160 commits

Author	SHA1	Message	Date
Simon	349cee0ce6	refactor: review remarks	2026-03-13 17:55:17 +01:00
Simon	09e4b64663	feat: allow disabling registration	2026-03-13 16:40:39 +01:00
Simon	086ecdcb1b	feat: prevent join requests with equal mail	2026-03-13 11:18:34 +01:00
Simon	40a4461d23	fix: join confirmation mail configuration	2026-03-13 09:34:56 +01:00
Simon	942f2afd9e	refactor: adress review	2026-03-12 15:29:54 +01:00
Simon	a4f3aa5d6f	feat: add smtp settings	2026-03-12 13:39:48 +01:00
Simon	f53a3ce3cc	refactor: integrate approval ui review changes	2026-03-11 02:20:29 +01:00
Simon	86d9242d83	feat: add approval ui for join requests	2026-03-11 02:04:03 +01:00
Simon	021b709e6a	refactor: address review comments for join view	2026-03-10 22:54:41 +01:00
Simon	21812542ad	refactor: address review comments for join request settings	2026-03-10 16:47:38 +01:00
Simon	fa738aae88	feat: add join form settings	2026-03-10 14:29:49 +01:00
Simon	5deb102e45	refactor: adress review comments	2026-03-09 18:54:40 +01:00
Simon	6385fbc831	feat: add join confirmation and mail templating	2026-03-09 18:15:12 +01:00
Simon	a41d8498ac	refactor: apply review changes to joinrequest	2026-03-09 15:36:19 +01:00
Simon	2515a679b8	feat: add join request resource	2026-03-09 14:44:45 +01:00
Moritz	0ac39c646f	Remove Vereinfacht-required logic from settings and member validation ... - Member field settings: required only from email + settings (no API override) - Member resource validation: required fields from settings only - Gettext: remove obsolete 'Required for Vereinfacht integration' string	2026-03-04 20:21:51 +01:00
Moritz	1ce9915c7d	Member/CycleGenerator: better delete_cycles errors; UUID-based advisory lock ... delete_cycles returns first error for debugging. Advisory lock key derived from member id (first 8 bytes of UUID hex) to reduce phash2 collision risk; fallback to phash2 on invalid UUID.	2026-03-04 17:11:56 +01:00
Moritz	7a8b069834	Fix Credo Design (AliasUsage): add aliases in lib ... Add module aliases at top and use short names instead of fully qualified nested modules across lib/.	2026-03-04 16:21:15 +01:00
carla	bfc078d5aa	Merge branch 'main' into feat/299_plz	2026-02-24 16:02:56 +01:00
carla	c8d7dd3e55	Merge branch 'main' into feat/299_plz	2026-02-24 15:38:50 +01:00
Moritz	e775fe118b	Setting: add oidc_only boolean attribute (ENV + DB)	2026-02-24 15:12:50 +01:00
Moritz	8edbbac95f	feat: OIDC configuration in global Settings (ENV or DB) ... - Add oidc_* attributes to Setting, migration and Config helpers - Secrets and OidcRoleSyncConfig read from Config (ENV overrides DB) - GlobalSettingsLive: OIDC section with disabled fields when ENV set - OIDC role sync tests use DataCase for DB access	2026-02-24 13:58:24 +01:00
Moritz	0a59cf5c33	Sort custom fields by name as default in read action ... Add `prepare build(sort: [name: :asc])` to the primary read action of CustomField. Prevents order changes when toggling the `required` flag.	2026-02-24 11:50:59 +01:00
carla	63040afee7	Merge branch 'main' into feat/299_plz	2026-02-24 10:40:26 +01:00
carla	1fd1880424	chore: adds country memberfield	2026-02-24 09:33:42 +01:00
Moritz	b3b8b31c0f	Member: skip required custom fields validation for set_vereinfacht_contact_id ... Validation runs only for create_member and update_member so Vereinfacht sync (which only sets vereinfacht_contact_id) no longer fails with Required custom fields missing.	2026-02-23 23:07:38 +01:00
Moritz	717b8f5676	UpdateSingleMemberField: error attribution, updated_at, snapshot newline ... Attach errors to :field, :show_in_overview, :member_field_required. Set updated_at in SQL UPDATE. Add trailing newline to snapshot JSON.	2026-02-23 22:50:51 +01:00
Moritz	0d1b776e78	Member: enforce email + Vereinfacht-required when get_settings fails ... Compute vereinfacht_required? outside case; on error log and validate only base required (email + Vereinfacht fields), not full settings.	2026-02-23 22:50:43 +01:00
Moritz	17fd5e13d5	Member: validate configurable and Vereinfacht-required fields ... Add validation for required member fields from settings and for Vereinfacht-required fields when integration is configured.	2026-02-23 22:13:26 +01:00
Moritz	c86781c32b	Setting: add member_field_required and update_single_member_field ... Add JSONB attribute member_field_required, migration, Change and Membership code interface for atomic per-field required flag.	2026-02-23 22:13:08 +01:00
Moritz	1f21afeb72	Setting: vereinfacht_api_key public? false ... Reduce exposure of API key; keep sensitive? true.	2026-02-23 20:49:12 +01:00
Moritz	3cdaa75fc1	Member: remove system-actor fallback in extract_existing_values ... Per guidelines: actor must come from context. When nil, skip load and return empty map.	2026-02-23 20:49:00 +01:00
Moritz	1188320844	Restrict set_vereinfacht_contact_id to system actor ... - Add ActorIsSystemUser policy check - Member set_vereinfacht_contact_id only allowed for system user	2026-02-23 19:54:43 +01:00
