From 61ed18553b4ad9b1671305d1408383f7b2b3dc72 Mon Sep 17 00:00:00 2001
From: Sin-Kang <jlc488@gmail.com>
Date: Wed, 3 Jun 2026 20:46:56 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20admin-ui=20UX=20pass=20=E2=80=94=20acti?=
 =?UTF-8?q?on=20tooltips,=20session-expiry=20redirect,=20empty=20states?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Three usability fixes raised while operating the console:

- **Action tooltips.** Every icon-only action button now shows a hover tooltip
  (PrimeVue Tooltip directive, mirroring the existing aria-labels) across all
  list pages + the header — so the row actions are no longer guesswork.
- **Session-expiry → login.** The JWT `exp` is now honored: an expired token is
  treated as logged-out, so the router guard bounces the user to the login screen
  (with a "session expired" notice) instead of leaving them on pages that silently
  403. The axios interceptor also handles 401 and 403-from-an-expired-token; a
  genuine 403 (valid token, missing permission) is left alone.
- **Empty states.** A reusable EmptyState component (icon + message) replaces the
  bare "no results" line on the Users/Roles/Permissions/Groups/Menus lists.

Built green (vue-tsc + vite). Admin-ui only — no backend change.
---
 src/api/client.ts             | 14 +++++++++++---
 src/components/EmptyState.vue | 12 ++++++++++++
 src/i18n/locales/en.ts        |  1 +
 src/i18n/locales/ko.ts        |  1 +
 src/layout/AppLayout.vue      |  4 ++--
 src/main.ts                   |  2 ++
 src/router/index.ts           |  9 ++++++++-
 src/stores/auth.ts            | 23 ++++++++++++++++++++++-
 src/views/AuditLogsView.vue   |  4 ++--
 src/views/DashboardView.vue   |  2 +-
 src/views/GroupsView.vue      | 13 +++++++------
 src/views/LoginView.vue       |  7 +++++++
 src/views/MenusView.vue       | 11 ++++++-----
 src/views/PermissionsView.vue |  9 +++++----
 src/views/PoliciesView.vue    |  4 ++--
 src/views/RolesView.vue       | 11 ++++++-----
 src/views/SettingsView.vue    |  2 +-
 src/views/TenantsView.vue     |  8 ++++----
 src/views/UsersView.vue       | 17 +++++++++--------
 19 files changed, 109 insertions(+), 45 deletions(-)
 create mode 100644 src/components/EmptyState.vue

