2d1ddfa654
Fix missing max_errors assign in GlobalSettingsLive
...
continuous-integration/drone/push Build is failing
Set max_errors as socket assign in mount/3 to make it
available in templates. Fixes KeyError in CSV import UI.
2026-01-27 10:54:43 +01:00
dc1acb815e
Improve CSV import error messages
...
Include email address in duplicate email error messages.
Add German translation for email uniqueness errors.
Ensure locale is set for translations in async tasks.
2026-01-27 10:54:32 +01:00
8a5f519099
Fix CSV upload file reading
...
Handle consume_uploaded_entries returning [content] directly
instead of [{:ok, content}]. Add locale support for translations
in background tasks.
2026-01-27 10:30:06 +01:00
64952d4ff4
Security: Require actor parameter in CSV import
...
Remove fallback to system_actor in process_chunk to prevent
unauthorized access. Actor must now be explicitly provided.
2026-01-27 10:30:05 +01:00
33dc8307c8
fix tests and linting
2026-01-27 10:30:05 +01:00
08534539aa
formatting
2026-01-27 10:23:31 +01:00
c914e25483
formatting and refactoring
2026-01-27 10:23:30 +01:00
0acdc82bcc
refactor
2026-01-27 10:23:29 +01:00
dd68d2efbc
refactor
2026-01-27 10:23:29 +01:00
79d0fa0376
fat: adds csv import live view to settings
2026-01-27 10:23:28 +01:00
793a66639a
Fix: Don't cache nil in default_role_id to prevent bootstrap issues
...
- Only cache non-nil role_id values to allow retry after role creation
- Prevents processes from being permanently stuck with nil if first call
happens before the 'Mitglied' role exists
- Update documentation to explain bootstrap safety mechanism
2026-01-27 10:23:27 +01:00
8e519d643d
Add NOT NULL constraint to users.role_id and optimize default_role_id
...
- Add database-level NOT NULL constraint for users.role_id
- Update SystemActor tests to verify NOT NULL constraint enforcement
- Add process dictionary caching for default_role_id/0 to reduce DB queries
2026-01-27 10:23:27 +01:00
047b818ec5
chore: increase test timeout and cleanup unused code
2026-01-27 10:23:26 +01:00
f984819508
refactor: remove AssignDefaultRole change module
...
The attribute-level default solution makes this change module obsolete.
All role assignment is now handled via the role_id attribute's default
function, which is more robust and works for all creation paths.
2026-01-27 10:23:26 +01:00
5164836d32
feat: implement attribute-level default for role_id assignment
...
Replace action-level changes with attribute default function to ensure
all users get the 'Mitglied' role regardless of creation path.
2026-01-27 10:23:25 +01:00
aaced70b8e
Integrate AssignDefaultRole change into user creation actions
2026-01-27 10:23:23 +01:00
4ec90770a4
Add AssignDefaultRole change for automatic role assignment
...
- Assigns 'Mitglied' role to new users if no role is set
2026-01-27 10:23:23 +01:00
d320cdf14e
Fix HasPermission check to handle nil member_id gracefully
2026-01-27 10:23:22 +01:00
e30be4c228
Add Role helper function and create_role_with_system_flag action
...
- Add get_mitglied_role/0 helper to avoid code duplication
- Add create_role_with_system_flag action for seeds/migrations
- Allows setting is_system_role flag (required for 'Mitglied' role)
2026-01-27 10:23:22 +01:00
ee50f312ee
Remove NoActor module, improve Member validation, update docs
2026-01-27 10:23:21 +01:00
ba5c982368
Use authorize?: false for integrity checks in validations
2026-01-27 10:23:17 +01:00
c715a45277
Add actor parameter to all tests requiring authorization
...
This commit adds actor: system_actor to all Ash operations in tests that
require authorization.
2026-01-27 10:23:16 +01:00
0cedbe52f9
Add authorize?: false to SystemActor bootstrap operations
...
- Role lookup and creation (find_admin_role, create_admin_role)
- System user creation and role assignment
- Role loading during initialization
2026-01-27 10:23:16 +01:00
73dc05c6d4
Remove NoActor bypass from User and Member policies
...
This removes the NoActor bypass that was masking authorization bugs in tests.
All operations now require an explicit actor for authorization.
2026-01-27 10:23:15 +01:00
36edee6fcc
Fix: Ensure members are loaded in handle_params when signature unchanged
2026-01-27 10:23:15 +01:00
21d8d65492
Fix OIDC account linking by using SystemActor in LinkOidcAccountLive
...
- Add SystemActor to all Ash operations in LinkOidcAccountLive
- Enables user lookup, reload, and oidc_id linking during OIDC flow
- User is not yet logged in during linking, so SystemActor provides authorization
2026-01-27 10:23:14 +01:00
fe07a4e955
Fix OIDC login by using SystemActor in OidcEmailCollision validation
...
- Add SystemActor to Ash.read_one() calls in OidcEmailCollision validation
- Prevents authorization failures during OIDC registration when no actor is logged in
- Enables proper email collision detection and account linking flow
2026-01-27 10:23:14 +01:00
3051ac9e38
Fix authorization bypass in seeds and validations
...
