Use current_actor/1 helper in all LiveViews
Replace inconsistent actor access patterns with current_actor/1 helper and ensure actor is passed to all Ash operations for proper authorization.
This commit is contained in:
parent
74fe60f768
commit
cd7e6b0843
GPG key ID:
1020A035E5DD0824
9 changed files with 268 additions and 57 deletions
|
|
@ -23,6 +23,8 @@ defmodule MvWeb.MemberLive.Form do
|
|||
|
||||
on_mount {MvWeb.LiveHelpers, :ensure_user_role_loaded}
|
||||
|
||||
import MvWeb.LiveHelpers, only: [current_actor: 1]
|
||||
|
||||
alias Mv.MembershipFees
|
||||
alias Mv.MembershipFees.MembershipFeeType
|
||||
alias MvWeb.Helpers.MembershipFeeHelpers
|
||||
|
|
@ -174,7 +176,7 @@ defmodule MvWeb.MemberLive.Form do
|
|||
<select
|
||||
class="select select-bordered w-full"
|
||||
name={@form[:membership_fee_type_id].name}
|
||||
phx-change="validate_membership_fee_type"
|
||||
phx-change="validate"
|
||||
value={@form[:membership_fee_type_id].value || ""}
|
||||
>
|
||||
<option value="">{gettext("None")}</option>
|
||||
|
|
@ -225,7 +227,7 @@ defmodule MvWeb.MemberLive.Form do
|
|||
@impl true
|
||||
def mount(params, _session, socket) do
|
||||
# current_user should be set by on_mount hooks (LiveUserAuth + LiveHelpers)
|
||||
actor = socket.assigns[:current_user] || socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
{:ok, custom_fields} = Mv.Membership.list_custom_fields()
|
||||
|
||||
initial_custom_field_values =
|
||||
|
|
@ -269,28 +271,29 @@ defmodule MvWeb.MemberLive.Form do
|
|||
|
||||
@impl true
|
||||
def handle_event("validate", %{"member" => member_params}, socket) do
|
||||
validated_form = AshPhoenix.Form.validate(socket.assigns.form, member_params)
|
||||
# Merge with existing form values to preserve unchanged fields (especially custom_field_values)
|
||||
# Extract values directly from form fields to get current state
|
||||
existing_values = get_existing_form_values(socket.assigns.form)
|
||||
|
||||
# Merge existing values with new params (new params take precedence)
|
||||
merged_params = Map.merge(existing_values, member_params)
|
||||
|
||||
validated_form = AshPhoenix.Form.validate(socket.assigns.form, merged_params)
|
||||
|
||||
# Check for interval mismatch if membership_fee_type_id changed
|
||||
socket = check_interval_change(socket, member_params)
|
||||
socket = check_interval_change(socket, merged_params)
|
||||
|
||||
{:noreply, assign(socket, form: validated_form)}
|
||||
end
|
||||
|
||||
def handle_event(
|
||||
"validate_membership_fee_type",
|
||||
%{"member" => %{"membership_fee_type_id" => fee_type_id}},
|
||||
socket
|
||||
) do
|
||||
# Same validation as above, but triggered by select change
|
||||
handle_event("validate", %{"member" => %{"membership_fee_type_id" => fee_type_id}}, socket)
|
||||
end
|
||||
|
||||
def handle_event("save", %{"member" => member_params}, socket) do
|
||||
try do
|
||||
actor = socket.assigns[:current_user] || socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case AshPhoenix.Form.submit(socket.assigns.form, params: member_params, actor: actor) do
|
||||
case AshPhoenix.Form.submit(socket.assigns.form,
|
||||
params: member_params,
|
||||
action_opts: [actor: actor]
|
||||
) do
|
||||
{:ok, member} ->
|
||||
handle_save_success(socket, member)
|
||||
|
||||
|
|
@ -483,4 +486,167 @@ defmodule MvWeb.MemberLive.Form do
|
|||
defp custom_field_input_type(:date), do: "date"
|
||||
defp custom_field_input_type(:email), do: "email"
|
||||
defp custom_field_input_type(_), do: "text"
|
||||
|
||||
# -----------------------------------------------------------------
|
||||
# Helper Functions for Form Value Preservation
|
||||
# -----------------------------------------------------------------
|
||||
|
||||
# Helper to extract existing form values to preserve them when only one field changes
|
||||
# This ensures custom_field_values and other fields are preserved when only the dropdown changes
|
