local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
994 commits 13 branches 0 tags 7.9 MiB
Commit graph

994 commits

This branch
This branch
All branches
Author SHA1 Message Date
moritz
b974e7d685 Merge pull request 'CustomFieldValue Resource Policies closes #369' (#377) from feature/369_customfieldvalue_policies into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #377
 2026-01-27 16:07:47 +01:00
Moritz
bfe9fba2e0 Docs: document bypass read rule for CustomFieldValue pattern
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
- Bypass action_type(:read) is production-side rule: reading own CFVs
  always allowed, overrides Permission-Sets. Applies to get/list/load.
 2026-01-27 16:07:01 +01:00
Moritz
0219073d33 CFV policies test: system_actor for setup, verify destroy with actor 
- create_linked_member_for_user and create_unlinked_member use actor
  (system_actor) directly instead of creating admin user per call
- Remove create_admin_user helper
- After destroy, verify with Ash.get(..., actor: actor) to avoid
  false positive from Forbidden vs NotFound
 2026-01-27 16:07:01 +01:00
Moritz
4d3a249b0c HasPermission: remove unused _authorizer from strict_check helper 2026-01-27 16:07:01 +01:00
Moritz
3f95a2dd84 CustomFieldValue: remove unused require Ash.Query 2026-01-27 16:07:01 +01:00
Moritz
7153af23ee CustomFieldValueCreateScope: use get_argument_or_attribute for member_id 
- Read member_id via Ash.Changeset.get_argument_or_attribute/2 so it works
  when set as attribute or argument
- Remove unused require Logger
- Document member_id source in moduledoc
 2026-01-27 16:07:01 +01:00
Moritz
9e6c79bf40 chore: remove start-database from test action 2026-01-27 16:07:01 +01:00
Moritz
db95979bf5 Document CustomFieldValue policies and own_data create/destroy in architecture 
Update roles-and-permissions-architecture.md with policy layout and
permission matrix for CustomFieldValue (linked).
 2026-01-27 16:07:01 +01:00
Moritz
4e032ea778 Add CustomFieldValue policy tests (own_data, read_only, normal_user, admin) 
Covers read/update/create/destroy for linked vs unlinked members and CRUD
permissions per permission set.
 2026-01-27 16:07:01 +01:00
Moritz
17831a0948 Pass actor to CustomFieldValue destroy and load in existing tests 
Required after CustomFieldValue gained authorization policies.
 2026-01-27 16:07:01 +01:00
Moritz
bf2d0352c1 Add authorization policies to CustomFieldValue resource 
- Authorizer and policies: bypass for read (member_id == actor.member_id),
  CustomFieldValueCreateScope for create, HasPermission for read/update/destroy.
- HasPermission: pass authorizer into strict_check helper; document that create
  must use a dedicated check (no filter).
 2026-01-27 16:07:01 +01:00
Moritz
c7c6b318ac Add CustomFieldValueCreateScope check for create actions 
Ash cannot apply filters to create; this check enforces :linked/:all scope
via strict_check only (no filter).
 2026-01-27 16:07:01 +01:00
Moritz
8f5f69744c Add CustomFieldValue create/destroy :linked to own_data permission set 
Allows members to create and delete custom field values for their linked member.
 2026-01-27 16:07:01 +01:00
simon
8dd216f58f Merge pull request 'Add groups concept to docs closes #307' (#370) from feature/#307-concept-groups into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #370
 2026-01-27 13:15:12 +01:00
Simon
b128ffb51c
docs: add groups concept
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-27 13:04:27 +01:00
moritz
d1f70e2877 Merge pull request 'ImplementsCSV Import UI closes #335' (#359) from feature/335_csv_import_ui into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #359
 2026-01-25 18:45:07 +01:00
Moritz
5195fd0d45 Fix missing max_errors assign in GlobalSettingsLive
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Set max_errors as socket assign in mount/3 to make it
available in templates. Fixes KeyError in CSV import UI.
 2026-01-25 18:36:33 +01:00
Moritz
1d0ac6d280 Improve CSV import error messages 
Include email address in duplicate email error messages.
Add German translation for email uniqueness errors.
Ensure locale is set for translations in async tasks.
 2026-01-25 18:33:28 +01:00
Moritz
5acb5e304d Fix CSV upload file reading 
Handle consume_uploaded_entries returning [content] directly
instead of [{:ok, content}]. Add locale support for translations
in background tasks.
 2026-01-25 18:33:27 +01:00
Moritz
562265f212 Security: Require actor parameter in CSV import 
Remove fallback to system_actor in process_chunk to prevent
unauthorized access. Actor must now be explicitly provided.
