local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
1159 commits 13 branches 0 tags 7.9 MiB
Commit graph

1159 commits

This branch
This branch
All branches
Author SHA1 Message Date
Moritz
f779fd61e0
Gate sidebar menu items by can_access_page? 
Members, Fee Types and Administration subitems only shown when user
has page permission. Add admin_menu_visible? helper. Sidebar test
uses admin user so menu items render.
 2026-02-03 16:56:52 +01:00
Moritz
cc9e530d80
Add User LiveView authorization tests 
Covers admin, read_only, member, normal_user for Index and Show.
Asserts New User / Edit / Delete visibility and redirect for non-admin.
 2026-02-03 16:56:51 +01:00
Moritz
2f67c7099d
Apply UI authorization to User LiveViews (Index and Show) 
Gate New User button, Edit and Delete links with can?/3.
Edit button on User Show visible only when user can update the user.
 2026-02-03 16:56:51 +01:00
Moritz
5e361ba400
Add Member LiveView authorization tests 
Covers read_only, normal_user, admin, own_data for Index and Show.
Asserts New Member / Edit / Delete visibility and redirect for Mitglied.
 2026-02-03 16:56:51 +01:00
Moritz
505e31653a
Apply UI authorization to Member LiveViews (Index and Show) 
Gate New Member button, Edit and Delete links with can?/3.
Edit button on Member Show visible only when user can update the member.
 2026-02-03 16:56:51 +01:00
moritz
d3ad7c5013 Merge pull request 'Member Email Validation for Linked Members closes #397' (#399) from feature/397_emailsync_permission into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #399
 2026-02-03 16:35:40 +01:00
Moritz
131904f172
Test: assert on error field :email instead of message string
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-03 16:07:47 +01:00
Moritz
47b6a16177
Doc: Actor maybe_load_role comment; ActorIsAdmin system user = admin 2026-02-03 16:07:39 +01:00
Moritz
60a4181255
Validation: error message admin or linked user; resolve_actor fallback 2026-02-03 16:07:26 +01:00
Moritz
4e6b7305b6
Doc: Loader auth-independent for link checks; email-sync rule rationale 2026-02-03 16:07:13 +01:00
Moritz
4ea31f0f37 Add email-change permission validation for linked members
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Only admins or the linked user may change a linked member's email.
- New validation EmailChangePermission (uses Actor.admin?, Loader.get_linked_user).
- Register on Member update_member; docs and gettext.
 2026-02-03 14:35:32 +01:00
Moritz
ad02f8914f Use EmailSync.Loader.get_linked_user in EmailNotUsedByOtherUser 
Remove duplicate get_linked_user_id; reuse Loader for linked user lookup.
 2026-02-03 14:35:08 +01:00
Moritz
3d46ba655f Add Actor.permission_set_name/1 and admin?/1 for consistent capability checks 
- Actor.permission_set_name(actor) returns role's permission set (supports nil role load).
- Actor.admin?(actor) returns true for system user or admin permission set.
- ActorIsAdmin policy check delegates to Actor.admin?/1.
 2026-02-03 14:34:24 +01:00
carla
c998d14b95 Merge pull request 'Implements custom field CSV import closes #338' (#395) from feature/338_import_custom_fields into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #395
 2026-02-02 17:05:29 +01:00
carla
960506d16a refactoring
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-02 16:56:07 +01:00
carla
aef3aa299f fix test
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-02 15:04:07 +01:00
carla
b21c3df7ef refactoring 2026-02-02 14:34:12 +01:00
carla
71db9cf3c1 formatting
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:54:27 +01:00
carla
9e27de84cb Merge branch 'main' into feature/338_import_custom_fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:46:05 +01:00
carla
c56ca68922 docs: update docs
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:42:24 +01:00
carla
f5591c392a i18n: add translation 2026-02-02 13:42:16 +01:00
carla
aab5666f46 Merge pull request 'Adds config for import limits closes #336' (#394) from feature/336_import_auth into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #394
 2026-02-02 13:15:22 +01:00
carla
12715f3d85 refactoring 2026-02-02 13:07:08 +01:00
carla
86a3c4e50e tests: add tests for import 2026-02-02 13:07:00 +01:00
carla
3f8797c356 feat: import custom fields via CSV 2026-02-02 11:42:07 +01:00
carla
ce6240133d i18n: update translations
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-02-02 10:23:49 +01:00
carla
4997819c73 feat: validate config 2026-02-02 10:22:21 +01:00
carla
b6d53d2826 refactor: add test to seperate async false module 2026-02-02 10:22:05 +01:00
carla
e74154581c feat: changes UI info based on config for limits 2026-02-02 10:10:02 +01:00
carla
d61a939deb formatting
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-02-02 09:50:47 +01:00
carla
3f551c5f8d feat: add configs for impor tlimits
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 09:49:13 +01:00
carla
9fd617e45a tests: add tests for config 2026-02-02 09:48:37 +01:00
moritz
b9dd990f52 Merge pull request 'Page Permission Router Plug closes #388' (#390) from feature/388_page_permissions into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #390
 2026-01-30 12:19:58 +01:00
Moritz
f8f6583679 PermissionSetsTest: assert /users/:id instead of /profile in pages
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is passing
Details 
Profile is reachable at /users/:id; /profile was removed from PermissionSets.
