Skip to content

Redesign the agent edit page#3755

Open
Dilusha-Madushan wants to merge 1 commit into
thunder-id:mainfrom
Dilusha-Madushan:feature/agent-edit-page-redesign
Open

Redesign the agent edit page#3755
Dilusha-Madushan wants to merge 1 commit into
thunder-id:mainfrom
Dilusha-Madushan:feature/agent-edit-page-redesign

Conversation

@Dilusha-Madushan

@Dilusha-Madushan Dilusha-Madushan commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Purpose

Agents in the console currently reuse the Application edit page components almost as-is (the
Agent object is type-cast to an Application everywhere), which mixes application-oriented
copy and configuration groupings into a page meant for a very different actor. This PR
redesigns the Agent edit page into a dedicated 5-tab layout — Overview, Credentials,
User Delegation, Access, Advanced — that groups configuration by how the agent is
used
(autonomous client-credentials access vs. acting on behalf of a delegated user) instead
of by field type, and rewrites all agent-facing copy to describe agent use cases rather than
generic OAuth client concepts.

Approach

  • Tab restructure (AgentEditPage.tsx): replaced the old General/Attributes/Flows/Token/Advanced
    tabs with Overview (always shown), Credentials, User Delegation, and Advanced (shown when OAuth
    is configured), and Access (always shown, since group/role access applies regardless of OAuth).
  • Reuse over rewrite: rather than forking the existing Application flow/token components
    (AuthenticationFlowSection, RegistrationFlowSection, RecoveryFlowSection,
    EditTokenSettings/TokenUserAttributesSection), they were made entity-aware via new
    entityLabel, showUserInfoTab, and showActorClaim props so a single component serves both
    Applications and Agents with correct, non-generic copy — avoiding component duplication.
  • Grant type presentation: OAuth2ConfigSection was split into a focused GrantTypesSection
    that groups grants by purpose — Agent grants (client_credentials, always on), Delegation
    grants
    (authorization_code, ciba, refresh_token), Shared grants (token_exchange) —
    instead of a flat multi-select, making the client-credentials-vs-delegation distinction visible
    at a glance.
  • Redirect URI placement: after review feedback that requiring the redirect URI in
    "User Delegation → Flows" while the authorization_code toggle lived in "Advanced" split a
    single logical step across two disconnected tabs, RedirectURIsSection was moved into the
    Advanced tab as its own card immediately after Grant Types, so it only appears once
    authorization_code is turned on and both edits happen in one place.
  • Delegation gating: EditUserDelegationSettings now checks whether authorization_code is
    enabled and, if not, replaces the Flows/Tokens sub-tabs with a warning message pointing the user
    to Advanced instead of exposing controls that would be meaningless (and would fail to save)
    without a grant + redirect URI configured.
  • Token preview accuracy: removed a redundant custom token-preview block (the reused
    TokenUserAttributesSection already renders one per tab) and, after confirming via backend
    research that OAuthClient.ShouldAppendActorClaim() adds an RFC 8693 act claim to access
    tokens for delegated agent flows, added that claim to the preview along with an explanation of
    what it represents.
  • Access tab / backend: GET /agents/{id}/groups already existed; added the missing
    GET /agents/{id}/roles endpoint (mirroring the groups endpoint's validation, pagination, and
    response shape exactly, backed by the existing role.Service.GetUserRoles direct+group-inherited
    lookup) so the Access tab can show both groups and roles read-only, with links to manage them
    in their respective sections.
  • Smaller UX fixes surfaced during review: fixed low-contrast icon badges, removed a
    non-toggleable authorization_code pill (regression that would have blocked agents created
    with only client_credentials), defaulted PKCE on for newly created agents, and removed the
    "Public Client" toggle and "Agent as User" password section from the agent UI (kept out of
    scope for now, not backend-removed).
  • No database schema or backward-incompatible API changes — existing agents load and save under
    the new UI without migration.
Screen Shots for UI changes: image image image image image image image image

Related Issues

Related PRs

Summary by CodeRabbit

  • New Features

    • Added agent access tabs for viewing groups, roles, and owner details.
    • Added new credential and security settings, including client secret, token endpoint auth, and PKCE/PAR controls.
    • Added clearer agent flow, token, and overview settings with updated read-only behavior and validation messaging.
  • Bug Fixes

    • Improved agent edit/save validation and empty-state handling.
    • Updated role/group and redirect-URI displays to better reflect current configuration.
  • Style

    • Refreshed labels, descriptions, and translation text across agent settings.

@coderabbitai

coderabbitai Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

This PR adds a paginated GET /agents/{id}/roles endpoint with backend role service integration, and substantially redesigns the agent edit UI into dedicated overview, attributes, credentials, advanced, access, and delegation-gated flows/tokens sections. It also adds showUserInfoTab/showActorClaim token preview flags and a Token Exchange OAuth grant type.

Changes

Agent Roles Listing Feature

Layer / File(s) Summary
OpenAPI contract
api/agent.yaml
Adds the /agents/{id}/roles GET operation and AgentRoleListResponse schema.
Backend service and route wiring
backend/cmd/server/servicemanager.go, backend/internal/agent/init.go, backend/internal/agent/handler.go, backend/internal/agent/service.go, backend/internal/agent/model/agent.go
Wires roleService into agent initialization, registers the roles route, implements GetAgentRoles with group-based role resolution and pagination, and adds the response DTO.
Backend tests
backend/internal/agent/handler_test.go, backend/internal/agent/init_test.go, backend/internal/agent/service_test.go
Adds handler and service tests for GetAgentRoles, mocks role service, and updates test harness arity.
Access hooks and sections
frontend/.../api/useGetAgentGroups.ts, useGetAgentRoles.ts, .../access/*, agent-query-keys.ts, SettingsCard.tsx
Adds React Query hooks and UI sections for agent groups/roles/allowed user types, widens SettingsCard description typing, plus tests.

Estimated code review effort: 4 (Complex) | ~75 minutes

Agent Edit Page Redesign

Layer / File(s) Summary
Shared UI primitives
shared/EmptyState.tsx, shared/transCodeComponents.tsx
Adds reusable empty-state and code-highlighting components.
Overview & general settings
overview/*, general-settings/*
Adds owner editing and overview composition; simplifies quick-copy, danger-zone, and org-unit sections.
Attributes editing
attributes/EditAgentAttributes.tsx
Refactors read-only/edit rendering, formatting, and mutation-state handling.
Credentials tab
credentials/*
Adds client-secret, token-auth-method, and credentials-composition sections; updates certificate i18n.
Advanced settings
advanced-settings/*
Replaces prior OAuth2 config UI with OperationModesSection, updated RedirectURIsSection, and SecuritySection (PKCE/PAR).
User delegation tab
flows/EditFlowsSettings.tsx, tokens/EditTokensSettings.tsx, shared/DelegationLockNotice.tsx
Adds delegation-gated flows/tokens sub-tabs reusing application components.
Page wiring
pages/AgentEditPage.tsx, pages/AgentCreatePage.tsx, models/agent.ts
Rebuilds tab composition and unsaved-changes validation messaging, extends the agent model, and adds PKCE default on create.

Estimated code review effort: 5 (Critical) | ~110 minutes

Token Settings and OAuth Model Enhancements

Layer / File(s) Summary
Flow description interpolation
flows-settings/AuthenticationFlowSection.tsx, RecoveryFlowSection.tsx, RegistrationFlowSection.tsx
Adds {{entity}} interpolation to flow section descriptions.
Token settings flags
token-settings/EditTokenSettings.tsx, TokenUserAttributesSection.tsx, JwtPreview.tsx
Adds showUserInfoTab/showActorClaim props, widens JWT payload typing, adds actor-claim preview.
Token Exchange grant type
models/oauth.ts
Adds RFC 8693 Token Exchange grant type URI.

