Hide edit button for user types with only credential fields

[ThaminduR]

Purpose

When a user type is created with only credential fields (no user attributes), the Edit button is displayed on the user view page, but there are no fields available to edit. Clicking the Save button in this empty edit form results in an error.

This fix hides the Edit button when the user schema contains no editable (non-credential) fields, preventing users from entering a broken edit state.

Before fix:

Approach

• Added a hasEditableFields memoized value in ViewUserPage.tsx that checks whether the schema contains at least one non-credential field.
• Changed the Edit button render condition from !isEditMode to !isEditMode && hasEditableFields.
• Updated tests to cover credential-only schemas, mixed schemas, and null schema cases.

Related Issues

• Fixes UI issue when creating a user type with only credentials (no user attributes) #1959

Related PRs

• N/A

Checklist

• Followed the contribution guidelines.
• Manual test round performed and verified.
• Documentation provided. (Add links if there are any)
  • Ran Vale and fixed all errors and warnings
• Tests provided. (Add links if there are any)
  • Unit Tests
  • Integration Tests
• Breaking changes. (Fill if applicable)
  • Breaking changes section filled.
  • breaking change label added.

Security checks

• Followed secure coding standards in WSO2 Secure Coding Guidelines
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets.

Summary by CodeRabbit

• Bug Fixes

  • The edit button is now only available when a user profile contains at least one editable field, preventing users from attempting to edit restricted or credential-only profiles.

• Tests

  • Enhanced test coverage to verify edit button visibility based on schema field editability and handle edge cases where all fields are restricted.

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR prevents the Edit button from displaying in the user view page when the schema contains only credential fields or is null, by adding a hasEditableFields check that identifies fields without credential backing.

Changes

Cohort / File(s)	Summary
Edit Button Visibility Logic frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx	Added hasEditableFields computed value that returns true when schema contains at least one field not marked as credential-backed. Conditioned Edit button visibility to require both non-edit mode AND presence of editable fields.
Edit Button Test Coverage frontend/apps/thunder-console/src/features/users/pages/__tests__/ViewUserPage.test.tsx	Added tests verifying Edit button is hidden when all schema fields are credentials or schema is null. Updated null-schema test to assert button absence directly rather than checking error state after entering edit mode.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Add credential input field for user creation wizard #1572: Directly related as both PRs modify ViewUserPage's edit-mode filtering logic to exclude credential-marked fields from edit availability.

Suggested labels

Type/Improvement

Suggested reviewers

• ThaminduDilshan
• senthalan

Poem

🐰 A button disabled with careful thought,
When only secrets the schema brought,
No fields to edit, no data to show,
Hide the Edit button—let users know! 📋✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the primary change: hiding the edit button for user types with only credential fields, which matches the main purpose of the changeset.
Description check	✅ Passed	The description follows the template with all critical sections completed: Purpose explains the problem with screenshot, Approach describes the implementation, Related Issues links #1959, and Checklist shows completed items for testing and security.
Linked Issues check	✅ Passed	The code changes address all objectives from issue #1959: the memoized hasEditableFields check prevents the Edit button from displaying for credential-only user types, preventing entry into a broken edit state.
Out of Scope Changes check	✅ Passed	All changes in ViewUserPage.tsx and its tests are directly scoped to the objective of hiding the edit button for credential-only schemas; no unrelated modifications are present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Hides the Edit action on the user view page when the resolved user schema has no editable (non-credential) fields, preventing users from entering an empty/broken edit form state (fixes #1959).

Changes:

• Added a memoized hasEditableFields check based on the user schema contents.
• Updated the Edit button render condition to require hasEditableFields.
• Updated unit tests to cover credential-only schemas, mixed schemas, and null schema cases.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx	Computes whether schema has editable fields and uses it to conditionally render the Edit button.
frontend/apps/thunder-console/src/features/users/pages/__tests__/ViewUserPage.test.tsx	Adds/updates tests for hiding/showing the Edit button based on schema contents.

[Copilot]

hasEditableFields only excludes credential string/number fields. Schemas that contain only unsupported field types (e.g., type: 'object', which the API allows) will still make hasEditableFields true and show the Edit button, but the edit form will render no fields because renderSchemaField returns null for objects. Consider aligning the predicate with what the edit form can actually render (and ideally reuse the same helper predicate as the .filter(...) in edit mode to avoid drift).

