local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions
mitgliederverwaltung/lib/mv/authorization/checks
History
Moritz f342350537
All checks were successful
continuous-integration/drone/push Build is passing
Details
Harden member user-link check: argument presence, nil actor, policy scope 
- Forbid on :user argument presence (not value) to block unlink via nil/empty
- Defensive nil actor handling; policy restricted to create/update only
- Test: Ash.load with actor; test non-admin cannot unlink via user: nil
- Docs: unlink behaviour and policy split
2026-02-04 13:46:49 +01:00
..
actor_is_admin.ex Doc: Actor maybe_load_role comment; ActorIsAdmin system user = admin 2026-02-03 16:07:39 +01:00
actor_permission_set_is.ex MemberGroup: restrict bypass to own_data via MemberGroupReadLinkedForOwnData 2026-02-04 09:19:57 +01:00
custom_field_value_create_scope.ex CustomFieldValueCreateScope: use get_argument_or_attribute for member_id 2026-01-27 16:07:01 +01:00
forbid_member_user_link_unless_admin.ex Harden member user-link check: argument presence, nil actor, policy scope 2026-02-04 13:46:49 +01:00
has_permission.ex MembershipFeeCycle: own_data read :linked via bypass and HasPermission scope 2026-02-04 09:20:10 +01:00
member_group_read_linked_for_own_data.ex MemberGroup: restrict bypass to own_data via MemberGroupReadLinkedForOwnData 2026-02-04 09:19:57 +01:00
membership_fee_cycle_read_linked_for_own_data.ex MembershipFeeCycle: own_data read :linked via bypass and HasPermission scope 2026-02-04 09:20:10 +01:00