mitgliederverwaltung

Author	SHA1	Message	Date
carla	aaeafa646a	formatting Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 17:57:16 +01:00
carla	9ddd1a470d	Merge branch 'main' into feature/335_csv_import_ui Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 17:55:23 +01:00
carla	ffe146716b	formatting and refactoring Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 17:52:09 +01:00
Simon	1b44730b95	Fix: Ensure members are loaded in handle_params when signature unchanged All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-23 14:48:37 +01:00
Simon	672b4a8250	Merge branch 'main' into feature/filter-boolean-custom-fields Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:41:48 +01:00
Simon	20c96123e1	fix: failing test Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:33:54 +01:00
Simon	1d46fd1baf	feat: improve filter performance by reducing Ash.read! calls Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 14:22:57 +01:00
Simon	b4657cae23	fix: resolve pr remarks	2026-01-23 14:00:18 +01:00
carla	d02f725d51	refactor Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 12:54:48 +01:00
carla	465fe5a5b1	Merge branch 'main' into feature/335_csv_import_ui Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-23 10:33:56 +01:00
Moritz	41e342a1d6	Fix OIDC account linking by using SystemActor in LinkOidcAccountLive All checks were successful continuous-integration/drone/push Build is passing Details - Add SystemActor to all Ash operations in LinkOidcAccountLive - Enables user lookup, reload, and oidc_id linking during OIDC flow - User is not yet logged in during linking, so SystemActor provides authorization	2026-01-23 02:14:59 +01:00
Moritz	bad4e5ca7c	Fix OIDC login by using SystemActor in OidcEmailCollision validation - Add SystemActor to Ash.read_one() calls in OidcEmailCollision validation - Prevents authorization failures during OIDC registration when no actor is logged in - Enables proper email collision detection and account linking flow	2026-01-23 02:12:53 +01:00
Moritz	079d270768	Fix authorization bypass in seeds and validations All checks were successful continuous-integration/drone/push Build is passing Details - Add authorize?: false to all bootstrap operations in seeds.exs - Fix user-linking validation to respect authorize? context flag - Prevents authorization errors during initial setup when no actor exists yet	2026-01-23 02:08:11 +01:00
Moritz	427608578f	Restrict Actor.ensure_loaded to Mv.Accounts.User only All checks were successful continuous-integration/drone/push Build is passing Details Pattern match on %Mv.Accounts.User{} instead of generic actor. Clearer intention, prevents accidental authorization bypasses. Non-User actors are returned as-is (no-op).	2026-01-22 23:17:55 +01:00
Moritz	f3abade7ad	Add authorize?: false to Actor.ensure_loaded SECURITY: Skip authorization for role loading to avoid circular dependency. Actor loads their OWN role, needed for authorization itself. Documented why this is safe.	2026-01-22 23:04:56 +01:00
Moritz	e60bb6926f	Remove unused PolicyHelpers macro and PolicyConsistency test All checks were successful continuous-integration/drone/push Build is passing Details Dead code - macro was never used in codebase. PolicyConsistency test will be replaced with better implementation.	2026-01-22 22:37:09 +01:00
Moritz	f2def20fce	Add centralized Actor.ensure_loaded helper Consolidate role loading logic from HasPermission and LiveHelpers. Use Ash.Resource.Info.resource? for reliable Ash detection.	2026-01-22 22:37:07 +01:00
Moritz	05c71132e4	Replace NoActor runtime Mix.env with compile-time config Use Application.compile_env for release-safety. Config only set in test.exs (defaults to false).	2026-01-22 22:37:04 +01:00
Moritz	a834bdc4ff	Add PolicyHelpers macro for standard user policies Encapsulate two-tier policy pattern (bypass + HasPermission). Promote consistency across resource policy definitions.	2026-01-22 21:36:18 +01:00
Moritz	47c938cc50	Centralize role preloading in global LiveView on_mount Add ensure_user_role_loaded to global live_view quote block. Remove redundant on_mount calls from individual LiveViews.	2026-01-22 21:36:15 +01:00
Moritz	797452a76e	Shorten User policy comments to state what only Move why explanations to documentation files. Keep policy comments concise and focused.	2026-01-22 21:36:12 +01:00
Moritz	f1e6a1e9db	Clarify User.update :own in permission sets Add explicit comments explaining why all permission sets grant User.update with scope :own for password changes.	2026-01-22 21:36:11 +01:00
Moritz	56144a7696	Add role loading fallback to HasPermission check Extract ash_resource? helper to reduce nesting depth. Add ensure_role_loaded fallback for unloaded actor roles.	2026-01-22 21:36:10 +01:00
Moritz	93216f3ee6	Harden NoActor check with runtime environment guard Add Mix.env() check to match?/3 for defense in depth. Document NoActor pattern in CODE_GUIDELINES.md.	2026-01-22 21:36:09 +01:00
