refactor: apply review notes
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Simon 2026-02-20 18:24:20 +01:00
parent bc9ea818eb
commit b41f005d9e
Signed by: simon
GPG key ID: 40E7A58C4AA1EDB2
9 changed files with 110 additions and 92 deletions

View file

@ -12,16 +12,25 @@ defmodule Mv.Membership.JoinRequest do
data_layer: AshPostgres.DataLayer,
authorizers: [Ash.Policy.Authorizer]
alias Ash.Policy.Check.Builtins, as: AshBuiltins
postgres do
table "join_requests"
repo Mv.Repo
end
actions do
defaults [:read, :destroy]
defaults [:destroy]
# Admin: list and get by id (used with HasPermission)
read :admin_read do
description "List and get JoinRequests; requires permission (e.g. admin / normal_user)"
primary? true
end
create :create do
primary? true
accept [
:email,
:confirmation_token_hash,
@ -38,15 +47,9 @@ defmodule Mv.Membership.JoinRequest do
create :confirm do
description "Public action: create JoinRequest after confirmation link click (actor: nil)"
accept [
:email,
:confirmation_token_hash,
:status,
:submitted_at,
:source,
:schema_version,
:payload
]
accept [:email, :confirmation_token_hash, :payload]
change Mv.Membership.JoinRequest.Changes.SetConfirmServerMetadata
end
update :update do
@ -58,12 +61,11 @@ defmodule Mv.Membership.JoinRequest do
policies do
policy action(:confirm) do
description "Allow public confirmation (actor nil) for join flow"
authorize_if Ash.Policy.Check.Builtins.actor_absent()
authorize_if AshBuiltins.actor_absent()
end
policy action_type(:read) do
description "Allow read when actor nil (success page) or when user has permission"
authorize_if Ash.Policy.Check.Builtins.actor_absent()
policy action(:admin_read) do
description "List/get JoinRequests only with permission (admin, later normal_user)"
authorize_if Mv.Authorization.Checks.HasPermission
end