local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 53 Pull requests 1 Projects 2 Releases 3 Packages 1 Activity Actions
mitgliederverwaltung/CHANGELOG.md
Simon e8ec620d57
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/promote/production Build is failing
Details
feat: add timezone handling
2026-03-13 18:22:12 +01:00

5.2 KiB
Raw Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[1.1.0] - 2026-03-13

Added

  • Browser timezone for datetime display Date/time values (e.g. join request submitted at, approved at, rejected at) are shown in the users local timezone.
  • Registration toggle New global setting to disable direct registration (/register). When disabled, visitors are redirected to sign-in and the register link is hidden; join form remains available.
  • Configurable SMTP in global settings SMTP host, port, user, password, and TLS options configurable via Admin → Global Settings. Test-email action to verify delivery. Join confirmation and other transactional emails use this configuration.
  • Theme and language selector on unauthenticated pages Sign-in and join pages now offer theme (light/dark) and locale (e.g. German/English) controls in the header.
  • Duplicate-email handling for join form If an applicants email is already a member or already has a pending join request, the system sends a clarifying email (already-member or already-pending) and shows the same success message (anti-enumeration).
  • Reviewed-by display for join requests Approval UI shows who reviewed a request via a dedicated display field, without loading the User record.
  • Improved field order and seeds for join request approval Approval screen field order improved; seed data updated for join-form and approval flows.
  • Tests for SMTP mailer configuration Tests for SMTP config and for join confirmation email delivery failure (domain and LiveView).

Changed

  • SMTP settings layout SMTP options reordered and grouped in global settings for clearer configuration.
  • Join confirmation mail Uses configurable SMTP from settings; on delivery failure the join form shows an error and no success message.
  • i18n Gettext catalogs updated for new and changed strings.

Fixed

  • Login page translation Corrected translation/locale handling on the sign-in page.

[1.0.0] and earlier

Added

  • Roles and Permissions System (RBAC) - Complete implementation (#345, 2026-01-08)
    • Four hardcoded permission sets: own_data, read_only, normal_user, admin
    • Database-backed roles with permission set references
    • Member resource policies with scope filtering (:own, :linked, :all)
    • Authorization checks via Mv.Authorization.Checks.HasPermission
    • System role protection (critical roles cannot be deleted)
    • Role management UI at /admin/roles
  • Membership Fees System - Full implementation
    • Membership fee types with intervals (monthly, quarterly, half_yearly, yearly)
    • Individual billing cycles per member with payment status tracking
    • Cycle generation and regeneration
    • Global membership fee settings
    • UI components for fee management
  • Global Settings Management - Singleton settings resource
    • Club name configuration (with environment variable support)
    • Member field visibility settings
    • Membership fee default settings
  • Sidebar Navigation - Replaced navbar with standard-compliant sidebar (#260, 2026-01-12)
  • CSV Import Templates - German and English templates (#329, 2026-01-13)
    • Template files in priv/static/templates/
    • CSV specification documented
  • User-Member linking with fuzzy search autocomplete (#168)
  • PostgreSQL trigram-based member search with typo tolerance
  • WCAG 2.1 AA compliant autocomplete dropdown with ARIA support
  • Bilingual UI (German/English) for member linking workflow
  • Bulk email copy feature - Copy email addresses of selected members to clipboard (#230)
    • Email format: "First Last " with semicolon separator (compatible with email clients)
    • CopyToClipboard JavaScript hook with fallback for older browsers
    • Button shows count of visible selected members (respects search/filter)
    • German/English translations
  • Docker secrets support via _FILE environment variables for all sensitive configuration (SECRET_KEY_BASE, TOKEN_SIGNING_SECRET, OIDC_CLIENT_SECRET, DATABASE_URL, DATABASE_PASSWORD)

Changed

  • Actor Handling Refactoring (2026-01-09)
    • Standardized actor access with current_actor/1 helper function
    • ash_actor_opts/1 helper for consistent authorization options
    • submit_form/3 wrapper for form submissions with actor
    • All Ash operations now properly pass actor parameter
  • Error Handling Improvements (2026-01-13)
    • Replaced Ash.read! with proper error handling in LiveViews
    • Consistent flash message handling for authorization errors
    • Early return patterns for unauthenticated users

Fixed

  • Email validation false positive when linking user and member with identical emails (#168 Problem #4)
  • Relationship data extraction from Ash manage_relationship during validation
  • Copy button count now shows only visible selected members when filtering
  • Language headers in German .po files (corrected from "en" to "de")
  • Critical deny-filter bug in authorization system (2026-01-08)
  • HasPermission auto_filter and strict_check implementation (2026-01-08)