local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 3 Projects 4 Releases Packages 1 Activity Actions
698 commits 17 branches 0 tags 7.6 MiB
Commit graph

698 commits

This branch
This branch
All branches
Author SHA1 Message Date
Moritz
a5081793b0
feat: assign admin role to admin user in seeds
Some checks failed
continuous-integration/drone/push Build is failing
Details 
- Create Admin role if it doesn't exist
- Assign Admin role to admin@mv.local user
- Remove separate create_admin_role script (integrated into seeds)
 2026-01-06 23:55:46 +01:00
Moritz
7b3362dc48
feat: add visible buttons with text for role CRUD operations 
- Add text labels to Edit and Delete buttons in index page
- Change button size from btn-xs to btn-sm for better visibility
- Add Delete button to show page for non-system roles
- Implement handle_event for delete in show page
- Add format_error helper to show page
 2026-01-06 23:48:36 +01:00
Moritz
8b43e121c1
fix: prefix unused view variable with underscore 
Fix compiler warning for unused variable in role_live_test.exs
 2026-01-06 23:36:34 +01:00
Moritz
8820ce6429
feat: implement role management LiveViews 
Add complete CRUD interface for role management under /admin/roles.

- Index page with table showing name, description, permission_set_name, is_system_role
- Show page for role details
- Form component for create/edit with permission_set_name dropdown
- System role badge and disabled delete button
- Flash messages for success/error
- Authorization checks using MvWeb.Authorization helpers
- Comprehensive test coverage (22 tests)

Routes added under /admin scope. All LiveViews load user role
for authorization checks. Form uses custom dropdown for permission sets.
 2026-01-06 23:36:26 +01:00
Moritz
c6b5b7a22e feat: add UI-level authorization helpers 
Implement MvWeb.Authorization module with can?/3 and can_access_page?/2
functions for conditional rendering in LiveView templates.