Moritz	429042cbba	feat(auth): add User resource authorization policies Implement bypass for READ + HasPermission for UPDATE pattern Extend HasPermission check to support User resource scope :own	2026-01-22 19:19:22 +01:00
Moritz	d07f1984cd	Move require Logger to module level All checks were successful continuous-integration/drone/push Build is passing Details Move require Logger statements from function/case level to module level for better code organization and consistency with Elixir best practices	2026-01-21 08:35:34 +01:00
Moritz	b0ddf99117	Add admin authorization check for regenerate cycles button Restrict UI access to cycle regeneration to administrators only to prevent policy bypass via user interface	2026-01-21 08:02:38 +01:00
Moritz	7e9de8e95b	Add logging for fail-open email uniqueness validations Log warnings when query errors occur in email uniqueness checks to improve visibility of data integrity issues	2026-01-21 08:02:33 +01:00
Moritz	5c3657fed1	Use SystemActor opts for cycle deletion operations Pass actor_opts to delete_cycles/1 to ensure proper authorization when MembershipFeeCycle policies are enforced	2026-01-21 08:02:32 +01:00
Moritz	006b1aaf06	Replace Mix.env() with Config.sql_sandbox?() in SystemActor Use Application config instead of Mix.env() to prevent runtime crashes in production releases where Mix is not available	2026-01-21 08:02:31 +01:00
Simon	f996aee6b2	feat: add new filter component to members view All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-21 00:47:01 +01:00
Moritz	c5bd58e7d3	Add @spec type annotations to SystemActor functions Add type specifications for all private functions to improve static analysis with Dialyzer and documentation quality.	2026-01-20 23:16:39 +01:00
Moritz	a3cf8571ff	Document System Actor pattern in code guidelines Add section explaining when and how to use system actor for systemic operations. Include examples and distinction between user mode and system mode.	2026-01-20 22:10:11 +01:00
Moritz	c64b74588f	Use system actor for cycle generation Update cycle generator, member hooks, and job to use system actor. Remove actor parameters as cycle generation is a mandatory side effect.	2026-01-20 22:09:20 +01:00
Moritz	f0169c95b7	Use system actor for email uniqueness validation Update email validation modules to use system actor for queries. This ensures data integrity checks always run regardless of user permissions.	2026-01-20 22:09:19 +01:00
Moritz	8acd92e8d4	Use system actor for email synchronization Update email sync loader and changes to use system actor instead of user actor. This ensures email sync always works regardless of user permissions.	2026-01-20 22:09:18 +01:00
Moritz	ddb1252831	Add System Actor helper for systemic operations Introduce Mv.Helpers.SystemActor module with lazy loading for operations that must always run regardless of user permissions. System actor has admin role and auto-creates in test environment.	2026-01-20 22:09:16 +01:00
Simon	1011b94acf	feat: load boolean custom fields All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-20 19:12:13 +01:00
Simon	fbf3b64192	refactor: fix credo issues All checks were successful continuous-integration/drone/push Build is passing Details	2026-01-20 18:34:17 +01:00
Simon	01dea8bb8b	Merge branch 'main' into feature/filter-boolean-custom-fields Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-20 18:13:20 +01:00
Simon	ff8b29cffe	feat: implement filter logic for boolean ustom fields Some checks failed continuous-integration/drone/push Build is failing Details	2026-01-20 18:08:41 +01:00
Moritz	433f008af8	refactor: Reduce function complexity and nesting depth - Extract helper functions from process_chunk to reduce nesting - Extract format_error_message from extract_changeset_error - Split extract_error_message into smaller functions to reduce complexity - Fixes Credo refactoring opportunities	2026-01-20 16:05:32 +01:00
Moritz	0abcf540bb	refactor: Replace length/1 with empty list comparison Replace expensive length/1 calls with direct list comparison to fix Credo warnings about performance	2026-01-20 15:58:15 +01:00
Simon	37e1553a02	feat: add custom boolean field state & URL-Parameter	2026-01-20 15:55:08 +01:00
Moritz	cafd1d4ebc	refactor: Remove deprecated LiveViews - Remove CustomFieldValueLive (Index, Form, Show) - Remove ContributionTypeLive.Index - Remove ContributionPeriodLive.Show - Remove corresponding routes from router - Remove references in CustomFieldValueLive.Index	2026-01-20 15:50:08 +01:00
Moritz	9c2cff6307	docs: Update domain Public API documentation	2026-01-20 15:50:08 +01:00
Moritz	b380f63cf6	chore: update docs	2026-01-20 14:31:13 +01:00
carla	a15ff055cc	refactor	2026-01-20 14:23:27 +01:00
carla	aaf9c7127d	fat: adds csv import live view to settings	2026-01-20 10:05:40 +01:00
simon	b84431879c	Merge pull request 'fix admin database seeding closes #357 ' (#358 ) from bugfix/reseeding-database-not-working into main Reviewed-on: #358	2026-01-19 14:17:12 +01:00

1 2 3 4 5 ...

497 commits