local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 53 Pull requests 1 Projects 2 Releases 3 Packages 1 Activity Actions
1550 commits 5 branches 3 tags 22 MiB
Commit graph

425 commits

Author SHA1 Message Date
Simon
c381b86b5e Improve oidc only mode (#474)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
## Description of the implemented changes
The changes were:
- [x] Bugfixing
- [x] New Feature
- [ ] Breaking Change
- [x] Refactoring

**OIDC-only mode improvements and UX tweaks (success toasts, unauthenticated redirect).**

## What has been changed?

### OIDC-only mode (new feature)
- **Admin settings:** "Only OIDC sign-in" is an immediate toggle at the top of the OIDC section (no save button). Enabling it also turns off "Allow direct registration". When OIDC-only is on, the registration checkbox is disabled and shows a tooltip (DaisyUI `<.tooltip>`).
- **Backend:** Password sign-in is forbidden via Ash policy (`OidcOnlyActive` check). Password registration is blocked via validation `OidcOnlyBlocksPasswordRegistration`. New plug `OidcOnlySignInRedirect`: when OIDC-only and OIDC are configured, GET `/sign-in` redirects to the OIDC flow; GET `/auth/user/password/sign_in_with_token` is rejected with redirect + flash. `AuthController.success/4` also rejects password sign-in when OIDC-only.
- **Tests:** GlobalSettingsLive (OIDC-only UI), AuthController (redirect and password sign-in rejection), User authentication (register_with_password blocked when OIDC-only).

### UX / behaviour (no new feature flag)
- **Success toasts:** Success flash messages auto-dismiss after 5 seconds via JS hook `FlashAutoDismiss` and optional `auto_clear_ms` on `<.flash>` (used for success in root layout and `flash_group`).
- **Unauthenticated users:** Redirect to sign-in without the "You don't have permission to access this page" flash; that message is only shown to logged-in users who lack access. Logic in `LiveHelpers` and `CheckPagePermission` plug; test updated accordingly.

### Other
- Layouts: comment about unprocessed join-request count no longer uses "TODO" (Credo).
- Gettext: German translation for "Home" (Startseite); POT/PO kept in sync.
- CHANGELOG: Unreleased section updated with the above.

## Definition of Done
### Code Quality
- [x] No new technical depths
- [x] Linting passed
- [x] Documentation is added where needed (module docs, comments where non-obvious)

### Accessibility
- [x] New elements are properly defined with html-tags (labels, aria-label on checkboxes)
- [x] Colour contrast follows WCAG criteria (unchanged)
- [x] Aria labels are added when needed (e.g. oidc-only and registration checkboxes)
- [x] Everything is accessible by keyboard (toggles and buttons unchanged)
- [x] Tab-Order is comprehensible
- [x] All interactive elements have a visible focus (existing patterns)

### Testing
- [x] Tests for new code are written (OIDC-only UI, auth controller, user auth; SMTP config builder and mailer)
- [x] All tests pass
- [ ] axe-core dev tools show no critical or major issues (not re-run for this PR; suggest spot-check on settings and sign-in)

## Additional Notes
- **OIDC-only:** When the `OIDC_ONLY` env var is set, the toggle is read-only and shows "(From OIDC_ONLY)". When OIDC is not configured, the toggle is disabled.
- **Invalidation:** Enabling OIDC-only sets `registration_enabled: false` in one update; disabling OIDC-only only updates `oidc_only` (registration left as-is).
- **Review focus:** Plug order in router (OidcOnlySignInRedirect), policy/validation order in User, and that all OIDC-only paths (form, plug, controller) stay consistent.

