Redesign the agent edit page#3755
Conversation
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughThis PR adds a paginated ChangesAgent Roles Listing Feature
Estimated code review effort: 4 (Complex) | ~75 minutes Agent Edit Page Redesign
Estimated code review effort: 5 (Critical) | ~110 minutes Token Settings and OAuth Model Enhancements
Estimated code review effort: 2 (Simple) | ~15 minutes Sequence Diagram(s)sequenceDiagram
participant Client
participant agentHandler
participant agentService
participant roleService
Client->>agentHandler: GET /agents/{id}/roles?limit&offset
agentHandler->>agentHandler: validate id and parse pagination
agentHandler->>agentService: GetAgentRoles(id, limit, offset)
agentService->>agentService: load agent, resolve group IDs
agentService->>roleService: GetUserRoles(agentID, groupIDs)
roleService-->>agentService: roles list
agentService-->>agentHandler: AgentRoleListResponse
agentHandler-->>Client: 200 OK
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
a014b4f to
657c3cb
Compare
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
backend/internal/agent/init.go (1)
90-99: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick winNew public endpoint added without corresponding documentation updates.
This adds
GET /agents/{id}/rolesas a new public REST endpoint (mirroring the/groupsendpoint). Across the full PR stack (API spec, backend wiring, frontend hooks, Access tab UI), nodocs/updates are present in any of the provided layers.🔴 Documentation Required
This PR introduces user-facing changes that are not covered by documentation updates underdocs/.
Please update the relevant documentation before merging.Missing documentation:
- New
GET /agents/{id}/rolesendpoint: document the endpoint, request/response schema (AgentRoleListResponse), and pagination behavior indocs/content/apis.mdx(or equivalent agent API reference).- New Access tab (groups/roles read-only view with management links) in the Agent edit page: document this in a relevant
docs/content/guides/page describing the agent edit experience.As per path instructions: "If ANY of the above are detected and the PR does NOT include corresponding updates under
docs/... post a single consolidated PR-level comment."🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@backend/internal/agent/init.go` around lines 90 - 99, Add the missing docs for this PR’s user-facing changes: document the new GET /agents/{id}/roles endpoint alongside the existing agent access APIs, including the AgentRoleListResponse schema and pagination behavior, and update the relevant docs/content/guides page to cover the Agent edit page Access tab (groups/roles read-only view and management links). Use the existing /agents/{id}/groups API docs and the Access tab frontend flow as the reference points to keep the new entries aligned with the current agent documentation.Source: Path instructions
🧹 Nitpick comments (12)
frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx (1)
419-442: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueConsider deriving tabIndex from
availableTabsdirectly.The initial
tabIndexvalue (2vs0) is a magic number tied touserinfooccupying the last slot inavailableTabs. Deriving it viaindexOfremoves that implicit coupling.♻️ Proposed refactor
- let tabIndex = showUserInfoTab ? 2 : 0; - - if (activeTab === 'access') { - tabIndex = 0; - } else if (activeTab === 'id') { - tabIndex = 1; - } - - const availableTabs: ('access' | 'id' | 'userinfo')[] = showUserInfoTab ? ['access', 'id', 'userinfo'] : ['access', 'id']; + const availableTabs: ('access' | 'id' | 'userinfo')[] = showUserInfoTab ? ['access', 'id', 'userinfo'] : ['access', 'id']; + const resolvedTabIndex = availableTabs.indexOf(activeTab); + const tabIndex = resolvedTabIndex === -1 ? 0 : resolvedTabIndex;🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx` around lines 419 - 442, The OAuth tab selection logic in TokenUserAttributesSection should not rely on a magic initial tabIndex value tied to userinfo being the last entry. Update the tab index calculation in the isOAuthMode block to derive the active index from availableTabs directly (using the current activeTab and availableTabs array) while keeping the existing activeTab overrides for access and id, so Tab and onTabChange stay aligned even if the tab order changes.frontend/apps/console/src/features/agents/models/agent.ts (1)
107-125: 🗄️ Data Integrity & Integration | 🔵 Trivial | 💤 Low valueFrontend response types omit
linkspresent in the OpenAPI contract.
AgentGroupListResponse/AgentRoleListResponseinapi/agent.yamlboth include alinkspagination array, but these frontend types don't declare it. Harmless today (extra API fields are ignored), but worth adding for contract completeness/future pagination UI.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/models/agent.ts` around lines 107 - 125, The frontend response types for agent group and role listings are missing the pagination links field from the API contract. Update the AgentGroupListResponse and AgentRoleListResponse interfaces in agent.ts to include the links array defined by the OpenAPI schema, using a shared link type if one already exists in the models. Keep the existing totalResults, startIndex, count, groups, and roles fields unchanged while adding the contract-complete pagination metadata.frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts (1)
30-57: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winDuplicate hook boilerplate vs.
useGetAgentGroups.This hook is structurally identical to
useGetAgentGroups(same query-key pattern,URLSearchParamsbuilding, andhttp.requestcast) apart from the endpoint path. Consider extracting a small generic factory, e.g.createAgentListHook(resource, queryKey), to avoid duplicating this boilerplate as more/agents/{id}/<sub-resource>hooks are added.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts` around lines 30 - 57, The `useGetAgentRoles` hook duplicates the same query setup, URLSearchParams construction, and `http.request` casting already used in `useGetAgentGroups`, with only the endpoint path differing. Refactor these shared pieces into a small reusable factory such as `createAgentListHook(resource, queryKey)` and have `useGetAgentRoles` and `useGetAgentGroups` call it with their specific resource path and `AgentQueryKeys` entry. Keep the existing `useQuery` behavior, `enabled` check, and response typing intact while removing the repeated boilerplate.backend/internal/agent/service_test.go (1)
2064-2084: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value
clearMockCallssilently no-ops for the new role mock.The type switch doesn't include
*rolemock.RoleServiceInterfaceMock. Not exercised today (no test callsclearMockCalls(mockRole, ...)), but if a futureGetAgentRolestest needs to reset a default expectation, this will silently do nothing instead of failing loudly.🔧 Proposed fix
func clearMockCalls(m any, method string) { var mockObj *mock.Mock switch v := m.(type) { case *entitymock.EntityServiceInterfaceMock: mockObj = &v.Mock case *inboundclientmock.InboundClientServiceInterfaceMock: mockObj = &v.Mock case *oumock.OrganizationUnitServiceInterfaceMock: mockObj = &v.Mock + case *rolemock.RoleServiceInterfaceMock: + mockObj = &v.Mock }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@backend/internal/agent/service_test.go` around lines 2064 - 2084, The helper clearMockCalls currently ignores the new role mock type, so it silently does nothing when passed *rolemock.RoleServiceInterfaceMock. Update the type switch in clearMockCalls to recognize the role mock alongside the existing entity, inbound client, and organization unit mocks, and consider making the unsupported-type path fail loudly rather than returning silently so future test misuse is caught early.frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx (1)
33-75: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winNear-duplicate of
AgentRolesSection.This component's structure (fetch, loading/empty/list branching, header action link) is almost identical to
AgentRolesSection.tsx. Consider extracting a shared generic list-section component (icon, title/description, manage link, items) parameterized by item renderer to reduce duplication.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx` around lines 33 - 75, The AgentGroupsSection component is nearly identical to AgentRolesSection in its fetch/loading/empty/list branching and header action setup. Refactor by extracting a shared reusable list-section component that owns the common SettingsCard, loading, empty-state, and manage-link behavior, and parameterize it with title/description, link text/target, icon, data source, and an item renderer. Then update AgentGroupsSection to delegate to that shared component instead of duplicating the structure.frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx (1)
105-119: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low valueFull-form submit on per-row confirm.
