local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 59 Pull requests 2 Projects 2 Releases Packages 1 Activity Actions
1410 commits 11 branches 0 tags 16 MiB
Commit graph

94 commits

Author SHA1 Message Date
carla
bfc078d5aa Merge branch 'main' into feat/299_plz
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-24 16:02:56 +01:00
carla
c8d7dd3e55 Merge branch 'main' into feat/299_plz
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-02-24 15:38:50 +01:00
Moritz
adb44241d9
Add migration: oidc_only boolean to settings table 2026-02-24 15:12:45 +01:00
Moritz
8edbbac95f
feat: OIDC configuration in global Settings (ENV or DB) 
- Add oidc_* attributes to Setting, migration and Config helpers
- Secrets and OidcRoleSyncConfig read from Config (ENV overrides DB)
- GlobalSettingsLive: OIDC section with disabled fields when ENV set
- OIDC role sync tests use DataCase for DB access
 2026-02-24 13:58:24 +01:00
Moritz
623543b7bd
fix: add missing postal_code in seeds
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details 
postal_code is a Vereinfacht-required field. When Vereinfacht is
configured, seeds failed for members without postal_code.
 2026-02-24 12:06:56 +01:00
carla
63040afee7 Merge branch 'main' into feat/299_plz
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-02-24 10:40:26 +01:00
carla
1fd1880424 chore: adds country memberfield 2026-02-24 09:33:42 +01:00
Moritz
c86781c32b
Setting: add member_field_required and update_single_member_field 
Add JSONB attribute member_field_required, migration, Change and
Membership code interface for atomic per-field required flag.
 2026-02-23 22:13:08 +01:00
Moritz
9d3c72acff
Add Vereinfacht app URL setting and contact view URL 
- Setting attribute vereinfacht_app_url, migration, .env.example
- Config: vereinfacht_app_url() from env/setting or derived from API URL
- Contact view URL uses app URL with /en/admin/finances/contacts/{id}
- Global settings: App URL field, read-only when VEREINFACHT_APP_URL set
- Tests: update contact view URL expectations
 2026-02-23 19:54:43 +01:00
Moritz
a5a4d66655
feat(vereinfacht): add DB schema, config and setting attributes 
- Migrations: vereinfacht_contact_id on members, vereinfacht_* on settings
- Mv.Config: Vereinfacht ENV/Settings helpers, vereinfacht_configured?, contact_view_url
- Setting: vereinfacht_api_url, api_key, club_id
 2026-02-23 19:51:31 +01:00
Simon
8430069b45
chore: add dev db seeds for groups
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-20 17:16:29 +01:00
Simon
63b8e70e62
fix: adress review comments
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-18 13:05:31 +01:00
Simon
f6575319f7
feat: add groups to search vector
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-18 12:47:23 +01:00
Moritz
a263cb4954 Pass actor through CycleGenerator so seeds can use admin 
- get_actor(opts): use opts[:actor] or system actor
- load_member, do_generate_cycles, create_cycles pass opts
- Seeds pass admin_user_with_role for Ash.load! and cycle updates
 2026-02-12 19:35:48 +01:00
Moritz
50c8a0dc9a Seeds: call Mv.Release.seed_admin to avoid duplication 
Replaces inline admin creation with seed_admin(); exercises same path as entrypoint.
Dev/test: set ADMIN_EMAIL default and ADMIN_PASSWORD fallback before calling.
 2026-02-04 18:13:30 +01:00
Moritz
09a4b7c937 Seeds: use ADMIN_PASSWORD/ADMIN_PASSWORD_FILE; fallback only in dev/test 
No fallback in production; prod uses Release.seed_admin in entrypoint.
 2026-02-04 18:13:30 +01:00
Moritz
b6d1a27bc9 Seeds: only admin gets password; additional users without password 
- Additional users (hans, greta, maria, thomas) created without admin_set_password.
- Removed no-password@example.de user.
 2026-02-04 11:06:59 +01:00
Moritz
5ed41555e9 Member/Setting/validations: domain, actor, and seeds 
- setting.ex: domain/authorize for default_membership_fee_type_id check
- validate_same_interval: require membership_fee_type (no None)
- set_membership_fee_start_date: domain/actor for fee type lookup
- Validations: domain/authorize for cross-resource checks
- helpers.ex, email_sync change, seeds.exs actor/authorize fixes
- Update related tests
 2026-02-03 23:52:16 +01:00
Moritz
5a2f035ecc CustomField policies: actor required, no system-actor fallback, error handling 
- list_required_custom_fields: require actor (two clauses, no default)
- Member validation: use context.actor only, differentiate Forbidden vs transient errors
- stream_custom_fields: log + send flash on error instead of returning []
- GlobalSettingsLive: handle_info for custom_fields_load_error, put_flash
- Seeds: use Membership.update_member with actor, format
 2026-01-29 16:10:12 +01:00
Moritz
1d17c4f2dd fix: CustomField policies, no system-actor fallback, guidelines 
- Tests and UI pass actor for CustomField create/read/destroy; seeds use actor
- Member required-custom-fields validation uses context.actor only (no fallback)
- CODE_GUIDELINES: add rule forbidding system-actor fallbacks
 2026-01-29 16:10:12 +01:00
Moritz
462bc21ec3
fix(migration): use INSERT..SELECT for system user role_id in CI
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Avoid nil/empty-string UUID when repo().one lags after role insert.
