local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 3 Projects 4 Releases Packages 1 Activity Actions

Integrate Member policies in LiveViews

Browse source 
- Add on_mount hook to ensure user role is loaded in all Member LiveViews
- Pass actor parameter to all Ash operations (read, get, create, update, destroy, load)
This commit is contained in:
Moritz 2026-01-09 00:02:19 +01:00
parent dc3268cbf4
commit bc87893134
Signed by: moritz
GPG key ID: 1020A035E5DD0824
7 changed files with 167 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

16
lib/mv_web/live/member_live/index.ex
View file

@ -27,6 +27,8 @@ defmodule MvWeb.MemberLive.Index do
"""
use MvWeb, :live_view
on_mount {MvWeb.LiveHelpers, :ensure_user_role_loaded}
require Ash.Query
import Ash.Expr
@ -58,17 +60,19 @@ defmodule MvWeb.MemberLive.Index do
# Note: Using Ash.read! (bang version) - errors will be handled by Phoenix LiveView
# and result in a 500 error page. This is appropriate for LiveViews where errors
# should be visible to the user rather than silently failing.
actor = socket.assigns[:current_user]
custom_fields_visible =
Mv.Membership.CustomField
|> Ash.Query.filter(expr(show_in_overview == true))
|> Ash.Query.sort(name: :asc)
|> Ash.read!()
|> Ash.read!(actor: actor)
# Load ALL custom fields for the dropdown (to show all available fields)
all_custom_fields =
Mv.Membership.CustomField
|> Ash.Query.sort(name: :asc)
|> Ash.read!()
|> Ash.read!(actor: actor)
# Load settings once to avoid N+1 queries
settings =
@ -132,8 +136,9 @@ defmodule MvWeb.MemberLive.Index do
def handle_event("delete", %{"id" => id}, socket) do
# Note: Using bang versions (!) - errors will be handled by Phoenix LiveView
# This ensures users see error messages if deletion fails (e.g., permission denied)
member = Ash.get!(Mv.Membership.Member, id)
Ash.destroy!(member)
actor = socket.assigns[:current_user]
member = Ash.get!(Mv.Membership.Member, id, actor: actor)
Ash.destroy!(member, actor: actor)
updated_members = Enum.reject(socket.assigns.members, &(&1.id == id))
{:noreply, assign(socket, :members, updated_members)}
@ -678,7 +683,8 @@ defmodule MvWeb.MemberLive.Index do
# Note: Using Ash.read! - errors will be handled by Phoenix LiveView
# This is appropriate for data loading in LiveViews
members = Ash.read!(query)
actor = socket.assigns[:current_user]
members = Ash.read!(query, actor: actor)
# Custom field values are already filtered at the database level in load_custom_field_values/2
# No need for in-memory filtering anymore