 2026-01-30 11:37:34 +01:00
Moritz
6e13a3aa34
Docs: note User-Member Linking enforcement in code
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details 
- update_user restricted via ActorIsAdmin; Form gates Member-Linking UI
 2026-01-30 11:28:41 +01:00
Moritz
cf6bd4a6a1 UserPoliciesTest: use :update for non-admin own-email and forbid-other 
- own_data, read_only, normal_user: can update own email via :update
- cannot update other users: use :update (scope :own forbids)
 2026-01-30 11:13:34 +01:00
Moritz
06d6531569 UserLive.Form: gate Member-Linking to admin, use :update for non-admin 
- Show Member-Linking UI only when can_manage_member_linking (admin)
- perform_member_link_action runs only for admin
- assign_form: non-admin uses :update (email), admin uses :update_user
- Load members for linking only when can_manage_member_linking
 2026-01-30 11:13:28 +01:00
Moritz
14fa873640 Restrict User.update_user to admin; allow :update for email only 
- Add ActorIsAdmin policy check (admin permission set only)
- User: policy action(:update_user) forbid_unless + authorize_if ActorIsAdmin
- User: primary :update action accept [:email] for non-admin profile edit
 2026-01-30 11:13:23 +01:00
Moritz
faee780aab Tests: read_only/normal_user /users/:id, Ash.read! actor, Authorization own/other
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Integration: read_only and normal_user GET /users/:id (own) and edit/show/edit return 200
- Integration: read_only GET /users/:id (other) redirects
- Plug test: use group_fixture in setup instead of Ash.read!() without actor
- Authorization: tests for own/other profile and reserved 'new'
 2026-01-30 10:22:34 +01:00
Moritz
a1fe36b7f2 Delegate can_access_page? to CheckPagePermission 
- UI uses same rules as plug (reserved 'new', own/linked path checks)
 2026-01-30 10:22:31 +01:00
Moritz
ea1d01fcea Docs: align route matrix with PermissionSets, add Role-Load note 
- Table: own_data/read_only/normal_user /users/:id and edit/show/edit; members edit/show/edit
- Integration test sections updated for read_only and normal_user
- Add note on plug reloading role and member_id when needed
 2026-01-30 10:22:30 +01:00
Moritz
d318dad612 Add /users/:id (own) and /members/:id/show/edit for redirect and normal_user 
- read_only and normal_user: allow /users/:id, /users/:id/edit, /users/:id/show/edit (own only)
- normal_user: allow /members/:id/show/edit
- Fixes redirect loop when sidebar links to profile
 2026-01-30 10:22:27 +01:00
Moritz
3a7e4000c0
fix: fix warning of unused variable in UserLive.IndexTest
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-30 00:13:40 +01:00
Moritz
28d134b2b0
chore: remove unused aliases in tests
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details 
- Drop unused Member alias from membership and membership_fees test files.
 2026-01-30 00:00:33 +01:00
Moritz
f66cd2933a
docs: add page permission route and test coverage 
- page-permission-route-coverage.md: route matrix, test coverage per role,
  reserved segments.
 2026-01-30 00:00:33 +01:00
Moritz
b55f356762
fix: handle nil member in MembershipFeeHelpers 
- get_last_completed_cycle/2 and get_current_cycle/2 return nil when member is nil.
- Avoids FunctionClauseError when MemberLive.Show receives no member (e.g. after
  redirect or policy filter). Add unit tests for nil member.
 2026-01-30 00:00:32 +01:00
Moritz
ad00e8e7b6
test: add page permission tests and ConnCase role tags 
- ConnCase: add :read_only and :normal_user role tags for tests.
- Add CheckPagePermission plug tests (unit + integration for member, read_only,
  normal_user, admin). Update permission_sets_test (refute "/" for own_data).
- Profile navigation, global_settings, role_live, membership_fee_type: use
  users with role for "/" access; expect redirect for own_data on /settings
  and /admin/roles.
 2026-01-30 00:00:32 +01:00
Moritz
626e8a872e
feat: restrict own_data to profile and linked member pages 
- Remove "/" from own_data pages (Mitglied redirected to profile at root).
- Add /users/:id, /users/:id/edit, /users/:id/show/edit and member edit pages
  for own_data so members can access own profile and linked member only.
 2026-01-30 00:00:31 +01:00
Moritz
b10b9c893c
feat: add CheckPagePermission plug for page-level authorization 
- Plug checks PermissionSets page list; redirects unauthorized to profile or sign-in.
- Router: add plug to :browser pipeline; LiveHelpers: check_page_permission_on_params
  for client-side navigation (push_patch).
 2026-01-30 00:00:31 +01:00
simon
d7f6d1c03c Merge pull request 'Change Logo closes #385' (#389) from feature/385-mila-logo into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #389
 2026-01-29 16:20:34 +01:00