Reviewed-on: #474
Co-authored-by: Simon <s.thiessen@local-it.org>
Co-committed-by: Simon <s.thiessen@local-it.org>
 2026-03-16 19:09:07 +01:00
Simon
c933144920
feat: unify page titles
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-13 19:01:50 +01:00
Simon
e8ec620d57
feat: add timezone handling
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-13 18:22:12 +01:00
Simon
349cee0ce6
refactor: review remarks
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-13 17:55:17 +01:00
Simon
09e4b64663
feat: allow disabling registration
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-13 16:40:39 +01:00
Simon
eb18209669
feat: rearrange smtp settings
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-13 15:56:02 +01:00
Simon
104faf7006
feat: add theme selector to unauthenticated pages
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-13 14:48:10 +01:00
Simon
99a8d64344
fix: translation of login page
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-13 14:11:54 +01:00
Simon
086ecdcb1b
feat: prevent join requests with equal mail
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-13 11:18:34 +01:00
Simon
40a4461d23
fix: join confirmation mail configuration
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-13 09:34:56 +01:00
Simon
a7481f6ab1
feat: improve field order for approvals and add seeds
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-12 16:15:57 +01:00
Simon
942f2afd9e
refactor: adress review
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-12 15:29:54 +01:00
Simon
4af80a8305
Merge remote-tracking branch 'origin/main' into feature/308-web-form
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-12 13:52:33 +01:00
Simon
a4f3aa5d6f
feat: add smtp settings
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-12 13:39:48 +01:00
carla
03d91d4029 fix tests
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-11 11:40:32 +01:00
carla
762402adf9 fix translations
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-11 11:30:26 +01:00
carla
ca9e4accc8 fix formatting
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-11 11:25:16 +01:00
carla
45c2f3e2b3 i18n: fix translations
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-11 11:13:21 +01:00
Simon
f53a3ce3cc
refactor: integrate approval ui review changes
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-11 02:20:29 +01:00
simon
28f97184b3 Merge branch 'main' into feature/308-web-form
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-11 02:05:13 +01:00
Simon
86d9242d83
feat: add approval ui for join requests
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-11 02:04:03 +01:00
simon
f79c9ac515 Merge pull request 'add public join form' (#466) from feature/308-web-form into main
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #466
 2026-03-10 23:08:26 +01:00
Simon
021b709e6a
refactor: address review comments for join view
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-03-10 22:54:41 +01:00
Moritz
7686b63d7f
fix: use WCAG AA warning text class for Vereinfacht notice 2026-03-10 20:17:26 +01:00
Simon
f1d0526209
feat: add join form
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-10 18:25:17 +01:00
Simon
05e2a298fe
feat: add accessible drag&drop table component
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-10 15:40:28 +01:00
Simon
fa738aae88
feat: add join form settings
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-03-10 14:29:49 +01:00
Moritz
f601550526 fix translations
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2026-03-09 16:45:14 +01:00
Moritz
8da22b3d88 Apply review feedback and fix Credo in fee type filter
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details 
- Index: use FilterParams and constants; fix parse recursion; validate fee type/group
  IDs; OR semantics for :in; build_query_params/reset_all_filters map-based API;
  alias order (Credo); Map.take list deprecation fix
- MemberFilterComponent: use FilterParams and constants; fee_type_filter_part
  helper (Credo nesting); in_not_in_filter_label_class; reset_all_filters map;
  button label for :not_in and combined filter count; fieldset borders
- Gettext: Fee types, filter count plural, 'without %{name}' (en/de)
 2026-03-09 14:33:58 +01:00
Moritz
ae07e3efc2 Add filter prefix constants and shared FilterParams module 
- Mv.Constants: group_filter_prefix/0, fee_type_filter_prefix/0
- MvWeb.MemberLive.Index.FilterParams: parse_in_not_in_value/1 for URL param parsing
 2026-03-09 14:33:58 +01:00
Moritz
a8f12d1c91 Add member fee type filter to member list 
- Filter by membership fee type in same style as groups (All/Yes/No per type)
- Index: load fee types, fee_type_filters, URL params, apply_fee_type_filters
- MemberFilterComponent: fee types section, events, reset, button label
- Refactor update_filters: extract parse/dispatch helpers to satisfy Credo complexity
 2026-03-09 14:33:58 +01:00
Moritz
0ac39c646f
Remove Vereinfacht-required logic from settings and member validation 
- Member field settings: required only from email + settings (no API override)
- Member resource validation: required fields from settings only
- Gettext: remove obsolete 'Required for Vereinfacht integration' string
 2026-03-04 20:21:51 +01:00
Moritz
e4ddaf0dc3
fix test: add for="csv_file" to CSV file label
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-03-04 20:14:13 +01:00
Moritz
5bd803a4b4
A11y: dark mode contrast, sign-in landmark/h1, Banner link discernibility
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-03-04 19:39:19 +01:00
Moritz
70c3ca82ea
fix(a11y): WCAG 2 AA contrast, labels and dropdown
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-03-04 16:21:17 +01:00
Moritz
f9d6936274
Membership fee settings: row-click table, compact default layout 2026-03-04 16:21:17 +01:00
Moritz
60d3fa74fb
Member index: rename cycle toggle, add tooltip 2026-03-04 16:21:16 +01:00
Moritz
52228ca5d5
Member form: remove duplicate save button in header 2026-03-04 16:21:16 +01:00
Moritz
7a8b069834
Fix Credo Design (AliasUsage): add aliases in lib 
Add module aliases at top and use short names instead of
fully qualified nested modules across lib/.
 2026-03-04 16:21:15 +01:00
Moritz
81ce204502
Fix Credo Readability (strict) 
- Max line length, implicit try, alias order, zero-arity defs
- String sigils, long comments split; redundant blank lines fixed
 2026-03-04 16:21:14 +01:00
carla
7f15909cc6 fix tests
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is passing
Details
2026-02-26 17:14:47 +01:00
carla
e0484a0533 formatting
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/promote/production Build is failing
Details
2026-02-26 15:30:27 +01:00
carla
c71c7d6ed6 fix: color contrast dark mode and keyboard moadals 2026-02-26 15:24:29 +01:00
carla
5516c7fe62 fix: remove + from name in email field 2026-02-26 14:02:47 +01:00
carla
4ac56958b4 feat: keep empty cells consistent empty
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-02-26 13:37:35 +01:00
carla
9751525a0c fix: datafield edit view was shown alongside othe relements
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-26 12:37:52 +01:00
carla
faf80bfb4b refactor: consistend subheadings
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-26 12:10:42 +01:00
carla
2c49018ab7 feat: improve color contrast 2026-02-26 11:54:24 +01:00
carla
e422e5f4ef feat: consistent and accessible modal on delete
Some checks failed
continuous-integration/drone/push Build is failing
Details
2026-02-26 11:17:21 +01:00
carla
2922a4d1ee feat: adds keyboard accessibility to tabs 2026-02-26 10:37:57 +01:00