- can?/3 supports both resource atoms and record structs with scope checking
- can_access_page?/2 checks page access permissions
- All functions use PermissionSets module for consistency with backend
- Graceful handling of nil users and invalid permission sets
- Comprehensive test coverage with 17 test cases
 2026-01-06 22:34:21 +01:00
moritz
5253286722 Merge pull request 'PermissionSets Elixir Module (Hardcoded Permissions) closes #323' (#324) from feature/323_permissionsets into main
Some checks failed
continuous-integration/drone/push Build is failing
Details 
Reviewed-on: #324
 2026-01-06 22:20:18 +01:00
Moritz
18ec4bfd16 fix: add missing /custom_field_values/:id page to read_only and normal_user
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Add /custom_field_values/:id to read_only pages (users can view list, should also view details)
- Add /custom_field_values/:id to normal_user pages
- Refactor tests to reduce duplication (use for-comprehension for structure tests)
- Add tests for invalid input types in valid_permission_set?/1
- Update @spec for valid_permission_set?/1 to accept any() type
 2026-01-06 22:17:33 +01:00
Moritz
7845117fad refactor: improve error handling and documentation in PermissionSets
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Add explicit ArgumentError for invalid permission set names with helpful message
- Soften performance claim in documentation (intended to be constant-time)
- Add tests for error handling
- Improve maintainability with guard clause for invalid inputs
 2026-01-06 21:55:52 +01:00
Moritz
9b0d022767 fix: add missing /profile page to read_only and normal_user permission sets 
Both permission sets allow User:update :own, so users should be able
to access their profile page. This makes the implementation consistent
with the documentation and the logical permission model.
 2026-01-06 21:55:13 +01:00
Moritz
4bd08e85bb fix: use Enum.empty? instead of != [] to fix type warning
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Replace comparison with empty list using Enum.empty?/1 to satisfy
type checker and avoid redundant comparison warning
 2026-01-06 21:35:59 +01:00
Moritz
19a20635a7
docs: update documentation to use CustomFieldValue/CustomField instead of Property/PropertyType 2026-01-06 21:34:07 +01:00
Moritz
3a0fb4e84f
feat: implement PermissionSets module with all 4 permission sets 
- Add types for scope, action, resource_permission, permission_set
- Implement get_permissions/1 for all 4 sets (own_data, read_only, normal_user, admin)
- Implement valid_permission_set?/1 for string and atom validation
- Implement permission_set_name_to_atom/1 with error handling
 2026-01-06 21:33:39 +01:00
moritz
634d3bd446 Merge pull request 'Authorization Domain and Role Resource closes #321' (#322) from feature/321_authorization_domain into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #322
 2026-01-06 19:22:56 +01:00
Moritz
3265468bd6 test: update role tests for is_system_role API change
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Use Ash.Changeset.force_change_attribute to set is_system_role in tests
since it's no longer settable via public API. Remove unused nil clause
from error_message helper.
 2026-01-06 19:04:05 +01:00
Moritz
5f13901ca5 security: remove is_system_role from public API 
Remove is_system_role from accept lists in create_role and update_role
actions. This field should only be set via seeds or internal actions to
prevent users from creating unkillable roles through the public API.
 2026-01-06 19:04:03 +01:00
Moritz
73763b1f58 refactor: improve error_message test helper robustness
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Use Enum.reject for nil field case to explicitly filter errors
without field. Update test to use :is_system_role field since
validation error includes field.
 2026-01-06 18:44:04 +01:00
Moritz
ce1d5790a3 refactor: squash migrations into single authorization domain migration 
Combine initial authorization migration with UUIDv7 update into
one migration. Migration now creates roles table with UUIDv7
default and explicit on_delete: :restrict FK constraint.
 2026-01-06 18:37:39 +01:00
Moritz
c6a766377a refactor: improve error_message test helper 
Add pattern matching for nil field case to handle errors
without specific field (e.g., system role deletion).
 2026-01-06 18:37:38 +01:00
Moritz
deacc43030 docs: document FK constraint behavior for role relationship 
Add comment explaining on_delete: :restrict behavior for
users.role_id foreign key constraint.
 2026-01-06 18:37:37 +01:00
Moritz
f63405052f feat: add get_role action to Authorization domain 
Add get_role action for retrieving single role by ID through
code interface.
 2026-01-06 18:37:35 +01:00
Moritz
557eb4d27d refactor: simplify system role deletion validation 
Remove redundant action_type check since validation already
runs only on destroy actions. Add field to error for better
error handling.
 2026-01-06 18:37:34 +01:00
Moritz
9bb0fe5e37 test: add unit tests for Role validations 
Add tests for permission_set_name validation, system role
deletion protection, and name uniqueness constraints.
 2026-01-06 18:14:20 +01:00
Moritz
12c08cabee docs: clean up PermissionSets documentation 
Remove issue number references from moduledoc
 2026-01-06 18:14:19 +01:00
Moritz
402a78dd0a refactor: update migration for UUIDv7 and explicit FK constraint 