handleSubmit(onSubmit)validates/collects the entire form on every row's "Confirm" click, not just the edited row. Given current data originates from valid saved values, this is low risk today, but a validation error on an un-rendered field could silently block confirming an unrelated row without visible feedback.Also applies to: 146-153
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx` around lines 105 - 119, The per-row Confirm action is using handleSubmit(onSubmit), which validates the entire form instead of only the edited attribute row. Update EditAgentAttributes so the row-level confirm in the edit flow submits just the current field/value (using the row’s key and the local editing state) rather than running full-form validation, and apply the same change to the matching confirm handler in the other affected block so unrendered fields cannot block saving an unrelated row.frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx (1)
161-171: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick winTest gap: no coverage for cancel-after-a-prior-successful-save.
Current cancel test only covers cancelling a first-time edit. Given the
resetFieldbehavior flagged inEditAgentAttributes.tsx(reverts to mount-time defaults rather than the last saved value), consider adding a test that: saves a row once, edits it again, cancels, and asserts the displayed value is the previously-saved value (not the original pre-edit one).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx` around lines 161 - 171, The current cancel test in EditAgentAttributes only covers abandoning a first edit, so it misses the resetField behavior after a successful save. Add a test in EditAgentAttributes.test.tsx that uses EditAgentAttributes, EditAgentAttributes.tsx, and the existing row helpers to save a value once, reopen the same row for editing, cancel, and verify the displayed field stays at the last saved value rather than reverting to the original mount-time value. Also assert the edit action is restored and no extra mutation is triggered on cancel.frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx (1)
51-59: 🚀 Performance & Scalability | 🔵 Trivial | ⚡ Quick winHardcoded
limit: 100can silently mis-display the owner.
useGetUsers({limit: 100, offset: 0})fetches only the first 100 users with no search/pagination. If the assigned owner isn't in that first page,ownerLabelfalls back to the rawownerId(Line 59), showing a UUID instead of a name, and the "no owner assigned" hint (Line 109) won't fire sinceownerIdis truthy — the failure is silent and confusing for orgs with more users than the page size.Consider a searchable/async autocomplete (query-as-you-type) instead of a flat capped list, especially since this same picker is used for selecting new owners too.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx` around lines 51 - 59, The owner picker in OwnerSection is relying on useGetUsers with a hardcoded 100-user page, which can hide the real owner and fall back to showing the raw ownerId. Update the OwnerSection flow to use a searchable/async user lookup for the owner selection and label resolution, so the current owner is resolved on demand instead of from a capped options list. Keep the ownerId/ownerLabel logic in sync with the new async search source so the display and picker both work for users outside the first page.frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx (1)
84-108: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winUse
slotProps.inputinstead of deprecatedInputProps.
InputPropsonTextFieldis deprecated as of MUI v6 (removed in v7); the siblingClientSecretSuccessDialogin this same PR already usesslotProps.inputfor an equivalent adornment. Migrating here keeps the codebase consistent and avoids a future breaking upgrade.♻️ Proposed refactor
<TextField fullWidth id="agent-client-id-input" value={oauth2Config.clientId} - InputProps={{ - readOnly: true, - endAdornment: ( - <InputAdornment position="end"> - <Tooltip title={copiedField === 'clientId' ? t('common:actions.copied') : t('common:actions.copy')}> - <IconButton - onClick={() => { - if (oauth2Config.clientId) { - onCopyToClipboard(oauth2Config.clientId, 'clientId').catch(() => null); - } - }} - edge="end" - > - {copiedField === 'clientId' ? <Check size={16} /> : <Copy size={16} />} - </IconButton> - </Tooltip> - </InputAdornment> - ), - }} + slotProps={{ + input: { + readOnly: true, + endAdornment: ( + <InputAdornment position="end"> + <Tooltip title={copiedField === 'clientId' ? t('common:actions.copied') : t('common:actions.copy')}> + <IconButton + onClick={() => { + if (oauth2Config.clientId) { + onCopyToClipboard(oauth2Config.clientId, 'clientId').catch(() => null); + } + }} + edge="end" + > + {copiedField === 'clientId' ? <Check size={16} /> : <Copy size={16} />} + </IconButton> + </Tooltip> + </InputAdornment> + ), + }, + }} sx={{'& input': {fontFamily: 'monospace', fontSize: '0.875rem'}}} />🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx` around lines 84 - 108, The TextField in ClientSecretSection currently uses deprecated InputProps for its read-only adornment; migrate this field to slotProps.input to match the newer MUI API and keep consistency with ClientSecretSuccessDialog. Preserve the existing readOnly behavior, endAdornment copy button, tooltip, and monospace styling while moving the input configuration off InputProps and onto the TextField’s slotProps.input.frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx (1)
39-106: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueConsider adding coverage for the copy-to-clipboard and success-dialog flow.
Current tests cover rendering and dialog-open, but not the
onCopyToClipboardinteraction or theRegenerateSecretDialog.onSuccess → ClientSecretSuccessDialoghandoff (newClientSecretstate).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx` around lines 39 - 106, The ClientSecretSection tests are missing coverage for the copy-to-clipboard path and the regenerate success flow. Add a test that exercises the copy action and asserts onCopyToClipboard is called from ClientSecretSection, and add a test that drives RegenerateSecretDialog.onSuccess to verify the newClientSecret state opens ClientSecretSuccessDialog. Use the existing ClientSecretSection, RegenerateSecretDialog, and ClientSecretSuccessDialog references to locate the right interaction points.frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx (1)
43-49: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueUse
TokenEndpointAuthMethods.PRIVATE_KEY_JWThere
Swap the raw'private_key_jwt'literal forTokenEndpointAuthMethods.PRIVATE_KEY_JWTto keep this check type-safe and consistent with the sibling auth-method handling.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx` around lines 43 - 49, The OAuth2 config update logic should use the shared auth-method enum instead of a raw string literal. In EditCredentialsSettings.tsx, update the handling in handleOAuth2ConfigChange and any sibling auth-method checks so the private key JWT case references TokenEndpointAuthMethods.PRIVATE_KEY_JWT rather than 'private_key_jwt', keeping the comparison type-safe and consistent with the other auth-method handling.frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx (1)
88-107: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winGrant pills lack toggle-state accessibility semantics.