diff --git a/src/api/client.ts b/src/api/client.ts
index bb6b9bf..be18326 100644
--- a/src/api/client.ts
+++ b/src/api/client.ts
@@ -36,10 +36,18 @@ client.interceptors.response.use(
     // the global handler for those and let the caller deal with it.
     const url = error?.config?.url ?? ''
     const isAuthEndpoint = typeof url === 'string' && url.includes('/auth/')
-    if (error?.response?.status === 401 && !isAuthEndpoint) {
+    const status = error?.response?.status
+    if (!isAuthEndpoint && (status === 401 || status === 403)) {
       const auth = useAuthStore()
-      auth.clear()
-      router.replace({ name: 'login' })
+      // 401 = unauthenticated. 403 with an expired token = the kit rejects a stale
+      // session as "forbidden" (the expired JWT falls back to anonymous). Either way
+      // the session is dead → sign out and bounce to login with an "expired" hint.
+      // A genuine 403 (valid token, missing permission) is left alone so the calling
+      // view can surface a "no permission" message instead of logging the user out.
+      if (status === 401 || auth.isExpired()) {
+        auth.clear()
+        router.replace({ name: 'login', query: { expired: '1' } })
+      }
     }
     return Promise.reject(error)
   },
diff --git a/src/components/EmptyState.vue b/src/components/EmptyState.vue
new file mode 100644
index 0000000..4cb92c7
--- /dev/null
+++ b/src/components/EmptyState.vue
@@ -0,0 +1,12 @@
+<script setup lang="ts">
+// A friendly empty state for tables/lists: an icon + message instead of a bare
+// "no results" line. Keeps every list page consistent.
+withDefaults(defineProps<{ icon?: string; message: string }>(), { icon: 'pi-inbox' })
+</script>
+
+<template>
+  <div class="flex flex-col items-center justify-center gap-3 py-12 text-surface-400 dark:text-surface-500">
+    <i :class="['pi', icon, 'text-4xl opacity-70']" />
+    <p class="text-sm">{{ message }}</p>
+  </div>
+</template>
diff --git a/src/i18n/locales/en.ts b/src/i18n/locales/en.ts
index d513cc0..8c59960 100644
--- a/src/i18n/locales/en.ts
+++ b/src/i18n/locales/en.ts
@@ -102,6 +102,7 @@ export default {
     password: 'Password',
     submit: 'Sign in',
     failed: 'Login failed',
+    sessionExpired: 'Your session expired. Please sign in again.',
   },
   changePassword: {
     title: 'Change your password',
diff --git a/src/i18n/locales/ko.ts b/src/i18n/locales/ko.ts
index b0ca8e4..f70429f 100644
--- a/src/i18n/locales/ko.ts
+++ b/src/i18n/locales/ko.ts
@@ -102,6 +102,7 @@ export default {
     password: '비밀번호',
     submit: '로그인',
     failed: '로그인 실패',
+    sessionExpired: '세션이 만료되었습니다. 다시 로그인해 주세요.',
   },
   changePassword: {
     title: '비밀번호 변경',
diff --git a/src/layout/AppLayout.vue b/src/layout/AppLayout.vue
index 9f0295a..8fbaad4 100644
--- a/src/layout/AppLayout.vue
+++ b/src/layout/AppLayout.vue
@@ -108,7 +108,7 @@ function toggleLocale() {
             text
             rounded
             severity="secondary"
-            :aria-label="t('app.toggleLocale')"
+            v-tooltip.top="t('app.toggleLocale')" :aria-label="t('app.toggleLocale')"
             data-testid="locale-toggle"
             @click="toggleLocale"
           >
@@ -119,7 +119,7 @@ function toggleLocale() {
             rounded
             :icon="ui.theme === 'dark' ? 'pi pi-sun' : 'pi pi-moon'"
             severity="secondary"
-            :aria-label="t('app.toggleTheme')"
+            v-tooltip.top="t('app.toggleTheme')" :aria-label="t('app.toggleTheme')"
             @click="ui.toggleTheme()"
           />
           <Button
diff --git a/src/main.ts b/src/main.ts
index 80f49d3..eb171e5 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -4,6 +4,7 @@ import PrimeVue from 'primevue/config'
 import Aura from '@primevue/themes/aura'
 import ToastService from 'primevue/toastservice'
 import ConfirmationService from 'primevue/confirmationservice'
+import Tooltip from 'primevue/tooltip'
 
 import './style.css'
 
@@ -29,6 +30,7 @@ app.use(PrimeVue, {
 })
 app.use(ToastService)
 app.use(ConfirmationService)
+app.directive('tooltip', Tooltip)
 
 // Apply the persisted theme before mount so the first paint matches.
 useUiStore().applyTheme()
diff --git a/src/router/index.ts b/src/router/index.ts
index 3d928b3..61a33a5 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -104,8 +104,15 @@ const router = createRouter({
 
 router.beforeEach((to) => {
   const auth = useAuthStore()
+  // Treat an expired JWT as logged-out: drop it so the user is bounced to login
+  // (with an "expired" hint) instead of making doomed API calls from a dead session.
+  const expired = auth.token !== null && auth.isExpired()
+  if (expired) auth.clear()
   if (!to.meta.public && !auth.isAuthenticated) {
-    return { name: 'login', query: { redirect: to.fullPath } }
+    return {
+      name: 'login',
+      query: { ...(expired ? { expired: '1' } : {}), redirect: to.fullPath },
+    }
   }
   if (to.name === 'login' && auth.isAuthenticated) {
     return auth.mustChangePassword ? { name: 'change-password' } : { name: 'dashboard' }
diff --git a/src/stores/auth.ts b/src/stores/auth.ts
index 9e5d7a9..3b3e6b0 100644
--- a/src/stores/auth.ts
+++ b/src/stores/auth.ts
@@ -15,6 +15,19 @@ export interface CurrentUser {
   mustChangePassword?: boolean
 }
 
+/** Epoch ms of the JWT's `exp`, or null if absent/unparseable. */
+function tokenExpiryMs(token: string | null): number | null {
+  if (!token) return null
+  const parts = token.split('.')
+  if (parts.length < 2) return null
+  try {
+    const payload = JSON.parse(atob(parts[1].replace(/-/g, '+').replace(/_/g, '/')))
+    return typeof payload.exp === 'number' ? payload.exp * 1000 : null
+  } catch {
+    return null
+  }
+}
+
 export const useAuthStore = defineStore('auth', () => {
   const token = ref<string | null>(localStorage.getItem(TOKEN_KEY))
   const userJson = localStorage.getItem(USER_KEY)
@@ -23,6 +36,14 @@ export const useAuthStore = defineStore('auth', () => {
   const isAuthenticated = computed(() => token.value !== null)
   const mustChangePassword = computed(() => user.value?.mustChangePassword === true)
 
