local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 66 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
1118 commits 13 branches 0 tags 7.9 MiB
Commit graph

1118 commits

This branch
This branch
All branches
Author SHA1 Message Date
moritz
c2bafe4acf Merge pull request 'Apply UI Authorization to Existing LiveViews closes #400' (#403) from feature/400_ui_authorization into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #403
 2026-02-03 17:30:15 +01:00
Moritz
cbc9376b7b Tests: data-testid selectors, scoped delete, sidebar testid
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details 
Member/User auth tests use data-testid and #row-id selectors.
Sidebar auth tests assert on data-testid=sidebar-administration.
Sidebar test expects data-testid in expanded-menu-group markup.
 2026-02-03 17:16:15 +01:00
Moritz
ee6bfbacbb User LiveViews: row_id and data-testid for actions 
Table row_id for scoped selectors; data-testid on New/Edit/Delete.
 2026-02-03 17:16:13 +01:00
Moritz
a4b13cef49 Member LiveViews: row_id and data-testid for actions 
Table row_id for scoped selectors; data-testid on New/Edit/Delete.
 2026-02-03 17:16:11 +01:00
Moritz
286972964d CoreComponents: allow data-testid on button 
Include data-testid in button rest for test selectors.
 2026-02-03 17:16:10 +01:00
Moritz
c36812bf3f Authorization: document can_access_page? nil-safety 
Doc and example for nil user returning false.
 2026-02-03 17:16:09 +01:00
Moritz
2ddd22078d Sidebar: use PagePaths, add testid for Administration 
Gate menu items via PagePaths; add data-testid=sidebar-administration
for stable tests. menu_group accepts optional testid attr.
 2026-02-03 17:16:08 +01:00
Moritz
9e8910344e Add MvWeb.PagePaths for central sidebar/page paths 
Single source for path strings used by Sidebar and can_access_page?.
Keep in sync with router when routes change.
 2026-02-03 17:16:07 +01:00
Moritz
1426ef1d38
Add sidebar authorization tests
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Assert menu visibility per role: admin, read_only, normal_user,
own_data, nil user, user without role.
 2026-02-03 16:56:52 +01:00
Moritz
f779fd61e0
Gate sidebar menu items by can_access_page? 
Members, Fee Types and Administration subitems only shown when user
has page permission. Add admin_menu_visible? helper. Sidebar test
uses admin user so menu items render.
 2026-02-03 16:56:52 +01:00
Moritz
cc9e530d80
Add User LiveView authorization tests 
Covers admin, read_only, member, normal_user for Index and Show.
Asserts New User / Edit / Delete visibility and redirect for non-admin.
 2026-02-03 16:56:51 +01:00
Moritz
2f67c7099d
Apply UI authorization to User LiveViews (Index and Show) 
Gate New User button, Edit and Delete links with can?/3.
Edit button on User Show visible only when user can update the user.
 2026-02-03 16:56:51 +01:00
Moritz
5e361ba400
Add Member LiveView authorization tests 
Covers read_only, normal_user, admin, own_data for Index and Show.
Asserts New Member / Edit / Delete visibility and redirect for Mitglied.
 2026-02-03 16:56:51 +01:00
Moritz
505e31653a
Apply UI authorization to Member LiveViews (Index and Show) 
Gate New Member button, Edit and Delete links with can?/3.
Edit button on Member Show visible only when user can update the member.
 2026-02-03 16:56:51 +01:00
moritz
d3ad7c5013 Merge pull request 'Member Email Validation for Linked Members closes #397' (#399) from feature/397_emailsync_permission into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #399
 2026-02-03 16:35:40 +01:00
Moritz
131904f172
Test: assert on error field :email instead of message string
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-03 16:07:47 +01:00
Moritz
47b6a16177
Doc: Actor maybe_load_role comment; ActorIsAdmin system user = admin 2026-02-03 16:07:39 +01:00
Moritz
60a4181255
Validation: error message admin or linked user; resolve_actor fallback 2026-02-03 16:07:26 +01:00
Moritz
4e6b7305b6
Doc: Loader auth-independent for link checks; email-sync rule rationale 2026-02-03 16:07:13 +01:00
Moritz
4ea31f0f37 Add email-change permission validation for linked members
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Only admins or the linked user may change a linked member's email.
- New validation EmailChangePermission (uses Actor.admin?, Loader.get_linked_user).
- Register on Member update_member; docs and gettext.
 2026-02-03 14:35:32 +01:00
Moritz
ad02f8914f Use EmailSync.Loader.get_linked_user in EmailNotUsedByOtherUser 
Remove duplicate get_linked_user_id; reuse Loader for linked user lookup.
 2026-02-03 14:35:08 +01:00
Moritz
3d46ba655f Add Actor.permission_set_name/1 and admin?/1 for consistent capability checks 
- Actor.permission_set_name(actor) returns role's permission set (supports nil role load).