||||
defp get_existing_form_values(form) do
|
||||
%{}
|
||||
|> extract_form_value(form, :first_name, &to_string/1)
|
||||
|> extract_form_value(form, :last_name, &to_string/1)
|
||||
|> extract_form_value(form, :email, &to_string/1)
|
||||
|> extract_form_value(form, :street, &to_string/1)
|
||||
|> extract_form_value(form, :house_number, &to_string/1)
|
||||
|> extract_form_value(form, :postal_code, &to_string/1)
|
||||
|> extract_form_value(form, :city, &to_string/1)
|
||||
|> extract_form_value(form, :join_date, &format_date_value/1)
|
||||
|> extract_form_value(form, :exit_date, &format_date_value/1)
|
||||
|> extract_form_value(form, :notes, &to_string/1)
|
||||
|> extract_form_value(form, :membership_fee_type_id, &to_string/1)
|
||||
|> extract_form_value(form, :membership_fee_start_date, &format_date_value/1)
|
||||
|> extract_custom_field_values(form)
|
||||
end
|
||||
|
||||
# Helper to extract a single form field value
|
||||
defp extract_form_value(acc, form, field, formatter) do
|
||||
if form[field] && form[field].value do
|
||||
Map.put(acc, to_string(field), formatter.(form[field].value))
|
||||
else
|
||||
acc
|
||||
end
|
||||
end
|
||||
|
||||
# Extracts custom field values from the form structure
|
||||
# The form is a Phoenix.HTML.Form with source being AshPhoenix.Form
|
||||
# Custom field values are in form.source.params["custom_field_values"] as a map
|
||||
defp extract_custom_field_values(acc, form) do
|
||||
cfv_params = get_custom_field_values_params(form)
|
||||
|
||||
if map_size(cfv_params) > 0 do
|
||||
custom_field_values = convert_cfv_params_to_list(cfv_params)
|
||||
Map.put(acc, "custom_field_values", custom_field_values)
|
||||
else
|
||||
acc
|
||||
end
|
||||
end
|
||||
|
||||
# Gets custom_field_values from form params
|
||||
defp get_custom_field_values_params(form) do
|
||||
ash_form = form.source
|
||||
|
||||
if ash_form && Map.has_key?(ash_form, :params) && ash_form.params["custom_field_values"] do
|
||||
ash_form.params["custom_field_values"]
|
||||
else
|
||||
%{}
|
||||
end
|
||||
end
|
||||
|
||||
# Converts custom field values map to sorted list
|
||||
defp convert_cfv_params_to_list(cfv_params) do
|
||||
cfv_params
|
||||
|> Map.to_list()
|
||||
|> Enum.sort_by(&parse_numeric_key/1)
|
||||
|> Enum.map(&build_custom_field_value/1)
|
||||
end
|
||||
|
||||
# Parses numeric key for sorting
|
||||
defp parse_numeric_key({key, _}) do
|
||||
case Integer.parse(key) do
|
||||
{num, _} -> num
|
||||
:error -> 999_999
|
||||
end
|
||||
end
|
||||
|
||||
# Builds a custom field value map from params
|
||||
defp build_custom_field_value({_key, cfv_map}) do
|
||||
%{
|
||||
"custom_field_id" => Map.get(cfv_map, "custom_field_id", ""),
|
||||
"value" => extract_custom_field_value_from_map(Map.get(cfv_map, "value", %{}))
|
||||
}
|
||||
end
|
||||
|
||||
# Extracts the value map structure from a custom field value
|
||||
# Handles both map format and Ash.Union struct format
|
||||
defp extract_custom_field_value_from_map(%Ash.Union{} = union) do
|
||||
union_type = Atom.to_string(union.type)
|
||||
|
||||
%{
|
||||
"_union_type" => union_type,
|
||||
"type" => union_type,
|
||||
"value" => format_custom_field_value(union.value)
|
||||
}
|
||||
end
|
||||
|
||||
defp extract_custom_field_value_from_map(value_map) when is_map(value_map) do
|
||||
union_type = extract_union_type_from_map(value_map)
|
||||
value = Map.get(value_map, "value") || Map.get(value_map, :value)
|
||||
|
||||
%{
|
||||
"_union_type" => union_type,
|
||||
"type" => union_type,
|
||||
"value" => format_custom_field_value(value)
|
||||
}
|
||||
end
|
||||
|
||||
defp extract_custom_field_value_from_map(_),
|
||||
do: %{"_union_type" => "", "type" => "", "value" => ""}
|
||||
|
||||
# Extracts union type from map, checking various possible locations
|
||||