GrantPillrenders MUIChipas a clickable toggle (active/inactive), butChipdoesn't expose pressed/selected state to assistive tech by default. Screen-reader users can't tell which grants are currently on without visually inspecting fill color.♿ Suggested fix: expose toggle state via aria-pressed
function GrantPill({label, active, locked = false, onClick = undefined}: GrantPillProps) { return ( <Chip label={label} clickable={!locked} onClick={locked ? undefined : onClick} disabled={locked && !active} variant={active ? 'filled' : 'outlined'} color={active ? 'primary' : 'default'} sx={locked ? {cursor: 'default'} : undefined} + aria-pressed={locked ? undefined : active} /> ); }Also applies to: 158-190
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx` around lines 88 - 107, GrantPill is used as a toggle-like control but does not expose its active state to assistive tech. Update the Chip rendered by GrantPill to include toggle semantics such as aria-pressed based on the active prop, and apply the same change to the other GrantPill usage referenced in the diff so screen readers can announce on/off state consistently. Keep the existing locked/disabled behavior intact while making the active/inactive state explicit.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 50-62: The cancel flow in EditAgentAttributes is resetting fields
to the mount-time default instead of the latest saved value because resetField
uses the original useForm defaultValues. Update the save/cancel handling around
useForm, resetField, and the editingKey flow so Cancel restores the current
agent.attributes state after a successful save. Use the latest saved attribute
value as the reset target for each field rather than relying on the initial
attributes snapshot.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 102-106: The icon-only edit control in OwnerSection is missing an
accessible name, so update the IconButton used to toggle edit mode to include a
clear aria-label or equivalent accessible label. Keep the change localized to
the edit button in OwnerSection and ensure the label describes the action, such
as editing the owner section.
In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx`:
- Around line 251-266: The Advanced tab label in AgentEditPage is using the
wrong translation namespace, unlike the other agent tabs. Update the label in
the tabs.push block to use the agents i18n key path instead of
applications:edit.page.tabs.advanced, keeping the existing t(...) pattern
consistent with the surrounding tab labels in AgentEditPage.
---
Outside diff comments:
In `@backend/internal/agent/init.go`:
- Around line 90-99: Add the missing docs for this PR’s user-facing changes:
document the new GET /agents/{id}/roles endpoint alongside the existing agent
access APIs, including the AgentRoleListResponse schema and pagination behavior,
and update the relevant docs/content/guides page to cover the Agent edit page
Access tab (groups/roles read-only view and management links). Use the existing
/agents/{id}/groups API docs and the Access tab frontend flow as the reference
points to keep the new entries aligned with the current agent documentation.
---
Nitpick comments:
In `@backend/internal/agent/service_test.go`:
- Around line 2064-2084: The helper clearMockCalls currently ignores the new
role mock type, so it silently does nothing when passed
*rolemock.RoleServiceInterfaceMock. Update the type switch in clearMockCalls to
recognize the role mock alongside the existing entity, inbound client, and
organization unit mocks, and consider making the unsupported-type path fail
loudly rather than returning silently so future test misuse is caught early.
In `@frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts`:
- Around line 30-57: The `useGetAgentRoles` hook duplicates the same query
setup, URLSearchParams construction, and `http.request` casting already used in
`useGetAgentGroups`, with only the endpoint path differing. Refactor these
shared pieces into a small reusable factory such as
`createAgentListHook(resource, queryKey)` and have `useGetAgentRoles` and
`useGetAgentGroups` call it with their specific resource path and
`AgentQueryKeys` entry. Keep the existing `useQuery` behavior, `enabled` check,
and response typing intact while removing the repeated boilerplate.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`:
- Around line 33-75: The AgentGroupsSection component is nearly identical to
AgentRolesSection in its fetch/loading/empty/list branching and header action
setup. Refactor by extracting a shared reusable list-section component that owns
the common SettingsCard, loading, empty-state, and manage-link behavior, and
parameterize it with title/description, link text/target, icon, data source, and
an item renderer. Then update AgentGroupsSection to delegate to that shared
component instead of duplicating the structure.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx`:
- Around line 88-107: GrantPill is used as a toggle-like control but does not
expose its active state to assistive tech. Update the Chip rendered by GrantPill
to include toggle semantics such as aria-pressed based on the active prop, and
apply the same change to the other GrantPill usage referenced in the diff so
screen readers can announce on/off state consistently. Keep the existing
locked/disabled behavior intact while making the active/inactive state explicit.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`:
- Around line 161-171: The current cancel test in EditAgentAttributes only
covers abandoning a first edit, so it misses the resetField behavior after a
successful save. Add a test in EditAgentAttributes.test.tsx that uses
EditAgentAttributes, EditAgentAttributes.tsx, and the existing row helpers to
save a value once, reopen the same row for editing, cancel, and verify the
displayed field stays at the last saved value rather than reverting to the
original mount-time value. Also assert the edit action is restored and no extra
mutation is triggered on cancel.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 105-119: The per-row Confirm action is using
handleSubmit(onSubmit), which validates the entire form instead of only the
edited attribute row. Update EditAgentAttributes so the row-level confirm in the
edit flow submits just the current field/value (using the row’s key and the
local editing state) rather than running full-form validation, and apply the
same change to the matching confirm handler in the other affected block so
unrendered fields cannot block saving an unrelated row.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx`:
- Around line 39-106: The ClientSecretSection tests are missing coverage for the
copy-to-clipboard path and the regenerate success flow. Add a test that
exercises the copy action and asserts onCopyToClipboard is called from
ClientSecretSection, and add a test that drives RegenerateSecretDialog.onSuccess
to verify the newClientSecret state opens ClientSecretSuccessDialog. Use the
existing ClientSecretSection, RegenerateSecretDialog, and
ClientSecretSuccessDialog references to locate the right interaction points.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx`:
- Around line 84-108: The TextField in ClientSecretSection currently uses
deprecated InputProps for its read-only adornment; migrate this field to
slotProps.input to match the newer MUI API and keep consistency with
ClientSecretSuccessDialog. Preserve the existing readOnly behavior, endAdornment
copy button, tooltip, and monospace styling while moving the input configuration
off InputProps and onto the TextField’s slotProps.input.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx`:
- Around line 43-49: The OAuth2 config update logic should use the shared
auth-method enum instead of a raw string literal. In
EditCredentialsSettings.tsx, update the handling in handleOAuth2ConfigChange and
any sibling auth-method checks so the private key JWT case references
TokenEndpointAuthMethods.PRIVATE_KEY_JWT rather than 'private_key_jwt', keeping
the comparison type-safe and consistent with the other auth-method handling.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 51-59: The owner picker in OwnerSection is relying on useGetUsers
with a hardcoded 100-user page, which can hide the real owner and fall back to
showing the raw ownerId. Update the OwnerSection flow to use a searchable/async
user lookup for the owner selection and label resolution, so the current owner
is resolved on demand instead of from a capped options list. Keep the
ownerId/ownerLabel logic in sync with the new async search source so the display
and picker both work for users outside the first page.
