feat: email uniqueness constraint between user and member

2025-10-17 14:21:23 +02:00 · 2025-10-17 14:21:23 +02:00 · 39afaf3999
commit 39afaf3999
parent 5a0a261cd6
5 changed files with 329 additions and 6 deletions
--- a/lib/mv/accounts/user/validations/email_not_used_by_other_member.ex
+++ b/lib/mv/accounts/user/validations/email_not_used_by_other_member.ex
@ -0,0 +1,52 @@
+defmodule Mv.Accounts.User.Validations.EmailNotUsedByOtherMember do
+  @moduledoc """
+  Validates that the user's email is not already used by another member
+  (unless that member is linked to this user).
+
+  This prevents email conflicts when syncing between users and members.
+  """
+  use Ash.Resource.Validation
+
+  @impl true
+  def validate(changeset, _opts, _context) do
+    case Ash.Changeset.fetch_change(changeset, :email) do
+      {:ok, new_email} ->
+        check_email_not_used_by_other_member(changeset, new_email)
+
+      :error ->
+        # Email not being changed
+        :ok
+    end
+  end
+
+  defp check_email_not_used_by_other_member(changeset, new_email) do
+    member_id = Ash.Changeset.get_attribute(changeset, :member_id)
+
+    # Check if any member has this email
+    # Exclude the member linked to this user (if any)
+    query =
+      Mv.Membership.Member
+      |> Ash.Query.filter(email == ^to_string(new_email))
+      |> then(fn q ->
+        if member_id do
+          Ash.Query.filter(q, id != ^member_id)
+        else
+          q
+        end
+      end)
+
+    case Ash.read(query) do
+      {:ok, []} ->
+        # No conflicting member found
+        :ok
+
+      {:ok, members} when is_list(members) and length(members) > 0 ->
+        # Email is already used by another member
+        {:error, field: :email, message: "is already used by another member", value: new_email}
+
+      {:error, _} ->
+        # Error reading members - be safe and allow
+        :ok
+    end
+  end
+end