2.2 KiB
Roles and Permissions - Implementation Record (MVP)
Status: ✅ Implemented (2026-01-08, PR #346, closes #345) Related: Overview · Architecture
Historical record of how the MVP (Phase 1) of the hardcoded Roles & Permissions system was built. The architecture document is the canonical design reference; the DB migration/rollback steps and the "What's NOT in MVP" boundary now live in its Migration Strategy section.
How the MVP was built
The MVP shipped as PR #346 (closes #345) across four week-sized sprints, built test-first (TDD) with the work split into 15 issues:
- Sprint 1 — Foundation:
RoleAsh resource +users.role_idFK (#1); hardcodedPermissionSetsmodule with the 4 setsown_data/read_only/normal_user/admin(#2); Role CRUD admin LiveViews (#3). - Sprint 2 — Policies:
HasPermissioncustom Ash policy check (#6); resource policies for Member (#7), User (#8), CustomFieldValue (#9), CustomField (#10); page-permission router plug (#11). Issues #7–#11 ran in parallel after #6. - Sprint 3 — Special cases & seeds: linked-member email validation (#12); role seed data + default-role assignment (#13).
- Sprint 4 — UI & integration:
MvWeb.AuthorizationUI helper (can?/3,can_access_page?/2) (#14); admin role-management UI (#15); applying UI authorization to existing LiveViews + navbar (#16); per-role integration journey tests (#17).
The 5 seeded roles map to permission sets as: Mitglied → own_data (system role), Vorstand → read_only, Kassenwart → normal_user, Buchhaltung → read_only, Admin → admin.
Issues #4, #5, #18 (DB-backed permission tables and ETS cache) were intentionally not built — see "What's NOT in MVP" in the architecture document.
Scope, migration & rollback
For the MVP scope boundary, the DB migration (create roles, add users.role_id),
the seed step, and the two-tier rollback plan (mix ecto.rollback → code revert), see
Architecture › Migration Strategy.