local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 66 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

Setting: remove unused actor in default_fee_type validation

Browse source 
- Docs: Regenerate Cycles server-side enforcement note in membership-fee-architecture.
This commit is contained in:
Moritz 2026-02-04 11:40:19 +01:00
parent d7c6d20483
commit 503401f2e6
2 changed files with 1 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/membership-fee-architecture.md
View file

@ -340,7 +340,7 @@ lib/
- **MembershipFeeType:** All permission sets can read (:all); only admin has create/update/destroy (:all).
- **MembershipFeeCycle:** All can read (:all); read_only has read only; normal_user and admin have read + create + update + destroy (:all).
- **Manual "Regenerate Cycles" (UI):** The "Regenerate Cycles" button in the member detail view is shown to users who have MembershipFeeCycle create permission (normal_user and admin). Regeneration runs with system actor; UI access is gated by `can_create_cycle`.
- **Manual "Regenerate Cycles" (UI + server):** The "Regenerate Cycles" button in the member detail view is shown to users who have MembershipFeeCycle create permission (normal_user and admin). UI access is gated by `can_create_cycle`. The LiveView handler also enforces `can?(:create, MembershipFeeCycle)` server-side before running regeneration (so e.g. a read_only user cannot trigger it via DevTools). Regeneration runs with system actor.
**Resource Policies:**