defp extract_union_type_from_map(value_map) do
|
||||
cond do
|
||||
has_non_empty_string(value_map, "_union_type") ->
|
||||
Map.get(value_map, "_union_type")
|
||||
|
||||
has_non_empty_atom(value_map, :_union_type) ->
|
||||
to_string(Map.get(value_map, :_union_type))
|
||||
|
||||
has_atom_type(value_map) ->
|
||||
Atom.to_string(Map.get(value_map, :type))
|
||||
|
||||
has_string_type(value_map) ->
|
||||
Map.get(value_map, "type")
|
||||
|
||||
true ->
|
||||
""
|
||||
end
|
||||
end
|
||||
|
||||
# Helper to check if map has non-empty string value
|
||||
defp has_non_empty_string(map, key) do
|
||||
value = Map.get(map, key)
|
||||
value && value != ""
|
||||
end
|
||||
|
||||
# Helper to check if map has non-empty atom value
|
||||
defp has_non_empty_atom(map, key) do
|
||||
value = Map.get(map, key)
|
||||
value && value != ""
|
||||
end
|
||||
|
||||
# Helper to check if map has atom type
|
||||
defp has_atom_type(map) do
|
||||
value = Map.get(map, :type)
|
||||
value && is_atom(value)
|
||||
end
|
||||
|
||||
# Helper to check if map has string type
|
||||
defp has_string_type(map) do
|
||||
value = Map.get(map, "type")
|
||||
value && is_binary(value)
|
||||
end
|
||||
|
||||
# Formats custom field value based on its type
|
||||
defp format_custom_field_value(%Date{} = date), do: Date.to_iso8601(date)
|
||||
defp format_custom_field_value(%Decimal{} = decimal), do: Decimal.to_string(decimal, :normal)
|
||||
defp format_custom_field_value(value) when is_boolean(value), do: to_string(value)
|
||||
defp format_custom_field_value(value) when is_binary(value), do: value
|
||||
defp format_custom_field_value(value), do: to_string(value)
|
||||
|
||||
# Formats date value (Date or string) to string
|
||||
defp format_date_value(%Date{} = date), do: Date.to_iso8601(date)
|
||||
defp format_date_value(value) when is_binary(value), do: value
|
||||
defp format_date_value(_), do: ""
|
||||
end
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ defmodule MvWeb.MemberLive.Show do
|
|||
"""
|
||||
use MvWeb, :live_view
|
||||
import Ash.Query
|
||||
import MvWeb.LiveHelpers, only: [current_actor: 1]
|
||||
|
||||
on_mount {MvWeb.LiveHelpers, :ensure_user_role_loaded}
|
||||
|
||||
|
|
@ -236,7 +237,7 @@ defmodule MvWeb.MemberLive.Show do
|
|||
|
||||
@impl true
|
||||
def handle_params(%{"id" => id}, _, socket) do
|
||||
actor = socket.assigns[:current_user]
|
||||
actor = current_actor(socket)
|
||||
|
||||
# Load custom fields once using assign_new to avoid repeated queries
|
||||
socket =
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
use MvWeb, :live_component
|
||||
|
||||
require Ash.Query
|
||||
import MvWeb.LiveHelpers, only: [current_actor: 1]
|
||||
|
||||
alias Mv.Membership
|
||||
alias Mv.MembershipFees
|
||||
|
|
@ -426,7 +427,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
@impl true
|
||||
def handle_event("change_membership_fee_type", %{"value" => ""}, socket) do
|
||||
# Remove membership fee type
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case update_member_fee_type(socket.assigns.member, nil, actor) do
|
||||
{:ok, updated_member} ->
|
||||
|
|
@ -438,7 +439,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|> assign(:cycles, [])
|
||||
|> assign(
|
||||
:available_fee_types,
|
||||
get_available_fee_types(updated_member, socket.assigns.current_user)
|
||||
get_available_fee_types(updated_member, current_actor(socket))
|
||||
)
|
||||
|> assign(:interval_warning, nil)
|
||||
|> put_flash(:info, gettext("Membership fee type removed"))}
|
||||
|
|
@ -450,7 +451,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|
||||
def handle_event("change_membership_fee_type", %{"value" => fee_type_id}, socket) do
|
||||
member = socket.assigns.member
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
new_fee_type = Ash.get!(MembershipFeeType, fee_type_id, domain: MembershipFees, actor: actor)
|
||||
|