Estimated code review effort: 2 (Simple) | ~15 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant agentHandler
  participant agentService
  participant roleService

  Client->>agentHandler: GET /agents/{id}/roles?limit&offset
  agentHandler->>agentHandler: validate id and parse pagination
  agentHandler->>agentService: GetAgentRoles(id, limit, offset)
  agentService->>agentService: load agent, resolve group IDs
  agentService->>roleService: GetUserRoles(agentID, groupIDs)
  roleService-->>agentService: roles list
  agentService-->>agentHandler: AgentRoleListResponse
  agentHandler-->>Client: 200 OK
Loading

Suggested reviewers: ThaminduDilshan, thiva-k, rajithacharith

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title clearly summarizes the main change: a redesign of the agent edit page.
Description check ✅ Passed The description covers Purpose, Approach, Related Issues, Related PRs, and screenshots; only checklist/security sections are missing.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch 2 times, most recently from a014b4f to 657c3cb Compare July 6, 2026 07:00

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
backend/internal/agent/init.go (1)

90-99: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

New public endpoint added without corresponding documentation updates.

This adds GET /agents/{id}/roles as a new public REST endpoint (mirroring the /groups endpoint). Across the full PR stack (API spec, backend wiring, frontend hooks, Access tab UI), no docs/ updates are present in any of the provided layers.

🔴 Documentation Required
This PR introduces user-facing changes that are not covered by documentation updates under docs/.
Please update the relevant documentation before merging.

Missing documentation:

  • New GET /agents/{id}/roles endpoint: document the endpoint, request/response schema (AgentRoleListResponse), and pagination behavior in docs/content/apis.mdx (or equivalent agent API reference).
  • New Access tab (groups/roles read-only view with management links) in the Agent edit page: document this in a relevant docs/content/guides/ page describing the agent edit experience.

As per path instructions: "If ANY of the above are detected and the PR does NOT include corresponding updates under docs/... post a single consolidated PR-level comment."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/internal/agent/init.go` around lines 90 - 99, Add the missing docs
for this PR’s user-facing changes: document the new GET /agents/{id}/roles
endpoint alongside the existing agent access APIs, including the
AgentRoleListResponse schema and pagination behavior, and update the relevant
docs/content/guides page to cover the Agent edit page Access tab (groups/roles
read-only view and management links). Use the existing /agents/{id}/groups API
docs and the Access tab frontend flow as the reference points to keep the new
entries aligned with the current agent documentation.

Source: Path instructions

🧹 Nitpick comments (12)
frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx (1)

419-442: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Consider deriving tabIndex from availableTabs directly.

The initial tabIndex value (2 vs 0) is a magic number tied to userinfo occupying the last slot in availableTabs. Deriving it via indexOf removes that implicit coupling.

♻️ Proposed refactor
-    let tabIndex = showUserInfoTab ? 2 : 0;
-
-    if (activeTab === 'access') {
-      tabIndex = 0;
-    } else if (activeTab === 'id') {
-      tabIndex = 1;
-    }
-
-    const availableTabs: ('access' | 'id' | 'userinfo')[] = showUserInfoTab ? ['access', 'id', 'userinfo'] : ['access', 'id'];
+    const availableTabs: ('access' | 'id' | 'userinfo')[] = showUserInfoTab ? ['access', 'id', 'userinfo'] : ['access', 'id'];
+    const resolvedTabIndex = availableTabs.indexOf(activeTab);
+    const tabIndex = resolvedTabIndex === -1 ? 0 : resolvedTabIndex;
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx`
around lines 419 - 442, The OAuth tab selection logic in
TokenUserAttributesSection should not rely on a magic initial tabIndex value
tied to userinfo being the last entry. Update the tab index calculation in the
isOAuthMode block to derive the active index from availableTabs directly (using
the current activeTab and availableTabs array) while keeping the existing
activeTab overrides for access and id, so Tab and onTabChange stay aligned even
if the tab order changes.
frontend/apps/console/src/features/agents/models/agent.ts (1)

107-125: 🗄️ Data Integrity & Integration | 🔵 Trivial | 💤 Low value

Frontend response types omit links present in the OpenAPI contract.

AgentGroupListResponse/AgentRoleListResponse in api/agent.yaml both include a links pagination array, but these frontend types don't declare it. Harmless today (extra API fields are ignored), but worth adding for contract completeness/future pagination UI.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@frontend/apps/console/src/features/agents/models/agent.ts` around lines 107 -
125, The frontend response types for agent group and role listings are missing
the pagination links field from the API contract. Update the
AgentGroupListResponse and AgentRoleListResponse interfaces in agent.ts to
include the links array defined by the OpenAPI schema, using a shared link type
if one already exists in the models. Keep the existing totalResults, startIndex,
count, groups, and roles fields unchanged while adding the contract-complete
pagination metadata.
frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts (1)

30-57: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Duplicate hook boilerplate vs. useGetAgentGroups.

This hook is structurally identical to useGetAgentGroups (same query-key pattern, URLSearchParams building, and http.request cast) apart from the endpoint path. Consider extracting a small generic factory, e.g. createAgentListHook(resource, queryKey), to avoid duplicating this boilerplate as more /agents/{id}/<sub-resource> hooks are added.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts` around
lines 30 - 57, The `useGetAgentRoles` hook duplicates the same query setup,
URLSearchParams construction, and `http.request` casting already used in
`useGetAgentGroups`, with only the endpoint path differing. Refactor these
shared pieces into a small reusable factory such as
`createAgentListHook(resource, queryKey)` and have `useGetAgentRoles` and
`useGetAgentGroups` call it with their specific resource path and
`AgentQueryKeys` entry. Keep the existing `useQuery` behavior, `enabled` check,
and response typing intact while removing the repeated boilerplate.
backend/internal/agent/service_test.go (1)

2064-2084: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

clearMockCalls silently no-ops for the new role mock.

The type switch doesn't include *rolemock.RoleServiceInterfaceMock. Not exercised today (no test calls clearMockCalls(mockRole, ...)), but if a future GetAgentRoles test needs to reset a default expectation, this will silently do nothing instead of failing loudly.

🔧 Proposed fix
 func clearMockCalls(m any, method string) {
 	var mockObj *mock.Mock
 	switch v := m.(type) {
 	case *entitymock.EntityServiceInterfaceMock:
 		mockObj = &v.Mock
 	case *inboundclientmock.InboundClientServiceInterfaceMock:
 		mockObj = &v.Mock
 	case *oumock.OrganizationUnitServiceInterfaceMock:
 		mockObj = &v.Mock
+	case *rolemock.RoleServiceInterfaceMock:
+		mockObj = &v.Mock
 	}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/internal/agent/service_test.go` around lines 2064 - 2084, The helper
clearMockCalls currently ignores the new role mock type, so it silently does
nothing when passed *rolemock.RoleServiceInterfaceMock. Update the type switch
in clearMockCalls to recognize the role mock alongside the existing entity,
inbound client, and organization unit mocks, and consider making the
unsupported-type path fail loudly rather than returning silently so future test
misuse is caught early.
frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx (1)

33-75: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Near-duplicate of AgentRolesSection.

This component's structure (fetch, loading/empty/list branching, header action link) is almost identical to AgentRolesSection.tsx. Consider extracting a shared generic list-section component (icon, title/description, manage link, items) parameterized by item renderer to reduce duplication.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`
around lines 33 - 75, The AgentGroupsSection component is nearly identical to
AgentRolesSection in its fetch/loading/empty/list branching and header action
setup. Refactor by extracting a shared reusable list-section component that owns
the common SettingsCard, loading, empty-state, and manage-link behavior, and
parameterize it with title/description, link text/target, icon, data source, and
an item renderer. Then update AgentGroupsSection to delegate to that shared
component instead of duplicating the structure.
frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx (1)

105-119: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low value

Full-form submit on per-row confirm.

handleSubmit(onSubmit) validates/collects the entire form on every row's "Confirm" click, not just the edited row. Given current data originates from valid saved values, this is low risk today, but a validation error on an un-rendered field could silently block confirming an unrelated row without visible feedback.