In `@frontend/apps/console/src/features/agents/models/agent.ts`:
- Around line 107-125: The frontend response types for agent group and role
listings are missing the pagination links field from the API contract. Update
the AgentGroupListResponse and AgentRoleListResponse interfaces in agent.ts to
include the links array defined by the OpenAPI schema, using a shared link type
if one already exists in the models. Keep the existing totalResults, startIndex,
count, groups, and roles fields unchanged while adding the contract-complete
pagination metadata.
In
`@frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx`:
- Around line 419-442: The OAuth tab selection logic in
TokenUserAttributesSection should not rely on a magic initial tabIndex value
tied to userinfo being the last entry. Update the tab index calculation in the
isOAuthMode block to derive the active index from availableTabs directly (using
the current activeTab and availableTabs array) while keeping the existing
activeTab overrides for access and id, so Tab and onTabChange stay aligned even
if the tab order changes.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: baa43515-9cb9-4d27-a4ed-bba3775edc5d
⛔ Files ignored due to path filters (1)
backend/tests/mocks/agentmock/AgentServiceInterface_mock.gois excluded by!**/*_mock.go
📒 Files selected for processing (69)
api/agent.yamlbackend/cmd/server/servicemanager.gobackend/internal/agent/handler.gobackend/internal/agent/handler_test.gobackend/internal/agent/init.gobackend/internal/agent/init_test.gobackend/internal/agent/model/agent.gobackend/internal/agent/service.gobackend/internal/agent/service_test.gofrontend/apps/console/src/features/agents/api/useGetAgentGroups.tsfrontend/apps/console/src/features/agents/api/useGetAgentRoles.tsfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/GrantTypesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/__tests__/EditUserDelegationSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsxfrontend/apps/console/src/features/agents/constants/agent-query-keys.tsfrontend/apps/console/src/features/agents/models/agent.tsfrontend/apps/console/src/features/agents/pages/AgentCreatePage.tsxfrontend/apps/console/src/features/agents/pages/AgentEditPage.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsxfrontend/apps/console/src/features/applications/models/__tests__/oauth.test.tsfrontend/apps/console/src/features/applications/models/oauth.ts
💤 Files with no reviewable changes (4)
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx
Codecov Report❌ Patch coverage is 📢 Thoughts on this report? Let us know! |
8337f9b to
cd81c7c
Compare
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx (1)
64-69: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueDuplicated credential-exclusion predicate.
The same filter predicate (
(fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential) is repeated inhasEditableFieldsandschemaFields. Combined with the read-only view needing the identical check (see separate comment), this logic should be extracted into a single helper (e.g.,isEditableField(fieldDef)) to avoid drift if the rule changes.Also applies to: 117-121
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx` around lines 64 - 69, The credential-exclusion check is duplicated in EditAgentAttributes’s hasEditableFields and schemaFields logic, which risks drift as the rule evolves. Extract the repeated predicate into a single helper such as isEditableField(fieldDef) and reuse it in both places, including the read-only view path, so the editable-field rule is defined once and applied consistently.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsx`:
- Around line 57-75: The cleanup effect in AllowedUserTypesSection is tied to
onValidationChange, so it can run during normal rerenders and clear the parent
validation state too early. Update the AllowedUserTypesSection logic to avoid
depending on the changing callback for unmount cleanup—either store
onValidationChange in a ref or make the
handleValidationChange('allowedUserTypes') handler stable in AgentEditPage—so
the reset only happens on true unmount and not on prop changes.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`:
- Around line 108-119: Add a read-only credential-leak test in
EditAgentAttributes.test.tsx to cover the unfiltered agent.attributes rendering.
Update the EditAgentAttributes test suite to include a schema field marked
credential: true and assert that its value is not displayed when rendering
EditAgentAttributes in read-only mode. Use the existing EditAgentAttributes
component and the current attribute-rendering assertions as the reference point
so the new test directly guards the behavior in EditAgentAttributes.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 143-165: The read-only attribute list in EditAgentAttributes is
rendering credential-backed values without filtering, unlike the edit flow which
already excludes credential fields. Update the Object.entries(attributes)
rendering path to reuse the same credential-exclusion logic used by
hasEditableFields and schemaFields so secret fields are omitted from the card
entirely. Consider extracting that predicate into a shared helper and applying
it consistently in EditAgentAttributes wherever attributes are enumerated.
---
Nitpick comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 64-69: The credential-exclusion check is duplicated in
EditAgentAttributes’s hasEditableFields and schemaFields logic, which risks
drift as the rule evolves. Extract the repeated predicate into a single helper
such as isEditableField(fieldDef) and reuse it in both places, including the
read-only view path, so the editable-field rule is defined once and applied
consistently.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 4ae9e392-6570-41d8-86ed-69b90e64bf2e
⛔ Files ignored due to path filters (1)
backend/tests/mocks/agentmock/AgentServiceInterface_mock.gois excluded by!**/*_mock.go
📒 Files selected for processing (72)
api/agent.yamlbackend/cmd/server/servicemanager.gobackend/internal/agent/handler.gobackend/internal/agent/handler_test.gobackend/internal/agent/init.gobackend/internal/agent/init_test.gobackend/internal/agent/model/agent.gobackend/internal/agent/service.gobackend/internal/agent/service_test.gofrontend/apps/console/src/features/agents/api/useGetAgentGroups.tsfrontend/apps/console/src/features/agents/api/useGetAgentRoles.tsfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/GrantTypesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/RedirectURIsSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/__tests__/EditUserDelegationSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsxfrontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsxfrontend/apps/console/src/features/agents/constants/agent-query-keys.tsfrontend/apps/console/src/features/agents/models/agent.tsfrontend/apps/console/src/features/agents/pages/AgentCreatePage.tsxfrontend/apps/console/src/features/agents/pages/AgentEditPage.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsxfrontend/apps/console/src/features/applications/models/__tests__/oauth.test.tsfrontend/apps/console/src/features/applications/models/oauth.ts
💤 Files with no reviewable changes (4)
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
✅ Files skipped from review due to trivial changes (4)
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsx
- frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/CertificateSection.test.tsx
🚧 Files skipped from review as they are similar to previous changes (57)
- frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/EditOverviewSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentGroupsSection.test.tsx
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
- frontend/apps/console/src/features/applications/models/tests/oauth.test.ts
- frontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsx
- frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentRolesSection.test.tsx
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/RedirectURIsSection.test.tsx
- backend/internal/agent/init.go
- frontend/apps/console/src/features/applications/models/oauth.ts
- frontend/apps/console/src/features/agents/pages/tests/AgentCreatePage.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/access/tests/EditAccessSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsx
- backend/cmd/server/servicemanager.go
- frontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsx
- backend/internal/agent/model/agent.go
- frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx
- backend/internal/agent/handler_test.go
- backend/internal/agent/handler.go
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/GrantTypesSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/EditAdvancedSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/TokenEndpointAuthMethodSection.test.tsx
- frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/tests/TokenUserAttributesSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/QuickCopySection.test.tsx
- api/agent.yaml
- frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/OwnerSection.test.tsx
- frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/ClientSecretSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
- frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
- backend/internal/agent/init_test.go
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/EditCredentialsSettings.test.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx
- backend/internal/agent/service.go
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsx
- frontend/apps/console/src/features/agents/pages/tests/AgentEditPage.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tests/EditUserDelegationSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/DangerZoneSection.test.tsx
- frontend/apps/console/src/features/agents/models/agent.ts
- backend/internal/agent/service_test.go
| it('shows the attribute key and formatted value for each attribute', () => { | ||
| render(<EditAgentAttributes agent={baseAgent} />); | ||
|
|
||
| expect(screen.getByText('email')).toBeInTheDocument(); | ||
| expect(screen.getByText('a@b.com')).toBeInTheDocument(); | ||
| expect(screen.getByText('count')).toBeInTheDocument(); | ||
| expect(screen.getByText('5')).toBeInTheDocument(); | ||
| expect(screen.getByText('isAdmin')).toBeInTheDocument(); | ||
| expect(screen.getByText('Yes')).toBeInTheDocument(); | ||
| expect(screen.getByText('tags')).toBeInTheDocument(); | ||
| expect(screen.getByText('a, b')).toBeInTheDocument(); | ||
| }); |
There was a problem hiding this comment.
