WIP feat: member user relation

2025-07-24 20:15:01 +02:00 · 2025-07-24 20:15:01 +02:00 · 4e6f5a517a
commit 4e6f5a517a
parent 997691746a
35 changed files with 1208 additions and 192 deletions
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@ -5,7 +5,8 @@ defmodule Mv.Accounts.User do
  use Ash.Resource,
    domain: Mv.Accounts,
    data_layer: AshPostgres.DataLayer,
-    extensions: [AshAuthentication]
+    extensions: [AshAuthentication],
+    notifiers: [Mv.Accounts.User.MemberCreationNotifier]

  # authorizers: [Ash.Policy.Authorizer]

@ -64,11 +65,11 @@ defmodule Mv.Accounts.User do
    defaults [:read, :create, :destroy, :update]

    create :create_user do
-      accept [:email]
+      accept [:email, :member_id]
    end

    update :update_user do
-      accept [:email]
+      accept [:email, :member_id]
    end

    # Admin action for direct password changes in admin panel
@ -121,9 +122,16 @@ defmodule Mv.Accounts.User do

  # Global validations - applied to all relevant actions
  validations do
-    # Password strength policy: minimum 8 characters for all password-related actions
+    # Password strength policy: minimum 8 characters
+    # Note: register_with_password has built-in AshAuthentication validation, but admin_set_password doesn't
    validate string_length(:password, min: 8) do
-      where action_is([:register_with_password, :admin_set_password])
+      # Only needed for admin actions, AshAuthentication handles register_with_password
+      where action_is([:admin_set_password])
+    end
+
+    # Email uniqueness for registration actions
+    validate attribute_does_not_equal(:email, nil) do
+      where action_is([:register_with_password, :register_with_rauthy])
    end
  end

@ -143,6 +151,7 @@ defmodule Mv.Accounts.User do
    attribute :email, :ci_string, allow_nil?: false, public?: true
    attribute :hashed_password, :string, sensitive?: true, allow_nil?: true
    attribute :oidc_id, :string, allow_nil?: true
+    attribute :admin?, :boolean, allow_nil?: false, default: false, public?: true
  end

  relationships do
@ -152,6 +161,7 @@ defmodule Mv.Accounts.User do
  identities do
    identity :unique_email, [:email]
    identity :unique_oidc_id, [:oidc_id]
+    identity :unique_member_id, [:member_id]
  end

  # You can customize this if you wish, but this is a safe default that