local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
1067 commits 13 branches 0 tags 7.9 MiB
Commit graph

1067 commits

This branch
This branch
All branches
Author SHA1 Message Date
moritz
4e8e697490 Merge pull request 'Fix email sync (user->member) when changing password and email' (#380) from fix/email_sync into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #380
 2026-01-27 18:08:06 +01:00
Moritz
2b4e1e3963
Sync user email to member when changing password (admin_set_password)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add SyncUserEmailToMember change to admin_set_password so email+password
updates in the user form sync the new email to the linked member.
 2026-01-27 17:58:35 +01:00
moritz
d78032d50f Merge pull request 'Fix System missing system actor in prod and prevent deletion' (#379) from fix/system_actor into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #379
 2026-01-27 17:54:48 +01:00
Moritz
462bc21ec3
fix(migration): use INSERT..SELECT for system user role_id in CI
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Avoid nil/empty-string UUID when repo().one lags after role insert.
 2026-01-27 17:47:05 +01:00
Moritz
92ee7fcc63 fix(seeds): use :update_internal for system user admin-role
Some checks failed
continuous-integration/drone/push Build is failing
Details 
:update is blocked for system-actor user; use :update_internal in bootstrap.
 2026-01-27 17:39:04 +01:00
Moritz
cbcb93418e feat(user_live): handle system user in form and show 
Early return / load_user_or_redirect, use system_user? to avoid editing system actor.
 2026-01-27 17:39:04 +01:00
Moritz
a10c770ca7 chore(migration): ensure_system_actor_user_exists 
Use admin_role_id, consistent UUID and timestamps.
 2026-01-27 17:39:04 +01:00
Moritz
d98b32af8d feat(accounts): block update/destroy on system-actor user 
Validation prevents modifying system actor user (required for internal ops).
 2026-01-27 17:39:04 +01:00
Moritz
7d33acde9f feat(system_actor): add system_user?/1 and normalize email 
Case-insensitive email comparison for system-actor detection.
 2026-01-27 17:39:04 +01:00
Moritz
41bc031cc6 refactor(web): extract format_ash_error to MvWeb.ErrorHelpers 
Use shared ErrorHelpers in UserLive.Index for consistent Ash error formatting.
 2026-01-27 17:39:04 +01:00
Moritz
eb8d78f834 Add gettext strings for system actor show/edit redirect messages 
German: Dieser Benutzer kann nicht angezeigt/bearbeitet werden.
 2026-01-27 17:39:04 +01:00
Moritz
9c31f0c16c Add tests for system actor protection and hiding 
Index: system actor not in list, destroy returns Ash.Error.Invalid. Show/Form:
redirect to /users when viewing or editing system actor user.
 2026-01-27 17:39:04 +01:00
Moritz
8ad5201e1a Hide system actor from user list and block show/edit 
Index: filter out SystemActor.system_user_email() in query. Show/Form:
redirect to /users with flash when viewing or editing system actor user.
Index format_error: handle Ash errors without :message field.
 2026-01-27 17:39:04 +01:00
Moritz
b7f37c80bd Prevent deletion of system actor user 
Add destroy validation and explicit destroy action (primary, require_atomic? false).
Validation blocks destroy when email == SystemActor.system_user_email().
 2026-01-27 17:39:04 +01:00
Moritz
acb33b9f3b Ensure system actor user exists via migration 
Creates user system@mila.local with Admin role if missing. Idempotent;
guarantees system actor in production without relying on seeds.
 2026-01-27 17:39:04 +01:00
simon
0a2aa3bad0 Merge pull request 'Add groups resource close #371' (#378) from feature/371-groups-resource into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #378
 2026-01-27 17:17:25 +01:00
simon
5df1da1573 Merge branch 'main' into feature/371-groups-resource
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 17:16:34 +01:00
Simon
e92c98b559
refactor: fix review issues - member_count aggregate, migration down, docs, actor handling
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 17:09:07 +01:00
Simon
fc8306cfee
test: resolve warnings
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 16:38:17 +01:00
moritz
b974e7d685 Merge pull request 'CustomFieldValue Resource Policies closes #369' (#377) from feature/369_customfieldvalue_policies into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #377
 2026-01-27 16:07:47 +01:00
Moritz
bfe9fba2e0 Docs: document bypass read rule for CustomFieldValue pattern
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
- Bypass action_type(:read) is production-side rule: reading own CFVs
  always allowed, overrides Permission-Sets. Applies to get/list/load.
