mitgliederverwaltung

Author	SHA1	Message	Date
Moritz	8f3fd9d0d7	test: adapt tests for attribute-level default solution	2026-01-25 13:42:45 +01:00
Moritz	e7bf777be2	refactor: remove AssignDefaultRole change module The attribute-level default solution makes this change module obsolete. All role assignment is now handled via the role_id attribute's default function, which is more robust and works for all creation paths.	2026-01-25 13:42:35 +01:00
Moritz	a9b1d794d2	fix: bind role_name variable before using in Ash.Query.filter Avoid macro pinning issues by binding role_data.name to role_name before using it in the filter query.	2026-01-25 13:42:28 +01:00
Moritz	e982271880	fix: improve migration to create 'Mitglied' role if missing Make migration more robust by creating the 'Mitglied' role if it doesn't exist, ensuring it works regardless of seed execution order.	2026-01-25 13:42:19 +01:00
Moritz	6ad777860d	feat: implement attribute-level default for role_id assignment Replace action-level changes with attribute default function to ensure all users get the 'Mitglied' role regardless of creation path.	2026-01-25 13:41:46 +01:00
Moritz	21b63cbe86	Add comprehensive tests for default role assignment All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-24 19:16:57 +01:00
Moritz	3b5b5044fb	Add test support for default role assignment	2026-01-24 19:16:43 +01:00
Moritz	9557d8ae6b	Update seeds to create all 5 authorization roles	2026-01-24 19:16:35 +01:00
Moritz	0dbbc96353	Integrate AssignDefaultRole change into user creation actions	2026-01-24 19:16:20 +01:00
Moritz	4b10fd2702	Add AssignDefaultRole change for automatic role assignment - Assigns 'Mitglied' role to new users if no role is set	2026-01-24 19:15:56 +01:00
Moritz	5c0786ebca	Fix HasPermission check to handle nil member_id gracefully	2026-01-24 19:15:46 +01:00
Moritz	403eda3908	Add Role helper function and create_role_with_system_flag action - Add get_mitglied_role/0 helper to avoid code duplication - Add create_role_with_system_flag action for seeds/migrations - Allows setting is_system_role flag (required for 'Mitglied' role)	2026-01-24 19:15:05 +01:00
Moritz	c7e0181e02	Add migration to assign 'Mitglied' role to existing users	2026-01-24 19:14:51 +01:00
moritz	9fe872ee58	Merge pull request '[Refactor] Remove NoActor bypass' (#367 ) from refactor/remove_noactor into main All checks were successful continuous-integration/drone/push Build is passing Details Reviewed-on: #367	2026-01-24 14:56:44 +01:00
Moritz	ef6cf1b2d4	Remove unused allow_no_actor_bypass config option All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-24 11:59:39 +01:00
Moritz	b545d2b9e1	Remove NoActor module, improve Member validation, update docs	2026-01-24 11:59:18 +01:00
Moritz	71c13d0ac0	Fix missing actor parameters and restore AshAuthentication bypass tests All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-24 08:51:58 +01:00
Moritz	15a7c615d6	Fix rebase conflict: Add actor parameter to helper functions in index_test.exs All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-24 02:39:28 +01:00
Moritz	fcca4b0b89	Use admin_user instead of system_actor in LiveView tests	2026-01-24 02:21:10 +01:00
Moritz	195f1dbc88	Fix test db connections: increase pool size and timeout	2026-01-24 02:21:10 +01:00
Moritz	bebd7f6fe2	Fix tests: Remove redundant system_actor and update test descriptions	2026-01-24 02:21:09 +01:00
Moritz	d8187484b8	Fix tests: Add missing actor parameters to Ash operations	2026-01-24 02:21:09 +01:00
Moritz	b9d68a3417	Fix test helpers: Use actor parameter correctly	2026-01-24 02:21:09 +01:00
Moritz	c5a48d8801	Fix tests: Remove duplicate actor keyword arguments	2026-01-24 02:21:09 +01:00
Moritz	9e20766ef2	Use authorize?: false for integrity checks in validations	2026-01-24 02:21:09 +01:00
Moritz	d9eb131d96	Update documentation: Remove NoActor bypass references	2026-01-24 02:21:08 +01:00
Moritz	0f48a9b15a	Add actor parameter to all tests requiring authorization This commit adds actor: system_actor to all Ash operations in tests that require authorization.	2026-01-24 02:21:02 +01:00
Moritz	686f69c9e9	Add authorize?: false to SystemActor bootstrap operations - Role lookup and creation (find_admin_role, create_admin_role) - System user creation and role assignment - Role loading during initialization	2026-01-24 02:12:31 +01:00
Moritz	e72b7ab2e8	Remove NoActor bypass from User and Member policies This removes the NoActor bypass that was masking authorization bugs in tests. All operations now require an explicit actor for authorization.	2026-01-24 02:12:31 +01:00
simon	b6992f8488	Merge pull request 'Add boolean custom field filters to member overview closes #309 ' (#362 ) from feature/filter-boolean-custom-fields into main All checks were successful continuous-integration/drone/push Build is passing Details Reviewed-on: #362	2026-01-23 14:53:05 +01:00
