0219073d33
CFV policies test: system_actor for setup, verify destroy with actor
...
- create_linked_member_for_user and create_unlinked_member use actor
(system_actor) directly instead of creating admin user per call
- Remove create_admin_user helper
- After destroy, verify with Ash.get(..., actor: actor) to avoid
false positive from Forbidden vs NotFound
2026-01-27 16:07:01 +01:00
4e032ea778
Add CustomFieldValue policy tests (own_data, read_only, normal_user, admin)
...
Covers read/update/create/destroy for linked vs unlinked members and CRUD
permissions per permission set.
2026-01-27 16:07:01 +01:00
17831a0948
Pass actor to CustomFieldValue destroy and load in existing tests
...
Required after CustomFieldValue gained authorization policies.
2026-01-27 16:07:01 +01:00
562265f212
Security: Require actor parameter in CSV import
...
Remove fallback to system_actor in process_chunk to prevent
unauthorized access. Actor must now be explicitly provided.
2026-01-25 18:33:25 +01:00
79361c72d2
fix tests and linting
2026-01-25 17:31:49 +01:00
0fe4a55e80
formatting and refactoring
2026-01-25 17:31:48 +01:00
bf7e47ce5c
refactor
2026-01-25 17:31:42 +01:00
04b0916c1e
refactor
2026-01-25 17:30:07 +01:00
092fd99d48
fat: adds csv import live view to settings
2026-01-25 17:30:03 +01:00
bf9e47b257
test: adds live view csv import tests
2026-01-25 17:22:28 +01:00
2d446f63ea
Add NOT NULL constraint to users.role_id and optimize default_role_id
...
continuous-integration/drone/push Build is passing
- Add database-level NOT NULL constraint for users.role_id
- Update SystemActor tests to verify NOT NULL constraint enforcement
- Add process dictionary caching for default_role_id/0 to reduce DB queries
2026-01-25 17:04:48 +01:00
8f3fd9d0d7
test: adapt tests for attribute-level default solution
2026-01-25 13:42:45 +01:00
e7bf777be2
refactor: remove AssignDefaultRole change module
...
The attribute-level default solution makes this change module obsolete.
All role assignment is now handled via the role_id attribute's default
function, which is more robust and works for all creation paths.
2026-01-25 13:42:35 +01:00
21b63cbe86
Add comprehensive tests for default role assignment
continuous-integration/drone/push Build is passing
2026-01-24 19:16:57 +01:00
3b5b5044fb
Add test support for default role assignment
2026-01-24 19:16:43 +01:00
b545d2b9e1
Remove NoActor module, improve Member validation, update docs
2026-01-24 11:59:18 +01:00
71c13d0ac0
Fix missing actor parameters and restore AshAuthentication bypass tests
continuous-integration/drone/push Build is passing
2026-01-24 08:51:58 +01:00
15a7c615d6
Fix rebase conflict: Add actor parameter to helper functions in index_test.exs
continuous-integration/drone/push Build is passing
2026-01-24 02:39:28 +01:00
fcca4b0b89
Use admin_user instead of system_actor in LiveView tests
2026-01-24 02:21:10 +01:00
bebd7f6fe2
Fix tests: Remove redundant system_actor and update test descriptions
2026-01-24 02:21:09 +01:00
d8187484b8
Fix tests: Add missing actor parameters to Ash operations
2026-01-24 02:21:09 +01:00
b9d68a3417
Fix test helpers: Use actor parameter correctly
2026-01-24 02:21:09 +01:00
c5a48d8801
Fix tests: Remove duplicate actor keyword arguments
2026-01-24 02:21:09 +01:00
0f48a9b15a
Add actor parameter to all tests requiring authorization
...
This commit adds actor: system_actor to all Ash operations in tests that
require authorization.
2026-01-24 02:21:02 +01:00
672b4a8250
Merge branch 'main' into feature/filter-boolean-custom-fields
continuous-integration/drone/push Build is failing
2026-01-23 14:41:48 +01:00
b4657cae23
fix: resolve pr remarks
2026-01-23 14:00:18 +01:00
427608578f
Restrict Actor.ensure_loaded to Mv.Accounts.User only
...
continuous-integration/drone/push Build is passing
Pattern match on %Mv.Accounts.User{} instead of generic actor.
Clearer intention, prevents accidental authorization bypasses.
Non-User actors are returned as-is (no-op).