Also applies to: 146-153

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`
around lines 105 - 119, The per-row Confirm action is using
handleSubmit(onSubmit), which validates the entire form instead of only the
edited attribute row. Update EditAgentAttributes so the row-level confirm in the
edit flow submits just the current field/value (using the row’s key and the
local editing state) rather than running full-form validation, and apply the
same change to the matching confirm handler in the other affected block so
unrendered fields cannot block saving an unrelated row.
frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx (1)

161-171: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick win

Test gap: no coverage for cancel-after-a-prior-successful-save.

Current cancel test only covers cancelling a first-time edit. Given the resetField behavior flagged in EditAgentAttributes.tsx (reverts to mount-time defaults rather than the last saved value), consider adding a test that: saves a row once, edits it again, cancels, and asserts the displayed value is the previously-saved value (not the original pre-edit one).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`
around lines 161 - 171, The current cancel test in EditAgentAttributes only
covers abandoning a first edit, so it misses the resetField behavior after a
successful save. Add a test in EditAgentAttributes.test.tsx that uses
EditAgentAttributes, EditAgentAttributes.tsx, and the existing row helpers to
save a value once, reopen the same row for editing, cancel, and verify the
displayed field stays at the last saved value rather than reverting to the
original mount-time value. Also assert the edit action is restored and no extra
mutation is triggered on cancel.
frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx (1)

51-59: 🚀 Performance & Scalability | 🔵 Trivial | ⚡ Quick win

Hardcoded limit: 100 can silently mis-display the owner.

useGetUsers({limit: 100, offset: 0}) fetches only the first 100 users with no search/pagination. If the assigned owner isn't in that first page, ownerLabel falls back to the raw ownerId (Line 59), showing a UUID instead of a name, and the "no owner assigned" hint (Line 109) won't fire since ownerId is truthy — the failure is silent and confusing for orgs with more users than the page size.

Consider a searchable/async autocomplete (query-as-you-type) instead of a flat capped list, especially since this same picker is used for selecting new owners too.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`
around lines 51 - 59, The owner picker in OwnerSection is relying on useGetUsers
with a hardcoded 100-user page, which can hide the real owner and fall back to
showing the raw ownerId. Update the OwnerSection flow to use a searchable/async
user lookup for the owner selection and label resolution, so the current owner
is resolved on demand instead of from a capped options list. Keep the
ownerId/ownerLabel logic in sync with the new async search source so the display
and picker both work for users outside the first page.
frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx (1)

84-108: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Use slotProps.input instead of deprecated InputProps.

InputProps on TextField is deprecated as of MUI v6 (removed in v7); the sibling ClientSecretSuccessDialog in this same PR already uses slotProps.input for an equivalent adornment. Migrating here keeps the codebase consistent and avoids a future breaking upgrade.

♻️ Proposed refactor
             <TextField
               fullWidth
               id="agent-client-id-input"
               value={oauth2Config.clientId}
-              InputProps={{
-                readOnly: true,
-                endAdornment: (
-                  <InputAdornment position="end">
-                    <Tooltip title={copiedField === 'clientId' ? t('common:actions.copied') : t('common:actions.copy')}>
-                      <IconButton
-                        onClick={() => {
-                          if (oauth2Config.clientId) {
-                            onCopyToClipboard(oauth2Config.clientId, 'clientId').catch(() => null);
-                          }
-                        }}
-                        edge="end"
-                      >
-                        {copiedField === 'clientId' ? <Check size={16} /> : <Copy size={16} />}
-                      </IconButton>
-                    </Tooltip>
-                  </InputAdornment>
-                ),
-              }}
+              slotProps={{
+                input: {
+                  readOnly: true,
+                  endAdornment: (
+                    <InputAdornment position="end">
+                      <Tooltip title={copiedField === 'clientId' ? t('common:actions.copied') : t('common:actions.copy')}>
+                        <IconButton
+                          onClick={() => {
+                            if (oauth2Config.clientId) {
+                              onCopyToClipboard(oauth2Config.clientId, 'clientId').catch(() => null);
+                            }
+                          }}
+                          edge="end"
+                        >
+                          {copiedField === 'clientId' ? <Check size={16} /> : <Copy size={16} />}
+                        </IconButton>
+                      </Tooltip>
+                    </InputAdornment>
+                  ),
+                },
+              }}
               sx={{'& input': {fontFamily: 'monospace', fontSize: '0.875rem'}}}
             />
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx`
around lines 84 - 108, The TextField in ClientSecretSection currently uses
deprecated InputProps for its read-only adornment; migrate this field to
slotProps.input to match the newer MUI API and keep consistency with
ClientSecretSuccessDialog. Preserve the existing readOnly behavior, endAdornment
copy button, tooltip, and monospace styling while moving the input configuration
off InputProps and onto the TextField’s slotProps.input.
frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx (1)

39-106: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Consider adding coverage for the copy-to-clipboard and success-dialog flow.

Current tests cover rendering and dialog-open, but not the onCopyToClipboard interaction or the RegenerateSecretDialog.onSuccess → ClientSecretSuccessDialog handoff (newClientSecret state).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx`
around lines 39 - 106, The ClientSecretSection tests are missing coverage for
the copy-to-clipboard path and the regenerate success flow. Add a test that
exercises the copy action and asserts onCopyToClipboard is called from
ClientSecretSection, and add a test that drives RegenerateSecretDialog.onSuccess
to verify the newClientSecret state opens ClientSecretSuccessDialog. Use the
existing ClientSecretSection, RegenerateSecretDialog, and
ClientSecretSuccessDialog references to locate the right interaction points.
frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx (1)

43-49: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Use TokenEndpointAuthMethods.PRIVATE_KEY_JWT here
Swap the raw 'private_key_jwt' literal for TokenEndpointAuthMethods.PRIVATE_KEY_JWT to keep this check type-safe and consistent with the sibling auth-method handling.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx`
around lines 43 - 49, The OAuth2 config update logic should use the shared
auth-method enum instead of a raw string literal. In
EditCredentialsSettings.tsx, update the handling in handleOAuth2ConfigChange and
any sibling auth-method checks so the private key JWT case references
TokenEndpointAuthMethods.PRIVATE_KEY_JWT rather than 'private_key_jwt', keeping
the comparison type-safe and consistent with the other auth-method handling.
frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx (1)

88-107: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Grant pills lack toggle-state accessibility semantics.

GrantPill renders MUI Chip as a clickable toggle (active/inactive), but Chip doesn't expose pressed/selected state to assistive tech by default. Screen-reader users can't tell which grants are currently on without visually inspecting fill color.