Moritz	9d3c72acff	Add Vereinfacht app URL setting and contact view URL ... - Setting attribute vereinfacht_app_url, migration, .env.example - Config: vereinfacht_app_url() from env/setting or derived from API URL - Contact view URL uses app URL with /en/admin/finances/contacts/{id} - Global settings: App URL field, read-only when VEREINFACHT_APP_URL set - Tests: update contact view URL expectations	2026-02-23 19:54:43 +01:00
Moritz	a008cf381a	feat(vereinfacht): add client, sync flash and SyncContact change ... - Application: create SyncFlash ETS table on start - Vereinfacht: Client, SyncFlash, sync_member, format_error, sync_members_without_contact - SyncContact change on Member create_member and update_member - Member: attribute vereinfacht_contact_id, internal action set_vereinfacht_contact_id	2026-02-23 19:51:31 +01:00
Moritz	a5a4d66655	feat(vereinfacht): add DB schema, config and setting attributes ... - Migrations: vereinfacht_contact_id on members, vereinfacht_* on settings - Mv.Config: Vereinfacht ENV/Settings helpers, vereinfacht_configured?, contact_view_url - Setting: vereinfacht_api_url, api_key, club_id	2026-02-23 19:51:31 +01:00
carla	056fd04ddf	feat: remove postal code validation	2026-02-23 16:24:20 +01:00
carla	9b1aad884e	style: use same disabled field as for memberfield	2026-02-18 17:01:43 +01:00
carla	e47e266570	feat: type not editable	2026-02-18 16:42:54 +01:00
Moritz	95472424b1	Fix member unlink: use User update_user action ... UnrelateUserWhenArgumentNil used User :update which only accepts :email. Switch to :update_user with member: nil so manage_relationship clears member_id.	2026-02-04 14:46:23 +01:00
Moritz	5194b20b5c	Fix unlink-by-omission: on_missing :ignore, test, doc, string-key ... - Member update_member: on_missing :unrelate → :ignore (no unlink when :user omitted) - Test: normal_user update linked member without :user keeps link - Doc: unlink only explicit (user: nil), admin-only; Actor.admin?(nil) note - Check: defense-in-depth for "user" string key	2026-02-04 14:07:39 +01:00
Moritz	543fded102	Harden member user-link check: argument presence, nil actor, policy scope ... - Forbid on :user argument presence (not value) to block unlink via nil/empty - Defensive nil actor handling; policy restricted to create/update only - Test: Ash.load with actor; test non-admin cannot unlink via user: nil - Docs: unlink behaviour and policy split	2026-02-04 14:07:39 +01:00
Moritz	26fbafdd9d	Restrict member user link to admins (forbid policy) ... Add ForbidMemberUserLinkUnlessAdmin check; forbid_if on Member create/update. Fix member user-link tests: pass :user in params, assert via reload.	2026-02-04 14:07:38 +01:00
Moritz	503401f2e6	Setting: remove unused actor in default_fee_type validation ... - Docs: Regenerate Cycles server-side enforcement note in membership-fee-architecture.	2026-02-04 11:40:19 +01:00
Moritz	890a4d3752	MemberGroup: restrict bypass to own_data via MemberGroupReadLinkedForOwnData ... - ActorPermissionSetIs check; bypass policy filters by member_id for own_data only. - Admin with member_id still gets :all via HasPermission. Tests added.	2026-02-04 09:19:57 +01:00
Moritz	5ed41555e9	Member/Setting/validations: domain, actor, and seeds ... - setting.ex: domain/authorize for default_membership_fee_type_id check - validate_same_interval: require membership_fee_type (no None) - set_membership_fee_start_date: domain/actor for fee type lookup - Validations: domain/authorize for cross-resource checks - helpers.ex, email_sync change, seeds.exs actor/authorize fixes - Update related tests	2026-02-03 23:52:16 +01:00
Moritz	5889683854	Add resource policies for Group, MemberGroup, MembershipFeeType, MembershipFeeCycle ... - Group/MemberGroup/MembershipFeeType/MembershipFeeCycle: HasPermission policy - normal_user: Group and MembershipFeeCycle create/update/destroy; pages /groups/new, /groups/:slug/edit - Add policy tests for all four resources	2026-02-03 23:52:12 +01:00
Moritz	4ea31f0f37	Add email-change permission validation for linked members ... Only admins or the linked user may change a linked member's email. - New validation EmailChangePermission (uses Actor.admin?, Loader.get_linked_user). - Register on Member update_member; docs and gettext.	2026-02-03 14:35:32 +01:00
Moritz	5a2f035ecc	CustomField policies: actor required, no system-actor fallback, error handling ... - list_required_custom_fields: require actor (two clauses, no default) - Member validation: use context.actor only, differentiate Forbidden vs transient errors - stream_custom_fields: log + send flash on error instead of returning [] - GlobalSettingsLive: handle_info for custom_fields_load_error, put_flash - Seeds: use Membership.update_member with actor, format	2026-01-29 16:10:12 +01:00
Moritz	1d17c4f2dd	fix: CustomField policies, no system-actor fallback, guidelines ... - Tests and UI pass actor for CustomField create/read/destroy; seeds use actor - Member required-custom-fields validation uses context.actor only (no fallback) - CODE_GUIDELINES: add rule forbidding system-actor fallbacks	2026-01-29 16:10:12 +01:00