50 commits

Author	SHA1	Message	Date
Moritz	c5f1fdce0a	Code-review follow-ups: policy, docs, seed_admin behaviour ... - Use OidcRoleSyncContext for set_role_from_oidc_sync; document JWT peek risk. - seed_admin without password sets Admin role on existing user (OIDC-only); update docs and test. - Fix DE translation for 'access this page'; add get? true comment in User.	2026-02-04 19:44:43 +01:00
Moritz	58a5b086ad	OIDC: pass oauth_tokens to role sync; get? true for sign_in; return record in register ... - sign_in_with_rauthy: get? true so Ash returns single user; pass oauth_tokens to OidcRoleSync. - register_with_rauthy: pass oauth_tokens to OidcRoleSync; return {:ok, record} to preserve token.	2026-02-04 18:13:30 +01:00
Moritz	99722dee26	Add OidcRoleSync: apply Admin/Mitglied from OIDC groups ... Register and sign-in call apply_admin_role_from_user_info; users in configured admin group get Admin role, others get Mitglied. Internal User action + bypass policy.	2026-02-04 18:13:30 +01:00
Moritz	67ce514ba0	User: fix last-admin validation and forbid non-admin role_id change ... - Last-admin only when target role is non-admin (admins may switch admin roles). - Use Ash.Changeset.get_attribute for new role_id. Tests: admin role switch, non-admin update_user role_id forbidden.	2026-02-04 09:19:47 +01:00
Moritz	8ec4a07103	User form: persist role, member linking, Forbidden handling ... - User resource: update_user accepts role_id, manage_relationship :member - user_live/form: touch role_id, params_with_member_if_unchanged to avoid unlink - Handle Forbidden in form, extract error message for display - user_policies_test and form_test coverage	2026-02-03 23:52:20 +01:00
Moritz	14fa873640	Restrict User.update_user to admin; allow :update for email only ... - Add ActorIsAdmin policy check (admin permission set only) - User: policy action(:update_user) forbid_unless + authorize_if ActorIsAdmin - User: primary :update action accept [:email] for non-admin profile edit	2026-01-30 11:13:23 +01:00
Moritz	2b4e1e3963	Sync user email to member when changing password (admin_set_password) ... Add SyncUserEmailToMember change to admin_set_password so email+password updates in the user form sync the new email to the linked member.	2026-01-27 17:58:35 +01:00
Moritz	d98b32af8d	feat(accounts): block update/destroy on system-actor user ... Validation prevents modifying system actor user (required for internal ops).	2026-01-27 17:39:04 +01:00
Moritz	b7f37c80bd	Prevent deletion of system actor user ... Add destroy validation and explicit destroy action (primary, require_atomic? false). Validation blocks destroy when email == SystemActor.system_user_email().	2026-01-27 17:39:04 +01:00
Moritz	bdd2e6e103	Fix: Don't cache nil in default_role_id to prevent bootstrap issues ... - Only cache non-nil role_id values to allow retry after role creation - Prevents processes from being permanently stuck with nil if first call happens before the 'Mitglied' role exists - Update documentation to explain bootstrap safety mechanism	2026-01-25 17:11:05 +01:00
Moritz	2d446f63ea	Add NOT NULL constraint to users.role_id and optimize default_role_id ... - Add database-level NOT NULL constraint for users.role_id - Update SystemActor tests to verify NOT NULL constraint enforcement - Add process dictionary caching for default_role_id/0 to reduce DB queries	2026-01-25 17:04:48 +01:00
Moritz	6ad777860d	feat: implement attribute-level default for role_id assignment ... Replace action-level changes with attribute default function to ensure all users get the 'Mitglied' role regardless of creation path.	2026-01-25 13:41:46 +01:00
Moritz	0dbbc96353	Integrate AssignDefaultRole change into user creation actions	2026-01-24 19:16:20 +01:00
Moritz	e72b7ab2e8	Remove NoActor bypass from User and Member policies ... This removes the NoActor bypass that was masking authorization bugs in tests. All operations now require an explicit actor for authorization.	2026-01-24 02:12:31 +01:00
Moritz	797452a76e	Shorten User policy comments to state what only ... Move why explanations to documentation files. Keep policy comments concise and focused.	2026-01-22 21:36:12 +01:00
