local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 53 Pull requests 1 Projects 2 Releases 3 Packages 1 Activity Actions
mitgliederverwaltung/CHANGELOG.md
Simon c381b86b5e
All checks were successful
continuous-integration/drone/push Build is passing
Details
Improve oidc only mode (#474) 
## Description of the implemented changes
The changes were:
- [x] Bugfixing
- [x] New Feature
- [ ] Breaking Change
- [x] Refactoring

**OIDC-only mode improvements and UX tweaks (success toasts, unauthenticated redirect).**

## What has been changed?

### OIDC-only mode (new feature)
- **Admin settings:** "Only OIDC sign-in" is an immediate toggle at the top of the OIDC section (no save button). Enabling it also turns off "Allow direct registration". When OIDC-only is on, the registration checkbox is disabled and shows a tooltip (DaisyUI `<.tooltip>`).
- **Backend:** Password sign-in is forbidden via Ash policy (`OidcOnlyActive` check). Password registration is blocked via validation `OidcOnlyBlocksPasswordRegistration`. New plug `OidcOnlySignInRedirect`: when OIDC-only and OIDC are configured, GET `/sign-in` redirects to the OIDC flow; GET `/auth/user/password/sign_in_with_token` is rejected with redirect + flash. `AuthController.success/4` also rejects password sign-in when OIDC-only.
- **Tests:** GlobalSettingsLive (OIDC-only UI), AuthController (redirect and password sign-in rejection), User authentication (register_with_password blocked when OIDC-only).

### UX / behaviour (no new feature flag)
- **Success toasts:** Success flash messages auto-dismiss after 5 seconds via JS hook `FlashAutoDismiss` and optional `auto_clear_ms` on `<.flash>` (used for success in root layout and `flash_group`).
- **Unauthenticated users:** Redirect to sign-in without the "You don't have permission to access this page" flash; that message is only shown to logged-in users who lack access. Logic in `LiveHelpers` and `CheckPagePermission` plug; test updated accordingly.

### Other
- Layouts: comment about unprocessed join-request count no longer uses "TODO" (Credo).
- Gettext: German translation for "Home" (Startseite); POT/PO kept in sync.
- CHANGELOG: Unreleased section updated with the above.

## Definition of Done
### Code Quality
- [x] No new technical depths
- [x] Linting passed
- [x] Documentation is added where needed (module docs, comments where non-obvious)

### Accessibility
- [x] New elements are properly defined with html-tags (labels, aria-label on checkboxes)
- [x] Colour contrast follows WCAG criteria (unchanged)
- [x] Aria labels are added when needed (e.g. oidc-only and registration checkboxes)
- [x] Everything is accessible by keyboard (toggles and buttons unchanged)
- [x] Tab-Order is comprehensible
- [x] All interactive elements have a visible focus (existing patterns)

### Testing
- [x] Tests for new code are written (OIDC-only UI, auth controller, user auth; SMTP config builder and mailer)
- [x] All tests pass
- [ ] axe-core dev tools show no critical or major issues (not re-run for this PR; suggest spot-check on settings and sign-in)

## Additional Notes
- **OIDC-only:** When the `OIDC_ONLY` env var is set, the toggle is read-only and shows "(From OIDC_ONLY)". When OIDC is not configured, the toggle is disabled.
- **Invalidation:** Enabling OIDC-only sets `registration_enabled: false` in one update; disabling OIDC-only only updates `oidc_only` (registration left as-is).
- **Review focus:** Plug order in router (OidcOnlySignInRedirect), policy/validation order in User, and that all OIDC-only paths (form, plug, controller) stay consistent.

Reviewed-on: #474
Co-authored-by: Simon <s.thiessen@local-it.org>
Co-committed-by: Simon <s.thiessen@local-it.org>
2026-03-16 19:09:07 +01:00

5.9 KiB
Raw Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Added

  • Improved OIDC-only mode Admin can enable “Only OIDC sign-in” in settings; when enabled, direct registration is disabled and sign-in page redirects to OIDC when configured.
  • Success toast auto-dismiss Success flash messages (e.g. “Settings saved”) hide automatically after 5 seconds instead of requiring the user to close them.

Changed

  • Unauthenticated access Users who are not logged in are redirected to sign-in without showing a “no permission” message; the message is only shown to logged-in users who lack access.

Fixed

  • SMTP configuration Repaired so that both port 587 (TLS/STARTTLS) and 465 (SSL) work correctly.