 2026-01-25 18:33:25 +01:00
carla
79361c72d2
fix tests and linting 2026-01-25 17:31:49 +01:00
carla
56f3054992
i18n: add translations 2026-01-25 17:31:49 +01:00
carla
b841c306fc
formatting 2026-01-25 17:31:49 +01:00
carla
0fe4a55e80
formatting and refactoring 2026-01-25 17:31:48 +01:00
carla
bf7e47ce5c
refactor 2026-01-25 17:31:42 +01:00
carla
04b0916c1e
refactor 2026-01-25 17:30:07 +01:00
carla
092fd99d48
fat: adds csv import live view to settings 2026-01-25 17:30:03 +01:00
carla
bf9e47b257
test: adds live view csv import tests 2026-01-25 17:22:28 +01:00
moritz
d1a1772e12 Merge pull request 'Seed Data - Roles and Default Assignment closes #365' (#368) from feature/365_seed_roles into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #368
 2026-01-25 17:21:02 +01:00
Moritz
bdd2e6e103 Fix: Don't cache nil in default_role_id to prevent bootstrap issues
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Only cache non-nil role_id values to allow retry after role creation
- Prevents processes from being permanently stuck with nil if first call
  happens before the 'Mitglied' role exists
- Update documentation to explain bootstrap safety mechanism
 2026-01-25 17:11:05 +01:00
Moritz
2d446f63ea
Add NOT NULL constraint to users.role_id and optimize default_role_id
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Add database-level NOT NULL constraint for users.role_id
- Update SystemActor tests to verify NOT NULL constraint enforcement
- Add process dictionary caching for default_role_id/0 to reduce DB queries
 2026-01-25 17:04:48 +01:00
Moritz
86c8b23c77
chore: increase test timeout and cleanup unused code
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-25 13:42:54 +01:00
Moritz
8f3fd9d0d7
test: adapt tests for attribute-level default solution 2026-01-25 13:42:45 +01:00
Moritz
e7bf777be2
refactor: remove AssignDefaultRole change module 
The attribute-level default solution makes this change module obsolete.
All role assignment is now handled via the role_id attribute's default
function, which is more robust and works for all creation paths.
 2026-01-25 13:42:35 +01:00
Moritz
a9b1d794d2
fix: bind role_name variable before using in Ash.Query.filter 
Avoid macro pinning issues by binding role_data.name to role_name
before using it in the filter query.
 2026-01-25 13:42:28 +01:00
Moritz
e982271880
fix: improve migration to create 'Mitglied' role if missing 
Make migration more robust by creating the 'Mitglied' role if it doesn't
exist, ensuring it works regardless of seed execution order.
 2026-01-25 13:42:19 +01:00
Moritz
6ad777860d
feat: implement attribute-level default for role_id assignment 
Replace action-level changes with attribute default function to ensure
all users get the 'Mitglied' role regardless of creation path.
 2026-01-25 13:41:46 +01:00
Moritz
21b63cbe86
Add comprehensive tests for default role assignment
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-24 19:16:57 +01:00
Moritz
3b5b5044fb
Add test support for default role assignment 2026-01-24 19:16:43 +01:00
Moritz
9557d8ae6b
Update seeds to create all 5 authorization roles 2026-01-24 19:16:35 +01:00
Moritz
0dbbc96353
Integrate AssignDefaultRole change into user creation actions 2026-01-24 19:16:20 +01:00
Moritz
4b10fd2702
Add AssignDefaultRole change for automatic role assignment 
- Assigns 'Mitglied' role to new users if no role is set
 2026-01-24 19:15:56 +01:00
Moritz
5c0786ebca
Fix HasPermission check to handle nil member_id gracefully 2026-01-24 19:15:46 +01:00
Moritz
403eda3908
Add Role helper function and create_role_with_system_flag action 
- Add get_mitglied_role/0 helper to avoid code duplication
- Add create_role_with_system_flag action for seeds/migrations
- Allows setting is_system_role flag (required for 'Mitglied' role)
 2026-01-24 19:15:05 +01:00
Moritz
c7e0181e02
Add migration to assign 'Mitglied' role to existing users 2026-01-24 19:14:51 +01:00
moritz
9fe872ee58 Merge pull request '[Refactor] Remove NoActor bypass' (#367) from refactor/remove_noactor into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #367
 2026-01-24 14:56:44 +01:00
Moritz
ef6cf1b2d4
Remove unused allow_no_actor_bypass config option
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-24 11:59:39 +01:00
Moritz
b545d2b9e1
Remove NoActor module, improve Member validation, update docs 2026-01-24 11:59:18 +01:00
Moritz
71c13d0ac0
Fix missing actor parameters and restore AshAuthentication bypass tests
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-24 08:51:58 +01:00
Moritz
15a7c615d6
Fix rebase conflict: Add actor parameter to helper functions in index_test.exs
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-24 02:39:28 +01:00