feat: assign admin role to admin user in seeds

- Create Admin role if it doesn't exist - Assign Admin role to admin@mv.local user - Remove separate create_admin_role script (integrated into seeds)
2026-01-06 23:53:12 +01:00 · 2026-01-06 23:53:12 +01:00 · a5081793b0
commit a5081793b0
parent 7b3362dc48
2 changed files with 51 additions and 6 deletions
--- a/lib/mv_web/live/role_live/index.ex
+++ b/lib/mv_web/live/role_live/index.ex
@ -28,9 +28,20 @@ defmodule MvWeb.RoleLive.Index do
        # Load role if not already loaded (check for Ash.NotLoaded struct)
        user_with_role =
          case Map.get(user, :role) do
-            %Ash.NotLoaded{} -> Ash.load!(user, :role, domain: Mv.Accounts)
-            nil -> Ash.load!(user, :role, domain: Mv.Accounts)
-            role when not is_nil(role) -> user
+            %Ash.NotLoaded{} ->
+              case Ash.load(user, :role, domain: Mv.Accounts) do
+                {:ok, loaded_user} -> loaded_user
+                {:error, _} -> user
+              end
+
+            nil ->
+              case Ash.load(user, :role, domain: Mv.Accounts) do
+                {:ok, loaded_user} -> loaded_user
+                {:error, _} -> user
+              end
+
+            role when not is_nil(role) ->
+              user
          end

        assign(socket, :current_user, user_with_role)
--- a/priv/repo/seeds.exs
+++ b/priv/repo/seeds.exs
@ -5,6 +5,7 @@

 alias Mv.Membership
 alias Mv.Accounts
+alias Mv.Authorization
 alias Mv.MembershipFees.MembershipFeeType
 alias Mv.MembershipFees.CycleGenerator

@ -124,9 +125,42 @@ for attrs <- [
 end

 # Create admin user for testing
-Accounts.create_user!(%{email: "admin@mv.local"}, upsert?: true, upsert_identity: :unique_email)
-|> Ash.Changeset.for_update(:admin_set_password, %{password: "testpassword"})
-|> Ash.update!()
+admin_user =
+  Accounts.create_user!(%{email: "admin@mv.local"}, upsert?: true, upsert_identity: :unique_email)
+  |> Ash.Changeset.for_update(:admin_set_password, %{password: "testpassword"})
+  |> Ash.update!()
+
+# Create admin role and assign it to admin user
+admin_role =
+  case Authorization.list_roles() do
+    {:ok, roles} ->
+      case Enum.find(roles, &(&1.name == "Admin" && &1.permission_set_name == "admin")) do
+        nil ->
+          # Create admin role if it doesn't exist
+          case Authorization.create_role(%{
+                 name: "Admin",
+                 description: "Administrator with full access",
+                 permission_set_name: "admin"
+               }) do
+            {:ok, role} -> role
+            {:error, _error} -> nil
+          end
+
+        role ->
+          role
+      end
+
+    {:error, _error} ->
+      nil
+  end
+
+# Assign admin role to admin user if role was created/found
+if admin_role do
+  admin_user
+  |> Ash.Changeset.for_update(:update, %{})
+  |> Ash.Changeset.manage_relationship(:role, admin_role, type: :append_and_remove)
+  |> Ash.update!()
+end

 # Load all membership fee types for assignment
 # Sort by name to ensure deterministic order