Simon	1b44730b95	Fix: Ensure members are loaded in handle_params when signature unchanged All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-23 14:48:37 +01:00
Simon	672b4a8250	Merge branch 'main' into feature/filter-boolean-custom-fields Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:41:48 +01:00
Simon	20c96123e1	fix: failing test Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:33:54 +01:00
Simon	1d46fd1baf	feat: improve filter performance by reducing Ash.read! calls Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:22:57 +01:00
Simon	b4657cae23	fix: resolve pr remarks	2026-01-23 14:00:18 +01:00
Moritz	c98ad4085a	docs: add authorization bootstrap patterns section All checks were successful continuous-integration/drone/push Build is passing Details Document the three authorization bypass mechanisms and when to use each: - NoActor (test-only bypass) - system_actor (systemic operations) - authorize?: false (bootstrap scenarios)	2026-01-23 02:53:20 +01:00
Moritz	41e342a1d6	Fix OIDC account linking by using SystemActor in LinkOidcAccountLive All checks were successful continuous-integration/drone/push Build is passing Details - Add SystemActor to all Ash operations in LinkOidcAccountLive - Enables user lookup, reload, and oidc_id linking during OIDC flow - User is not yet logged in during linking, so SystemActor provides authorization	2026-01-23 02:14:59 +01:00
Moritz	bad4e5ca7c	Fix OIDC login by using SystemActor in OidcEmailCollision validation - Add SystemActor to Ash.read_one() calls in OidcEmailCollision validation - Prevents authorization failures during OIDC registration when no actor is logged in - Enables proper email collision detection and account linking flow	2026-01-23 02:12:53 +01:00
Moritz	079d270768	Fix authorization bypass in seeds and validations All checks were successful continuous-integration/drone/push Build is passing Details - Add authorize?: false to all bootstrap operations in seeds.exs - Fix user-linking validation to respect authorize? context flag - Prevents authorization errors during initial setup when no actor exists yet	2026-01-23 02:08:11 +01:00
moritz	67b5d623cf	Merge pull request 'User Resource Policies closes #363 ' (#364 ) from feature/363_user_policies into main All checks were successful continuous-integration/drone/push Build is passing Details Reviewed-on: #364	2026-01-22 23:24:36 +01:00
Moritz	427608578f	Restrict Actor.ensure_loaded to Mv.Accounts.User only All checks were successful continuous-integration/drone/push Build is passing Details Pattern match on %Mv.Accounts.User{} instead of generic actor. Clearer intention, prevents accidental authorization bypasses. Non-User actors are returned as-is (no-op).	2026-01-22 23:17:55 +01:00
Moritz	d114554d52	Fix remaining runtime guard references in CODE_GUIDELINES Remove mentions of runtime guards - only compile-time config is used. Clarify that production safety comes from config defaults.	2026-01-22 23:12:33 +01:00
Moritz	f32324d942	Update CODE_GUIDELINES for Application.compile_env pattern All checks were successful continuous-integration/drone/push Build is passing Details Replace Mix.env example with config-based approach. Remove outdated runtime guard documentation.	2026-01-22 23:05:00 +01:00
Moritz	f6096e194f	Remove skipped get_by_subject test, add explanation Test removed - JWT flow tested via AshAuthentication integration. Direct test would require JWT mocking without value.	2026-01-22 23:04:58 +01:00
Moritz	f3abade7ad	Add authorize?: false to Actor.ensure_loaded SECURITY: Skip authorization for role loading to avoid circular dependency. Actor loads their OWN role, needed for authorization itself. Documented why this is safe.	2026-01-22 23:04:56 +01:00
Moritz	e60bb6926f	Remove unused PolicyHelpers macro and PolicyConsistency test All checks were successful continuous-integration/drone/push Build is passing Details Dead code - macro was never used in codebase. PolicyConsistency test will be replaced with better implementation.	2026-01-22 22:37:09 +01:00
Moritz	f2def20fce	Add centralized Actor.ensure_loaded helper Consolidate role loading logic from HasPermission and LiveHelpers. Use Ash.Resource.Info.resource? for reliable Ash detection.	2026-01-22 22:37:07 +01:00
Moritz	05c71132e4	Replace NoActor runtime Mix.env with compile-time config Use Application.compile_env for release-safety. Config only set in test.exs (defaults to false).	2026-01-22 22:37:04 +01:00
Moritz	811a276d92	Update documentation for User credentials strategy All checks were successful continuous-integration/drone/push Build is passing Details Clarify that User.update :own is handled by HasPermission. Fix file path references from lib/mv/accounts to lib/accounts.	2026-01-22 21:36:22 +01:00
Moritz	d97f6f4004	Add policy consistency tests Enforce User.update :own across all permission sets. Verify READ bypass + UPDATE HasPermission pattern.	2026-01-22 21:36:19 +01:00

1 2 3 4 5 ...

1062 commits