 2026-01-27 17:47:05 +01:00
Moritz
92ee7fcc63 fix(seeds): use :update_internal for system user admin-role
Some checks failed
continuous-integration/drone/push Build is failing
Details 
:update is blocked for system-actor user; use :update_internal in bootstrap.
 2026-01-27 17:39:04 +01:00
Moritz
a10c770ca7 chore(migration): ensure_system_actor_user_exists 
Use admin_role_id, consistent UUID and timestamps.
 2026-01-27 17:39:04 +01:00
Moritz
acb33b9f3b Ensure system actor user exists via migration 
Creates user system@mila.local with Admin role if missing. Idempotent;
guarantees system actor in production without relying on seeds.
 2026-01-27 17:39:04 +01:00
Simon
e92c98b559
refactor: fix review issues - member_count aggregate, migration down, docs, actor handling
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 17:09:07 +01:00
Simon
6db64bf996
feat: add groups resource #371
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-27 16:03:21 +01:00
Moritz
2d446f63ea
Add NOT NULL constraint to users.role_id and optimize default_role_id
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Add database-level NOT NULL constraint for users.role_id
- Update SystemActor tests to verify NOT NULL constraint enforcement
- Add process dictionary caching for default_role_id/0 to reduce DB queries
 2026-01-25 17:04:48 +01:00
Moritz
a9b1d794d2
fix: bind role_name variable before using in Ash.Query.filter 
Avoid macro pinning issues by binding role_data.name to role_name
before using it in the filter query.
 2026-01-25 13:42:28 +01:00
Moritz
e982271880
fix: improve migration to create 'Mitglied' role if missing 
Make migration more robust by creating the 'Mitglied' role if it doesn't
exist, ensuring it works regardless of seed execution order.
 2026-01-25 13:42:19 +01:00
Moritz
9557d8ae6b
Update seeds to create all 5 authorization roles 2026-01-24 19:16:35 +01:00
Moritz
c7e0181e02
Add migration to assign 'Mitglied' role to existing users 2026-01-24 19:14:51 +01:00
Moritz
079d270768 Fix authorization bypass in seeds and validations
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Add authorize?: false to all bootstrap operations in seeds.exs
- Fix user-linking validation to respect authorize? context flag
- Prevents authorization errors during initial setup when no actor exists yet
 2026-01-23 02:08:11 +01:00
Moritz
ea399612be Make system actor email configurable via SYSTEM_ACTOR_EMAIL 
Allow system user email to be configured via environment variable
with fallback to default 'system@mila.local'
 2026-01-21 08:02:35 +01:00
Moritz
d993bd3913 Create system user in seeds 
Add system@mila.local user with admin role for systemic operations.
This user is used by SystemActor helper for mandatory side effects.
 2026-01-20 22:09:17 +01:00
Simon
d9b659e5ea
fix: linting + tests 2026-01-19 14:09:19 +01:00
Simon
bc4bcd0089
fix: change creation of admin user 2026-01-19 13:40:28 +01:00
Moritz
145a76348c
Pass actor parameter in seeds and update test setup 
Ensure cycle generation in seeds uses admin actor and update test
to use global admin_user from ConnCase setup.
 2026-01-13 15:17:05 +01:00
Moritz
4fffeeaaa0
Fix: Seeds use admin actor instead of NoActor bypass 
This ensures seeds work correctly with the new fail-closed NoActor
policy in production, using proper authorization instead of bypass.
 2026-01-13 15:01:55 +01:00
carla
922f9f93d0 Merge branch 'main' into feature/223_memberfields_settings
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-12 13:15:40 +01:00
Moritz
2f03f7c00c
feat: assign admin role to admin user in seeds 
- Create Admin role if it doesn't exist
- Assign Admin role to admin@mv.local user
- Remove separate create_admin_role script (integrated into seeds)
 2026-01-08 16:16:54 +01:00
carla
36776f8e28 fix tests and linting 2026-01-07 18:11:36 +01:00
carla
0c8a255476 Merge branch 'main' into feature/273_member_fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-07 10:22:18 +01:00
carla
29a953c038 fix: prevent migration rollback failure when NULL values exist 2026-01-07 09:52:40 +01:00
Moritz
ce1d5790a3 refactor: squash migrations into single authorization domain migration 
Combine initial authorization migration with UUIDv7 update into
one migration. Migration now creates roles table with UUIDv7
default and explicit on_delete: :restrict FK constraint.
 2026-01-06 18:37:39 +01:00
Moritz
402a78dd0a refactor: update migration for UUIDv7 and explicit FK constraint 
- Add on_delete: :restrict to users.role_id foreign key
- Update roles.id to use uuid_generate_v7() default
- Regenerate resource snapshots
 2026-01-06 18:14:18 +01:00
Moritz
851d63f626 feat: add authorization domain migration 
Create roles table and add role_id to users table with indexes
and foreign key constraints.
 2026-01-06 17:18:34 +01:00
carla
7188315577 tests: fixes tests 2026-01-02 16:20:39 +01:00
carla
17540c6b1d feat: removes phoen number as member field and makes name optional 2026-01-02 16:19:06 +01:00
Moritz
a8ea121800
Refactor cycle generator and update translations
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Extract error handling into separate functions to reduce nesting depth.
 2025-12-26 21:01:17 +01:00
Moritz
a03056e6ae Make seed script deterministic and idempotent for fee type assignments 
Fix update action name from :update to :update_member for Member resource
 2025-12-22 16:56:12 +01:00