♿ Suggested fix: expose toggle state via aria-pressed
 function GrantPill({label, active, locked = false, onClick = undefined}: GrantPillProps) {
   return (
     <Chip
       label={label}
       clickable={!locked}
       onClick={locked ? undefined : onClick}
       disabled={locked && !active}
       variant={active ? 'filled' : 'outlined'}
       color={active ? 'primary' : 'default'}
       sx={locked ? {cursor: 'default'} : undefined}
+      aria-pressed={locked ? undefined : active}
     />
   );
 }

Also applies to: 158-190

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx`
around lines 88 - 107, GrantPill is used as a toggle-like control but does not
expose its active state to assistive tech. Update the Chip rendered by GrantPill
to include toggle semantics such as aria-pressed based on the active prop, and
apply the same change to the other GrantPill usage referenced in the diff so
screen readers can announce on/off state consistently. Keep the existing
locked/disabled behavior intact while making the active/inactive state explicit.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 50-62: The cancel flow in EditAgentAttributes is resetting fields
to the mount-time default instead of the latest saved value because resetField
uses the original useForm defaultValues. Update the save/cancel handling around
useForm, resetField, and the editingKey flow so Cancel restores the current
agent.attributes state after a successful save. Use the latest saved attribute
value as the reset target for each field rather than relying on the initial
attributes snapshot.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 102-106: The icon-only edit control in OwnerSection is missing an
accessible name, so update the IconButton used to toggle edit mode to include a
clear aria-label or equivalent accessible label. Keep the change localized to
the edit button in OwnerSection and ensure the label describes the action, such
as editing the owner section.

In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx`:
- Around line 251-266: The Advanced tab label in AgentEditPage is using the
wrong translation namespace, unlike the other agent tabs. Update the label in
the tabs.push block to use the agents i18n key path instead of
applications:edit.page.tabs.advanced, keeping the existing t(...) pattern
consistent with the surrounding tab labels in AgentEditPage.

---

Outside diff comments:
In `@backend/internal/agent/init.go`:
- Around line 90-99: Add the missing docs for this PR’s user-facing changes:
document the new GET /agents/{id}/roles endpoint alongside the existing agent
access APIs, including the AgentRoleListResponse schema and pagination behavior,
and update the relevant docs/content/guides page to cover the Agent edit page
Access tab (groups/roles read-only view and management links). Use the existing
/agents/{id}/groups API docs and the Access tab frontend flow as the reference
points to keep the new entries aligned with the current agent documentation.

---

Nitpick comments:
In `@backend/internal/agent/service_test.go`:
- Around line 2064-2084: The helper clearMockCalls currently ignores the new
role mock type, so it silently does nothing when passed
*rolemock.RoleServiceInterfaceMock. Update the type switch in clearMockCalls to
recognize the role mock alongside the existing entity, inbound client, and
organization unit mocks, and consider making the unsupported-type path fail
loudly rather than returning silently so future test misuse is caught early.

In `@frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts`:
- Around line 30-57: The `useGetAgentRoles` hook duplicates the same query
setup, URLSearchParams construction, and `http.request` casting already used in
`useGetAgentGroups`, with only the endpoint path differing. Refactor these
shared pieces into a small reusable factory such as
`createAgentListHook(resource, queryKey)` and have `useGetAgentRoles` and
`useGetAgentGroups` call it with their specific resource path and
`AgentQueryKeys` entry. Keep the existing `useQuery` behavior, `enabled` check,
and response typing intact while removing the repeated boilerplate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`:
- Around line 33-75: The AgentGroupsSection component is nearly identical to
AgentRolesSection in its fetch/loading/empty/list branching and header action
setup. Refactor by extracting a shared reusable list-section component that owns
the common SettingsCard, loading, empty-state, and manage-link behavior, and
parameterize it with title/description, link text/target, icon, data source, and
an item renderer. Then update AgentGroupsSection to delegate to that shared
component instead of duplicating the structure.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx`:
- Around line 88-107: GrantPill is used as a toggle-like control but does not
expose its active state to assistive tech. Update the Chip rendered by GrantPill
to include toggle semantics such as aria-pressed based on the active prop, and
apply the same change to the other GrantPill usage referenced in the diff so
screen readers can announce on/off state consistently. Keep the existing
locked/disabled behavior intact while making the active/inactive state explicit.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`:
- Around line 161-171: The current cancel test in EditAgentAttributes only
covers abandoning a first edit, so it misses the resetField behavior after a
successful save. Add a test in EditAgentAttributes.test.tsx that uses
EditAgentAttributes, EditAgentAttributes.tsx, and the existing row helpers to
save a value once, reopen the same row for editing, cancel, and verify the
displayed field stays at the last saved value rather than reverting to the
original mount-time value. Also assert the edit action is restored and no extra
mutation is triggered on cancel.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 105-119: The per-row Confirm action is using
handleSubmit(onSubmit), which validates the entire form instead of only the
edited attribute row. Update EditAgentAttributes so the row-level confirm in the
edit flow submits just the current field/value (using the row’s key and the
local editing state) rather than running full-form validation, and apply the
same change to the matching confirm handler in the other affected block so
unrendered fields cannot block saving an unrelated row.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx`:
- Around line 39-106: The ClientSecretSection tests are missing coverage for the
copy-to-clipboard path and the regenerate success flow. Add a test that
exercises the copy action and asserts onCopyToClipboard is called from
ClientSecretSection, and add a test that drives RegenerateSecretDialog.onSuccess
to verify the newClientSecret state opens ClientSecretSuccessDialog. Use the
existing ClientSecretSection, RegenerateSecretDialog, and
ClientSecretSuccessDialog references to locate the right interaction points.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx`:
- Around line 84-108: The TextField in ClientSecretSection currently uses
deprecated InputProps for its read-only adornment; migrate this field to
slotProps.input to match the newer MUI API and keep consistency with
ClientSecretSuccessDialog. Preserve the existing readOnly behavior, endAdornment
copy button, tooltip, and monospace styling while moving the input configuration
off InputProps and onto the TextField’s slotProps.input.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx`:
- Around line 43-49: The OAuth2 config update logic should use the shared
auth-method enum instead of a raw string literal. In
EditCredentialsSettings.tsx, update the handling in handleOAuth2ConfigChange and
any sibling auth-method checks so the private key JWT case references
TokenEndpointAuthMethods.PRIVATE_KEY_JWT rather than 'private_key_jwt', keeping
the comparison type-safe and consistent with the other auth-method handling.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 51-59: The owner picker in OwnerSection is relying on useGetUsers
with a hardcoded 100-user page, which can hide the real owner and fall back to
showing the raw ownerId. Update the OwnerSection flow to use a searchable/async
user lookup for the owner selection and label resolution, so the current owner
is resolved on demand instead of from a capped options list. Keep the
ownerId/ownerLabel logic in sync with the new async search source so the display
and picker both work for users outside the first page.

In `@frontend/apps/console/src/features/agents/models/agent.ts`:
- Around line 107-125: The frontend response types for agent group and role
listings are missing the pagination links field from the API contract. Update
the AgentGroupListResponse and AgentRoleListResponse interfaces in agent.ts to
include the links array defined by the OpenAPI schema, using a shared link type
if one already exists in the models. Keep the existing totalResults, startIndex,
count, groups, and roles fields unchanged while adding the contract-complete
pagination metadata.

In
`@frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx`:
- Around line 419-442: The OAuth tab selection logic in
TokenUserAttributesSection should not rely on a magic initial tabIndex value
tied to userinfo being the last entry. Update the tab index calculation in the
isOAuthMode block to derive the active index from availableTabs directly (using
the current activeTab and availableTabs array) while keeping the existing
activeTab overrides for access and id, so Tab and onTabChange stay aligned even
if the tab order changes.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: baa43515-9cb9-4d27-a4ed-bba3775edc5d

📥 Commits

Reviewing files that changed from the base of the PR and between 9ae4067 and 3793390.

