local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 66 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

Fix System missing system actor in prod and prevent deletion #379

Merged
moritz merged 12 commits from fix/system_actor into main 2026-01-27 17:54:49 +01:00
Conversation 0 Commits 12 Files changed 15 +287 -37

12 commits

Author SHA1 Message Date
Moritz
462bc21ec3
fix(migration): use INSERT..SELECT for system user role_id in CI
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Avoid nil/empty-string UUID when repo().one lags after role insert.
 2026-01-27 17:47:05 +01:00
Moritz
92ee7fcc63 fix(seeds): use :update_internal for system user admin-role
Some checks failed
continuous-integration/drone/push Build is failing
Details 
:update is blocked for system-actor user; use :update_internal in bootstrap.
 2026-01-27 17:39:04 +01:00
Moritz
cbcb93418e feat(user_live): handle system user in form and show 
Early return / load_user_or_redirect, use system_user? to avoid editing system actor.
 2026-01-27 17:39:04 +01:00
Moritz
a10c770ca7 chore(migration): ensure_system_actor_user_exists 
Use admin_role_id, consistent UUID and timestamps.
 2026-01-27 17:39:04 +01:00
Moritz
d98b32af8d feat(accounts): block update/destroy on system-actor user 
Validation prevents modifying system actor user (required for internal ops).
 2026-01-27 17:39:04 +01:00
Moritz
7d33acde9f feat(system_actor): add system_user?/1 and normalize email 
Case-insensitive email comparison for system-actor detection.
 2026-01-27 17:39:04 +01:00
Moritz
41bc031cc6 refactor(web): extract format_ash_error to MvWeb.ErrorHelpers 
Use shared ErrorHelpers in UserLive.Index for consistent Ash error formatting.
 2026-01-27 17:39:04 +01:00
Moritz
eb8d78f834 Add gettext strings for system actor show/edit redirect messages 
German: Dieser Benutzer kann nicht angezeigt/bearbeitet werden.
 2026-01-27 17:39:04 +01:00
Moritz
9c31f0c16c Add tests for system actor protection and hiding 
Index: system actor not in list, destroy returns Ash.Error.Invalid. Show/Form:
redirect to /users when viewing or editing system actor user.
 2026-01-27 17:39:04 +01:00
Moritz
8ad5201e1a Hide system actor from user list and block show/edit 
Index: filter out SystemActor.system_user_email() in query. Show/Form:
redirect to /users with flash when viewing or editing system actor user.
Index format_error: handle Ash errors without :message field.
 2026-01-27 17:39:04 +01:00
Moritz
b7f37c80bd Prevent deletion of system actor user 
Add destroy validation and explicit destroy action (primary, require_atomic? false).
Validation blocks destroy when email == SystemActor.system_user_email().
 2026-01-27 17:39:04 +01:00
Moritz
acb33b9f3b Ensure system actor user exists via migration 
Creates user system@mila.local with Admin role if missing. Idempotent;
guarantees system actor in production without relying on seeds.
 2026-01-27 17:39:04 +01:00