local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 5 Projects 4 Releases Packages 1 Activity Actions
755 commits 19 branches 0 tags 7.8 MiB
Commit graph

6 commits

Author SHA1 Message Date
Moritz
dd4b88f0b7
Improve: Make deny_filter robust and add regression test
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Change deny_filter from [id: {:in, []}] to expr(false)
- Add regression test to ensure deny-filter matches 0 records
 2026-01-08 23:30:06 +01:00
Moritz
05cbd833bc
Security: Fix critical deny-filter bug and improve authorization
All checks were successful
continuous-integration/drone/push Build is passing
Details 
CRITICAL FIX: Deny-filter was allowing all records instead of denying
Fix: User validation in Member now uses actor from changeset.context
 2026-01-08 23:15:48 +01:00
Moritz
6cd18545bd
Fix: HasPermission auto_filter and strict_check implementation 
Fixes security issue where auto_filter returned nil instead of proper
filter expressions, which could lead to incorrect authorization behavior.
 2026-01-08 22:55:24 +01:00
Moritz
f7cda66598
test: add Member resource policy tests 2026-01-08 21:22:15 +01:00
Moritz
db0a187058
fix: correct relationship filter paths in HasPermission check
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Use user.id instead of user_id for Member linked scope
- Use member.user.id for CustomFieldValue linked scope
- Add lazy logger evaluation
- Improve action nil handling
- Add integration tests for filter expressions
 2026-01-08 17:45:02 +01:00
Moritz
cba471dcac test: add tests for HasPermission policy check 
Add comprehensive test suite for the HasPermission Ash Policy Check
covering permission lookup, scope application, error handling, and logging.
 2026-01-08 16:48:42 +01:00