🔒 Security & Privacy | 🟠 Major | ⚡ Quick win
Consider adding a test for the credential-leak scenario in the read-only view.
Given the read-only attributes list currently renders all agent.attributes entries unfiltered by credential status, a test asserting that a credential: true schema field's value is NOT shown in read-only mode would have caught the issue flagged in EditAgentAttributes.tsx (Line 143-165).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`
around lines 108 - 119, Add a read-only credential-leak test in
EditAgentAttributes.test.tsx to cover the unfiltered agent.attributes rendering.
Update the EditAgentAttributes test suite to include a schema field marked
credential: true and assert that its value is not displayed when rendering
EditAgentAttributes in read-only mode. Use the existing EditAgentAttributes
component and the current attribute-rendering assertions as the reference point
so the new test directly guards the behavior in EditAgentAttributes.
| Object.keys(attributes).length > 0 ? ( | ||
| <Stack spacing={2}> | ||
| {Object.entries(attributes).map(([key, value]) => ( | ||
| <Box key={key}> | ||
| <Typography variant="caption" color="text.secondary"> | ||
| {labelFor(key)} | ||
| </Typography> | ||
| <Typography variant="body1">{formatValue(value)}</Typography> | ||
| {typeof value === 'boolean' ? ( | ||
| <Box> | ||
| <Chip | ||
| label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')} | ||
| size="small" | ||
| color={value ? 'success' : 'default'} | ||
| variant="outlined" | ||
| /> | ||
| </Box> | ||
| ) : ( | ||
| <Typography variant="body1">{formatValue(value)}</Typography> | ||
| )} | ||
| </Box> | ||
| )) | ||
| ) : ( | ||
| <Typography variant="body2" color="text.secondary"> | ||
| {t('agents:edit.attributes.empty', 'No attributes available.')} | ||
| </Typography> | ||
| )} | ||
| </Stack> | ||
| ))} | ||
| </Stack> | ||
| ) : ( |
There was a problem hiding this comment.
🔒 Security & Privacy | 🟠 Major | ⚡ Quick win
Credential attributes are not masked/filtered in the read-only view.
Edit mode explicitly excludes credential fields (schemaFields filters out fieldDef.credential string/number fields, line 117-121, and hasEditableFields mirrors this at line 64-69), but the read-only rendering at line 143-165 iterates Object.entries(attributes) unfiltered — any attribute whose schema marks it credential: true will have its raw value printed as plain text (or JSON-stringified for objects) in the card. This asymmetry means secrets stored in agent attributes can leak into the UI even though the edit form was carefully designed to hide them.
🔒 Proposed fix
- Object.keys(attributes).length > 0 ? (
+ Object.keys(attributes).length > 0 ? (
<Stack spacing={2}>
- {Object.entries(attributes).map(([key, value]) => (
+ {Object.entries(attributes)
+ .filter(([key]) => {
+ const fieldDef = schemaDetails?.schema?.[key];
+ return !((fieldDef?.type === 'string' || fieldDef?.type === 'number') && fieldDef?.credential);
+ })
+ .map(([key, value]) => (
<Box key={key}>Consider extracting the credential-exclusion predicate into a shared helper since it's now needed in three places (hasEditableFields, schemaFields, and this filter).
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| Object.keys(attributes).length > 0 ? ( | |
| <Stack spacing={2}> | |
| {Object.entries(attributes).map(([key, value]) => ( | |
| <Box key={key}> | |
| <Typography variant="caption" color="text.secondary"> | |
| {labelFor(key)} | |
| </Typography> | |
| <Typography variant="body1">{formatValue(value)}</Typography> | |
| {typeof value === 'boolean' ? ( | |
| <Box> | |
| <Chip | |
| label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')} | |
| size="small" | |
| color={value ? 'success' : 'default'} | |
| variant="outlined" | |
| /> | |
| </Box> | |
| ) : ( | |
| <Typography variant="body1">{formatValue(value)}</Typography> | |
| )} | |
| </Box> | |
| )) | |
| ) : ( | |
| <Typography variant="body2" color="text.secondary"> | |
| {t('agents:edit.attributes.empty', 'No attributes available.')} | |
| </Typography> | |
| )} | |
| </Stack> | |
| ))} | |
| </Stack> | |
| ) : ( | |
| Object.keys(attributes).length > 0 ? ( | |
| <Stack spacing={2}> | |
| {Object.entries(attributes) | |
| .filter(([key]) => { | |
| const fieldDef = schemaDetails?.schema?.[key]; | |
| return !((fieldDef?.type === 'string' || fieldDef?.type === 'number') && fieldDef?.credential); | |
| }) | |
| .map(([key, value]) => ( | |
| <Box key={key}> | |
| <Typography variant="caption" color="text.secondary"> | |
| {labelFor(key)} | |
| </Typography> | |
| {typeof value === 'boolean' ? ( | |
| <Box> | |
| <Chip | |
| label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')} | |
| size="small" | |
| color={value ? 'success' : 'default'} | |
| variant="outlined" | |
| /> | |
| </Box> | |
| ) : ( | |
| <Typography variant="body1">{formatValue(value)}</Typography> | |
| )} | |
| </Box> | |
| ))} | |
| </Stack> | |
| ) : ( |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`
around lines 143 - 165, The read-only attribute list in EditAgentAttributes is
rendering credential-backed values without filtering, unlike the edit flow which
already excludes credential fields. Update the Object.entries(attributes)
rendering path to reuse the same credential-exclusion logic used by
hasEditableFields and schemaFields so secret fields are omitted from the card
entirely. Consider extracting that predicate into a shared helper and applying
it consistently in EditAgentAttributes wherever attributes are enumerated.
