local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 3 Projects 4 Releases Packages 1 Activity Actions

fix: add actor parameter to Authorization.get_role in Index

Browse source 
Ensure consistent authorization by passing actor parameter to
get_role call, matching the pattern used in Show LiveView.
This commit is contained in:
Moritz 2026-01-08 13:50:26 +01:00
parent 586985f7f0
commit f4b0d1c9a8
1 changed files with 18 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

46
lib/mv_web/live/role_live/index.ex
View file

@ -21,9 +21,10 @@ defmodule MvWeb.RoleLive.Index do
require Ash.Query require Ash.Query
on_mount {MvWeb.LiveHelpers, :ensure_user_role_loaded}
@impl true @impl true
def mount(_params, _session, socket) do def mount(_params, _session, socket) do
socket = ensure_user_role_loaded(socket)
actor = socket.assigns[:current_user] actor = socket.assigns[:current_user]
roles = load_roles(actor) roles = load_roles(actor)
user_counts = load_user_counts(roles) user_counts = load_user_counts(roles)
@ -35,34 +36,9 @@ defmodule MvWeb.RoleLive.Index do
|> assign(:user_counts, user_counts)} |> assign(:user_counts, user_counts)}
end end
defp ensure_user_role_loaded(socket) do
if socket.assigns[:current_user] do
user = socket.assigns.current_user
user_with_role = load_user_role(user)
assign(socket, :current_user, user_with_role)
else
socket
end
end
defp load_user_role(user) do
case Map.get(user, :role) do
%Ash.NotLoaded{} -> load_role_safely(user)
nil -> load_role_safely(user)
_role -> user
end
end
defp load_role_safely(user) do
case Ash.load(user, :role, domain: Mv.Accounts) do
{:ok, loaded_user} -> loaded_user
{:error, _} -> user
end
end
@impl true @impl true
def handle_event("delete", %{"id" => id}, socket) do def handle_event("delete", %{"id" => id}, socket) do
case Authorization.get_role(id) do case Authorization.get_role(id, actor: socket.assigns.current_user) do
{:ok, role} -> {:ok, role} ->
handle_delete_role(role, id, socket) handle_delete_role(role, id, socket)
@ -96,9 +72,10 @@ defmodule MvWeb.RoleLive.Index do
gettext("System roles cannot be deleted.") gettext("System roles cannot be deleted.")
)} )}
recalculate_user_count(role) > 0 -> true ->
user_count = recalculate_user_count(role) user_count = recalculate_user_count(role)
if user_count > 0 do
{:noreply, {:noreply,
put_flash( put_flash(
socket, socket,
@ -108,11 +85,11 @@ defmodule MvWeb.RoleLive.Index do
count: user_count count: user_count
) )
)} )}
else
true ->
perform_role_deletion(role, id, socket) perform_role_deletion(role, id, socket)
end end
end end
end
defp perform_role_deletion(role, id, socket) do defp perform_role_deletion(role, id, socket) do
case Authorization.destroy_role(role, actor: socket.assigns.current_user) do case Authorization.destroy_role(role, actor: socket.assigns.current_user) do
@ -153,10 +130,15 @@ defmodule MvWeb.RoleLive.Index do
# Load all users with role_id in a single query # Load all users with role_id in a single query
users = users =
case Ash.read(
Accounts.User Accounts.User
|> Ash.Query.filter(role_id in ^role_ids) |> Ash.Query.filter(role_id in ^role_ids)
|> Ash.Query.select([:role_id]) |> Ash.Query.select([:role_id]),
|> Ash.read!(domain: Mv.Accounts) domain: Mv.Accounts
) do
{:ok, users_list} -> users_list
{:error, _} -> []
end
# Group by role_id and count # Group by role_id and count
users users