- Add on_delete: :restrict to users.role_id foreign key
- Update roles.id to use uuid_generate_v7() default
- Regenerate resource snapshots
 2026-01-06 18:14:18 +01:00
Moritz
82ec4e565a refactor: use UUIDv7 and improve Role validations 
- Change id from uuid_primary_key to uuid_v7_primary_key
- Replace custom validation with built-in one_of validation
- Add explicit on_delete: :restrict for users foreign key
- Update postgres references configuration
 2026-01-06 18:14:16 +01:00
Moritz
b569612a63 feat: add resource snapshots for roles and users
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add Ash resource snapshots generated during migration creation.
 2026-01-06 17:18:45 +01:00
Moritz
851d63f626 feat: add authorization domain migration 
Create roles table and add role_id to users table with indexes
and foreign key constraints.
 2026-01-06 17:18:34 +01:00
Moritz
90c32c2afd feat: add role relationship to User resource 
Add belongs_to :role relationship to User resource and register
Authorization domain in config.
 2026-01-06 17:18:33 +01:00
Moritz
4535551b8d feat: add Role resource with validations 
Create Role resource with name, description, permission_set_name,
and is_system_role fields. Add validations for permission_set_name
and system role deletion protection.
 2026-01-06 17:18:32 +01:00
Moritz
1b2927ce40 feat: create Authorization domain 
Add Mv.Authorization domain with AshAdmin and AshPhoenix extensions.
Register domain in config for role management.
 2026-01-06 17:18:30 +01:00
Moritz
37d1655227 feat: add PermissionSets stub module for role validation 
Add minimal PermissionSets module with all_permission_sets/0 function
to support permission_set_name validation in Role resource.
 2026-01-06 17:18:29 +01:00
moritz
f8da12ad08 Merge pull request 'chore(deps): update postgres to v18 (major)' (#256) from renovate/major-postgres into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #256
 2026-01-06 16:06:31 +01:00
Renovate Bot
c2ac73e16c chore(deps): update postgres to v18
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2026-01-06 15:46:24 +01:00
moritz
b834a95d47 Merge pull request 'chore(deps): update ghcr.io/sebadob/rauthy docker tag to v0.33.4' (#315) from renovate/ghcr.io-sebadob-rauthy-0.x into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #315
 2026-01-06 15:34:53 +01:00
Renovate Bot
2974f4b2e9 chore(deps): update ghcr.io/sebadob/rauthy docker tag to v0.33.4
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2026-01-06 15:32:34 +01:00
moritz
9033e7a2b4 Merge pull request 'chore(deps): update dependency just to v1.46.0' (#318) from renovate/asdf-tool-versions into main
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
Reviewed-on: #318
 2026-01-06 15:30:48 +01:00
Renovate Bot
cc8bbe8630 chore(deps): update dependency just to v1.46.0
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-06 15:30:29 +01:00
moritz
c98ab3f26d Merge pull request 'chore(deps): update renovate/renovate docker tag to v42.71' (#317) from renovate/renovate-renovate-42.x into main
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
Reviewed-on: #317
 2026-01-06 15:30:04 +01:00
Renovate Bot
a90369e6cb chore(deps): update renovate/renovate docker tag to v42.71
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2026-01-06 15:29:40 +01:00
moritz
9f6b84ed6c Merge pull request 'chore(deps): update mix dependencies' (#316) from renovate/mix-dependencies into main
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
Reviewed-on: #316
 2026-01-06 15:29:20 +01:00
Renovate Bot
ab15fe039b chore(deps): update mix dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-06 10:29:01 +00:00
carla
844b4b6409 Merge pull request 'Implements validation for required custom fields closes #274' (#301) from bugfix/274_required_custom_fields into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #301
 2026-01-02 13:57:40 +01:00
carla
850f00fe22 formatting
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-02 13:53:24 +01:00
carla
08f563a412 Merge branch 'main' into bugfix/274_required_custom_fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-01-02 13:47:24 +01:00
moritz
058bfc2182 Merge pull request 'Membership Fee 6 - UI Components & LiveViews closes #280' (#304) from feature/280_membership_fee_ui into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #304
 2025-12-26 23:14:49 +01:00
Moritz
0df5d1c0b9
Merge branch 'main' into feature/280_membership_fee_ui
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-12-26 23:14:10 +01:00
Moritz
0d79e026e2 fix: add Logger metadata keys and update gettext
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add member_id, member_email, error, error_type, cycles_count, and notifications_count to Logger metadata configuration. Update gettext translations.
 2025-12-26 21:52:09 +01:00
Moritz
6f568bfe54 test: fix tests after join_date validation and UI changes 
Update test to expect join_date validation error. Fix toggle button selector in cycle view test. Remove unnecessary cleanup from create_cycle helper.
 2025-12-26 21:41:30 +01:00
Moritz
77ac3d1b18 fix: remove duplicate toggle button in table header 
Keep only the toggle button in toolbar for better UX.
 2025-12-26 21:41:22 +01:00
Moritz
619fdc90af fix: clear warning state on Decimal.parse error 
Explicitly call hide_amount_warning when Decimal.parse returns error.
 2025-12-26 21:41:14 +01:00