diff --git a/lib/mv/membership/member/validations/email_change_permission.ex b/lib/mv/membership/member/validations/email_change_permission.ex index 0a53de1..2b1c041 100644 --- a/lib/mv/membership/member/validations/email_change_permission.ex +++ b/lib/mv/membership/member/validations/email_change_permission.ex @@ -11,7 +11,7 @@ defmodule Mv.Membership.Member.Validations.EmailChangePermission do This prevents non-admins from changing another user's linked member email, which would sync to that user's account and break email synchronization. - No system-actor fallback: missing actor is treated as not allowed. + Missing actor is not allowed; the system actor counts as admin (via `Actor.admin?/1`). """ use Ash.Resource.Validation use Gettext, backend: MvWeb.Gettext, otp_app: :mv @@ -47,16 +47,22 @@ defmodule Mv.Membership.Member.Validations.EmailChangePermission do :ok else msg = - dgettext("default", "Only administrators can change email for members linked to users") + dgettext( + "default", + "Only administrators or the linked user can change the email for members linked to users" + ) {:error, field: :email, message: msg} end end end - # Ash stores actor in changeset.context.private.actor; validation context also has .actor + # Ash stores actor in changeset.context.private.actor; validation context has .actor; some callsites use context.actor defp resolve_actor(changeset, context) do - get_in(changeset.context || %{}, [:private, :actor]) || + ctx = changeset.context || %{} + + get_in(ctx, [:private, :actor]) || + Map.get(ctx, :actor) || (context && Map.get(context, :actor)) end diff --git a/priv/gettext/de/LC_MESSAGES/default.po b/priv/gettext/de/LC_MESSAGES/default.po index 3f71644..c4fd57d 100644 --- a/priv/gettext/de/LC_MESSAGES/default.po +++ b/priv/gettext/de/LC_MESSAGES/default.po @@ -2299,6 +2299,6 @@ msgid "Unknown column '%{header}' will be ignored. If this is a custom field, cr msgstr "Unbekannte Spalte '%{header}' wird ignoriert. Falls dies ein Datenfeld ist, erstellen Sie es in Mila vor dem Import." #: lib/mv/membership/member/validations/email_change_permission.ex -#, elixir-autogen, elixir-format -msgid "Only administrators can change email for members linked to users" -msgstr "Nur Administrator*innen können die E-Mail von Mitgliedern ändern, die mit Benutzer*innen verknüpft sind." +#, elixir-autogen, elixir-format, fuzzy +msgid "Only administrators or the linked user can change the email for members linked to users" +msgstr "Nur Administrator*innen oder die verknüpfte Benutzer*in können die E-Mail von Mitgliedern ändern, die mit Benutzer*innen verknüpft sind." diff --git a/priv/gettext/default.pot b/priv/gettext/default.pot index 7418c9b..0908fd8 100644 --- a/priv/gettext/default.pot +++ b/priv/gettext/default.pot @@ -2301,5 +2301,5 @@ msgstr "" #: lib/mv/membership/member/validations/email_change_permission.ex #, elixir-autogen, elixir-format -msgid "Only administrators can change email for members linked to users" +msgid "Only administrators or the linked user can change the email for members linked to users" msgstr "" diff --git a/priv/gettext/en/LC_MESSAGES/default.po b/priv/gettext/en/LC_MESSAGES/default.po index db00450..6faa102 100644 --- a/priv/gettext/en/LC_MESSAGES/default.po +++ b/priv/gettext/en/LC_MESSAGES/default.po @@ -2300,6 +2300,6 @@ msgid "Unknown column '%{header}' will be ignored. If this is a custom field, cr msgstr "Unknown column '%{header}' will be ignored. If this is a custom field, create it in Mila before importing." #: lib/mv/membership/member/validations/email_change_permission.ex -#, elixir-autogen, elixir-format -msgid "Only administrators can change email for members linked to users" -msgstr "Only administrators can change email for members linked to users" +#, elixir-autogen, elixir-format, fuzzy +msgid "Only administrators or the linked user can change the email for members linked to users" +msgstr "Only administrators or the linked user can change the email for members linked to users"