Suggested change

	return Object.entries(userSchema.schema).some(
	([, fieldDef]) => !((fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential),
	);
	return Object.entries(userSchema.schema).some(([, fieldDef]) => {
	const isSupportedType =
	fieldDef.type === 'string' || fieldDef.type === 'number' || fieldDef.type === 'boolean';
	const isCredentialPrimitive =
	(fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential;
	return isSupportedType && !isCredentialPrimitive;
	});

[Copilot]

The new tests cover credential-only and null schemas, but they don’t cover schemas that have no renderable editable fields (e.g., type: 'object'-only schemas, which are valid per the user schema spec). Adding a test for that case would help prevent regressions where the Edit button is shown but the edit form has no fields.

[coderabbitai]

🧹 Nitpick comments (1)

frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx (1)

339-342: Consider extracting the credential field filter into a shared helper.

The same filter logic appears both in the hasEditableFields computation (line 107-108) and when rendering form fields (lines 339-342). Extracting this to a helper function would improve maintainability.

♻️ Optional: Extract shared filter logic

// Add near top of file or in a utils module
const isEditableField = (fieldDef: PropertyDefinition): boolean =>
  !((fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential);

Then use in both locations:

 const hasEditableFields = useMemo(() => {
   if (!userSchema?.schema) return false;
-  return Object.entries(userSchema.schema).some(
-    ([, fieldDef]) => !((fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential),
-  );
+  return Object.values(userSchema.schema).some(isEditableField);
 }, [userSchema]);

 {userSchema?.schema ? (
   Object.entries(userSchema.schema)
-    .filter(
-      ([, fieldDef]) =>
-        !((fieldDef.type === 'string' || fieldDef.type === 'number') && fieldDef.credential),
-    )
+    .filter(([, fieldDef]) => isEditableField(fieldDef))
     .map(([fieldName, fieldDef]) =>

Also applies to: 107-108

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx`
around lines 339 - 342, Extract the repeated credential-field exclusion into a
single helper (e.g., isEditableField) and use it in both the hasEditableFields
computation and the form-rendering filter to avoid duplicated logic; implement a
function that accepts a PropertyDefinition (the same type used by the existing
filters) and returns false when (fieldDef.type === 'string' || fieldDef.type ===
'number') && fieldDef.credential, then replace the inline predicate used in the
hasEditableFields check and the array.filter([... , fieldDef]) call in
ViewUserPage.tsx with this helper.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx`:
- Around line 339-342: Extract the repeated credential-field exclusion into a
single helper (e.g., isEditableField) and use it in both the hasEditableFields
computation and the form-rendering filter to avoid duplicated logic; implement a
function that accepts a PropertyDefinition (the same type used by the existing
filters) and returns false when (fieldDef.type === 'string' || fieldDef.type ===
'number') && fieldDef.credential, then replace the inline predicate used in the
hasEditableFields check and the array.filter([... , fieldDef]) call in
ViewUserPage.tsx with this helper.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: db1c74a1-8daa-4375-a71d-288ace966a7b

📥 Commits

Reviewing files that changed from the base of the PR and between 1b7a0eb and e60f359.

📒 Files selected for processing (2)

• frontend/apps/thunder-console/src/features/users/pages/ViewUserPage.tsx
• frontend/apps/thunder-console/src/features/users/pages/__tests__/ViewUserPage.test.tsx

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.76%. Comparing base (1b7a0eb) to head (e60f359).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2004      +/-   ##
==========================================
- Coverage   89.77%   89.76%   -0.01%     
==========================================
  Files         867      867              
  Lines       57471    57475       +4     
==========================================
+ Hits        51592    51594       +2     
- Misses       4347     4348       +1     
- Partials     1532     1533       +1     

Flag	Coverage Δ
backend-integration-postgres	48.91% <ø> (ø)
backend-integration-sqlite	48.86% <ø> (ø)
backend-unit	84.94% <ø> (-0.01%)	⬇️
frontend-apps-console-unit	91.11% <100.00%> (+<0.01%)	⬆️
frontend-apps-gate-unit	97.54% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.