 2026-01-27 16:07:01 +01:00
Moritz
0219073d33 CFV policies test: system_actor for setup, verify destroy with actor 
- create_linked_member_for_user and create_unlinked_member use actor
  (system_actor) directly instead of creating admin user per call
- Remove create_admin_user helper
- After destroy, verify with Ash.get(..., actor: actor) to avoid
  false positive from Forbidden vs NotFound
 2026-01-27 16:07:01 +01:00
Moritz
4d3a249b0c HasPermission: remove unused _authorizer from strict_check helper 2026-01-27 16:07:01 +01:00
Moritz
3f95a2dd84 CustomFieldValue: remove unused require Ash.Query 2026-01-27 16:07:01 +01:00
Moritz
7153af23ee CustomFieldValueCreateScope: use get_argument_or_attribute for member_id 
- Read member_id via Ash.Changeset.get_argument_or_attribute/2 so it works
  when set as attribute or argument
- Remove unused require Logger
- Document member_id source in moduledoc
 2026-01-27 16:07:01 +01:00
Moritz
9e6c79bf40 chore: remove start-database from test action 2026-01-27 16:07:01 +01:00
Moritz
db95979bf5 Document CustomFieldValue policies and own_data create/destroy in architecture 
Update roles-and-permissions-architecture.md with policy layout and
permission matrix for CustomFieldValue (linked).
 2026-01-27 16:07:01 +01:00
Moritz
4e032ea778 Add CustomFieldValue policy tests (own_data, read_only, normal_user, admin) 
Covers read/update/create/destroy for linked vs unlinked members and CRUD
permissions per permission set.
 2026-01-27 16:07:01 +01:00
Moritz
17831a0948 Pass actor to CustomFieldValue destroy and load in existing tests 
Required after CustomFieldValue gained authorization policies.
 2026-01-27 16:07:01 +01:00
Moritz
bf2d0352c1 Add authorization policies to CustomFieldValue resource 
- Authorizer and policies: bypass for read (member_id == actor.member_id),
  CustomFieldValueCreateScope for create, HasPermission for read/update/destroy.
- HasPermission: pass authorizer into strict_check helper; document that create
  must use a dedicated check (no filter).
 2026-01-27 16:07:01 +01:00
Moritz
c7c6b318ac Add CustomFieldValueCreateScope check for create actions 
Ash cannot apply filters to create; this check enforces :linked/:all scope
via strict_check only (no filter).
 2026-01-27 16:07:01 +01:00
Moritz
8f5f69744c Add CustomFieldValue create/destroy :linked to own_data permission set 
Allows members to create and delete custom field values for their linked member.
 2026-01-27 16:07:01 +01:00
Simon
6db64bf996
feat: add groups resource #371
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-27 16:03:21 +01:00
Simon
8e9fbe76cf
docs: add testing philosophy to coding guideline
Some checks failed
continuous-integration/drone/push Build is failing
Details 
and update groups architecture docs #371
 2026-01-27 15:23:40 +01:00
Simon
0216dfcbbb
test: add tests for group resource #371
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-27 15:04:26 +01:00
Simon
2ebf289112
docs: add slugs to group concept #371
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 13:41:25 +01:00
simon
8dd216f58f Merge pull request 'Add groups concept to docs closes #307' (#370) from feature/#307-concept-groups into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #370
 2026-01-27 13:15:12 +01:00
Simon
b128ffb51c
docs: add groups concept
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 13:04:27 +01:00
moritz
d1f70e2877 Merge pull request 'ImplementsCSV Import UI closes #335' (#359) from feature/335_csv_import_ui into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #359
 2026-01-25 18:45:07 +01:00
Moritz
5195fd0d45 Fix missing max_errors assign in GlobalSettingsLive
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Set max_errors as socket assign in mount/3 to make it
available in templates. Fixes KeyError in CSV import UI.
 2026-01-25 18:36:33 +01:00
Moritz
1d0ac6d280 Improve CSV import error messages 
Include email address in duplicate email error messages.
Add German translation for email uniqueness errors.
Ensure locale is set for translations in async tasks.
 2026-01-25 18:33:28 +01:00
Moritz
5acb5e304d Fix CSV upload file reading 
Handle consume_uploaded_entries returning [content] directly
instead of [{:ok, content}]. Add locale support for translations
in background tasks.
 2026-01-25 18:33:27 +01:00
Moritz
562265f212 Security: Require actor parameter in CSV import 
Remove fallback to system_actor in process_chunk to prevent
unauthorized access. Actor must now be explicitly provided.
 2026-01-25 18:33:25 +01:00
carla
79361c72d2
fix tests and linting 2026-01-25 17:31:49 +01:00
carla
56f3054992
i18n: add translations 2026-01-25 17:31:49 +01:00
carla
b841c306fc
formatting 2026-01-25 17:31:49 +01:00
carla
0fe4a55e80
formatting and refactoring 2026-01-25 17:31:48 +01:00
carla
bf7e47ce5c
refactor 2026-01-25 17:31:42 +01:00
carla
04b0916c1e
refactor 2026-01-25 17:30:07 +01:00
carla
092fd99d48
fat: adds csv import live view to settings 2026-01-25 17:30:03 +01:00