- Add authorize?: false to all bootstrap operations in seeds.exs
- Fix user-linking validation to respect authorize? context flag
- Prevents authorization errors during initial setup when no actor exists yet
2026-01-27 10:23:13 +01:00
ef4df57a6f
Restrict Actor.ensure_loaded to Mv.Accounts.User only
...
Pattern match on %Mv.Accounts.User{} instead of generic actor.
Clearer intention, prevents accidental authorization bypasses.
Non-User actors are returned as-is (no-op).
2026-01-27 10:23:13 +01:00
3d753c5460
Add authorize?: false to Actor.ensure_loaded
...
SECURITY: Skip authorization for role loading to avoid circular dependency.
Actor loads their OWN role, needed for authorization itself.
Documented why this is safe.
2026-01-27 10:23:11 +01:00
69836978be
Remove unused PolicyHelpers macro and PolicyConsistency test
...
Dead code - macro was never used in codebase.
PolicyConsistency test will be replaced with better implementation.
2026-01-27 10:23:10 +01:00
213521ecf6
Add centralized Actor.ensure_loaded helper
...
Consolidate role loading logic from HasPermission and LiveHelpers.
Use Ash.Resource.Info.resource? for reliable Ash detection.
2026-01-27 10:23:10 +01:00
ab0407abb1
Replace NoActor runtime Mix.env with compile-time config
...
Use Application.compile_env for release-safety.
Config only set in test.exs (defaults to false).
2026-01-27 10:23:09 +01:00
0d2c8e0905
Add PolicyHelpers macro for standard user policies
...
Encapsulate two-tier policy pattern (bypass + HasPermission).
Promote consistency across resource policy definitions.
2026-01-27 10:23:08 +01:00
3852c93ac9
Centralize role preloading in global LiveView on_mount
...
Add ensure_user_role_loaded to global live_view quote block.
Remove redundant on_mount calls from individual LiveViews.
2026-01-27 10:23:08 +01:00
fb5f4990b8
Shorten User policy comments to state what only
...
Move why explanations to documentation files.
Keep policy comments concise and focused.
2026-01-27 10:23:07 +01:00
87e7310cea
Clarify User.update :own in permission sets
...
Add explicit comments explaining why all permission sets
grant User.update with scope :own for password changes.
2026-01-27 10:23:07 +01:00
7eb7149e18
Add role loading fallback to HasPermission check
...
Extract ash_resource? helper to reduce nesting depth.
Add ensure_role_loaded fallback for unloaded actor roles.
2026-01-27 10:23:07 +01:00
298a13c2e4
Harden NoActor check with runtime environment guard
...
Add Mix.env() check to match?/3 for defense in depth.
Document NoActor pattern in CODE_GUIDELINES.md.
2026-01-27 10:23:06 +01:00
de187190e4
feat(auth): add User resource authorization policies
...
Implement bypass for READ + HasPermission for UPDATE pattern
Extend HasPermission check to support User resource scope :own
2026-01-27 10:23:05 +01:00
d9f5579350
Move require Logger to module level
...
Move require Logger statements from function/case level to module level
for better code organization and consistency with Elixir best practices
2026-01-27 10:23:05 +01:00
214b84b9b3
Add admin authorization check for regenerate cycles button
...
Restrict UI access to cycle regeneration to administrators only
to prevent policy bypass via user interface
2026-01-27 10:14:06 +01:00
ce292b431c
Add logging for fail-open email uniqueness validations
...
Log warnings when query errors occur in email uniqueness checks
to improve visibility of data integrity issues
2026-01-27 10:14:05 +01:00
fa3c34450d
Use SystemActor opts for cycle deletion operations
...
Pass actor_opts to delete_cycles/1 to ensure proper authorization
when MembershipFeeCycle policies are enforced
2026-01-27 10:14:05 +01:00
4537b86a09
Replace Mix.env() with Config.sql_sandbox?() in SystemActor
...
Use Application config instead of Mix.env() to prevent
runtime crashes in production releases where Mix is not available
2026-01-27 10:14:05 +01:00
c86aa4ea9c
Add @spec type annotations to SystemActor functions
...
Add type specifications for all private functions to improve
static analysis with Dialyzer and documentation quality.
2026-01-27 10:14:04 +01:00
8eb05c8a6a
Document System Actor pattern in code guidelines
...
Add section explaining when and how to use system actor for systemic operations.
Include examples and distinction between user mode and system mode.
2026-01-27 10:14:04 +01:00
cf9e6e91fd
Use system actor for cycle generation
...
Update cycle generator, member hooks, and job to use system actor.
Remove actor parameters as cycle generation is a mandatory side effect.
2026-01-27 10:14:03 +01:00
564e35f65e
Use system actor for email uniqueness validation
...
Update email validation modules to use system actor for queries.
This ensures data integrity checks always run regardless of user permissions.
2026-01-27 10:14:03 +01:00
8f06442de9
Use system actor for email synchronization
...
Update email sync loader and changes to use system actor instead of user actor.
This ensures email sync always works regardless of user permissions.
2026-01-27 10:14:03 +01:00
