local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 66 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

User Resource Policies closes #363 #364

Merged
moritz merged 20 commits from feature/363_user_policies into main 2026-01-22 23:24:38 +01:00
Conversation 0 Commits 20 Files changed 28 +1717 -142

20 commits

Author SHA1 Message Date
Moritz
427608578f Restrict Actor.ensure_loaded to Mv.Accounts.User only
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Pattern match on %Mv.Accounts.User{} instead of generic actor.
Clearer intention, prevents accidental authorization bypasses.
Non-User actors are returned as-is (no-op).
 2026-01-22 23:17:55 +01:00
Moritz
d114554d52 Fix remaining runtime guard references in CODE_GUIDELINES 
Remove mentions of runtime guards - only compile-time config is used.
Clarify that production safety comes from config defaults.
 2026-01-22 23:12:33 +01:00
Moritz
f32324d942 Update CODE_GUIDELINES for Application.compile_env pattern
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Replace Mix.env example with config-based approach.
Remove outdated runtime guard documentation.
 2026-01-22 23:05:00 +01:00
Moritz
f6096e194f Remove skipped get_by_subject test, add explanation 
Test removed - JWT flow tested via AshAuthentication integration.
Direct test would require JWT mocking without value.
 2026-01-22 23:04:58 +01:00
Moritz
f3abade7ad Add authorize?: false to Actor.ensure_loaded 
SECURITY: Skip authorization for role loading to avoid circular dependency.
Actor loads their OWN role, needed for authorization itself.
Documented why this is safe.
 2026-01-22 23:04:56 +01:00
Moritz
e60bb6926f Remove unused PolicyHelpers macro and PolicyConsistency test
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Dead code - macro was never used in codebase.
PolicyConsistency test will be replaced with better implementation.
 2026-01-22 22:37:09 +01:00
Moritz
f2def20fce Add centralized Actor.ensure_loaded helper 
Consolidate role loading logic from HasPermission and LiveHelpers.
Use Ash.Resource.Info.resource? for reliable Ash detection.
 2026-01-22 22:37:07 +01:00
Moritz
05c71132e4 Replace NoActor runtime Mix.env with compile-time config 
Use Application.compile_env for release-safety.
Config only set in test.exs (defaults to false).
 2026-01-22 22:37:04 +01:00
Moritz
811a276d92 Update documentation for User credentials strategy
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Clarify that User.update :own is handled by HasPermission.
Fix file path references from lib/mv/accounts to lib/accounts.
 2026-01-22 21:36:22 +01:00
Moritz
d97f6f4004 Add policy consistency tests 
Enforce User.update :own across all permission sets.
Verify READ bypass + UPDATE HasPermission pattern.
 2026-01-22 21:36:19 +01:00
Moritz
a834bdc4ff Add PolicyHelpers macro for standard user policies 
Encapsulate two-tier policy pattern (bypass + HasPermission).
Promote consistency across resource policy definitions.
 2026-01-22 21:36:18 +01:00
Moritz
7d0f5fde86 Replace for comprehension with explicit describe blocks 
Fix Credo parsing error by removing for comprehension.
Duplicate tests for own_data, read_only, normal_user sets.
 2026-01-22 21:36:16 +01:00
Moritz
47c938cc50 Centralize role preloading in global LiveView on_mount 
Add ensure_user_role_loaded to global live_view quote block.
Remove redundant on_mount calls from individual LiveViews.
 2026-01-22 21:36:15 +01:00
Moritz
797452a76e Shorten User policy comments to state what only 
Move why explanations to documentation files.
Keep policy comments concise and focused.
 2026-01-22 21:36:12 +01:00
Moritz
f1e6a1e9db Clarify User.update :own in permission sets 
Add explicit comments explaining why all permission sets
grant User.update with scope :own for password changes.
 2026-01-22 21:36:11 +01:00
Moritz
56144a7696 Add role loading fallback to HasPermission check 
Extract ash_resource? helper to reduce nesting depth.
Add ensure_role_loaded fallback for unloaded actor roles.
 2026-01-22 21:36:10 +01:00
Moritz
93216f3ee6 Harden NoActor check with runtime environment guard 
Add Mix.env() check to match?/3 for defense in depth.
Document NoActor pattern in CODE_GUIDELINES.md.
 2026-01-22 21:36:09 +01:00
Moritz
5506b5b2dc docs(auth): document User policies and bypass pattern
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Add bypass vs HasPermission pattern documentation
Update architecture and implementation plan docs
 2026-01-22 19:19:27 +01:00
Moritz
63d8c4668d test(auth): add User policies test suite 
31 tests covering all 4 permission sets and bypass scenarios
Update HasPermission tests to expect false for scope :own without record
 2026-01-22 19:19:25 +01:00
Moritz
429042cbba feat(auth): add User resource authorization policies 
Implement bypass for READ + HasPermission for UPDATE pattern
Extend HasPermission check to support User resource scope :own
 2026-01-22 19:19:22 +01:00