[1.1.0] - 2026-03-13

Added

  • Browser timezone for datetime display Date/time values (e.g. join request submitted at, approved at, rejected at) are shown in the users local timezone.
  • Registration toggle New global setting to disable direct registration (/register). When disabled, visitors are redirected to sign-in and the register link is hidden; join form remains available.
  • Configurable SMTP in global settings SMTP host, port, user, password, and TLS options configurable via Admin → Global Settings. Test-email action to verify delivery. Join confirmation and other transactional emails use this configuration.
  • Theme and language selector on unauthenticated pages Sign-in and join pages now offer theme (light/dark) and locale (e.g. German/English) controls in the header.
  • Duplicate-email handling for join form If an applicants email is already a member or already has a pending join request, the system sends a clarifying email (already-member or already-pending) and shows the same success message (anti-enumeration).
  • Reviewed-by display for join requests Approval UI shows who reviewed a request via a dedicated display field, without loading the User record.
  • Improved field order and seeds for join request approval Approval screen field order improved; seed data updated for join-form and approval flows.
  • Tests for SMTP mailer configuration Tests for SMTP config and for join confirmation email delivery failure (domain and LiveView).

Changed

  • SMTP settings layout SMTP options reordered and grouped in global settings for clearer configuration.
  • Join confirmation mail Uses configurable SMTP from settings; on delivery failure the join form shows an error and no success message.
  • i18n Gettext catalogs updated for new and changed strings.

Fixed

  • Login page translation Corrected translation/locale handling on the sign-in page.

[1.0.0] and earlier

Added

  • Roles and Permissions System (RBAC) - Complete implementation (#345, 2026-01-08)
    • Four hardcoded permission sets: own_data, read_only, normal_user, admin
    • Database-backed roles with permission set references
    • Member resource policies with scope filtering (:own, :linked, :all)
    • Authorization checks via Mv.Authorization.Checks.HasPermission
    • System role protection (critical roles cannot be deleted)
    • Role management UI at /admin/roles
  • Membership Fees System - Full implementation
    • Membership fee types with intervals (monthly, quarterly, half_yearly, yearly)
    • Individual billing cycles per member with payment status tracking
    • Cycle generation and regeneration
    • Global membership fee settings
    • UI components for fee management
  • Global Settings Management - Singleton settings resource
    • Club name configuration (with environment variable support)
    • Member field visibility settings
    • Membership fee default settings
  • Sidebar Navigation - Replaced navbar with standard-compliant sidebar (#260, 2026-01-12)
  • CSV Import Templates - German and English templates (#329, 2026-01-13)
    • Template files in priv/static/templates/
    • CSV specification documented
  • User-Member linking with fuzzy search autocomplete (#168)
  • PostgreSQL trigram-based member search with typo tolerance
  • WCAG 2.1 AA compliant autocomplete dropdown with ARIA support
  • Bilingual UI (German/English) for member linking workflow
  • Bulk email copy feature - Copy email addresses of selected members to clipboard (#230)
    • Email format: "First Last " with semicolon separator (compatible with email clients)
    • CopyToClipboard JavaScript hook with fallback for older browsers
    • Button shows count of visible selected members (respects search/filter)
    • German/English translations
  • Docker secrets support via _FILE environment variables for all sensitive configuration (SECRET_KEY_BASE, TOKEN_SIGNING_SECRET, OIDC_CLIENT_SECRET, DATABASE_URL, DATABASE_PASSWORD)

Changed

  • Actor Handling Refactoring (2026-01-09)
    • Standardized actor access with current_actor/1 helper function
    • ash_actor_opts/1 helper for consistent authorization options
    • submit_form/3 wrapper for form submissions with actor
    • All Ash operations now properly pass actor parameter
  • Error Handling Improvements (2026-01-13)
    • Replaced Ash.read! with proper error handling in LiveViews
    • Consistent flash message handling for authorization errors
    • Early return patterns for unauthenticated users

Fixed

  • Email validation false positive when linking user and member with identical emails (#168 Problem #4)
  • Relationship data extraction from Ash manage_relationship during validation
  • Copy button count now shows only visible selected members when filtering
  • Language headers in German .po files (corrected from "en" to "de")
  • Critical deny-filter bug in authorization system (2026-01-08)
  • HasPermission auto_filter and strict_check implementation (2026-01-08)