⛔ Files ignored due to path filters (1)
  • backend/tests/mocks/agentmock/AgentServiceInterface_mock.go is excluded by !**/*_mock.go
📒 Files selected for processing (69)
  • api/agent.yaml
  • backend/cmd/server/servicemanager.go
  • backend/internal/agent/handler.go
  • backend/internal/agent/handler_test.go
  • backend/internal/agent/init.go
  • backend/internal/agent/init_test.go
  • backend/internal/agent/model/agent.go
  • backend/internal/agent/service.go
  • backend/internal/agent/service_test.go
  • frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
  • frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/GrantTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/__tests__/EditUserDelegationSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsx
  • frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
  • frontend/apps/console/src/features/agents/models/agent.ts
  • frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
  • frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsx
  • frontend/apps/console/src/features/applications/models/__tests__/oauth.test.ts
  • frontend/apps/console/src/features/applications/models/oauth.ts
💤 Files with no reviewable changes (4)
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx

Comment thread frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
@codecov

codecov Bot commented Jul 6, 2026

Copy link
Copy Markdown

@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch 4 times, most recently from 8337f9b to cd81c7c Compare July 6, 2026 11:50

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (1)
frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx (1)

64-69: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Duplicated credential-exclusion predicate.

The same filter predicate ((fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential) is repeated in hasEditableFields and schemaFields. Combined with the read-only view needing the identical check (see separate comment), this logic should be extracted into a single helper (e.g., isEditableField(fieldDef)) to avoid drift if the rule changes.

Also applies to: 117-121

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`
around lines 64 - 69, The credential-exclusion check is duplicated in
EditAgentAttributes’s hasEditableFields and schemaFields logic, which risks
drift as the rule evolves. Extract the repeated predicate into a single helper
such as isEditableField(fieldDef) and reuse it in both places, including the
read-only view path, so the editable-field rule is defined once and applied
consistently.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsx`:
- Around line 57-75: The cleanup effect in AllowedUserTypesSection is tied to
onValidationChange, so it can run during normal rerenders and clear the parent
validation state too early. Update the AllowedUserTypesSection logic to avoid
depending on the changing callback for unmount cleanup—either store
onValidationChange in a ref or make the
handleValidationChange('allowedUserTypes') handler stable in AgentEditPage—so
the reset only happens on true unmount and not on prop changes.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`:
- Around line 108-119: Add a read-only credential-leak test in
EditAgentAttributes.test.tsx to cover the unfiltered agent.attributes rendering.
Update the EditAgentAttributes test suite to include a schema field marked
credential: true and assert that its value is not displayed when rendering
EditAgentAttributes in read-only mode. Use the existing EditAgentAttributes
component and the current attribute-rendering assertions as the reference point
so the new test directly guards the behavior in EditAgentAttributes.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 143-165: The read-only attribute list in EditAgentAttributes is
rendering credential-backed values without filtering, unlike the edit flow which
already excludes credential fields. Update the Object.entries(attributes)
rendering path to reuse the same credential-exclusion logic used by
hasEditableFields and schemaFields so secret fields are omitted from the card
entirely. Consider extracting that predicate into a shared helper and applying
it consistently in EditAgentAttributes wherever attributes are enumerated.

---

Nitpick comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`:
- Around line 64-69: The credential-exclusion check is duplicated in
EditAgentAttributes’s hasEditableFields and schemaFields logic, which risks
drift as the rule evolves. Extract the repeated predicate into a single helper
such as isEditableField(fieldDef) and reuse it in both places, including the
read-only view path, so the editable-field rule is defined once and applied
consistently.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 4ae9e392-6570-41d8-86ed-69b90e64bf2e

📥 Commits

Reviewing files that changed from the base of the PR and between e32163d and cd81c7c.

⛔ Files ignored due to path filters (1)
  • backend/tests/mocks/agentmock/AgentServiceInterface_mock.go is excluded by !**/*_mock.go
📒 Files selected for processing (72)
  • api/agent.yaml
  • backend/cmd/server/servicemanager.go
  • backend/internal/agent/handler.go
  • backend/internal/agent/handler_test.go
  • backend/internal/agent/init.go
  • backend/internal/agent/init_test.go
  • backend/internal/agent/model/agent.go
  • backend/internal/agent/service.go
  • backend/internal/agent/service_test.go
  • frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
  • frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/GrantTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/RedirectURIsSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/__tests__/EditUserDelegationSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsx
  • frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
  • frontend/apps/console/src/features/agents/models/agent.ts
  • frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
  • frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsx
  • frontend/apps/console/src/features/applications/models/__tests__/oauth.test.ts
  • frontend/apps/console/src/features/applications/models/oauth.ts
💤 Files with no reviewable changes (4)
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
✅ Files skipped from review due to trivial changes (4)
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsx
  • frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/CertificateSection.test.tsx
🚧 Files skipped from review as they are similar to previous changes (57)
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/EditOverviewSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentGroupsSection.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
  • frontend/apps/console/src/features/applications/models/tests/oauth.test.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsx
  • frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/flows/EditUserDelegationFlows.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentRolesSection.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/RedirectURIsSection.test.tsx
  • backend/internal/agent/init.go
  • frontend/apps/console/src/features/applications/models/oauth.ts
  • frontend/apps/console/src/features/agents/pages/tests/AgentCreatePage.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/tests/EditAccessSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tokens/EditUserDelegationTokens.tsx
  • backend/cmd/server/servicemanager.go
  • frontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsx
  • backend/internal/agent/model/agent.go
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/SectionIconBadge.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx
  • backend/internal/agent/handler_test.go
  • backend/internal/agent/handler.go
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/GrantTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/EditAdvancedSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/EditUserDelegationSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/TokenEndpointAuthMethodSection.test.tsx
  • frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/tests/TokenUserAttributesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/QuickCopySection.test.tsx
  • api/agent.yaml
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/OwnerSection.test.tsx
  • frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/ClientSecretSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
  • frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
  • backend/internal/agent/init_test.go
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/EditCredentialsSettings.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/GrantTypesSection.tsx
  • backend/internal/agent/service.go
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsx
  • frontend/apps/console/src/features/agents/pages/tests/AgentEditPage.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/user-delegation/tests/EditUserDelegationSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/DangerZoneSection.test.tsx
  • frontend/apps/console/src/features/agents/models/agent.ts
  • backend/internal/agent/service_test.go

Comment on lines 108 to 119
it('shows the attribute key and formatted value for each attribute', () => {
render(<EditAgentAttributes agent={baseAgent} />);

expect(screen.getByText('email')).toBeInTheDocument();
expect(screen.getByText('a@b.com')).toBeInTheDocument();
expect(screen.getByText('count')).toBeInTheDocument();
expect(screen.getByText('5')).toBeInTheDocument();
expect(screen.getByText('isAdmin')).toBeInTheDocument();
expect(screen.getByText('Yes')).toBeInTheDocument();
expect(screen.getByText('tags')).toBeInTheDocument();
expect(screen.getByText('a, b')).toBeInTheDocument();
});

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Consider adding a test for the credential-leak scenario in the read-only view.

Given the read-only attributes list currently renders all agent.attributes entries unfiltered by credential status, a test asserting that a credential: true schema field's value is NOT shown in read-only mode would have caught the issue flagged in EditAgentAttributes.tsx (Line 143-165).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx`
around lines 108 - 119, Add a read-only credential-leak test in
EditAgentAttributes.test.tsx to cover the unfiltered agent.attributes rendering.
Update the EditAgentAttributes test suite to include a schema field marked
credential: true and assert that its value is not displayed when rendering
EditAgentAttributes in read-only mode. Use the existing EditAgentAttributes
component and the current attribute-rendering assertions as the reference point
so the new test directly guards the behavior in EditAgentAttributes.

Comment on lines +143 to +165
Object.keys(attributes).length > 0 ? (
<Stack spacing={2}>
{Object.entries(attributes).map(([key, value]) => (
<Box key={key}>
<Typography variant="caption" color="text.secondary">
{labelFor(key)}
</Typography>
<Typography variant="body1">{formatValue(value)}</Typography>
{typeof value === 'boolean' ? (
<Box>
<Chip
label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')}
size="small"
color={value ? 'success' : 'default'}
variant="outlined"
/>
</Box>
) : (
<Typography variant="body1">{formatValue(value)}</Typography>
)}
</Box>
))
) : (
<Typography variant="body2" color="text.secondary">
{t('agents:edit.attributes.empty', 'No attributes available.')}
</Typography>
)}
</Stack>
))}
</Stack>
) : (

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Credential attributes are not masked/filtered in the read-only view.

