mitgliederverwaltung

Author	SHA1	Message	Date
Moritz	05cbd833bc	Security: Fix critical deny-filter bug and improve authorization All checks were successful continuous-integration/drone/push Build is passing Details CRITICAL FIX: Deny-filter was allowing all records instead of denying Fix: User validation in Member now uses actor from changeset.context	2026-01-08 23:15:48 +01:00
Moritz	6cd18545bd	Fix: HasPermission auto_filter and strict_check implementation Fixes security issue where auto_filter returned nil instead of proper filter expressions, which could lead to incorrect authorization behavior.	2026-01-08 22:55:24 +01:00
Moritz	9d58c9d1ef	feat: implement authorization policies for Member resource All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-08 21:22:45 +01:00
Moritz	db0a187058	fix: correct relationship filter paths in HasPermission check All checks were successful continuous-integration/drone/push Build is passing Details - Use user.id instead of user_id for Member linked scope - Use member.user.id for CustomFieldValue linked scope - Add lazy logger evaluation - Improve action nil handling - Add integration tests for filter expressions	2026-01-08 17:45:02 +01:00
Moritz	288002f404	feat: implement HasPermission policy check All checks were successful continuous-integration/drone/push Build is passing Details Implement custom Ash Policy Check that reads permissions from PermissionSets module and applies scope filters to Ash queries.	2026-01-08 16:48:43 +01:00

5 commits