2026-01-22 23:17:55 +01:00
f6096e194f
Remove skipped get_by_subject test, add explanation
...
Test removed - JWT flow tested via AshAuthentication integration.
Direct test would require JWT mocking without value.
2026-01-22 23:04:58 +01:00
e60bb6926f
Remove unused PolicyHelpers macro and PolicyConsistency test
...
continuous-integration/drone/push Build is passing
Dead code - macro was never used in codebase.
PolicyConsistency test will be replaced with better implementation.
2026-01-22 22:37:09 +01:00
f2def20fce
Add centralized Actor.ensure_loaded helper
...
Consolidate role loading logic from HasPermission and LiveHelpers.
Use Ash.Resource.Info.resource? for reliable Ash detection.
2026-01-22 22:37:07 +01:00
05c71132e4
Replace NoActor runtime Mix.env with compile-time config
...
Use Application.compile_env for release-safety.
Config only set in test.exs (defaults to false).
2026-01-22 22:37:04 +01:00
d97f6f4004
Add policy consistency tests
...
Enforce User.update :own across all permission sets.
Verify READ bypass + UPDATE HasPermission pattern.
2026-01-22 21:36:19 +01:00
7d0f5fde86
Replace for comprehension with explicit describe blocks
...
Fix Credo parsing error by removing for comprehension.
Duplicate tests for own_data, read_only, normal_user sets.
2026-01-22 21:36:16 +01:00
56144a7696
Add role loading fallback to HasPermission check
...
Extract ash_resource? helper to reduce nesting depth.
Add ensure_role_loaded fallback for unloaded actor roles.
2026-01-22 21:36:10 +01:00
93216f3ee6
Harden NoActor check with runtime environment guard
...
Add Mix.env() check to match?/3 for defense in depth.
Document NoActor pattern in CODE_GUIDELINES.md.
2026-01-22 21:36:09 +01:00
63d8c4668d
test(auth): add User policies test suite
...
31 tests covering all 4 permission sets and bypass scenarios
Update HasPermission tests to expect false for scope :own without record
2026-01-22 19:19:25 +01:00
a92f503752
fix: credo warning
continuous-integration/drone/push Build is passing
2026-01-21 01:24:43 +01:00
4b67039a78
test: add more filter component tests
continuous-integration/drone/push Build is failing
2026-01-21 01:14:26 +01:00
f996aee6b2
feat: add new filter component to members view
continuous-integration/drone/push Build is passing
2026-01-21 00:47:01 +01:00
5eadd5f090
Refactor test setup into helper functions
...
continuous-integration/drone/push Build is passing
Extract setup code into reusable helper functions to reduce
duplication and improve maintainability.
2026-01-20 23:16:40 +01:00
a3cf8571ff
Document System Actor pattern in code guidelines
...
Add section explaining when and how to use system actor for systemic operations.
Include examples and distinction between user mode and system mode.
2026-01-20 22:10:11 +01:00
f1bb6a0f9a
Add tests for System Actor helper
...
Test system actor retrieval, caching, fallback behavior,
and auto-creation in test environment.
2026-01-20 22:09:21 +01:00
1011b94acf
feat: load boolean custom fields
continuous-integration/drone/push Build is passing
2026-01-20 19:12:13 +01:00
fbf3b64192
refactor: fix credo issues
continuous-integration/drone/push Build is passing
2026-01-20 18:34:17 +01:00
01dea8bb8b
Merge branch 'main' into feature/filter-boolean-custom-fields
continuous-integration/drone/push Build is failing
2026-01-20 18:13:20 +01:00
ff8b29cffe
feat: implement filter logic for boolean ustom fields
continuous-integration/drone/push Build is failing
2026-01-20 18:08:41 +01:00
d65da2f498
test: add tdd tests for custom boolean field filter logic
continuous-integration/drone/push Build was killed
2026-01-20 17:03:58 +01:00
235154a102
test: Remove outdated TODO for auto-assignment feature
...
continuous-integration/drone/push Build was killed
Auto-assignment of default membership fee type is already implemented
via SetDefaultMembershipFeeType change. Test assertion is now active.
2026-01-20 16:33:50 +01:00
0abcf540bb
refactor: Replace length/1 with empty list comparison
...
Replace expensive length/1 calls with direct list comparison
to fix Credo warnings about performance
2026-01-20 15:58:15 +01:00
37e1553a02
feat: add custom boolean field state & URL-Parameter
2026-01-20 15:55:08 +01:00