cd81c7c to
5024ddb
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx (1)
45-46: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick winInconsistent i18n namespace: field labels still use
groups:*while card header migrated toagents:*.The
SettingsCardtitle/description were updated toagents:edit.general.sections.organizationUnit.*(lines 36-39), but the innerFormLabelandTooltipstrings still referencegroups:edit.general.sections.organizationUnit.*andgroups:edit.general.sections.quickCopy.*. Migrate these remaining keys to theagents:namespace for consistency.🌐 Proposed fix for remaining `groups:*` keys
- {t('groups:edit.general.sections.organizationUnit.handleLabel', 'Handle')} + {t('agents:edit.general.sections.organizationUnit.handleLabel', 'Handle')}- t('groups:edit.general.sections.quickCopy.copyOrganizationUnitHandle', 'Copy Organization Unit Handle') + t('agents:edit.general.sections.quickCopy.copyOrganizationUnitHandle', 'Copy Organization Unit Handle')- {t('groups:edit.general.sections.organizationUnit.idLabel', 'ID')} + {t('agents:edit.general.sections.organizationUnit.idLabel', 'ID')}- t('groups:edit.general.sections.quickCopy.copyOrganizationUnitId', 'Copy Organization Unit ID') + t('agents:edit.general.sections.quickCopy.copyOrganizationUnitId', 'Copy Organization Unit ID')Also applies to: 62-63, 87-87, 104-105
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx` around lines 45 - 46, The OrganizationUnitSection i18n strings are still mixed between groups:* and agents:* while the SettingsCard content has already moved to agents:*. Update the remaining FormLabel and Tooltip translations in OrganizationUnitSection to use the matching agents:edit.general.sections.organizationUnit.* and agents:edit.general.sections.quickCopy.* keys, keeping the existing symbol references in that component consistent with the new namespace.
🧹 Nitpick comments (4)
frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx (1)
50-53: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value
useMemodependency array could includeusersData?.usersfor precision.The memo depends on
[usersData]but only usesusersData?.users. While functionally equivalent (the optional chaining means the memo recomputes wheneverusersDatachanges), depending onusersData?.userswould be more explicit about the actual data dependency.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx` around lines 50 - 53, The memoized options in OwnerSection should depend on the actual users list rather than the whole usersData object. Update the useMemo dependency array in the options computation so it tracks usersData?.users directly, keeping the dependency explicit and aligned with what the mapping logic uses.frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx (1)
46-62: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winUse
slotPropsinstead of deprecatedInputPropsfor consistency.
OrganizationUnitSection.tsxin the same cohort usesslotProps={{ input: { ... } }}for the same read-only TextField + copy-adornment pattern.InputPropsis deprecated in MUI v6+. Align this component to useslotPropsfor consistency and forward compatibility.♻️ Proposed refactor to use `slotProps`
<TextField fullWidth id="agent-id-input" value={agent.id} - InputProps={{ - readOnly: true, - endAdornment: ( - <InputAdornment position="end"> - <Tooltip title={copiedField === 'agent_id' ? t('common:actions.copied') : t('common:actions.copy')}> - <IconButton - onClick={() => { - onCopyToClipboard(agent.id, 'agent_id').catch(() => null); - }} - edge="end" - > - {copiedField === 'agent_id' ? <Check size={16} /> : <Copy size={16} />} - </IconButton> - </Tooltip> - </InputAdornment> - ), - }} + slotProps={{ + input: { + readOnly: true, + endAdornment: ( + <InputAdornment position="end"> + <Tooltip title={copiedField === 'agent_id' ? t('common:actions.copied') : t('common:actions.copy')}> + <IconButton + onClick={() => { + onCopyToClipboard(agent.id, 'agent_id').catch(() => null); + }} + edge="end" + > + {copiedField === 'agent_id' ? <Check size={16} /> : <Copy size={16} />} + </IconButton> + </Tooltip> + </InputAdornment> + ), + }, + }}🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx` around lines 46 - 62, The QuickCopySection TextField is still using the deprecated InputProps API for its read-only copy-adornment setup. Update the TextField configuration in QuickCopySection to use slotProps with the input slot, matching the pattern already used in OrganizationUnitSection, and keep the same readOnly, endAdornment, and copy-button behavior via the existing onCopyToClipboard and copiedField logic.frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx (1)
179-179: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winUse
OAuth2GrantTypes.AUTHORIZATION_CODEinstead of the string literal.
EditFlowsSettingsandEditTokensSettingsboth use theOAuth2GrantTypes.AUTHORIZATION_CODEconstant, but this validation logic uses the raw string'authorization_code'. If the constant's value ever changes, this check would silently diverge from the lock/unlock logic in the child components.♻️ Proposed fix
import type {Agent, OAuthAgentConfig} from '../models/agent'; +import {OAuth2GrantTypes} from '../applications/models/oauth';- const hasAuthorizationCodeGrant = oauth2Config?.grantTypes?.includes('authorization_code') ?? false; + const hasAuthorizationCodeGrant = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false;🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx` at line 179, The authorization-code grant check in AgentEditPage is using a raw string that can drift from the rest of the OAuth flow logic. Update the hasAuthorizationCodeGrant validation to use the same OAuth2GrantTypes.AUTHORIZATION_CODE constant referenced by EditFlowsSettings and EditTokensSettings, so the lock/unlock behavior stays consistent if the enum value changes.frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx (1)
42-50: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winExtract shared
isUnlocked/appLikeAgentlogic to avoid duplication.The
isUnlockedcomputation,appLikeAgentcreation, andappHandleFieldChangecast are duplicated inEditTokensSettings.tsx(lines 44–49). Extracting a shared helper would keep the delegation-gate logic in one place.♻️ Suggested shared utility
+// e.g. in shared/useAppLikeAgent.ts +import type {Application} from '../../../../applications/models/application'; +import {OAuth2GrantTypes} from '../../../../applications/models/oauth'; +import type {Agent, OAuthAgentConfig} from '../../../models/agent'; + +export function createAppLikeAgent( + agent: Agent, + oauth2Config: OAuthAgentConfig | undefined, + onFieldChange: (field: keyof Agent, value: unknown) => void, +) { + const isUnlocked = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false; + const appLikeAgent = {...agent, isReadOnly: (agent.isReadOnly ?? false) || !isUnlocked} as unknown as Application; + const appHandleFieldChange = onFieldChange as unknown as (field: keyof Application, value: unknown) => void; + return {isUnlocked, appLikeAgent, appHandleFieldChange}; +}Then in both
EditFlowsSettings.tsxandEditTokensSettings.tsx:- const isUnlocked = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false; - const appLikeAgent = {...agent, isReadOnly: (agent.isReadOnly ?? false) || !isUnlocked} as unknown as Application; - const appHandleFieldChange = onFieldChange as unknown as (field: keyof Application, value: unknown) => void; + const {isUnlocked, appLikeAgent, appHandleFieldChange} = createAppLikeAgent(agent, oauth2Config, onFieldChange);🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx` around lines 42 - 50, The delegation-gate setup is duplicated between EditFlowsSettings and EditTokensSettings, so the shared isUnlocked/appLikeAgent/appHandleFieldChange logic should be extracted into one helper. Move the oauth2 grant check and the Application-shaped adapter/cast code into a reusable utility, then have both components consume it instead of rebuilding the same values locally. Keep the helper centered around the existing agent/editedAgent/onFieldChange inputs so the current behavior and read-only gating stay unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`:
- Around line 30-33: Update AgentGroupsSection to handle the failed fetch state
from useGetAgentGroups instead of falling through to the empty state.
