d21ee88849
StatisticsLiveTest: explicit auth (read_only) and redirect test for own_data
2026-02-12 19:17:10 +01:00
678f255c6f
Gettext: add DE translation for Fee types could not be loaded
continuous-integration/drone/push Build is failing
2026-02-12 18:45:41 +01:00
aa692ac224
Statistics tests: strict first_join_year nil, fee_type_id in URL
2026-02-12 18:45:35 +01:00
8abad9040f
Statistics LiveView: robust URL, load_fee_types error handling, clamp percents
2026-02-12 18:45:25 +01:00
c3b2abe380
Statistics: log Ash errors instead of returning 0/nil silently
2026-02-12 18:45:15 +01:00
e2c636fbf8
Statistics: member stats independent of fee type
continuous-integration/drone/push Build is failing
2026-02-12 17:43:21 +01:00
16342fbeea
Add German translations for statistics page
2026-02-12 17:43:14 +01:00
f2d7684b47
Fix create_fee_type default arg warning in StatisticsTest
2026-02-12 17:43:03 +01:00
99aa8969f0
Update docs and guidelines for statistics feature
...
continuous-integration/drone/push Build is passing
- CODE_GUIDELINES.md and feature-roadmap.md
- Add statistics-page-implementation-plan.md
2026-02-10 22:44:36 +01:00
76b8d9e30e
Update gettext: extract and add DE/EN for statistics strings
2026-02-10 22:44:28 +01:00
82b9ef282f
Pass actor through CycleGenerator so seeds can use admin
...
- get_actor(opts): use opts[:actor] or system actor
- load_member, do_generate_cycles, create_cycles pass opts
- Seeds pass admin_user_with_role for Ash.load! and cycle updates
2026-02-10 22:44:24 +01:00
9ac275203c
Add StatisticsLive: overview, bars by year, pie chart
...
- Summary cards: active/inactive members, open amount
- Joins and exits by year (horizontal bars)
- Contributions by year: table with stacked bar above amounts
- Column order: Paid, Unpaid, Suspended, Total; color dots for legend
- All years combined pie chart
- LiveView tests
2026-02-10 22:44:19 +01:00
cc59a40a1b
Add statistics route, permissions, and sidebar entry
...
- /statistics route and PagePaths.statistics
- Permission sets: viewer and admin can access /statistics
- Sidebar link with can_access_page check
- Plug and sidebar tests updated
2026-02-10 22:44:13 +01:00
b26d66aa93
Add Statistics module for member and cycle aggregates
...
- first_join_year, active/inactive counts, joins/exits by year
- cycle_totals_by_year, open_amount_total
- Unit tests for Statistics
2026-02-10 22:44:07 +01:00
496e2e438f
Merge pull request 'Implements CSV export closes #285 ' ( #408 ) from feature/export_csv into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #408
2026-02-09 15:17:49 +01:00
e68a7cf8c7
fix linting
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/production Build is passing
2026-02-09 14:08:12 +01:00
80fe73a561
docs: update docs
2026-02-09 14:08:04 +01:00
31624e460b
i18n: update translations
2026-02-09 13:37:37 +01:00
9115d53198
tests: add tests
2026-02-09 13:34:57 +01:00
e1266944b1
feat: add membership fee status to columns and dropdown
2026-02-09 13:34:38 +01:00
36e57b24be
Merge branch 'main' into feature/export_csv
continuous-integration/drone/push Build is failing
2026-02-06 08:02:05 +01:00
8e387d8e17
tests: update tests
continuous-integration/drone/push Build is failing
2026-02-05 15:03:36 +01:00
9b9e7ec995
fix: sorting and filter for export
2026-02-05 15:03:25 +01:00
cc02748cc6
Merge pull request 'Fix prod admin initialisation' ( #410 ) from fix/admin_init into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #410
2026-02-04 21:41:38 +01:00
ad54b0c462
Release.seed_admin: ensure app started when run via bin/mv eval
...
continuous-integration/drone/push Build was killed
continuous-integration/drone/promote/production Build is passing
Application.ensure_all_started(:mv) so Ash/Telemetry work (ETS table exists).
Fixes Unknown Error / telemetry_handler_table in production entrypoint.
2026-02-04 21:33:41 +01:00
6ab0365a8c
Merge pull request 'Init an admin user in prod closes #381 ' ( #409 ) from feature/381_init_admin into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #409
2026-02-04 20:53:00 +01:00
ad42a53919
OIDC sign-in: robust after_action for get? result, non-bang role sync
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/production Build is passing
- sign_in_with_rauthy after_action normalizes result (nil/struct/list) to list before Enum.each.
- OidcRoleSync.do_set_role uses Ash.update and swallows errors so auth is not blocked; skip update if role already correct.
2026-02-04 20:25:54 +01:00
c5f1fdce0a
Code-review follow-ups: policy, docs, seed_admin behaviour
...
continuous-integration/drone/push Build is passing
- Use OidcRoleSyncContext for set_role_from_oidc_sync; document JWT peek risk.
- seed_admin without password sets Admin role on existing user (OIDC-only); update docs and test.
- Fix DE translation for 'access this page'; add get? true comment in User.
