b7f37c80bd
Prevent deletion of system actor user
...
Add destroy validation and explicit destroy action (primary, require_atomic? false).
Validation blocks destroy when email == SystemActor.system_user_email().
2026-01-27 17:39:04 +01:00
5df1da1573
Merge branch 'main' into feature/371-groups-resource
continuous-integration/drone/push Build is passing
2026-01-27 17:16:34 +01:00
e92c98b559
refactor: fix review issues - member_count aggregate, migration down, docs, actor handling
continuous-integration/drone/push Build is passing
2026-01-27 17:09:07 +01:00
fc8306cfee
test: resolve warnings
continuous-integration/drone/push Build is passing
2026-01-27 16:38:17 +01:00
4d3a249b0c
HasPermission: remove unused _authorizer from strict_check helper
2026-01-27 16:07:01 +01:00
3f95a2dd84
CustomFieldValue: remove unused require Ash.Query
2026-01-27 16:07:01 +01:00
7153af23ee
CustomFieldValueCreateScope: use get_argument_or_attribute for member_id
...
- Read member_id via Ash.Changeset.get_argument_or_attribute/2 so it works
when set as attribute or argument
- Remove unused require Logger
- Document member_id source in moduledoc
2026-01-27 16:07:01 +01:00
bf2d0352c1
Add authorization policies to CustomFieldValue resource
...
- Authorizer and policies: bypass for read (member_id == actor.member_id),
CustomFieldValueCreateScope for create, HasPermission for read/update/destroy.
- HasPermission: pass authorizer into strict_check helper; document that create
must use a dedicated check (no filter).
2026-01-27 16:07:01 +01:00
c7c6b318ac
Add CustomFieldValueCreateScope check for create actions
...
Ash cannot apply filters to create; this check enforces :linked/:all scope
via strict_check only (no filter).
2026-01-27 16:07:01 +01:00
8f5f69744c
Add CustomFieldValue create/destroy :linked to own_data permission set
...
Allows members to create and delete custom field values for their linked member.
2026-01-27 16:07:01 +01:00
6db64bf996
feat: add groups resource #371
continuous-integration/drone/push Build is failing
2026-01-27 16:03:21 +01:00
5195fd0d45
Fix missing max_errors assign in GlobalSettingsLive
...
continuous-integration/drone/push Build is passing
Set max_errors as socket assign in mount/3 to make it
available in templates. Fixes KeyError in CSV import UI.
2026-01-25 18:36:33 +01:00
1d0ac6d280
Improve CSV import error messages
...
Include email address in duplicate email error messages.
Add German translation for email uniqueness errors.
Ensure locale is set for translations in async tasks.
2026-01-25 18:33:28 +01:00
5acb5e304d
Fix CSV upload file reading
...
Handle consume_uploaded_entries returning [content] directly
instead of [{:ok, content}]. Add locale support for translations
in background tasks.
2026-01-25 18:33:27 +01:00
562265f212
Security: Require actor parameter in CSV import
...
Remove fallback to system_actor in process_chunk to prevent
unauthorized access. Actor must now be explicitly provided.
2026-01-25 18:33:25 +01:00
79361c72d2
fix tests and linting
2026-01-25 17:31:49 +01:00
b841c306fc
formatting
2026-01-25 17:31:49 +01:00
0fe4a55e80
formatting and refactoring
2026-01-25 17:31:48 +01:00
bf7e47ce5c
refactor
2026-01-25 17:31:42 +01:00
04b0916c1e
refactor
2026-01-25 17:30:07 +01:00
092fd99d48
fat: adds csv import live view to settings
2026-01-25 17:30:03 +01:00
bdd2e6e103
Fix: Don't cache nil in default_role_id to prevent bootstrap issues
...
continuous-integration/drone/push Build is passing
- Only cache non-nil role_id values to allow retry after role creation
- Prevents processes from being permanently stuck with nil if first call
happens before the 'Mitglied' role exists
- Update documentation to explain bootstrap safety mechanism
2026-01-25 17:11:05 +01:00
2d446f63ea
Add NOT NULL constraint to users.role_id and optimize default_role_id
...
continuous-integration/drone/push Build is passing
- Add database-level NOT NULL constraint for users.role_id
- Update SystemActor tests to verify NOT NULL constraint enforcement
- Add process dictionary caching for default_role_id/0 to reduce DB queries
2026-01-25 17:04:48 +01:00
86c8b23c77
chore: increase test timeout and cleanup unused code
continuous-integration/drone/push Build is passing
2026-01-25 13:42:54 +01:00
e7bf777be2
refactor: remove AssignDefaultRole change module
...
The attribute-level default solution makes this change module obsolete.
All role assignment is now handled via the role_id attribute's default
function, which is more robust and works for all creation paths.
2026-01-25 13:42:35 +01:00
6ad777860d
feat: implement attribute-level default for role_id assignment
...
Replace action-level changes with attribute default function to ensure
all users get the 'Mitglied' role regardless of creation path.
2026-01-25 13:41:46 +01:00
0dbbc96353
Integrate AssignDefaultRole change into user creation actions
2026-01-24 19:16:20 +01:00
4b10fd2702
Add AssignDefaultRole change for automatic role assignment
...