Destructure the error flag from the hook alongside data and isLoading, then in
AgentGroupsSection render a dedicated error message when the request fails and
reserve the “This agent does not belong to any groups.” placeholder only for the
true empty result. Keep the loading and success paths unchanged.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Line 48: The owner picker in OwnerSection is capped by a hardcoded
useGetUsers({limit: 100, offset: 0}), which can hide valid users from the
Select. Update the data-loading approach in OwnerSection to avoid the fixed
100-user cap, either by adding searchable/debounced filtering or by using a
higher/paginated fetch strategy, and make sure the Select continues to use the
usersData from useGetUsers without excluding larger orgs.
---
Outside diff comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx`:
- Around line 45-46: The OrganizationUnitSection i18n strings are still mixed
between groups:* and agents:* while the SettingsCard content has already moved
to agents:*. Update the remaining FormLabel and Tooltip translations in
OrganizationUnitSection to use the matching
agents:edit.general.sections.organizationUnit.* and
agents:edit.general.sections.quickCopy.* keys, keeping the existing symbol
references in that component consistent with the new namespace.
---
Nitpick comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx`:
- Around line 42-50: The delegation-gate setup is duplicated between
EditFlowsSettings and EditTokensSettings, so the shared
isUnlocked/appLikeAgent/appHandleFieldChange logic should be extracted into one
helper. Move the oauth2 grant check and the Application-shaped adapter/cast code
into a reusable utility, then have both components consume it instead of
rebuilding the same values locally. Keep the helper centered around the existing
agent/editedAgent/onFieldChange inputs so the current behavior and read-only
gating stay unchanged.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx`:
- Around line 46-62: The QuickCopySection TextField is still using the
deprecated InputProps API for its read-only copy-adornment setup. Update the
TextField configuration in QuickCopySection to use slotProps with the input
slot, matching the pattern already used in OrganizationUnitSection, and keep the
same readOnly, endAdornment, and copy-button behavior via the existing
onCopyToClipboard and copiedField logic.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 50-53: The memoized options in OwnerSection should depend on the
actual users list rather than the whole usersData object. Update the useMemo
dependency array in the options computation so it tracks usersData?.users
directly, keeping the dependency explicit and aligned with what the mapping
logic uses.
In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx`:
- Line 179: The authorization-code grant check in AgentEditPage is using a raw
string that can drift from the rest of the OAuth flow logic. Update the
hasAuthorizationCodeGrant validation to use the same
OAuth2GrantTypes.AUTHORIZATION_CODE constant referenced by EditFlowsSettings and
EditTokensSettings, so the lock/unlock behavior stays consistent if the enum
value changes.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 18a789e2-a6b4-40b7-911a-48774b146311
⛔ Files ignored due to path filters (1)
backend/tests/mocks/agentmock/AgentServiceInterface_mock.gois excluded by!**/*_mock.go
📒 Files selected for processing (75)
api/agent.yamlbackend/cmd/server/servicemanager.gobackend/internal/agent/handler.gobackend/internal/agent/handler_test.gobackend/internal/agent/init.gobackend/internal/agent/init_test.gobackend/internal/agent/model/agent.gobackend/internal/agent/service.gobackend/internal/agent/service_test.gofrontend/apps/console/src/features/agents/api/useGetAgentGroups.tsfrontend/apps/console/src/features/agents/api/useGetAgentRoles.tsfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OperationModesSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OperationModesSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/RedirectURIsSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsxfrontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/flows/__tests__/EditFlowsSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/DelegationLockNotice.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/__tests__/DelegationLockNotice.test.tsxfrontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsxfrontend/apps/console/src/features/agents/components/edit-agent/tokens/EditTokensSettings.tsxfrontend/apps/console/src/features/agents/components/edit-agent/tokens/__tests__/EditTokensSettings.test.tsxfrontend/apps/console/src/features/agents/constants/agent-query-keys.tsfrontend/apps/console/src/features/agents/models/agent.tsfrontend/apps/console/src/features/agents/pages/AgentCreatePage.tsxfrontend/apps/console/src/features/agents/pages/AgentEditPage.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsxfrontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsxfrontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsxfrontend/apps/console/src/features/applications/models/__tests__/oauth.test.tsfrontend/apps/console/src/features/applications/models/oauth.tsfrontend/packages/components/src/lab/components/SettingsCard.tsxfrontend/packages/components/src/lab/components/__tests__/SettingsCard.test.tsx
💤 Files with no reviewable changes (4)
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
✅ Files skipped from review due to trivial changes (3)
- frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
- frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
🚧 Files skipped from review as they are similar to previous changes (37)
- frontend/apps/console/src/features/agents/pages/tests/AgentCreatePage.test.tsx
- frontend/apps/console/src/features/applications/models/tests/oauth.test.ts
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/EditCredentialsSettings.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/tests/TokenUserAttributesSection.test.tsx
- backend/cmd/server/servicemanager.go
- backend/internal/agent/handler_test.go
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/DangerZoneSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/ClientSecretSection.test.tsx
- frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/TokenEndpointAuthMethodSection.test.tsx
- api/agent.yaml
- backend/internal/agent/init.go
- frontend/apps/console/src/features/agents/components/edit-agent/attributes/tests/EditAgentAttributes.test.tsx
- backend/internal/agent/handler.go
- frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentRolesSection.test.tsx
- frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
- backend/internal/agent/model/agent.go
- frontend/apps/console/src/features/applications/models/oauth.ts
- backend/internal/agent/init_test.go
- backend/internal/agent/service.go
- frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/OwnerSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
- frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
- frontend/apps/console/src/features/agents/models/agent.ts
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
- frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/CertificateSection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/QuickCopySection.test.tsx
- frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx
- backend/internal/agent/service_test.go
| export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element { | ||
| const {t} = useTranslation(); | ||
| const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0}); | ||
| const groups = data?.groups ?? []; |
There was a problem hiding this comment.
🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win
Handle API error state to avoid misleading empty-state placeholder.
Only {data, isLoading} is destructured from the hook. If the request fails, isLoading becomes false, data is undefined, and the component shows "This agent does not belong to any groups." — which is misleading when the real problem is a fetch error. Consider destructuring isError and rendering an error message instead of the empty-state placeholder on failure.
🛡️ Suggested error-state handling
export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element {
const {t} = useTranslation();
- const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
+ const {data, isLoading, isError} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
const groups = data?.groups ?? [];
return (
<SettingsCard
title={t('agents:edit.access.groups.title', 'Groups')}
description={
<Trans
i18nKey="agents:edit.access.groups.description"
defaults="Groups this agent belongs to. Manage membership from the <manageLink>Groups page</manageLink>."
components={{manageLink: <Link to="/groups" />}}
/>
}
>
- {isLoading ? (
+ {isLoading ? (
<CircularProgress size={20} />
- ) : (
+ ) : isError ? (
+ <Typography color="error">
+ {t('agents:edit.access.groups.error', 'Failed to load groups.')}
+ </Typography>
+ ) : (
<FormControl fullWidth>📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element { | |
| const {t} = useTranslation(); | |
| const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0}); | |
| const groups = data?.groups ?? []; | |
| export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element { | |
| const {t} = useTranslation(); | |
| const {data, isLoading, isError} = useGetAgentGroups(agentId, {limit: 100, offset: 0}); | |
| const groups = data?.groups ?? []; | |
| return ( | |
| <SettingsCard | |
| title={t('agents:edit.access.groups.title', 'Groups')} | |
| description={ | |
| <Trans | |
| i18nKey="agents:edit.access.groups.description" | |
| defaults="Groups this agent belongs to. Manage membership from the <manageLink>Groups page</manageLink>." | |
| components={{manageLink: <Link to="/groups" />}} | |
| /> | |
| } | |
| > | |
| {isLoading ? ( | |
| <CircularProgress size={20} /> | |
| ) : isError ? ( | |
| <Typography color="error"> | |
| {t('agents:edit.access.groups.error', 'Failed to load groups.')} | |
| </Typography> | |
| ) : ( | |
| <FormControl fullWidth> |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`
around lines 30 - 33, Update AgentGroupsSection to handle the failed fetch state
from useGetAgentGroups instead of falling through to the empty state.
Destructure the error flag from the hook alongside data and isLoading, then in
AgentGroupsSection render a dedicated error message when the request fails and
reserve the “This agent does not belong to any groups.” placeholder only for the
true empty result. Keep the loading and success paths unchanged.
| export default function OwnerSection({agent, editedAgent, onFieldChange}: OwnerSectionProps): JSX.Element { | ||
| const {t} = useTranslation(); | ||
|
|
||
| const {data: usersData, isLoading: usersLoading} = useGetUsers({limit: 100, offset: 0}); |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win
Hardcoded user limit of 100 may exclude valid owners.
useGetUsers({limit: 100, offset: 0}) caps the dropdown at 100 users. Organizations with more users won't show all potential owners in the Select. Consider adding a search/debounced-filter or increasing the limit, or at minimum document this constraint.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`
at line 48, The owner picker in OwnerSection is capped by a hardcoded
useGetUsers({limit: 100, offset: 0}), which can hide valid users from the
Select. Update the data-loading approach in OwnerSection to avoid the fixed
100-user cap, either by adding searchable/debounced filtering or by using a
higher/paginated fetch strategy, and make sure the Select continues to use the
usersData from useGetUsers without excluding larger orgs.
5024ddb to
4ddb5e0
Compare
4ddb5e0 to
b0fc51d
Compare
d5fb571 to
93a811d
Compare
93a811d to
7b013f5
Compare
Purpose
Agents in the console currently reuse the Application edit page components almost as-is (the
Agent object is type-cast to an
Applicationeverywhere), which mixes application-orientedcopy and configuration groupings into a page meant for a very different actor. This PR
redesigns the Agent edit page into a dedicated 5-tab layout — Overview, Credentials,
User Delegation, Access, Advanced — that groups configuration by how the agent is
used (autonomous client-credentials access vs. acting on behalf of a delegated user) instead
of by field type, and rewrites all agent-facing copy to describe agent use cases rather than
generic OAuth client concepts.
Approach
AgentEditPage.tsx): replaced the old General/Attributes/Flows/Token/Advancedtabs with Overview (always shown), Credentials, User Delegation, and Advanced (shown when OAuth
is configured), and Access (always shown, since group/role access applies regardless of OAuth).
(
AuthenticationFlowSection,RegistrationFlowSection,RecoveryFlowSection,EditTokenSettings/TokenUserAttributesSection), they were made entity-aware via newentityLabel,showUserInfoTab, andshowActorClaimprops so a single component serves bothApplications and Agents with correct, non-generic copy — avoiding component duplication.
OAuth2ConfigSectionwas split into a focusedGrantTypesSectionthat groups grants by purpose — Agent grants (
client_credentials, always on), Delegationgrants (
authorization_code,ciba,refresh_token), Shared grants (token_exchange) —instead of a flat multi-select, making the client-credentials-vs-delegation distinction visible
at a glance.
"User Delegation → Flows" while the
authorization_codetoggle lived in "Advanced" split asingle logical step across two disconnected tabs,
RedirectURIsSectionwas moved into theAdvanced tab as its own card immediately after Grant Types, so it only appears once
authorization_codeis turned on and both edits happen in one place.EditUserDelegationSettingsnow checks whetherauthorization_codeisenabled and, if not, replaces the Flows/Tokens sub-tabs with a warning message pointing the user
to Advanced instead of exposing controls that would be meaningless (and would fail to save)
without a grant + redirect URI configured.
TokenUserAttributesSectionalready renders one per tab) and, after confirming via backendresearch that
OAuthClient.ShouldAppendActorClaim()adds an RFC 8693actclaim to accesstokens for delegated agent flows, added that claim to the preview along with an explanation of
what it represents.
GET /agents/{id}/groupsalready existed; added the missingGET /agents/{id}/rolesendpoint (mirroring the groups endpoint's validation, pagination, andresponse shape exactly, backed by the existing
role.Service.GetUserRolesdirect+group-inheritedlookup) so the Access tab can show both groups and roles read-only, with links to manage them
in their respective sections.
non-toggleable
authorization_codepill (regression that would have blocked agents createdwith only
client_credentials), defaulted PKCE on for newly created agents, and removed the"Public Client" toggle and "Agent as User" password section from the agent UI (kept out of
scope for now, not backend-removed).
the new UI without migration.
Screen Shots for UI changes:
Related Issues
Related PRs
Summary by CodeRabbit
New Features
Bug Fixes
Style