feat: prevent deletion of roles with assigned users

lib/mv_web/live/role_live/index.ex

@@ -62,14 +62,28 @@ defmodule MvWeb.RoleLive.Index do
   @impl true
   def handle_event("delete", %{"id" => id}, socket) do
     {:ok, role} = Authorization.get_role(id)
+    user_count = get_user_count(role, socket.assigns.user_counts)
 
+    if user_count > 0 do
+      {:noreply,
+       put_flash(
+         socket,
+         :error,
+         gettext(
+           "Cannot delete role. %{count} user(s) are still assigned to this role. Please assign them to another role first.",
+           count: user_count
+         )
+       )}
+    else
       case Authorization.destroy_role(role) do
         :ok ->
           updated_roles = Enum.reject(socket.assigns.roles, &(&1.id == id))
+          updated_counts = Map.delete(socket.assigns.user_counts, id)
 
           {:noreply,
            socket
            |> assign(:roles, updated_roles)
+           |> assign(:user_counts, updated_counts)
            |> put_flash(:info, gettext("Role deleted successfully"))}
 
         {:error, error} ->
@@ -83,6 +97,7 @@ defmodule MvWeb.RoleLive.Index do
            )}
       end
     end
+  end
 
   defp load_roles do
     case Authorization.list_roles() do

lib/mv_web/live/role_live/show.ex

@@ -12,6 +12,10 @@ defmodule MvWeb.RoleLive.Show do
   """
   use MvWeb, :live_view
 
+  alias Mv.Accounts
+
+  require Ash.Query
+
   @impl true
   def mount(%{"id" => id}, _session, socket) do
     # Ensure current_user has role loaded for authorization checks
@@ -32,17 +36,31 @@ defmodule MvWeb.RoleLive.Show do
       end
 
     role = Ash.get!(Mv.Authorization.Role, id, domain: Mv.Authorization)
+    user_count = load_user_count(role)
 
     {:ok,
      socket
      |> assign(:page_title, gettext("Show Role"))
-     |> assign(:role, role)}
+     |> assign(:role, role)
+     |> assign(:user_count, user_count)}
   end
 
   @impl true
   def handle_event("delete", %{"id" => id}, socket) do
     {:ok, role} = Mv.Authorization.get_role(id)
+    user_count = socket.assigns.user_count
 
+    if user_count > 0 do
+      {:noreply,
+       put_flash(
+         socket,
+         :error,
+         gettext(
+           "Cannot delete role. %{count} user(s) are still assigned to this role. Please assign them to another role first.",
+           count: user_count
+         )
+       )}
+    else
       case Mv.Authorization.destroy_role(role) do
         :ok ->
           {:noreply,
@@ -61,6 +79,14 @@ defmodule MvWeb.RoleLive.Show do
            )}
       end
     end
+  end
+
+  defp load_user_count(role) do
+    case Ash.count(Accounts.User |> Ash.Query.filter(role_id == ^role.id)) do
+      {:ok, count} -> count
+      _ -> 0
+    end
+  end
 
   @impl true
   def render(assigns) do

priv/gettext/de/LC_MESSAGES/default.po

@@ -1983,6 +1983,12 @@ msgstr "Rolle erfolgreich gelöscht."
 msgid "Roles"
 msgstr "Rollen"
 
+#: lib/mv_web/live/role_live/index.ex
+#: lib/mv_web/live/role_live/show.ex
+#, elixir-autogen, elixir-format
+msgid "Cannot delete role. %{count} user(s) are still assigned to this role. Please assign them to another role first."
+msgstr "Rolle kann nicht gelöscht werden. %{count} Benutzer*in(nen) sind dieser Rolle noch zugeordnet. Bitte weisen Sie sie zunächst einer anderen Rolle zu."
+
 #~ #: lib/mv_web/live/member_live/form.ex
 #~ #: lib/mv_web/live/member_live/show.ex
 #~ #: lib/mv_web/translations/member_fields.ex

priv/gettext/default.pot

@@ -1983,3 +1983,9 @@ msgstr ""
 #, elixir-autogen, elixir-format
 msgid "Roles"
 msgstr ""
+
+#: lib/mv_web/live/role_live/index.ex
+#: lib/mv_web/live/role_live/show.ex
+#, elixir-autogen, elixir-format
+msgid "Cannot delete role. %{count} user(s) are still assigned to this role. Please assign them to another role first."
+msgstr ""

priv/gettext/en/LC_MESSAGES/default.po

@@ -1984,6 +1984,12 @@ msgstr ""
 msgid "Roles"
 msgstr ""
 
+#: lib/mv_web/live/role_live/index.ex
+#: lib/mv_web/live/role_live/show.ex
+#, elixir-autogen, elixir-format
+msgid "Cannot delete role. %{count} user(s) are still assigned to this role. Please assign them to another role first."
+msgstr ""
+
 #~ #: lib/mv_web/live/components/payment_filter_component.ex
 #~ #, elixir-autogen, elixir-format
 #~ msgid "All payment statuses"