local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 52 Pull requests 2 Projects 1 Releases 4 Packages 1 Activity Actions
mitgliederverwaltung/CHANGELOG.md
simon efb9faf537
Some checks failed
continuous-integration/drone/push Build is failing
Details
CHANGELOG.md aktualisiert
2026-05-08 15:20:18 +02:00

8.6 KiB
Raw Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[1.2.0] - 2026-05-08

Changed

  • Clickable table row highlights The new hover/focus-visible row highlight behavior is now the CoreComponents default across clickable tables. Sticky-first-column tables keep zebra striping and show selection through the sticky-column accent stripe (checkboxes keep their default style).
  • Members overview scrolling The members table scrollbar now scrolls inside the table container instead of moving with the full page.
  • Join request display and settings workflow Improved join request rendering and related settings behavior in one cohesive update:
    • Join request fields now respect their configured field types in the details view.
    • Custom field labels in join request views were standardized.
    • Join request field formatting was corrected for more consistent output.
    • Join link settings now include a direct "Open" action in addition to copy/share workflows.

Fixed

  • Runtime ENV handling Empty or invalid environment variables (e.g. SMTP_PORT=, PORT=, POOL_SIZE=, DATABASE_PORT=) no longer cause ArgumentError at boot. Instead raises clear errors for required vars set but empty (e.g. DATABASE_HOST, PHX_HOST/DOMAIN, SECRET_KEY_BASE).
  • PostgreSQL 18 Docker volume path Corrected the database volume path to match PostgreSQL 18 expectations.
  • Association name ENV handling ASSOCIATION_NAME is now treated as source of truth; the field is read-only in Global Settings when managed via ENV.
  • Association name consistency after updates Layout now prefers explicitly assigned club_name values to avoid stale cached values right after settings changes.
  • SMTP ENV/UI source selection SMTP now follows a strict single-source policy: ENV-only when SMTP_HOST is set, otherwise Settings-only.
  • SMTP settings UI in ENV mode SMTP fields are read-only, save action is hidden, and missing required ENV keys are shown as a warning.

Dependency updates

  • Mix dependencies were updated.
  • Renovate Docker image was updated to v43.165.
  • Rauthy Docker image was updated to v0.35.1.
  • just was updated to v1.50.0.

[1.1.1] - 2026-03-16

Added

  • FORCE_SEEDS Environment variable. When set to "true", bootstrap (and optionally dev) seeds are run even when the admin user already exists, so you can re-apply changed seed data (e.g. new roles or custom fields) without deleting the admin user.
  • Improved OIDC-only mode Admin can enable “Only OIDC sign-in” in settings; when enabled, direct registration is disabled and sign-in page redirects to OIDC when configured.
  • Success toast auto-dismiss Success flash messages (e.g. “Settings saved”) hide automatically after 5 seconds instead of requiring the user to close them.

Changed

  • Seeds run only when needed Bootstrap and dev seeds are skipped on application start when the admin user already exists (Mv.Release.bootstrap_seeds_applied?/0). This avoids duplicate data and speeds up startup in dev and production after the first run. Set FORCE_SEEDS=true to override and re-run.
  • Unauthenticated access Users who are not logged in are redirected to sign-in without showing a “no permission” message; the message is only shown to logged-in users who lack access.

Fixed

  • SMTP configuration Repaired so that both port 587 (TLS/STARTTLS) and 465 (SSL) work correctly.

[1.1.0] - 2026-03-13

Added

  • Browser timezone for datetime display Date/time values (e.g. join request submitted at, approved at, rejected at) are shown in the users local timezone.
  • Registration toggle New global setting to disable direct registration (/register). When disabled, visitors are redirected to sign-in and the register link is hidden; join form remains available.
  • Configurable SMTP in global settings SMTP host, port, user, password, and TLS options configurable via Admin → Global Settings. Test-email action to verify delivery. Join confirmation and other transactional emails use this configuration.
  • Theme and language selector on unauthenticated pages Sign-in and join pages now offer theme (light/dark) and locale (e.g. German/English) controls in the header.
  • Duplicate-email handling for join form If an applicants email is already a member or already has a pending join request, the system sends a clarifying email (already-member or already-pending) and shows the same success message (anti-enumeration).
  • Reviewed-by display for join requests Approval UI shows who reviewed a request via a dedicated display field, without loading the User record.
  • Improved field order and seeds for join request approval Approval screen field order improved; seed data updated for join-form and approval flows.
  • Tests for SMTP mailer configuration Tests for SMTP config and for join confirmation email delivery failure (domain and LiveView).

Changed

  • SMTP settings layout SMTP options reordered and grouped in global settings for clearer configuration.
  • Join confirmation mail Uses configurable SMTP from settings; on delivery failure the join form shows an error and no success message.
  • i18n Gettext catalogs updated for new and changed strings.

Fixed

  • Login page translation Corrected translation/locale handling on the sign-in page.

[1.0.0] and earlier

Added

  • Roles and Permissions System (RBAC) - Complete implementation (#345, 2026-01-08)
    • Four hardcoded permission sets: own_data, read_only, normal_user, admin
    • Database-backed roles with permission set references
    • Member resource policies with scope filtering (:own, :linked, :all)
    • Authorization checks via Mv.Authorization.Checks.HasPermission
    • System role protection (critical roles cannot be deleted)
    • Role management UI at /admin/roles
  • Membership Fees System - Full implementation
    • Membership fee types with intervals (monthly, quarterly, half_yearly, yearly)
    • Individual billing cycles per member with payment status tracking
    • Cycle generation and regeneration
    • Global membership fee settings
    • UI components for fee management
  • Global Settings Management - Singleton settings resource
    • Club name configuration (with environment variable support)
    • Member field visibility settings
    • Membership fee default settings
  • Sidebar Navigation - Replaced navbar with standard-compliant sidebar (#260, 2026-01-12)
  • CSV Import Templates - German and English templates (#329, 2026-01-13)
    • Template files in priv/static/templates/
    • CSV specification documented
  • User-Member linking with fuzzy search autocomplete (#168)
  • PostgreSQL trigram-based member search with typo tolerance
  • WCAG 2.1 AA compliant autocomplete dropdown with ARIA support
  • Bilingual UI (German/English) for member linking workflow
  • Bulk email copy feature - Copy email addresses of selected members to clipboard (#230)
    • Email format: "First Last " with semicolon separator (compatible with email clients)
    • CopyToClipboard JavaScript hook with fallback for older browsers
    • Button shows count of visible selected members (respects search/filter)
    • German/English translations
  • Docker secrets support via _FILE environment variables for all sensitive configuration (SECRET_KEY_BASE, TOKEN_SIGNING_SECRET, OIDC_CLIENT_SECRET, DATABASE_URL, DATABASE_PASSWORD)

Changed

  • Actor Handling Refactoring (2026-01-09)
    • Standardized actor access with current_actor/1 helper function
    • ash_actor_opts/1 helper for consistent authorization options
    • submit_form/3 wrapper for form submissions with actor
    • All Ash operations now properly pass actor parameter
  • Error Handling Improvements (2026-01-13)
    • Replaced Ash.read! with proper error handling in LiveViews
    • Consistent flash message handling for authorization errors
    • Early return patterns for unauthenticated users

Fixed

  • Email validation false positive when linking user and member with identical emails (#168 Problem #4)
  • Relationship data extraction from Ash manage_relationship during validation
  • Copy button count now shows only visible selected members when filtering
  • Language headers in German .po files (corrected from "en" to "de")
  • Critical deny-filter bug in authorization system (2026-01-08)
  • HasPermission auto_filter and strict_check implementation (2026-01-08)