local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

Integrate AssignDefaultRole change into user creation actions

Browse source
This commit is contained in:
Moritz 2026-01-24 19:13:11 +01:00 committed by Simon
parent 4ec90770a4
commit aaced70b8e
Signed by: simon
GPG key ID: 40E7A58C4AA1EDB2
1 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
lib/accounts/user.ex
View file

@ -67,6 +67,13 @@ defmodule Mv.Accounts.User do
identity_field :email
hash_provider AshAuthentication.BcryptProvider
confirmation_required? false
# NOTE: The auto-generated :register_with_password action does NOT assign a default role.
# This is intentional because:
# - In production, users are created via OIDC (:register_with_rauthy), which DOES assign roles
# - Manual user creation via :create_user DOES assign roles
# - Tests that need a role can use :create_user or manually assign via fixtures
# - The migration ensures existing users without roles get the "Mitglied" role
end
end
end
@ -115,6 +122,9 @@ defmodule Mv.Accounts.User do
argument :member, :map, allow_nil?: true
upsert? true
# Assign default "Mitglied" role to new users
change Mv.Accounts.User.Changes.AssignDefaultRole
# Manage the member relationship during user creation
change manage_relationship(:member, :member,
# Look up existing member and relate to it
@ -239,6 +249,8 @@ defmodule Mv.Accounts.User do
upsert? true
# Upsert based on oidc_id (primary match for existing OIDC users)
upsert_identity :unique_oidc_id
# On upsert, only update email - preserve existing role_id
upsert_fields [:email]
validate &__MODULE__.validate_oidc_id_present/2
@ -261,6 +273,10 @@ defmodule Mv.Accounts.User do
# - The LinkOidcAccountLive will auto-link passwordless users without password prompt
validate Mv.Accounts.User.Validations.OidcEmailCollision
# Assign default "Mitglied" role to new OIDC users
# Note: upsert_fields [:email] ensures this doesn't overwrite existing users' roles
change Mv.Accounts.User.Changes.AssignDefaultRole
# Sync user email to member when linking (User → Member)
change Mv.EmailSync.Changes.SyncUserEmailToMember
end