Use authorize?: false for integrity checks in validations

2026-01-24 01:42:15 +01:00 · 2026-01-24 01:42:15 +01:00 · 9e20766ef2
commit 9e20766ef2
parent d9eb131d96
2 changed files with 14 additions and 31 deletions
--- a/lib/membership_fees/membership_fee_type.ex
+++ b/lib/membership_fees/membership_fee_type.ex
@ -85,13 +85,11 @@ defmodule Mv.MembershipFees.MembershipFeeType do
               if changeset.action_type == :destroy do
                 require Ash.Query

-                 # Use system_actor for validation queries (systemic operation)
-                 system_actor = Mv.Helpers.SystemActor.get_system_actor()
-
+                 # Integrity check: count members without authorization (systemic operation)
                 member_count =
                   Mv.Membership.Member
                   |> Ash.Query.filter(membership_fee_type_id == ^changeset.data.id)
-                   |> Ash.count!(actor: system_actor)
+                   |> Ash.count!(authorize?: false)

                 if member_count > 0 do
                   {:error,
@ -111,13 +109,11 @@ defmodule Mv.MembershipFees.MembershipFeeType do
               if changeset.action_type == :destroy do
                 require Ash.Query

-                 # Use system_actor for validation queries (systemic operation)
-                 system_actor = Mv.Helpers.SystemActor.get_system_actor()
-
+                 # Integrity check: count cycles without authorization (systemic operation)
                 cycle_count =
                   Mv.MembershipFees.MembershipFeeCycle
                   |> Ash.Query.filter(membership_fee_type_id == ^changeset.data.id)
-                   |> Ash.count!(actor: system_actor)
+                   |> Ash.count!(authorize?: false)

                 if cycle_count > 0 do
                   {:error,
@ -137,13 +133,11 @@ defmodule Mv.MembershipFees.MembershipFeeType do
               if changeset.action_type == :destroy do
                 require Ash.Query

-                 # Use system_actor for validation queries (systemic operation)
-                 system_actor = Mv.Helpers.SystemActor.get_system_actor()
-
+                 # Integrity check: count settings without authorization (systemic operation)
                 setting_count =
                   Mv.Membership.Setting
                   |> Ash.Query.filter(default_membership_fee_type_id == ^changeset.data.id)
-                   |> Ash.count!(actor: system_actor)
+                   |> Ash.count!(authorize?: false)

                 if setting_count > 0 do
                   {:error,