Edit mode explicitly excludes credential fields (schemaFields filters out fieldDef.credential string/number fields, line 117-121, and hasEditableFields mirrors this at line 64-69), but the read-only rendering at line 143-165 iterates Object.entries(attributes) unfiltered — any attribute whose schema marks it credential: true will have its raw value printed as plain text (or JSON-stringified for objects) in the card. This asymmetry means secrets stored in agent attributes can leak into the UI even though the edit form was carefully designed to hide them.

🔒 Proposed fix
-        Object.keys(attributes).length > 0 ? (
+        Object.keys(attributes).length > 0 ? (
           <Stack spacing={2}>
-            {Object.entries(attributes).map(([key, value]) => (
+            {Object.entries(attributes)
+              .filter(([key]) => {
+                const fieldDef = schemaDetails?.schema?.[key];
+                return !((fieldDef?.type === 'string' || fieldDef?.type === 'number') && fieldDef?.credential);
+              })
+              .map(([key, value]) => (
               <Box key={key}>

Consider extracting the credential-exclusion predicate into a shared helper since it's now needed in three places (hasEditableFields, schemaFields, and this filter).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
Object.keys(attributes).length > 0 ? (
<Stack spacing={2}>
{Object.entries(attributes).map(([key, value]) => (
<Box key={key}>
<Typography variant="caption" color="text.secondary">
{labelFor(key)}
</Typography>
<Typography variant="body1">{formatValue(value)}</Typography>
{typeof value === 'boolean' ? (
<Box>
<Chip
label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')}
size="small"
color={value ? 'success' : 'default'}
variant="outlined"
/>
</Box>
) : (
<Typography variant="body1">{formatValue(value)}</Typography>
)}
</Box>
))
) : (
<Typography variant="body2" color="text.secondary">
{t('agents:edit.attributes.empty', 'No attributes available.')}
</Typography>
)}
</Stack>
))}
</Stack>
) : (
Object.keys(attributes).length > 0 ? (
<Stack spacing={2}>
{Object.entries(attributes)
.filter(([key]) => {
const fieldDef = schemaDetails?.schema?.[key];
return !((fieldDef?.type === 'string' || fieldDef?.type === 'number') && fieldDef?.credential);
})
.map(([key, value]) => (
<Box key={key}>
<Typography variant="caption" color="text.secondary">
{labelFor(key)}
</Typography>
{typeof value === 'boolean' ? (
<Box>
<Chip
label={value ? t('common:actions.yes', 'Yes') : t('common:actions.no', 'No')}
size="small"
color={value ? 'success' : 'default'}
variant="outlined"
/>
</Box>
) : (
<Typography variant="body1">{formatValue(value)}</Typography>
)}
</Box>
))}
</Stack>
) : (
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx`
around lines 143 - 165, The read-only attribute list in EditAgentAttributes is
rendering credential-backed values without filtering, unlike the edit flow which
already excludes credential fields. Update the Object.entries(attributes)
rendering path to reuse the same credential-exclusion logic used by
hasEditableFields and schemaFields so secret fields are omitted from the card
entirely. Consider extracting that predicate into a shared helper and applying
it consistently in EditAgentAttributes wherever attributes are enumerated.

@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch from cd81c7c to 5024ddb Compare July 8, 2026 01:46

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx (1)

45-46: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Inconsistent i18n namespace: field labels still use groups:* while card header migrated to agents:*.

The SettingsCard title/description were updated to agents:edit.general.sections.organizationUnit.* (lines 36-39), but the inner FormLabel and Tooltip strings still reference groups:edit.general.sections.organizationUnit.* and groups:edit.general.sections.quickCopy.*. Migrate these remaining keys to the agents: namespace for consistency.

🌐 Proposed fix for remaining `groups:*` keys
- {t('groups:edit.general.sections.organizationUnit.handleLabel', 'Handle')}
+ {t('agents:edit.general.sections.organizationUnit.handleLabel', 'Handle')}
- t('groups:edit.general.sections.quickCopy.copyOrganizationUnitHandle', 'Copy Organization Unit Handle')
+ t('agents:edit.general.sections.quickCopy.copyOrganizationUnitHandle', 'Copy Organization Unit Handle')
- {t('groups:edit.general.sections.organizationUnit.idLabel', 'ID')}
+ {t('agents:edit.general.sections.organizationUnit.idLabel', 'ID')}
- t('groups:edit.general.sections.quickCopy.copyOrganizationUnitId', 'Copy Organization Unit ID')
+ t('agents:edit.general.sections.quickCopy.copyOrganizationUnitId', 'Copy Organization Unit ID')

Also applies to: 62-63, 87-87, 104-105

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx`
around lines 45 - 46, The OrganizationUnitSection i18n strings are still mixed
between groups:* and agents:* while the SettingsCard content has already moved
to agents:*. Update the remaining FormLabel and Tooltip translations in
OrganizationUnitSection to use the matching
agents:edit.general.sections.organizationUnit.* and
agents:edit.general.sections.quickCopy.* keys, keeping the existing symbol
references in that component consistent with the new namespace.
🧹 Nitpick comments (4)
frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx (1)

50-53: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

useMemo dependency array could include usersData?.users for precision.

The memo depends on [usersData] but only uses usersData?.users. While functionally equivalent (the optional chaining means the memo recomputes whenever usersData changes), depending on usersData?.users would be more explicit about the actual data dependency.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`
around lines 50 - 53, The memoized options in OwnerSection should depend on the
actual users list rather than the whole usersData object. Update the useMemo
dependency array in the options computation so it tracks usersData?.users
directly, keeping the dependency explicit and aligned with what the mapping
logic uses.
frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx (1)

46-62: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Use slotProps instead of deprecated InputProps for consistency.

OrganizationUnitSection.tsx in the same cohort uses slotProps={{ input: { ... } }} for the same read-only TextField + copy-adornment pattern. InputProps is deprecated in MUI v6+. Align this component to use slotProps for consistency and forward compatibility.

♻️ Proposed refactor to use `slotProps`
           <TextField
             fullWidth
             id="agent-id-input"
             value={agent.id}
-            InputProps={{
-              readOnly: true,
-              endAdornment: (
-                <InputAdornment position="end">
-                  <Tooltip title={copiedField === 'agent_id' ? t('common:actions.copied') : t('common:actions.copy')}>
-                    <IconButton
-                      onClick={() => {
-                        onCopyToClipboard(agent.id, 'agent_id').catch(() => null);
-                      }}
-                      edge="end"
-                    >
-                      {copiedField === 'agent_id' ? <Check size={16} /> : <Copy size={16} />}
-                    </IconButton>
-                  </Tooltip>
-                </InputAdornment>
-              ),
-            }}
+            slotProps={{
+              input: {
+                readOnly: true,
+                endAdornment: (
+                  <InputAdornment position="end">
+                    <Tooltip title={copiedField === 'agent_id' ? t('common:actions.copied') : t('common:actions.copy')}>
+                      <IconButton
+                        onClick={() => {
+                          onCopyToClipboard(agent.id, 'agent_id').catch(() => null);
+                        }}
+                        edge="end"
+                      >
+                        {copiedField === 'agent_id' ? <Check size={16} /> : <Copy size={16} />}
+                      </IconButton>
+                    </Tooltip>
+                  </InputAdornment>
+                ),
+              },
+            }}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx`
around lines 46 - 62, The QuickCopySection TextField is still using the
deprecated InputProps API for its read-only copy-adornment setup. Update the
TextField configuration in QuickCopySection to use slotProps with the input
slot, matching the pattern already used in OrganizationUnitSection, and keep the
same readOnly, endAdornment, and copy-button behavior via the existing
onCopyToClipboard and copiedField logic.
frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx (1)

179-179: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Use OAuth2GrantTypes.AUTHORIZATION_CODE instead of the string literal.

