- Replace Ash.get!/Ash.destroy! with Ash.get/Ash.destroy
- Add case statements for Forbidden, NotFound, and generic errors
- Display user-friendly flash messages for all error cases
- Use Enum.map_join/3 for efficient error formatting
- Replace AshPhoenix.Form.submit with submit_form/3 wrapper
- Import current_actor and submit_form from LiveHelpers
- Consistent actor handling in all form submissions
- Replace if actor, do: [actor: actor], else: [] with Mv.Helpers.ash_actor_opts/1
- Update email_sync/loader.ex, member validations, member.ex, cycle_generator.ex
- Consistent actor handling across non-LiveView modules
- Add Mv.Helpers module with ash_actor_opts/1 helper
- Add current_actor/1 with @spec to LiveHelpers
- Add ash_actor_opts/1 delegate and submit_form/3 wrapper to LiveHelpers
- Standardize actor access pattern across LiveViews
Extract actor from changeset context and pass it to all email sync
loader functions to ensure proper authorization when loading linked
users and members.
- Add on_mount hook to ensure user role is loaded in all Member LiveViews
- Pass actor parameter to all Ash operations (read, get, create, update, destroy, load)
- Use user.id instead of user_id for Member linked scope
- Use member.user.id for CustomFieldValue linked scope
- Add lazy logger evaluation
- Improve action nil handling
- Add integration tests for filter expressions
Replace Elixir-side counting with Ecto GROUP BY COUNT query for
better performance. This avoids loading all users into memory and
performs the aggregation directly in the database.
Add opts_with_actor helper function to reduce duplication when building
Ash options with actor and domain. Improve format_error documentation
and ensure consistent error message formatting.
Use ~p verified routes instead of string paths in navbar template.
Update can_access_page? to handle both string and verified route paths
for better type safety.
Extract format_error and permission_set_badge_class functions into
MvWeb.RoleLive.Helpers module to eliminate code duplication between
Index and Show LiveViews.
Add actor and domain parameters to recalculate_user_count and
load_user_count to ensure consistent authorization. Clarify that
load_user_count is for initial display while recalculate_user_count
is for fresh count before deletion.
Add actor parameter to load_user_counts and recalculate_user_count
in Index LiveView to ensure consistent authorization and policy
enforcement. Also add domain parameter for clarity.
Move duplicate ensure_user_role_loaded logic into MvWeb.LiveHelpers
on_mount hook to eliminate code duplication across RoleLive modules
and centralize security-related user role loading.
- Convert Settings menu item to dropdown (similar to Contributions)
- Add Global Settings and Roles as sub-items
- Update German translations: 'Global Settings' and 'Roles'
- Add Users column showing number of users assigned to each role
- Load user counts efficiently in single query to avoid N+1
- Similar implementation to membership fee types member count
- Add text labels to Edit and Delete buttons in index page
- Change button size from btn-xs to btn-sm for better visibility
- Add Delete button to show page for non-system roles
- Implement handle_event for delete in show page
- Add format_error helper to show page
Add complete CRUD interface for role management under /admin/roles.
- Index page with table showing name, description, permission_set_name, is_system_role
- Show page for role details
- Form component for create/edit with permission_set_name dropdown
- System role badge and disabled delete button
- Flash messages for success/error
- Authorization checks using MvWeb.Authorization helpers
- Comprehensive test coverage (22 tests)
Routes added under /admin scope. All LiveViews load user role
for authorization checks. Form uses custom dropdown for permission sets.
Implement MvWeb.Authorization module with can?/3 and can_access_page?/2
functions for conditional rendering in LiveView templates.
- can?/3 supports both resource atoms and record structs with scope checking
- can_access_page?/2 checks page access permissions
- All functions use PermissionSets module for consistency with backend
- Graceful handling of nil users and invalid permission sets
- Comprehensive test coverage with 17 test cases
