo) + dbContributionLink.maxAmountPerMonth = maxAmountPerMonth + dbContributionLink.maxPerCycle = maxPerCycle + await dbContributionLink.save() + logger.debug(`createContributionLink successful!`) + return new ContributionLink(dbContributionLink) + } + + @Authorized([RIGHTS.LIST_CONTRIBUTION_LINKS]) + @Query(() => ContributionLinkList) + async listContributionLinks( + @Args() + { currentPage = 1, pageSize = 5, order = Order.DESC }: Paginated, + ): Promise { + const [links, count] = await DbContributionLink.findAndCount({ + where: [{ validTo: MoreThan(new Date()) }, { validTo: IsNull() }], + order: { createdAt: order }, + skip: (currentPage - 1) * pageSize, + take: pageSize, + }) + return { + links: links.map((link: DbContributionLink) => new ContributionLink(link)), + count, + } + } + + @Authorized([RIGHTS.DELETE_CONTRIBUTION_LINK]) + @Mutation(() => Date, { nullable: true }) + async deleteContributionLink(@Arg('id', () => Int) id: number): Promise { + const contributionLink = await DbContributionLink.findOne(id) + if (!contributionLink) { + logger.error(`Contribution Link not found to given id: ${id}`) + throw new Error('Contribution Link not found to given id.') + } + await contributionLink.softRemove() + logger.debug(`deleteContributionLink successful!`) + const newContributionLink = await DbContributionLink.findOne({ id }, { withDeleted: true }) + return newContributionLink ? newContributionLink.deletedAt : null + } + + @Authorized([RIGHTS.UPDATE_CONTRIBUTION_LINK]) + @Mutation(() => ContributionLink) + async updateContributionLink( + @Args() + { + amount, + name, + memo, + cycle, + validFrom, + validTo, + maxAmountPerMonth, + maxPerCycle, + }: ContributionLinkArgs, + @Arg('id', () => Int) id: number, + ): Promise { + const dbContributionLink = await DbContributionLink.findOne(id) + if (!dbContributionLink) { + logger.error(`Contribution Link not found to given id: ${id}`) + throw new Error('Contribution Link not found to given id.') + } + dbContributionLink.amount = amount + dbContributionLink.name = name + dbContributionLink.memo = memo + dbContributionLink.cycle = cycle + if (validFrom) dbContributionLink.validFrom = new Date(validFrom) + if (validTo) dbContributionLink.validTo = new Date(validTo) + dbContributionLink.maxAmountPerMonth = maxAmountPerMonth + dbContributionLink.maxPerCycle = maxPerCycle + await dbContributionLink.save() + logger.debug(`updateContributionLink successful!`) + return new ContributionLink(dbContributionLink) + } } diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 707b7ac49..067b7a0d4 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -2,7 +2,17 @@ import fs from 'fs' import { backendLogger as logger } from '@/server/logger' import i18n from 'i18n' import { Context, getUser, getClientTimezoneOffset } from '@/server/context' -import { Resolver, Query, Args, Arg, Authorized, Ctx, UseMiddleware, Mutation } from 'type-graphql' +import { + Resolver, + Query, + Args, + Arg, + Authorized, + Ctx, + UseMiddleware, + Mutation, + Int, +} from 'type-graphql' import { getConnection, getCustomRepository, IsNull, Not } from '@dbTools/typeorm' import CONFIG from '@/config' import { User } from '@model/User' @@ -33,13 +43,16 @@ import { EventSendConfirmationEmail, EventActivateAccount, } from '@/event/Event' -import { getUserCreation } from './util/creations' +import { getUserCreation, getUserCreations } from './util/creations' import { UserContactType } from '../enum/UserContactType' import { UserRepository } from '@/typeorm/repository/User' import { SearchAdminUsersResult } from '@model/AdminUser' +import { UserAdmin, SearchUsersResult } from '@model/UserAdmin' import Paginated from '@arg/Paginated' import { Order } from '@enum/Order' import { v4 as uuidv4 } from 'uuid' +import SearchUsersArgs from '@arg/SearchUsersArgs' +import { FULL_CREATION_AVAILABLE } from './const/const' // eslint-disable-next-line @typescript-eslint/no-var-requires const sodium = require('sodium-native') @@ -895,6 +908,202 @@ export class UserResolver { }), } } + + @Authorized([RIGHTS.SEARCH_USERS]) + @Query(() => SearchUsersResult) + async searchUsers( + @Args() + { searchText, currentPage = 1, pageSize = 25, filters }: SearchUsersArgs, + @Ctx() context: Context, + ): Promise { + const clientTimezoneOffset = getClientTimezoneOffset(context) + const userRepository = getCustomRepository(UserRepository) + const userFields = [ + 'id', + 'firstName', + 'lastName', + 'emailId', + 'emailContact', + 'deletedAt', + 'isAdmin', + ] + const [users, count] = await userRepository.findBySearchCriteriaPagedFiltered( + userFields.map((fieldName) => { + return 'user.' + fieldName + }), + searchText, + filters, + currentPage, + pageSize, + ) + + if (users.length === 0) { + return { + userCount: 0, + userList: [], + } + } + + const creations = await getUserCreations( + users.map((u) => u.id), + clientTimezoneOffset, + ) + + const