local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
1003 commits 13 branches 0 tags 7.9 MiB
Commit graph

11 commits

Author SHA1 Message Date
Moritz
bfe9fba2e0 Docs: document bypass read rule for CustomFieldValue pattern
Some checks reported errors
continuous-integration/drone/push Build was killed
Details 
- Bypass action_type(:read) is production-side rule: reading own CFVs
  always allowed, overrides Permission-Sets. Applies to get/list/load.
 2026-01-27 16:07:01 +01:00
Moritz
db95979bf5 Document CustomFieldValue policies and own_data create/destroy in architecture 
Update roles-and-permissions-architecture.md with policy layout and
permission matrix for CustomFieldValue (linked).
 2026-01-27 16:07:01 +01:00
Moritz
d9eb131d96
Update documentation: Remove NoActor bypass references 2026-01-24 02:21:08 +01:00
Moritz
c98ad4085a
docs: add authorization bootstrap patterns section
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Document the three authorization bypass mechanisms and when to use each:
- NoActor (test-only bypass)
- system_actor (systemic operations)
- authorize?: false (bootstrap scenarios)
 2026-01-23 02:53:20 +01:00
Moritz
811a276d92 Update documentation for User credentials strategy
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Clarify that User.update :own is handled by HasPermission.
Fix file path references from lib/mv/accounts to lib/accounts.
 2026-01-22 21:36:22 +01:00
Moritz
5506b5b2dc docs(auth): document User policies and bypass pattern
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add bypass vs HasPermission pattern documentation
Update architecture and implementation plan docs
 2026-01-22 19:19:27 +01:00
Moritz
58c088833a
chore: update docs 2026-01-20 14:10:41 +01:00
Moritz
b3eb6c9223
Docs: Correct :linked scope documentation 2026-01-13 15:01:55 +01:00
Moritz
19a20635a7
docs: update documentation to use CustomFieldValue/CustomField instead of Property/PropertyType 2026-01-06 21:34:07 +01:00
Moritz
a19026e430
docs: update roles and permissions architecture and implementation plan
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-11-13 16:17:01 +01:00
Moritz
1084f67f1f
docs: Add roles and permissions architecture and implementation plan 
Complete RBAC system design with permission sets, Ash policies, and UI authorization.
Implementation broken down into 18 issues across 4 sprints with TDD approach.
Includes database schema, caching strategy, and comprehensive test coverage.
 2025-11-13 13:43:58 +01:00