2026-02-04 19:44:43 +01:00
d573a22769
Tests: accept single user or list from read_sign_in_with_rauthy (get? true)
...
continuous-integration/drone/push Build is passing
Handle {:ok, user}, {:ok, nil} in addition to {:ok, [user]}, {:ok, []}.
2026-02-04 18:13:30 +01:00
58a5b086ad
OIDC: pass oauth_tokens to role sync; get? true for sign_in; return record in register
...
- sign_in_with_rauthy: get? true so Ash returns single user; pass oauth_tokens to OidcRoleSync.
- register_with_rauthy: pass oauth_tokens to OidcRoleSync; return {:ok, record} to preserve token.
2026-02-04 18:13:30 +01:00
d441009c8a
Refactor: remove debug instrumentation from OidcRoleSync
...
Drop temporary logging used to diagnose OIDC groups sync in dev.
2026-02-04 18:13:30 +01:00
d37fc03a37
Fix: load OIDC role sync config from ENV in all environments
...
OIDC_ADMIN_GROUP_NAME and OIDC_GROUPS_CLAIM were only set in prod block;
in dev admin_group was nil so role sync never ran. Move config outside
prod block so dev/test get ENV values.
2026-02-04 18:13:30 +01:00
55fef5a993
Docs and .env.example for admin bootstrap and OIDC role sync
...
Documents ADMIN_EMAIL/PASSWORD, seed_admin, entrypoint; OIDC_ADMIN_GROUP_NAME,
OIDC_GROUPS_CLAIM and role sync on register/sign-in.
2026-02-04 18:13:30 +01:00
99722dee26
Add OidcRoleSync: apply Admin/Mitglied from OIDC groups
...
Register and sign-in call apply_admin_role_from_user_info; users in configured
admin group get Admin role, others get Mitglied. Internal User action + bypass policy.
2026-02-04 18:13:30 +01:00
a6e35da0f7
Add OIDC role sync config (OIDC_ADMIN_GROUP_NAME, OIDC_GROUPS_CLAIM)
...
Mv.OidcRoleSyncConfig reads from config; runtime.exs overrides from ENV in prod.
2026-02-04 18:13:30 +01:00
50c8a0dc9a
Seeds: call Mv.Release.seed_admin to avoid duplication
...
Replaces inline admin creation with seed_admin(); exercises same path as entrypoint.
Dev/test: set ADMIN_EMAIL default and ADMIN_PASSWORD fallback before calling.
2026-02-04 18:13:30 +01:00
e065b39ed4
Add Mv.Release.seed_admin for admin bootstrap from ENV
...
Creates/updates admin user from ADMIN_EMAIL and ADMIN_PASSWORD or ADMIN_PASSWORD_FILE.
Idempotent; no fallback password in production. Called from docker entrypoint and seeds.
2026-02-04 18:13:30 +01:00
b177e41882
Add Role.get_admin_role for Release.seed_admin
...
Used by Mv.Release to resolve Admin role when creating/updating admin user from ENV.
2026-02-04 18:13:30 +01:00
09a4b7c937
Seeds: use ADMIN_PASSWORD/ADMIN_PASSWORD_FILE; fallback only in dev/test
...
No fallback in production; prod uses Release.seed_admin in entrypoint.
2026-02-04 18:13:30 +01:00
7a56a0920b
Call seed_admin in docker entrypoint after migrate
...
Ensures admin user is created/updated from ENV on every container start.
2026-02-04 18:13:30 +01:00
e7d63b9b0a
fix linting
continuous-integration/drone/push Build is failing
2026-02-04 16:55:24 +01:00
59d94cf1c6
Merge pull request 'Polishs import UI closes #337 ' ( #398 ) from feature/337_polish_import into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #398
2026-02-04 16:50:43 +01:00
b429a4dbb6
test: adds tests
continuous-integration/drone/push Build is failing
2026-02-04 16:43:12 +01:00
c82f4b7fd7
feat: add csv export
continuous-integration/drone/push Build is failing
2026-02-04 16:40:41 +01:00
361331b76e
fix linting errors
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/production Build is passing
2026-02-04 16:36:13 +01:00
3415faeb21
Merge branch 'main' into feature/337_polish_import
continuous-integration/drone/push Build is failing
2026-02-04 16:28:55 +01:00
d34ff57531
refactor
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/production Build is passing
2026-02-04 15:52:00 +01:00
82b3182267
Merge pull request 'Permission system hardening: Role policies and member user-link restriction closes #406 ' ( #407 ) from feature/406_permission_hardening into main
...
continuous-integration/drone/push Build is passing
Reviewed-on: #407
2026-02-04 14:52:49 +01:00
95472424b1
Fix member unlink: use User update_user action
...
continuous-integration/drone/push Build was killed
continuous-integration/drone/promote/production Build is passing
UnrelateUserWhenArgumentNil used User :update which only accepts :email.
Switch to :update_user with member: nil so manage_relationship clears member_id.
2026-02-04 14:46:23 +01:00
5194b20b5c
Fix unlink-by-omission: on_missing :ignore, test, doc, string-key
...
continuous-integration/drone/push Build is failing
- Member update_member: on_missing :unrelate → :ignore (no unlink when :user omitted)
- Test: normal_user update linked member without :user keeps link
- Doc: unlink only explicit (user: nil), admin-only; Actor.admin?(nil) note
- Check: defense-in-depth for "user" string key
2026-02-04 14:07:39 +01:00
