local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 3 Projects 4 Releases Packages 1 Activity Actions
687 commits 17 branches 0 tags 7.6 MiB
Commit graph

9 commits

Author SHA1 Message Date
Moritz
3a0fb4e84f
feat: implement PermissionSets module with all 4 permission sets 
- Add types for scope, action, resource_permission, permission_set
- Implement get_permissions/1 for all 4 sets (own_data, read_only, normal_user, admin)
- Implement valid_permission_set?/1 for string and atom validation
- Implement permission_set_name_to_atom/1 with error handling
 2026-01-06 21:33:39 +01:00
Moritz
5f13901ca5 security: remove is_system_role from public API 
Remove is_system_role from accept lists in create_role and update_role
actions. This field should only be set via seeds or internal actions to
prevent users from creating unkillable roles through the public API.
 2026-01-06 19:04:03 +01:00
Moritz
f63405052f feat: add get_role action to Authorization domain 
Add get_role action for retrieving single role by ID through
code interface.
 2026-01-06 18:37:35 +01:00
Moritz
557eb4d27d refactor: simplify system role deletion validation 
Remove redundant action_type check since validation already
runs only on destroy actions. Add field to error for better
error handling.
 2026-01-06 18:37:34 +01:00
Moritz
12c08cabee docs: clean up PermissionSets documentation 
Remove issue number references from moduledoc
 2026-01-06 18:14:19 +01:00
Moritz
82ec4e565a refactor: use UUIDv7 and improve Role validations 
- Change id from uuid_primary_key to uuid_v7_primary_key
- Replace custom validation with built-in one_of validation
- Add explicit on_delete: :restrict for users foreign key
- Update postgres references configuration
 2026-01-06 18:14:16 +01:00
Moritz
4535551b8d feat: add Role resource with validations 
Create Role resource with name, description, permission_set_name,
and is_system_role fields. Add validations for permission_set_name
and system role deletion protection.
 2026-01-06 17:18:32 +01:00
Moritz
1b2927ce40 feat: create Authorization domain 
Add Mv.Authorization domain with AshAdmin and AshPhoenix extensions.
Register domain in config for role management.
 2026-01-06 17:18:30 +01:00
Moritz
37d1655227 feat: add PermissionSets stub module for role validation 
Add minimal PermissionSets module with all_permission_sets/0 function
to support permission_set_name validation in Role resource.
 2026-01-06 17:18:29 +01:00