adminUsers = await Promise.all( + users.map(async (user) => { + let emailConfirmationSend = '' + if (!user.emailContact.emailChecked) { + if (user.emailContact.updatedAt) { + emailConfirmationSend = user.emailContact.updatedAt.toISOString() + } else { + emailConfirmationSend = user.emailContact.createdAt.toISOString() + } + } + const userCreations = creations.find((c) => c.id === user.id) + const adminUser = new UserAdmin( + user, + userCreations ? userCreations.creations : FULL_CREATION_AVAILABLE, + await hasElopageBuys(user.emailContact.email), + emailConfirmationSend, + ) + return adminUser + }), + ) + return { + userCount: count, + userList: adminUsers, + } + } + + @Authorized([RIGHTS.SET_USER_ROLE]) + @Mutation(() => Date, { nullable: true }) + async setUserRole( + @Arg('userId', () => Int) + userId: number, + @Arg('isAdmin', () => Boolean) + isAdmin: boolean, + @Ctx() + context: Context, + ): Promise { + const user = await DbUser.findOne({ id: userId }) + // user exists ? + if (!user) { + logger.error(`Could not find user with userId: ${userId}`) + throw new Error(`Could not find user with userId: ${userId}`) + } + // administrator user changes own role? + const moderatorUser = getUser(context) + if (moderatorUser.id === userId) { + logger.error('Administrator can not change his own role!') + throw new Error('Administrator can not change his own role!') + } + // change isAdmin + switch (user.isAdmin) { + case null: + if (isAdmin === true) { + user.isAdmin = new Date() + } else { + logger.error('User is already a usual user!') + throw new Error('User is already a usual user!') + } + break + default: + if (isAdmin === false) { + user.isAdmin = null + } else { + logger.error('User is already admin!') + throw new Error('User is already admin!') + } + break + } + await user.save() + const newUser = await DbUser.findOne({ id: userId }) + return newUser ? newUser.isAdmin : null + } + + @Authorized([RIGHTS.DELETE_USER]) + @Mutation(() => Date, { nullable: true }) + async deleteUser( + @Arg('userId', () => Int) userId: number, + @Ctx() context: Context, + ): Promise { + const user = await DbUser.findOne({ id: userId }) + // user exists ? + if (!user) { + logger.error(`Could not find user with userId: ${userId}`) + throw new Error(`Could not find user with userId: ${userId}`) + } + // moderator user disabled own account? + const moderatorUser = getUser(context) + if (moderatorUser.id === userId) { + logger.error('Moderator can not delete his own account!') + throw new Error('Moderator can not delete his own account!') + } + // soft-delete user + await user.softRemove() + const newUser = await DbUser.findOne({ id: userId }, { withDeleted: true }) + return newUser ? newUser.deletedAt : null + } + + @Authorized([RIGHTS.UNDELETE_USER]) + @Mutation(() => Date, { nullable: true }) + async unDeleteUser(@Arg('userId', () => Int) userId: number): Promise { + const user = await DbUser.findOne({ id: userId }, { withDeleted: true }) + if (!user) { + logger.error(`Could not find user with userId: ${userId}`) + throw new Error(`Could not find user with userId: ${userId}`) + } + if (!user.deletedAt) { + logger.error('User is not deleted') + throw new Error('User is not deleted') + } + await user.recover() + return null + } + + @Authorized([RIGHTS.SEND_ACTIVATION_EMAIL]) + @Mutation(() => Boolean) + async sendActivationEmail(@Arg('email') email: string): Promise { + email = email.trim().toLowerCase() + // const user = await dbUser.findOne({ id: emailContact.userId }) + const user = await findUserByEmail(email) + if (!user) { + logger.error(`Could not find User to emailContact: ${email}`) + throw new Error(`Could not find User to emailContact: ${email}`) + } + if (user.deletedAt) { + logger.error(`User with emailContact: ${email} is deleted.`) + throw new Error(`User with emailContact: ${email} is deleted.`) + } + const emailContact = user.emailContact + if (emailContact.deletedAt) { + logger.error(`The emailContact: ${email} of htis User is deleted.`) + throw new Error(`The emailContact: ${email} of htis User is deleted.`) + } + + // eslint-disable-next-line @typescript-eslint/no-unused-vars + const emailSent = await sendAccountActivationEmail({ + link: activationLink(emailContact.emailVerificationCode), + firstName: user.firstName, + lastName: user.lastName, + email, + duration: printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME), + }) + + // In case EMails are disabled log the activation link for the user + if (!emailSent) { + logger.info(`Account confirmation link: ${activationLink}`) + } else { + const event = new Event() + const eventSendConfirmationEmail = new EventSendConfirmationEmail() + eventSendConfirmationEmail.userId = user.id + await eventProtocol.writeEvent( + event.setEventSendConfirmationEmail(eventSendConfirmationEmail), + ) + } + + return true + } } export async function findUserByEmail(email: string): Promise {