||||
# Check if interval matches
|
||||
|
|
@ -469,12 +470,12 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
if interval_warning do
|
||||
{:noreply, assign(socket, :interval_warning, interval_warning)}
|
||||
else
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case update_member_fee_type(member, fee_type_id, actor) do
|
||||
{:ok, updated_member} ->
|
||||
# Reload member with cycles
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
updated_member =
|
||||
updated_member
|
||||
|
|
@ -501,7 +502,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|> assign(:cycles, cycles)
|
||||
|> assign(
|
||||
:available_fee_types,
|
||||
get_available_fee_types(updated_member, socket.assigns.current_user)
|
||||
get_available_fee_types(updated_member, current_actor(socket))
|
||||
)
|
||||
|> assign(:interval_warning, nil)
|
||||
|> put_flash(:info, gettext("Membership fee type updated. Cycles regenerated."))}
|
||||
|
|
@ -523,7 +524,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
:suspended -> :mark_as_suspended
|
||||
end
|
||||
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case Ash.update(cycle, action: action, domain: MembershipFees, actor: actor) do
|
||||
{:ok, updated_cycle} ->
|
||||
|
|
@ -555,11 +556,12 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
def handle_event("regenerate_cycles", _params, socket) do
|
||||
socket = assign(socket, :regenerating, true)
|
||||
member = socket.assigns.member
|
||||
actor = current_actor(socket)
|
||||
|
||||
case CycleGenerator.generate_cycles_for_member(member.id) do
|
||||
case CycleGenerator.generate_cycles_for_member(member.id, actor: actor) do
|
||||
{:ok, _new_cycles, _notifications} ->
|
||||
# Reload member with cycles
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
updated_member =
|
||||
member
|
||||
|
|
@ -599,7 +601,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
cycle = find_cycle(socket.assigns.cycles, cycle_id)
|
||||
|
||||
# Load cycle with membership_fee_type for display
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
cycle = Ash.load!(cycle, :membership_fee_type, actor: actor)
|
||||
|
||||
{:noreply, assign(socket, :editing_cycle, cycle)}
|
||||
|
|
@ -617,7 +619,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|
||||
case Decimal.parse(normalized_amount_str) do
|
||||
{amount, _} when is_struct(amount, Decimal) ->
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case cycle
|
||||
|> Ash.Changeset.for_update(:update, %{amount: amount})
|
||||
|
|
@ -646,7 +648,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
cycle = find_cycle(socket.assigns.cycles, cycle_id)
|
||||
|
||||
# Load cycle with membership_fee_type for display
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
cycle = Ash.load!(cycle, :membership_fee_type, actor: actor)
|
||||
|
||||
{:noreply, assign(socket, :deleting_cycle, cycle)}
|
||||
|
|
@ -658,7 +660,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|
||||
def handle_event("confirm_delete_cycle", %{"cycle_id" => cycle_id}, socket) do
|
||||
cycle = find_cycle(socket.assigns.cycles, cycle_id)
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case Ash.destroy(cycle, domain: MembershipFees, actor: actor) do
|
||||
:ok ->
|
||||
|
|
@ -731,7 +733,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
|
||||
if deleted_count > 0 do
|
||||
# Reload member to get updated cycles
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
updated_member =
|
||||
member
|
||||
|
|
@ -823,7 +825,7 @@ defmodule MvWeb.MemberLive.Show.MembershipFeesComponent do
|
|||
membership_fee_type_id: member.membership_fee_type_id
|
||||
}
|
||||
|
||||
actor = socket.assigns.current_user
|
||||
actor = current_actor(socket)
|
||||
|
||||
case Ash.create(MembershipFeeCycle, attrs, domain: MembershipFees, actor: actor) do
|
||||
{:ok, _new_cycle} ->
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue