local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
1171 commits 13 branches 0 tags 7.9 MiB
Commit graph

1171 commits

This branch
This branch
All branches
Author SHA1 Message Date
Moritz
d114554d52 Fix remaining runtime guard references in CODE_GUIDELINES 
Remove mentions of runtime guards - only compile-time config is used.
Clarify that production safety comes from config defaults.
 2026-01-22 23:12:33 +01:00
Moritz
f32324d942 Update CODE_GUIDELINES for Application.compile_env pattern
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Replace Mix.env example with config-based approach.
Remove outdated runtime guard documentation.
 2026-01-22 23:05:00 +01:00
Moritz
f6096e194f Remove skipped get_by_subject test, add explanation 
Test removed - JWT flow tested via AshAuthentication integration.
Direct test would require JWT mocking without value.
 2026-01-22 23:04:58 +01:00
Moritz
f3abade7ad Add authorize?: false to Actor.ensure_loaded 
SECURITY: Skip authorization for role loading to avoid circular dependency.
Actor loads their OWN role, needed for authorization itself.
Documented why this is safe.
 2026-01-22 23:04:56 +01:00
Moritz
e60bb6926f Remove unused PolicyHelpers macro and PolicyConsistency test
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Dead code - macro was never used in codebase.
PolicyConsistency test will be replaced with better implementation.
 2026-01-22 22:37:09 +01:00
Moritz
f2def20fce Add centralized Actor.ensure_loaded helper 
Consolidate role loading logic from HasPermission and LiveHelpers.
Use Ash.Resource.Info.resource? for reliable Ash detection.
 2026-01-22 22:37:07 +01:00
Moritz
05c71132e4 Replace NoActor runtime Mix.env with compile-time config 
Use Application.compile_env for release-safety.
Config only set in test.exs (defaults to false).
 2026-01-22 22:37:04 +01:00
Moritz
811a276d92 Update documentation for User credentials strategy
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Clarify that User.update :own is handled by HasPermission.
Fix file path references from lib/mv/accounts to lib/accounts.
 2026-01-22 21:36:22 +01:00
Moritz
d97f6f4004 Add policy consistency tests 
Enforce User.update :own across all permission sets.
Verify READ bypass + UPDATE HasPermission pattern.
 2026-01-22 21:36:19 +01:00
Moritz
a834bdc4ff Add PolicyHelpers macro for standard user policies 
Encapsulate two-tier policy pattern (bypass + HasPermission).
Promote consistency across resource policy definitions.
 2026-01-22 21:36:18 +01:00
Moritz
7d0f5fde86 Replace for comprehension with explicit describe blocks 
Fix Credo parsing error by removing for comprehension.
Duplicate tests for own_data, read_only, normal_user sets.
 2026-01-22 21:36:16 +01:00
Moritz
47c938cc50 Centralize role preloading in global LiveView on_mount 
Add ensure_user_role_loaded to global live_view quote block.
Remove redundant on_mount calls from individual LiveViews.
 2026-01-22 21:36:15 +01:00
Moritz
797452a76e Shorten User policy comments to state what only 
Move why explanations to documentation files.
Keep policy comments concise and focused.
 2026-01-22 21:36:12 +01:00
Moritz
f1e6a1e9db Clarify User.update :own in permission sets 
Add explicit comments explaining why all permission sets
grant User.update with scope :own for password changes.
 2026-01-22 21:36:11 +01:00
Moritz
56144a7696 Add role loading fallback to HasPermission check 
Extract ash_resource? helper to reduce nesting depth.
Add ensure_role_loaded fallback for unloaded actor roles.
 2026-01-22 21:36:10 +01:00
Moritz
93216f3ee6 Harden NoActor check with runtime environment guard 
Add Mix.env() check to match?/3 for defense in depth.
Document NoActor pattern in CODE_GUIDELINES.md.
 2026-01-22 21:36:09 +01:00
Moritz
5506b5b2dc docs(auth): document User policies and bypass pattern
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add bypass vs HasPermission pattern documentation
Update architecture and implementation plan docs
 2026-01-22 19:19:27 +01:00
Moritz
63d8c4668d test(auth): add User policies test suite 
31 tests covering all 4 permission sets and bypass scenarios
Update HasPermission tests to expect false for scope :own without record
 2026-01-22 19:19:25 +01:00
Moritz
429042cbba feat(auth): add User resource authorization policies 
Implement bypass for READ + HasPermission for UPDATE pattern
Extend HasPermission check to support User resource scope :own
 2026-01-22 19:19:22 +01:00
moritz
a9f9cab96a Merge pull request 'System Actor Mode for Systemic Flows closes #348' (#361) from feature/348_system_actor into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #361
 2026-01-21 08:36:39 +01:00
Moritz
d07f1984cd Move require Logger to module level
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Move require Logger statements from function/case level to module level
for better code organization and consistency with Elixir best practices
 2026-01-21 08:35:34 +01:00
Moritz
1c5bd04661
Update gettext translations for new UI strings
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-21 08:09:34 +01:00
Moritz
b0ddf99117 Add admin authorization check for regenerate cycles button 
Restrict UI access to cycle regeneration to administrators only
to prevent policy bypass via user interface
 2026-01-21 08:02:38 +01:00
Moritz
ea399612be Make system actor email configurable via SYSTEM_ACTOR_EMAIL 
Allow system user email to be configured via environment variable
with fallback to default 'system@mila.local'
 2026-01-21 08:02:35 +01:00
Moritz
7e9de8e95b Add logging for fail-open email uniqueness validations 
Log warnings when query errors occur in email uniqueness checks
to improve visibility of data integrity issues
 2026-01-21 08:02:33 +01:00
Moritz
5c3657fed1 Use SystemActor opts for cycle deletion operations 
Pass actor_opts to delete_cycles/1 to ensure proper authorization
when MembershipFeeCycle policies are enforced
 2026-01-21 08:02:32 +01:00
Moritz
006b1aaf06 Replace Mix.env() with Config.sql_sandbox?() in SystemActor 
Use Application config instead of Mix.env() to prevent
runtime crashes in production releases where Mix is not available
 2026-01-21 08:02:31 +01:00
Simon
a92f503752
fix: credo warning
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-21 01:24:43 +01:00
Simon
4b67039a78
test: add more filter component tests
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-21 01:14:26 +01:00
Simon
f996aee6b2
feat: add new filter component to members view
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-21 00:47:01 +01:00
Moritz
5eadd5f090 Refactor test setup into helper functions
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Extract setup code into reusable helper functions to reduce
duplication and improve maintainability.
 2026-01-20 23:16:40 +01:00
Moritz
c5bd58e7d3 Add @spec type annotations to SystemActor functions 
Add type specifications for all private functions to improve
static analysis with Dialyzer and documentation quality.
 2026-01-20 23:16:39 +01:00
Moritz
a3cf8571ff Document System Actor pattern in code guidelines 
Add section explaining when and how to use system actor for systemic operations.
Include examples and distinction between user mode and system mode.
 2026-01-20 22:10:11 +01:00
Moritz
f1bb6a0f9a Add tests for System Actor helper 
Test system actor retrieval, caching, fallback behavior,
and auto-creation in test environment.
 2026-01-20 22:09:21 +01:00
Moritz
c64b74588f Use system actor for cycle generation 
Update cycle generator, member hooks, and job to use system actor.
Remove actor parameters as cycle generation is a mandatory side effect.
 2026-01-20 22:09:20 +01:00
Moritz
f0169c95b7 Use system actor for email uniqueness validation 
Update email validation modules to use system actor for queries.
This ensures data integrity checks always run regardless of user permissions.
 2026-01-20 22:09:19 +01:00
Moritz
8acd92e8d4 Use system actor for email synchronization 
Update email sync loader and changes to use system actor instead of user actor.
This ensures email sync always works regardless of user permissions.
 2026-01-20 22:09:18 +01:00
Moritz
d993bd3913 Create system user in seeds 
Add system@mila.local user with admin role for systemic operations.
This user is used by SystemActor helper for mandatory side effects.
 2026-01-20 22:09:17 +01:00
Moritz
ddb1252831 Add System Actor helper for systemic operations 
Introduce Mv.Helpers.SystemActor module with lazy loading
for operations that must always run regardless of user permissions.
System actor has admin role and auto-creates in test environment.
 2026-01-20 22:09:16 +01:00
Simon
1011b94acf
feat: load boolean custom fields
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-20 19:12:13 +01:00
Simon
fbf3b64192
refactor: fix credo issues
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-20 18:34:17 +01:00
Simon
01dea8bb8b
Merge branch 'main' into feature/filter-boolean-custom-fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-20 18:13:20 +01:00
Simon
ff8b29cffe
feat: implement filter logic for boolean ustom fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-20 18:08:41 +01:00
moritz
264323504f Merge pull request 'Small refactoring' (#360) from refactor into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #360
 2026-01-20 17:59:22 +01:00
Moritz
2dc0bce8cb
chore: rm todo list
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-20 17:04:42 +01:00
Simon
d65da2f498
test: add tdd tests for custom boolean field filter logic
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2026-01-20 17:03:58 +01:00
Moritz
235154a102 test: Remove outdated TODO for auto-assignment feature
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
Auto-assignment of default membership fee type is already implemented
via SetDefaultMembershipFeeType change. Test assertion is now active.
 2026-01-20 16:33:50 +01:00
Moritz
c6dd0cd09d i18n: Add missing German translations for member form errors 
- Add translations for validation error messages
- Add translations for save failure messages
 2026-01-20 16:30:43 +01:00
Moritz
0d8141837e
chore: update gettext 2026-01-20 16:15:01 +01:00
Moritz
433f008af8 refactor: Reduce function complexity and nesting depth 
- Extract helper functions from process_chunk to reduce nesting
- Extract format_error_message from extract_changeset_error
- Split extract_error_message into smaller functions to reduce complexity
- Fixes Credo refactoring opportunities
 2026-01-20 16:05:32 +01:00