Moritz	429042cbba	feat(auth): add User resource authorization policies ... Implement bypass for READ + HasPermission for UPDATE pattern Extend HasPermission check to support User resource scope :own	2026-01-22 19:19:22 +01:00
carla	7da037d81d	refactor: adds schemales changeset and validation constant	2026-01-19 11:43:51 +01:00
Moritz	5f13901ca5	security: remove is_system_role from public API ... Remove is_system_role from accept lists in create_role and update_role actions. This field should only be set via seeds or internal actions to prevent users from creating unkillable roles through the public API.	2026-01-06 19:04:03 +01:00
Moritz	deacc43030	docs: document FK constraint behavior for role relationship ... Add comment explaining on_delete: :restrict behavior for users.role_id foreign key constraint.	2026-01-06 18:37:37 +01:00
Moritz	90c32c2afd	feat: add role relationship to User resource ... Add belongs_to :role relationship to User resource and register Authorization domain in config.	2026-01-06 17:18:33 +01:00
Simon	9cda832b82	fix: request scopes email and profile	2025-12-03 22:02:23 +01:00
Simon	613a5f2643	feat: support email scope to retrieve oidc info	2025-12-03 21:51:12 +01:00
Moritz	55fb845855	refactor: small changes from PR review	2025-11-13 16:33:29 +01:00
Moritz	5ce220862f	refactor and docs	2025-11-13 16:33:29 +01:00
Moritz	293e85334f	fix oidc security bug	2025-11-13 16:33:29 +01:00
Moritz	001fca1d16	refactor: email sync changes	2025-10-23 13:13:28 +02:00
Moritz	39afaf3999	feat: email uniqueness constraint between user and member	2025-10-23 13:13:27 +02:00
Moritz	5a0a261cd6	add action changes for email sync	2025-10-23 13:13:27 +02:00
Moritz	7c1aeddad4	add constraints for member-user and member-property	2025-10-16 15:28:31 +02:00
Moritz	59a8067c09	add some comments	2025-10-16 15:28:30 +02:00
Moritz	3b0c1da1ab	User email validation	2025-10-16 13:54:57 +02:00
Moritz	cde619543f	translate all error messages	2025-10-16 13:54:07 +02:00
Moritz	72a8415cb3	feat: member user relation	2025-10-16 12:30:01 +02:00
Rafael Epplée	a3746dfaaa	Explicitly require ash authentication settings ... Previously, we'd rely on defaults for configuring user token authentication. With these changes, we explicitly require :session_identifier and :require_token_presence_for_authentication to be configured in the application environment to make sure the system is configured the way it should be.	2025-09-11 11:49:46 +02:00
Rafael Epplée	dd77be0388	Add seed script for admin user	2025-08-15 10:11:12 +02:00
Moritz	6907b2ed3c	feat: fail if oidc provide does not provide a sub or id	2025-07-31 14:18:36 +02:00
Moritz	06574a932d	fix: formatting	2025-07-24 17:07:20 +02:00
Moritz	33d4fa66c8	fix: update email field given by oidc provider	2025-07-24 17:07:20 +02:00
Moritz	662e80cc74	feat: set password for new and for existing user	2025-07-24 17:07:20 +02:00
Moritz	df9966bb12	feat: account live view - basic functionality	2025-07-24 17:07:20 +02:00
Moritz	681db5dc71	fix: set oidc_id from user_info["sub"]	2025-07-24 17:07:20 +02:00
Moritz	cbcd8904b3	fix: deprication warings	2025-07-09 17:19:17 +02:00
carla	fba9abc2c1	test(AshAuthentication): updated tests for signed in user and added test for authcontroller	2025-07-02 17:03:37 +02:00
carla	c7b13c0ecb	format: formated files	2025-07-02 17:03:37 +02:00
carla	cc51763a6e	review(env): shift secret to env file and added logger	2025-07-02 17:03:37 +02:00
carla	565aaddd94	feat(secrets): updated as recommended in ashauthentication docs	2025-07-02 17:03:37 +02:00
carla	7bfde5e230	doc: added comments and updated to latest ashautentication version and required changes	2025-07-02 17:03:37 +02:00
carla	a6fcaa1640	feaut(oicd_provider): added oicd provider rauthy and strategy for authentication	2025-07-02 17:03:37 +02:00
carla	192ceaed45	chore(AshAuthenticationPhoenix): added library and updated ressources testing password strategy	2025-07-02 17:03:37 +02:00
carla	f154eea055	feat(ash): added accounts, user for authentication	2025-07-02 17:03:37 +02:00