EditFlowsSettings and EditTokensSettings both use the OAuth2GrantTypes.AUTHORIZATION_CODE constant, but this validation logic uses the raw string 'authorization_code'. If the constant's value ever changes, this check would silently diverge from the lock/unlock logic in the child components.

♻️ Proposed fix
 import type {Agent, OAuthAgentConfig} from '../models/agent';
+import {OAuth2GrantTypes} from '../applications/models/oauth';
-  const hasAuthorizationCodeGrant = oauth2Config?.grantTypes?.includes('authorization_code') ?? false;
+  const hasAuthorizationCodeGrant = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false;
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx` at line
179, The authorization-code grant check in AgentEditPage is using a raw string
that can drift from the rest of the OAuth flow logic. Update the
hasAuthorizationCodeGrant validation to use the same
OAuth2GrantTypes.AUTHORIZATION_CODE constant referenced by EditFlowsSettings and
EditTokensSettings, so the lock/unlock behavior stays consistent if the enum
value changes.
frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx (1)

42-50: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Extract shared isUnlocked/appLikeAgent logic to avoid duplication.

The isUnlocked computation, appLikeAgent creation, and appHandleFieldChange cast are duplicated in EditTokensSettings.tsx (lines 44–49). Extracting a shared helper would keep the delegation-gate logic in one place.

♻️ Suggested shared utility
+// e.g. in shared/useAppLikeAgent.ts
+import type {Application} from '../../../../applications/models/application';
+import {OAuth2GrantTypes} from '../../../../applications/models/oauth';
+import type {Agent, OAuthAgentConfig} from '../../../models/agent';
+
+export function createAppLikeAgent(
+  agent: Agent,
+  oauth2Config: OAuthAgentConfig | undefined,
+  onFieldChange: (field: keyof Agent, value: unknown) => void,
+) {
+  const isUnlocked = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false;
+  const appLikeAgent = {...agent, isReadOnly: (agent.isReadOnly ?? false) || !isUnlocked} as unknown as Application;
+  const appHandleFieldChange = onFieldChange as unknown as (field: keyof Application, value: unknown) => void;
+  return {isUnlocked, appLikeAgent, appHandleFieldChange};
+}

Then in both EditFlowsSettings.tsx and EditTokensSettings.tsx:

-  const isUnlocked = oauth2Config?.grantTypes?.includes(OAuth2GrantTypes.AUTHORIZATION_CODE) ?? false;
-  const appLikeAgent = {...agent, isReadOnly: (agent.isReadOnly ?? false) || !isUnlocked} as unknown as Application;
-  const appHandleFieldChange = onFieldChange as unknown as (field: keyof Application, value: unknown) => void;
+  const {isUnlocked, appLikeAgent, appHandleFieldChange} = createAppLikeAgent(agent, oauth2Config, onFieldChange);
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx`
around lines 42 - 50, The delegation-gate setup is duplicated between
EditFlowsSettings and EditTokensSettings, so the shared
isUnlocked/appLikeAgent/appHandleFieldChange logic should be extracted into one
helper. Move the oauth2 grant check and the Application-shaped adapter/cast code
into a reusable utility, then have both components consume it instead of
rebuilding the same values locally. Keep the helper centered around the existing
agent/editedAgent/onFieldChange inputs so the current behavior and read-only
gating stay unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`:
- Around line 30-33: Update AgentGroupsSection to handle the failed fetch state
from useGetAgentGroups instead of falling through to the empty state.
Destructure the error flag from the hook alongside data and isLoading, then in
AgentGroupsSection render a dedicated error message when the request fails and
reserve the “This agent does not belong to any groups.” placeholder only for the
true empty result. Keep the loading and success paths unchanged.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Line 48: The owner picker in OwnerSection is capped by a hardcoded
useGetUsers({limit: 100, offset: 0}), which can hide valid users from the
Select. Update the data-loading approach in OwnerSection to avoid the fixed
100-user cap, either by adding searchable/debounced filtering or by using a
higher/paginated fetch strategy, and make sure the Select continues to use the
usersData from useGetUsers without excluding larger orgs.

---

Outside diff comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx`:
- Around line 45-46: The OrganizationUnitSection i18n strings are still mixed
between groups:* and agents:* while the SettingsCard content has already moved
to agents:*. Update the remaining FormLabel and Tooltip translations in
OrganizationUnitSection to use the matching
agents:edit.general.sections.organizationUnit.* and
agents:edit.general.sections.quickCopy.* keys, keeping the existing symbol
references in that component consistent with the new namespace.

---

Nitpick comments:
In
`@frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx`:
- Around line 42-50: The delegation-gate setup is duplicated between
EditFlowsSettings and EditTokensSettings, so the shared
isUnlocked/appLikeAgent/appHandleFieldChange logic should be extracted into one
helper. Move the oauth2 grant check and the Application-shaped adapter/cast code
into a reusable utility, then have both components consume it instead of
rebuilding the same values locally. Keep the helper centered around the existing
agent/editedAgent/onFieldChange inputs so the current behavior and read-only
gating stay unchanged.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx`:
- Around line 46-62: The QuickCopySection TextField is still using the
deprecated InputProps API for its read-only copy-adornment setup. Update the
TextField configuration in QuickCopySection to use slotProps with the input
slot, matching the pattern already used in OrganizationUnitSection, and keep the
same readOnly, endAdornment, and copy-button behavior via the existing
onCopyToClipboard and copiedField logic.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`:
- Around line 50-53: The memoized options in OwnerSection should depend on the
actual users list rather than the whole usersData object. Update the useMemo
dependency array in the options computation so it tracks usersData?.users
directly, keeping the dependency explicit and aligned with what the mapping
logic uses.

In `@frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx`:
- Line 179: The authorization-code grant check in AgentEditPage is using a raw
string that can drift from the rest of the OAuth flow logic. Update the
hasAuthorizationCodeGrant validation to use the same
OAuth2GrantTypes.AUTHORIZATION_CODE constant referenced by EditFlowsSettings and
EditTokensSettings, so the lock/unlock behavior stays consistent if the enum
value changes.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 18a789e2-a6b4-40b7-911a-48774b146311

📥 Commits

Reviewing files that changed from the base of the PR and between cd81c7c and 5024ddb.

