local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
mitgliederverwaltung/lib/mv/authorization/checks
History
Moritz 14fa873640 Restrict User.update_user to admin; allow :update for email only 
- Add ActorIsAdmin policy check (admin permission set only)
- User: policy action(:update_user) forbid_unless + authorize_if ActorIsAdmin
- User: primary :update action accept [:email] for non-admin profile edit
2026-01-30 11:13:23 +01:00
..
actor_is_admin.ex Restrict User.update_user to admin; allow :update for email only 2026-01-30 11:13:23 +01:00
custom_field_value_create_scope.ex CustomFieldValueCreateScope: use get_argument_or_attribute for member_id 2026-01-27 16:07:01 +01:00
has_permission.ex HasPermission: remove unused _authorizer from strict_check helper 2026-01-27 16:07:01 +01:00