lib/mv/membership/member/validations/email_change_permission.ex

@@ -11,7 +11,7 @@ defmodule Mv.Membership.Member.Validations.EmailChangePermission do
   This prevents non-admins from changing another user's linked member email,
   which would sync to that user's account and break email synchronization.
 
-  No system-actor fallback: missing actor is treated as not allowed.
+  Missing actor is not allowed; the system actor counts as admin (via `Actor.admin?/1`).
   """
   use Ash.Resource.Validation
   use Gettext, backend: MvWeb.Gettext, otp_app: :mv
@@ -47,16 +47,22 @@ defmodule Mv.Membership.Member.Validations.EmailChangePermission do
         :ok
       else
         msg =
-          dgettext("default", "Only administrators can change email for members linked to users")
+          dgettext(
+            "default",
+            "Only administrators or the linked user can change the email for members linked to users"
+          )
 
         {:error, field: :email, message: msg}
       end
     end
   end
 
-  # Ash stores actor in changeset.context.private.actor; validation context also has .actor
+  # Ash stores actor in changeset.context.private.actor; validation context has .actor; some callsites use context.actor
   defp resolve_actor(changeset, context) do
-    get_in(changeset.context || %{}, [:private, :actor]) ||
+    ctx = changeset.context || %{}
+
+    get_in(ctx, [:private, :actor]) ||
+      Map.get(ctx, :actor) ||
       (context && Map.get(context, :actor))
   end
 

priv/gettext/de/LC_MESSAGES/default.po

@@ -2299,6 +2299,6 @@ msgid "Unknown column '%{header}' will be ignored. If this is a custom field, cr
 msgstr "Unbekannte Spalte '%{header}' wird ignoriert. Falls dies ein Datenfeld ist, erstellen Sie es in Mila vor dem Import."
 
 #: lib/mv/membership/member/validations/email_change_permission.ex
-#, elixir-autogen, elixir-format
-msgid "Only administrators can change email for members linked to users"
-msgstr "Nur Administrator*innen können die E-Mail von Mitgliedern ändern, die mit Benutzer*innen verknüpft sind."
+#, elixir-autogen, elixir-format, fuzzy
+msgid "Only administrators or the linked user can change the email for members linked to users"
+msgstr "Nur Administrator*innen oder die verknüpfte Benutzer*in können die E-Mail von Mitgliedern ändern, die mit Benutzer*innen verknüpft sind."

priv/gettext/default.pot

@@ -2301,5 +2301,5 @@ msgstr ""
 
 #: lib/mv/membership/member/validations/email_change_permission.ex
 #, elixir-autogen, elixir-format
-msgid "Only administrators can change email for members linked to users"
+msgid "Only administrators or the linked user can change the email for members linked to users"
 msgstr ""

priv/gettext/en/LC_MESSAGES/default.po

@@ -2300,6 +2300,6 @@ msgid "Unknown column '%{header}' will be ignored. If this is a custom field, cr
 msgstr "Unknown column '%{header}' will be ignored. If this is a custom field, create it in Mila before importing."
 
 #: lib/mv/membership/member/validations/email_change_permission.ex
-#, elixir-autogen, elixir-format
-msgid "Only administrators can change email for members linked to users"
-msgstr "Only administrators can change email for members linked to users"
+#, elixir-autogen, elixir-format, fuzzy
+msgid "Only administrators or the linked user can change the email for members linked to users"
+msgstr "Only administrators or the linked user can change the email for members linked to users"