- Assigns 'Mitglied' role to new users if no role is set
2026-01-24 19:15:56 +01:00
5c0786ebca
Fix HasPermission check to handle nil member_id gracefully
2026-01-24 19:15:46 +01:00
403eda3908
Add Role helper function and create_role_with_system_flag action
...
- Add get_mitglied_role/0 helper to avoid code duplication
- Add create_role_with_system_flag action for seeds/migrations
- Allows setting is_system_role flag (required for 'Mitglied' role)
2026-01-24 19:15:05 +01:00
b545d2b9e1
Remove NoActor module, improve Member validation, update docs
2026-01-24 11:59:18 +01:00
9e20766ef2
Use authorize?: false for integrity checks in validations
2026-01-24 02:21:09 +01:00
0f48a9b15a
Add actor parameter to all tests requiring authorization
...
This commit adds actor: system_actor to all Ash operations in tests that
require authorization.
2026-01-24 02:21:02 +01:00
686f69c9e9
Add authorize?: false to SystemActor bootstrap operations
...
- Role lookup and creation (find_admin_role, create_admin_role)
- System user creation and role assignment
- Role loading during initialization
2026-01-24 02:12:31 +01:00
e72b7ab2e8
Remove NoActor bypass from User and Member policies
...
This removes the NoActor bypass that was masking authorization bugs in tests.
All operations now require an explicit actor for authorization.
2026-01-24 02:12:31 +01:00
1b44730b95
Fix: Ensure members are loaded in handle_params when signature unchanged
continuous-integration/drone/push Build is passing
2026-01-23 14:48:37 +01:00
672b4a8250
Merge branch 'main' into feature/filter-boolean-custom-fields
continuous-integration/drone/push Build is failing
2026-01-23 14:41:48 +01:00
20c96123e1
fix: failing test
continuous-integration/drone/push Build is failing
2026-01-23 14:33:54 +01:00
1d46fd1baf
feat: improve filter performance by reducing Ash.read! calls
continuous-integration/drone/push Build is failing
2026-01-23 14:22:57 +01:00
b4657cae23
fix: resolve pr remarks
2026-01-23 14:00:18 +01:00
41e342a1d6
Fix OIDC account linking by using SystemActor in LinkOidcAccountLive
...
continuous-integration/drone/push Build is passing
- Add SystemActor to all Ash operations in LinkOidcAccountLive
- Enables user lookup, reload, and oidc_id linking during OIDC flow
- User is not yet logged in during linking, so SystemActor provides authorization
2026-01-23 02:14:59 +01:00
bad4e5ca7c
Fix OIDC login by using SystemActor in OidcEmailCollision validation
...
- Add SystemActor to Ash.read_one() calls in OidcEmailCollision validation
- Prevents authorization failures during OIDC registration when no actor is logged in
- Enables proper email collision detection and account linking flow
2026-01-23 02:12:53 +01:00
079d270768
Fix authorization bypass in seeds and validations
...
continuous-integration/drone/push Build is passing
- Add authorize?: false to all bootstrap operations in seeds.exs
- Fix user-linking validation to respect authorize? context flag
- Prevents authorization errors during initial setup when no actor exists yet
2026-01-23 02:08:11 +01:00
427608578f
Restrict Actor.ensure_loaded to Mv.Accounts.User only
...
continuous-integration/drone/push Build is passing
Pattern match on %Mv.Accounts.User{} instead of generic actor.
Clearer intention, prevents accidental authorization bypasses.
Non-User actors are returned as-is (no-op).
2026-01-22 23:17:55 +01:00
f3abade7ad
Add authorize?: false to Actor.ensure_loaded
...
SECURITY: Skip authorization for role loading to avoid circular dependency.
Actor loads their OWN role, needed for authorization itself.
Documented why this is safe.
2026-01-22 23:04:56 +01:00
e60bb6926f
Remove unused PolicyHelpers macro and PolicyConsistency test
...
continuous-integration/drone/push Build is passing
Dead code - macro was never used in codebase.
PolicyConsistency test will be replaced with better implementation.
2026-01-22 22:37:09 +01:00
f2def20fce
Add centralized Actor.ensure_loaded helper
...
Consolidate role loading logic from HasPermission and LiveHelpers.
Use Ash.Resource.Info.resource? for reliable Ash detection.
2026-01-22 22:37:07 +01:00
05c71132e4
Replace NoActor runtime Mix.env with compile-time config
...
Use Application.compile_env for release-safety.
Config only set in test.exs (defaults to false).
2026-01-22 22:37:04 +01:00
a834bdc4ff
Add PolicyHelpers macro for standard user policies
...
Encapsulate two-tier policy pattern (bypass + HasPermission).
Promote consistency across resource policy definitions.
2026-01-22 21:36:18 +01:00
47c938cc50
Centralize role preloading in global LiveView on_mount
...
Add ensure_user_role_loaded to global live_view quote block.
Remove redundant on_mount calls from individual LiveViews.
2026-01-22 21:36:15 +01:00