- Actor.admin?(actor) returns true for system user or admin permission set.
- ActorIsAdmin policy check delegates to Actor.admin?/1.
 2026-02-03 14:34:24 +01:00
carla
c998d14b95 Merge pull request 'Implements custom field CSV import closes #338' (#395) from feature/338_import_custom_fields into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #395
 2026-02-02 17:05:29 +01:00
carla
960506d16a refactoring
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-02 16:56:07 +01:00
carla
aef3aa299f fix test
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-02 15:04:07 +01:00
carla
b21c3df7ef refactoring 2026-02-02 14:34:12 +01:00
carla
71db9cf3c1 formatting
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:54:27 +01:00
carla
9e27de84cb Merge branch 'main' into feature/338_import_custom_fields
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:46:05 +01:00
carla
c56ca68922 docs: update docs
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 13:42:24 +01:00
carla
f5591c392a i18n: add translation 2026-02-02 13:42:16 +01:00
carla
aab5666f46 Merge pull request 'Adds config for import limits closes #336' (#394) from feature/336_import_auth into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #394
 2026-02-02 13:15:22 +01:00
carla
12715f3d85 refactoring 2026-02-02 13:07:08 +01:00
carla
86a3c4e50e tests: add tests for import 2026-02-02 13:07:00 +01:00
carla
3f8797c356 feat: import custom fields via CSV 2026-02-02 11:42:07 +01:00
carla
ce6240133d i18n: update translations
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-02-02 10:23:49 +01:00
carla
4997819c73 feat: validate config 2026-02-02 10:22:21 +01:00
carla
b6d53d2826 refactor: add test to seperate async false module 2026-02-02 10:22:05 +01:00
carla
e74154581c feat: changes UI info based on config for limits 2026-02-02 10:10:02 +01:00
carla
d61a939deb formatting
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-02-02 09:50:47 +01:00
carla
3f551c5f8d feat: add configs for impor tlimits
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-02 09:49:13 +01:00
carla
9fd617e45a tests: add tests for config 2026-02-02 09:48:37 +01:00
moritz
b9dd990f52 Merge pull request 'Page Permission Router Plug closes #388' (#390) from feature/388_page_permissions into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #390
 2026-01-30 12:19:58 +01:00
Moritz
f8f6583679 PermissionSetsTest: assert /users/:id instead of /profile in pages
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is passing
Details 
Profile is reachable at /users/:id; /profile was removed from PermissionSets.
 2026-01-30 11:37:34 +01:00
Moritz
6e13a3aa34
Docs: note User-Member Linking enforcement in code
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details 
- update_user restricted via ActorIsAdmin; Form gates Member-Linking UI
 2026-01-30 11:28:41 +01:00
Moritz
cf6bd4a6a1 UserPoliciesTest: use :update for non-admin own-email and forbid-other 
- own_data, read_only, normal_user: can update own email via :update
- cannot update other users: use :update (scope :own forbids)
 2026-01-30 11:13:34 +01:00
Moritz
06d6531569 UserLive.Form: gate Member-Linking to admin, use :update for non-admin 
- Show Member-Linking UI only when can_manage_member_linking (admin)
- perform_member_link_action runs only for admin
- assign_form: non-admin uses :update (email), admin uses :update_user
- Load members for linking only when can_manage_member_linking
 2026-01-30 11:13:28 +01:00
Moritz
14fa873640 Restrict User.update_user to admin; allow :update for email only 
- Add ActorIsAdmin policy check (admin permission set only)
- User: policy action(:update_user) forbid_unless + authorize_if ActorIsAdmin
- User: primary :update action accept [:email] for non-admin profile edit
 2026-01-30 11:13:23 +01:00
Moritz
faee780aab Tests: read_only/normal_user /users/:id, Ash.read! actor, Authorization own/other
All checks were successful
continuous-integration/drone/push Build is passing
Details 
- Integration: read_only and normal_user GET /users/:id (own) and edit/show/edit return 200
- Integration: read_only GET /users/:id (other) redirects
- Plug test: use group_fixture in setup instead of Ash.read!() without actor
- Authorization: tests for own/other profile and reserved 'new'
 2026-01-30 10:22:34 +01:00
Moritz
a1fe36b7f2 Delegate can_access_page? to CheckPagePermission 
- UI uses same rules as plug (reserved 'new', own/linked path checks)
 2026-01-30 10:22:31 +01:00
Moritz
ea1d01fcea Docs: align route matrix with PermissionSets, add Role-Load note 
- Table: own_data/read_only/normal_user /users/:id and edit/show/edit; members edit/show/edit
- Integration test sections updated for read_only and normal_user
- Add note on plug reloading role and member_id when needed
 2026-01-30 10:22:30 +01:00