CustomField policies: actor required, no system-actor fallback, error handling

- list_required_custom_fields: require actor (two clauses, no default) - Member validation: use context.actor only, differentiate Forbidden vs transient errors - stream_custom_fields: log + send flash on error instead of returning [] - GlobalSettingsLive: handle_info for custom_fields_load_error, put_flash - Seeds: use Membership.update_member with actor, format
2026-01-29 15:30:07 +01:00 · 2026-01-29 15:30:07 +01:00 · 5a2f035ecc
commit 5a2f035ecc
parent c9431caabe
5 changed files with 67 additions and 19 deletions
--- a/lib/membership/member.ex
+++ b/lib/membership/member.ex
@ -486,6 +486,24 @@ defmodule Mv.Membership.Member do
            build_custom_field_validation_error(missing_fields)
          end

+        {:error, %Ash.Error.Forbidden{}} ->
+          Logger.warning(
+            "Required custom fields validation: actor not authorized to read CustomField"
+          )
+
+          {:error,
+           field: :custom_field_values,
+           message:
+             "You are not authorized to perform this action. Please sign in again or contact support."}
+
+        {:error, :missing_actor} ->
+          Logger.warning("Required custom fields validation: no actor in context")
+
+          {:error,
+           field: :custom_field_values,
+           message:
+             "You are not authorized to perform this action. Please sign in again or contact support."}
+
        {:error, error} ->
          Logger.error(
            "Failed to load custom fields for validation: #{inspect(error)}. Required field validation cannot be performed."