⛔ Files ignored due to path filters (1)
  • backend/tests/mocks/agentmock/AgentServiceInterface_mock.go is excluded by !**/*_mock.go
📒 Files selected for processing (75)
  • api/agent.yaml
  • backend/cmd/server/servicemanager.go
  • backend/internal/agent/handler.go
  • backend/internal/agent/handler_test.go
  • backend/internal/agent/init.go
  • backend/internal/agent/init_test.go
  • backend/internal/agent/model/agent.go
  • backend/internal/agent/service.go
  • backend/internal/agent/service_test.go
  • frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
  • frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AgentRolesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/AllowedUserTypesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/EditAccessSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentGroupsSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AgentRolesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/AllowedUserTypesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/access/__tests__/EditAccessSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/EditAdvancedSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OperationModesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/RedirectURIsSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/SecuritySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/EditAdvancedSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/OperationModesSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/RedirectURIsSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/__tests__/SecuritySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/__tests__/EditAgentAttributes.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/CertificateSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/ClientSecretSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/EditCredentialsSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/__tests__/TokenEndpointAuthMethodSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/flows/EditFlowsSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/flows/__tests__/EditFlowsSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/DangerZoneSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/OrganizationUnitSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/QuickCopySection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/DangerZoneSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/EditGeneralSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/__tests__/QuickCopySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/EditOverviewSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/EditOverviewSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/__tests__/OwnerSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/DelegationLockNotice.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/__tests__/DelegationLockNotice.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/tokens/EditTokensSettings.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/tokens/__tests__/EditTokensSettings.test.tsx
  • frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
  • frontend/apps/console/src/features/agents/models/agent.ts
  • frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
  • frontend/apps/console/src/features/agents/pages/AgentEditPage.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentCreatePage.test.tsx
  • frontend/apps/console/src/features/agents/pages/__tests__/AgentEditPage.test.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/__tests__/TokenUserAttributesSection.test.tsx
  • frontend/apps/console/src/features/applications/models/__tests__/oauth.test.ts
  • frontend/apps/console/src/features/applications/models/oauth.ts
  • frontend/packages/components/src/lab/components/SettingsCard.tsx
  • frontend/packages/components/src/lab/components/__tests__/SettingsCard.test.tsx
💤 Files with no reviewable changes (4)
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/EditGeneralSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/OAuth2ConfigSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/advanced-settings/tests/OAuth2ConfigSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/EditGeneralSettings.tsx
✅ Files skipped from review due to trivial changes (3)
  • frontend/apps/console/src/features/agents/pages/AgentCreatePage.tsx
  • frontend/apps/console/src/features/agents/constants/agent-query-keys.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/CertificateSection.tsx
🚧 Files skipped from review as they are similar to previous changes (37)
  • frontend/apps/console/src/features/agents/pages/tests/AgentCreatePage.test.tsx
  • frontend/apps/console/src/features/applications/models/tests/oauth.test.ts
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/AuthenticationFlowSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RegistrationFlowSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/transCodeComponents.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/EditCredentialsSettings.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/EditCredentialsSettings.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/JwtPreview.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/shared/EmptyState.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/tests/TokenUserAttributesSection.test.tsx
  • backend/cmd/server/servicemanager.go
  • backend/internal/agent/handler_test.go
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/DangerZoneSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/ClientSecretSection.test.tsx
  • frontend/apps/console/src/features/agents/api/useGetAgentRoles.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/TokenEndpointAuthMethodSection.test.tsx
  • api/agent.yaml
  • backend/internal/agent/init.go
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/tests/EditAgentAttributes.test.tsx
  • backend/internal/agent/handler.go
  • frontend/apps/console/src/features/agents/components/edit-agent/access/tests/AgentRolesSection.test.tsx
  • frontend/apps/console/src/features/agents/api/useGetAgentGroups.ts
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/EditTokenSettings.tsx
  • backend/internal/agent/model/agent.go
  • frontend/apps/console/src/features/applications/models/oauth.ts
  • backend/internal/agent/init_test.go
  • backend/internal/agent/service.go
  • frontend/apps/console/src/features/agents/components/edit-agent/overview/tests/OwnerSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/ClientSecretSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/flows-settings/RecoveryFlowSection.tsx
  • frontend/apps/console/src/features/agents/models/agent.ts
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/TokenEndpointAuthMethodSection.tsx
  • frontend/apps/console/src/features/applications/components/edit-application/token-settings/TokenUserAttributesSection.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/credentials/tests/CertificateSection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/general-settings/tests/QuickCopySection.test.tsx
  • frontend/apps/console/src/features/agents/components/edit-agent/attributes/EditAgentAttributes.tsx
  • backend/internal/agent/service_test.go

Comment on lines +30 to +33
export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element {
const {t} = useTranslation();
const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
const groups = data?.groups ?? [];

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win

Handle API error state to avoid misleading empty-state placeholder.

Only {data, isLoading} is destructured from the hook. If the request fails, isLoading becomes false, data is undefined, and the component shows "This agent does not belong to any groups." — which is misleading when the real problem is a fetch error. Consider destructuring isError and rendering an error message instead of the empty-state placeholder on failure.

🛡️ Suggested error-state handling
 export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element {
   const {t} = useTranslation();
-  const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
+  const {data, isLoading, isError} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
   const groups = data?.groups ?? [];
 
   return (
     <SettingsCard
       title={t('agents:edit.access.groups.title', 'Groups')}
       description={
         <Trans
           i18nKey="agents:edit.access.groups.description"
           defaults="Groups this agent belongs to. Manage membership from the <manageLink>Groups page</manageLink>."
           components={{manageLink: <Link to="/groups" />}}
         />
       }
     >
-      {isLoading ? (
+      {isLoading ? (
         <CircularProgress size={20} />
-      ) : (
+      ) : isError ? (
+        <Typography color="error">
+          {t('agents:edit.access.groups.error', 'Failed to load groups.')}
+        </Typography>
+      ) : (
         <FormControl fullWidth>
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element {
const {t} = useTranslation();
const {data, isLoading} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
const groups = data?.groups ?? [];
export default function AgentGroupsSection({agentId}: AgentGroupsSectionProps): JSX.Element {
const {t} = useTranslation();
const {data, isLoading, isError} = useGetAgentGroups(agentId, {limit: 100, offset: 0});
const groups = data?.groups ?? [];
return (
<SettingsCard
title={t('agents:edit.access.groups.title', 'Groups')}
description={
<Trans
i18nKey="agents:edit.access.groups.description"
defaults="Groups this agent belongs to. Manage membership from the <manageLink>Groups page</manageLink>."
components={{manageLink: <Link to="/groups" />}}
/>
}
>
{isLoading ? (
<CircularProgress size={20} />
) : isError ? (
<Typography color="error">
{t('agents:edit.access.groups.error', 'Failed to load groups.')}
</Typography>
) : (
<FormControl fullWidth>
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/access/AgentGroupsSection.tsx`
around lines 30 - 33, Update AgentGroupsSection to handle the failed fetch state
from useGetAgentGroups instead of falling through to the empty state.
Destructure the error flag from the hook alongside data and isLoading, then in
AgentGroupsSection render a dedicated error message when the request fails and
reserve the “This agent does not belong to any groups.” placeholder only for the
true empty result. Keep the loading and success paths unchanged.

export default function OwnerSection({agent, editedAgent, onFieldChange}: OwnerSectionProps): JSX.Element {
const {t} = useTranslation();

const {data: usersData, isLoading: usersLoading} = useGetUsers({limit: 100, offset: 0});

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Hardcoded user limit of 100 may exclude valid owners.

useGetUsers({limit: 100, offset: 0}) caps the dropdown at 100 users. Organizations with more users won't show all potential owners in the Select. Consider adding a search/debounced-filter or increasing the limit, or at minimum document this constraint.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@frontend/apps/console/src/features/agents/components/edit-agent/overview/OwnerSection.tsx`
at line 48, The owner picker in OwnerSection is capped by a hardcoded
useGetUsers({limit: 100, offset: 0}), which can hide valid users from the
Select. Update the data-loading approach in OwnerSection to avoid the fixed
100-user cap, either by adding searchable/debounced filtering or by using a
higher/paginated fetch strategy, and make sure the Select continues to use the
usersData from useGetUsers without excluding larger orgs.

@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch from 5024ddb to 4ddb5e0 Compare July 10, 2026 04:45
@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch from 4ddb5e0 to b0fc51d Compare July 10, 2026 10:09
Comment thread frontend/packages/i18n/src/locales/en-US.ts
@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch 3 times, most recently from d5fb571 to 93a811d Compare July 10, 2026 14:36
@Dilusha-Madushan Dilusha-Madushan force-pushed the feature/agent-edit-page-redesign branch from 93a811d to 7b013f5 Compare July 10, 2026 16:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants