mitgliederverwaltung

local-it/mitgliederverwaltung

Fork 0

Commit graph

486a63ace1 chore(deps): update renovate/renovate docker tag to v42.97 renovate/renovate-renovate-42.x Renovate Bot 2026-02-10 00:27:34 +00:00
b142a3a66a chore(deps): update mix dependencies renovate/mix-dependencies Renovate Bot 2026-02-10 00:27:05 +00:00
496e2e438f Merge pull request 'Implements CSV export closes #285' (#408) from feature/export_csv into main main carla 2026-02-09 15:17:49 +01:00
e68a7cf8c7 fix linting carla 2026-02-09 14:08:12 +01:00
80fe73a561 docs: update docs carla 2026-02-09 14:08:04 +01:00
31624e460b i18n: update translations carla 2026-02-09 13:37:37 +01:00
9115d53198 tests: add tests carla 2026-02-09 13:34:57 +01:00
e1266944b1 feat: add membership fee status to columns and dropdown carla 2026-02-09 13:34:38 +01:00
ebe4eb46b8 Update renovate/renovate Docker tag to v43 renovate/renovate-renovate-43.x Renovate Bot 2026-02-07 00:30:27 +00:00
36e57b24be Merge branch 'main' into feature/export_csv carla 2026-02-06 08:02:05 +01:00
8e387d8e17 tests: update tests carla 2026-02-05 15:03:36 +01:00
9b9e7ec995 fix: sorting and filter for export carla 2026-02-05 15:03:25 +01:00
dbd4e965fc Update ghcr.io/sebadob/rauthy Docker tag to v0.34.3 renovate/ghcr.io-sebadob-rauthy-0.x Renovate Bot 2026-02-05 00:20:05 +00:00
cc02748cc6 Merge pull request 'Fix prod admin initialisation' (#410) from fix/admin_init into main moritz 2026-02-04 21:41:38 +01:00
ad54b0c462 Release.seed_admin: ensure app started when run via bin/mv eval Moritz 2026-02-04 21:33:41 +01:00
6ab0365a8c Merge pull request 'Init an admin user in prod closes #381' (#409) from feature/381_init_admin into main moritz 2026-02-04 20:53:00 +01:00
ad42a53919 OIDC sign-in: robust after_action for get? result, non-bang role sync Moritz 2026-02-04 20:25:54 +01:00
c5f1fdce0a Code-review follow-ups: policy, docs, seed_admin behaviour Moritz 2026-02-04 19:44:43 +01:00
d573a22769 Tests: accept single user or list from read_sign_in_with_rauthy (get? true) Moritz 2026-02-04 18:03:18 +01:00
58a5b086ad OIDC: pass oauth_tokens to role sync; get? true for sign_in; return record in register Moritz 2026-02-04 18:03:15 +01:00
d441009c8a Refactor: remove debug instrumentation from OidcRoleSync Moritz 2026-02-04 18:03:02 +01:00
d37fc03a37 Fix: load OIDC role sync config from ENV in all environments Moritz 2026-02-04 18:02:59 +01:00
55fef5a993 Docs and .env.example for admin bootstrap and OIDC role sync Moritz 2026-02-04 16:20:39 +01:00
99722dee26 Add OidcRoleSync: apply Admin/Mitglied from OIDC groups Moritz 2026-02-04 16:18:18 +01:00
a6e35da0f7 Add OIDC role sync config (OIDC_ADMIN_GROUP_NAME, OIDC_GROUPS_CLAIM) Moritz 2026-02-04 16:15:47 +01:00
50c8a0dc9a Seeds: call Mv.Release.seed_admin to avoid duplication Moritz 2026-02-04 16:13:13 +01:00
e065b39ed4 Add Mv.Release.seed_admin for admin bootstrap from ENV Moritz 2026-02-04 16:10:45 +01:00
b177e41882 Add Role.get_admin_role for Release.seed_admin Moritz 2026-02-04 16:08:15 +01:00
09a4b7c937 Seeds: use ADMIN_PASSWORD/ADMIN_PASSWORD_FILE; fallback only in dev/test Moritz 2026-02-04 15:17:49 +01:00
7a56a0920b Call seed_admin in docker entrypoint after migrate Moritz 2026-02-04 15:17:45 +01:00
e7d63b9b0a fix linting carla 2026-02-04 16:55:24 +01:00
59d94cf1c6 Merge pull request 'Polishs import UI closes #337' (#398) from feature/337_polish_import into main carla 2026-02-04 16:50:43 +01:00
b429a4dbb6 test: adds tests carla 2026-02-04 16:43:12 +01:00
c82f4b7fd7 feat: add csv export carla 2026-02-04 16:40:41 +01:00
361331b76e fix linting errors carla 2026-02-04 16:36:13 +01:00
3415faeb21 Merge branch 'main' into feature/337_polish_import carla 2026-02-04 16:28:55 +01:00
d34ff57531 refactor carla 2026-02-04 15:52:00 +01:00
82b3182267 Merge pull request 'Permission system hardening: Role policies and member user-link restriction closes #406' (#407) from feature/406_permission_hardening into main moritz 2026-02-04 14:52:49 +01:00
95472424b1

Fix member unlink: use User update_user action Moritz 2026-02-04 14:44:39 +01:00
5194b20b5c

Fix unlink-by-omission: on_missing :ignore, test, doc, string-key Moritz 2026-02-04 14:06:36 +01:00
543fded102

Harden member user-link check: argument presence, nil actor, policy scope Moritz 2026-02-04 13:46:49 +01:00
34e049ef32

Refactor member user-link tests: shared setup Moritz 2026-02-04 13:24:14 +01:00
54e419ed4c

Docs: permission hardening Role and member user link Moritz 2026-02-04 12:54:15 +01:00
26fbafdd9d

Restrict member user link to admins (forbid policy) Moritz 2026-02-04 12:50:10 +01:00
4d3a64c177

Add Role resource policies (defense-in-depth) Moritz 2026-02-04 12:37:48 +01:00
10f37a1246 Merge pull request 'Update Mix dependencies' (#392) from renovate/mix-dependencies into main moritz 2026-02-04 14:06:30 +01:00
40e75f4066 refactor: reduce nesting in HasPermission.strict_check_with_permissions Moritz 2026-02-04 13:29:41 +01:00
f7ba98c36b

refactor: reduce nesting in SyncUserEmailToMember.sync_email Moritz 2026-02-04 13:02:56 +01:00
6aadf4f93b Update Mix dependencies Renovate Bot 2026-02-04 00:11:52 +00:00
d13fbef890 Merge pull request 'Complete Permissions for Groups, Membership Fees, and User Role Assignment closes #404' (#405) from feature/404_permission_completeness into main moritz 2026-02-04 11:47:17 +01:00
083592489f ARIA: set aria-sort on th for sortable columns Moritz 2026-02-04 11:40:23 +01:00
24d130ffb5 OIDC: use UserHelpers.has_oidc? in index and show Moritz 2026-02-04 11:40:21 +01:00
503401f2e6 Setting: remove unused actor in default_fee_type validation Moritz 2026-02-04 11:40:19 +01:00
d7c6d20483 User form: red warning for OIDC users when setting/changing password Moritz 2026-02-04 11:07:01 +01:00
b6d1a27bc9 Seeds: only admin gets password; additional users without password Moritz 2026-02-04 11:06:59 +01:00
541c79e501 ARIA: remove aria-sort from sort button; Password column tests Moritz 2026-02-04 11:06:55 +01:00
c6082f2831 Users list and show: Role, Password, OIDC columns; UserHelpers Moritz 2026-02-04 11:06:52 +01:00
7eba21dc9c Hide Regenerate Cycles button when no membership fee type assigned Moritz 2026-02-04 09:38:26 +01:00
c035d0f141 Docs: groups and roles/permissions architecture, Group moduledoc Moritz 2026-02-04 09:20:26 +01:00
178f5a01c7 MembershipFeeCycle: own_data read :linked via bypass and HasPermission scope Moritz 2026-02-04 09:20:10 +01:00
890a4d3752 MemberGroup: restrict bypass to own_data via MemberGroupReadLinkedForOwnData Moritz 2026-02-04 09:19:57 +01:00
67ce514ba0 User: fix last-admin validation and forbid non-admin role_id change Moritz 2026-02-04 09:19:47 +01:00
dbd0a57292 Secure regenerate_cycles: require can?(:create, MembershipFeeCycle) in handler Moritz 2026-02-04 09:19:37 +01:00
03d3a7eb1b Docs and tests: fix CODE_GUIDELINES structure, use Mv.Fixtures in show_membership_fees_test Moritz 2026-02-04 01:02:22 +01:00
a2e1054c8d Tests: use Mv.Fixtures, fix warnings, Credo TODO disable Moritz 2026-02-04 00:34:12 +01:00
3a92398d54 user_policies_test: data-driven tests for own_data, read_only, normal_user Moritz 2026-02-04 00:34:02 +01:00
085b6be769 show_membership_fees_test: format long assert line Moritz 2026-02-04 00:34:01 +01:00
182d34fe58 MemberLive: confirm_delete_all_cycles via Ash.destroy, reduce current_actor Moritz 2026-02-04 00:34:00 +01:00
e799f0271c Refactor PermissionSets: define admin permissions via perm_all() Moritz 2026-02-04 00:33:58 +01:00
c4459ebb92 Docs, gettext, and remaining test updates Moritz 2026-02-03 23:52:31 +01:00
101fd39f18 Fee settings and fee type form: pass actor for MembershipFeeType read Moritz 2026-02-03 23:52:27 +01:00
e3bea17827 Member show & MembershipFees: permissions, delete all, regenerate, errors Moritz 2026-02-03 23:52:24 +01:00
8ec4a07103 User form: persist role, member linking, Forbidden handling Moritz 2026-02-03 23:52:20 +01:00
5ed41555e9 Member/Setting/validations: domain, actor, and seeds Moritz 2026-02-03 23:52:16 +01:00
5889683854 Add resource policies for Group, MemberGroup, MembershipFeeType, MembershipFeeCycle Moritz 2026-02-03 23:52:12 +01:00
893f9453bd Add PermissionSets for Group, MemberGroup, MembershipFeeType, MembershipFeeCycle Moritz 2026-02-03 23:52:09 +01:00
36b7031dca Merge pull request 'chore(deps): update renovate/renovate docker tag to v42.95' (#393) from renovate/renovate-renovate-42.x into main moritz 2026-02-03 19:52:08 +01:00
fa5afba6ba chore(deps): update renovate/renovate docker tag to v42.95 Renovate Bot 2026-02-02 00:10:14 +00:00
0c313824fb Merge pull request 'chore(deps): update ghcr.io/sebadob/rauthy docker tag to v0.34.2' (#391) from renovate/ghcr.io-sebadob-rauthy-0.x into main moritz 2026-02-03 19:51:09 +01:00
f45ae66f18 chore(deps): update ghcr.io/sebadob/rauthy docker tag to v0.34.2 Renovate Bot 2026-02-01 00:07:43 +00:00
c2bafe4acf Merge pull request 'Apply UI Authorization to Existing LiveViews closes #400' (#403) from feature/400_ui_authorization into main moritz 2026-02-03 17:30:15 +01:00
cbc9376b7b Tests: data-testid selectors, scoped delete, sidebar testid Moritz 2026-02-03 17:16:15 +01:00
ee6bfbacbb User LiveViews: row_id and data-testid for actions Moritz 2026-02-03 17:16:13 +01:00
a4b13cef49 Member LiveViews: row_id and data-testid for actions Moritz 2026-02-03 17:16:11 +01:00
286972964d CoreComponents: allow data-testid on button Moritz 2026-02-03 17:16:10 +01:00
c36812bf3f Authorization: document can_access_page? nil-safety Moritz 2026-02-03 17:16:09 +01:00
2ddd22078d Sidebar: use PagePaths, add testid for Administration Moritz 2026-02-03 17:16:08 +01:00
9e8910344e Add MvWeb.PagePaths for central sidebar/page paths Moritz 2026-02-03 17:16:07 +01:00
1426ef1d38

Add sidebar authorization tests Moritz 2026-02-03 16:35:36 +01:00
f779fd61e0

Gate sidebar menu items by can_access_page? Moritz 2026-02-03 16:35:35 +01:00
cc9e530d80

Add User LiveView authorization tests Moritz 2026-02-03 16:35:33 +01:00
2f67c7099d

Apply UI authorization to User LiveViews (Index and Show) Moritz 2026-02-03 16:35:32 +01:00
5e361ba400

Add Member LiveView authorization tests Moritz 2026-02-03 16:35:30 +01:00
505e31653a

Apply UI authorization to Member LiveViews (Index and Show) Moritz 2026-02-03 16:35:29 +01:00
d3ad7c5013 Merge pull request 'Member Email Validation for Linked Members closes #397' (#399) from feature/397_emailsync_permission into main moritz 2026-02-03 16:35:40 +01:00
e4671e816b

fix: failing test due to merge feature/ui-for-adding-members-groups Simon 2026-02-03 16:30:59 +01:00
03f27a5938

Merge remote-tracking branch 'origin/main' into feature/ui-for-adding-members-groups Simon 2026-02-03 16:15:53 +01:00
131904f172

Test: assert on error field :email instead of message string Moritz 2026-02-03 15:00:27 +01:00
47b6a16177

Doc: Actor maybe_load_role comment; ActorIsAdmin system user = admin Moritz 2026-02-03 15:00:24 +01:00
60a4181255

Validation: error message admin or linked user; resolve_actor fallback Moritz 2026-02-03 15:00:20 +01:00