fix: add actor and domain parameters to user count functions in Show

Add actor and domain parameters to recalculate_user_count and
load_user_count to ensure consistent authorization. Clarify that
load_user_count is for initial display while recalculate_user_count
is for fresh count before deletion.

lib/mv_web/live/role_live/show.ex

@@ -28,7 +28,7 @@ defmodule MvWeb.RoleLive.Show do
              actor: socket.assigns[:current_user]
            ) do
       {:ok, role} ->
-          user_count = load_user_count(role)
+        user_count = load_user_count(role, socket.assigns[:current_user])
 
         {:ok,
            socket
@@ -99,7 +99,7 @@ defmodule MvWeb.RoleLive.Show do
          gettext("System roles cannot be deleted.")
        )}
     else
-      user_count = recalculate_user_count(role)
+      user_count = recalculate_user_count(role, socket.assigns.current_user)
 
       if user_count > 0 do
         {:noreply,
@@ -137,15 +137,20 @@ defmodule MvWeb.RoleLive.Show do
     end
   end
 
-  defp recalculate_user_count(role) do
+  # Recalculates user count for a specific role (used before deletion)
-    case Ash.count(Accounts.User |> Ash.Query.filter(role_id == ^role.id)) do
+  defp recalculate_user_count(role, actor) do
+    opts = [domain: Mv.Accounts]
+    opts = if actor, do: Keyword.put(opts, :actor, actor), else: opts
+
+    case Ash.count(Accounts.User |> Ash.Query.filter(role_id == ^role.id), opts) do
       {:ok, count} -> count
       _ -> 0
     end
   end
 
-  defp load_user_count(role) do
+  # Loads user count for initial display (uses same logic as recalculate)
-    recalculate_user_count(role)
+  defp load_user_count(role, actor) do
+    recalculate_user_count(role, actor)
   end
 
   @impl true