5f13901ca5
security: remove is_system_role from public API
...
Remove is_system_role from accept lists in create_role and update_role
actions. This field should only be set via seeds or internal actions to
prevent users from creating unkillable roles through the public API.
2026-01-06 19:04:03 +01:00
f63405052f
feat: add get_role action to Authorization domain
...
Add get_role action for retrieving single role by ID through
code interface.
2026-01-06 18:37:35 +01:00
557eb4d27d
refactor: simplify system role deletion validation
...
Remove redundant action_type check since validation already
runs only on destroy actions. Add field to error for better
error handling.
2026-01-06 18:37:34 +01:00
12c08cabee
docs: clean up PermissionSets documentation
...
Remove issue number references from moduledoc
2026-01-06 18:14:19 +01:00
82ec4e565a
refactor: use UUIDv7 and improve Role validations
...
- Change id from uuid_primary_key to uuid_v7_primary_key
- Replace custom validation with built-in one_of validation
- Add explicit on_delete: :restrict for users foreign key
- Update postgres references configuration
2026-01-06 18:14:16 +01:00
4535551b8d
feat: add Role resource with validations
...
Create Role resource with name, description, permission_set_name,
and is_system_role fields. Add validations for permission_set_name
and system role deletion protection.
2026-01-06 17:18:32 +01:00
1b2927ce40
feat: create Authorization domain
...
Add Mv.Authorization domain with AshAdmin and AshPhoenix extensions.
Register domain in config for role management.
2026-01-06 17:18:30 +01:00
37d1655227
feat: add PermissionSets stub module for role validation
...
Add minimal PermissionSets module with all_permission_sets/0 function
to support permission_set_name validation in Role resource.
2026-01-06 17:18:29 +01:00