+  // A function (not computed) so it re-reads the clock on every call — used by the
+  // router guard and the axios interceptor to detect an expired session and bounce
+  // the user to login instead of letting expired requests fail silently.
+  function isExpired(): boolean {
+    const exp = tokenExpiryMs(token.value)
+    return exp != null && exp <= Date.now()
+  }
+
   function setSession(newToken: string, newUser: CurrentUser) {
     token.value = newToken
     user.value = newUser
@@ -37,5 +58,5 @@ export const useAuthStore = defineStore('auth', () => {
     localStorage.removeItem(USER_KEY)
   }
 
-  return { token, user, isAuthenticated, mustChangePassword, setSession, clear }
+  return { token, user, isAuthenticated, isExpired, mustChangePassword, setSession, clear }
 })
diff --git a/src/views/AuditLogsView.vue b/src/views/AuditLogsView.vue
index 670a98a..63819f0 100644
--- a/src/views/AuditLogsView.vue
+++ b/src/views/AuditLogsView.vue
@@ -106,7 +106,7 @@ onMounted(reload)
         <h1 class="text-2xl font-semibold">{{ t('auditLogs.title') }}</h1>
         <span class="text-sm text-surface-500">{{ totalRecords.toLocaleString() }}</span>
       </div>
-      <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+      <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
     </div>
 
     <div class="grid grid-cols-1 md:grid-cols-6 gap-3 p-3 rounded-md border border-surface-200 dark:border-surface-700">
@@ -168,7 +168,7 @@ onMounted(reload)
       <Column field="ip" :header="t('auditLogs.columns.ip')" />
       <Column header="" style="width: 5rem">
         <template #body="{ data }">
-          <Button icon="pi pi-eye" text rounded :aria-label="t('auditLogs.ariaInspect')" @click="openDetail(data)" />
+          <Button icon="pi pi-eye" text rounded v-tooltip.top="t('auditLogs.ariaInspect')" :aria-label="t('auditLogs.ariaInspect')" @click="openDetail(data)" />
         </template>
       </Column>
     </DataTable>
diff --git a/src/views/DashboardView.vue b/src/views/DashboardView.vue
index 2826fda..da32671 100644
--- a/src/views/DashboardView.vue
+++ b/src/views/DashboardView.vue
@@ -64,7 +64,7 @@ onMounted(refresh)
         severity="secondary"
         outlined
         :loading="loading"
-        :aria-label="t('dashboard.refresh')"
+        v-tooltip.top="t('dashboard.refresh')" :aria-label="t('dashboard.refresh')"
         @click="refresh"
       />
     </div>
diff --git a/src/views/GroupsView.vue b/src/views/GroupsView.vue
index ddfa651..cc3c519 100644
--- a/src/views/GroupsView.vue
+++ b/src/views/GroupsView.vue
@@ -3,6 +3,7 @@ import { computed, onMounted, ref } from 'vue'
 import { useI18n } from 'vue-i18n'
 import DataTable from 'primevue/datatable'
 import Column from 'primevue/column'
+import EmptyState from '@/components/EmptyState.vue'
 import Button from 'primevue/button'
 import Dialog from 'primevue/dialog'
 import InputText from 'primevue/inputtext'
@@ -190,7 +191,7 @@ onMounted(reload)
       <h1 class="text-xl font-semibold">{{ t('groups.title') }}</h1>
       <div class="flex items-center gap-2">
         <InputText v-model="search" :placeholder="t('common.search')" class="w-56" />
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('common.create')" @click="openCreate" />
       </div>
     </div>
@@ -204,21 +205,21 @@ onMounted(reload)
       data-key="id.value"
     >
       <template #empty>
-        <div class="py-6 text-center text-surface-500">{{ t('common.noResults') }}</div>
+        <EmptyState :message="t('common.noResults')" />
       </template>
       <Column field="code" :header="t('common.code')" sortable />
       <Column field="name" :header="t('common.name')" sortable />
       <Column header="" style="width: 10rem; text-align: right">
         <template #body="{ data }">
-          <Button icon="pi pi-users" text rounded :aria-label="t('groups.manageMembers')" @click="openMembers(data)" />
-          <Button icon="pi pi-key" text rounded :aria-label="t('groups.manageRoles')" @click="openRoles(data)" />
-          <Button icon="pi pi-pencil" text rounded :aria-label="t('common.ariaRename')" @click="openRename(data)" />
+          <Button icon="pi pi-users" text rounded v-tooltip.top="t('groups.manageMembers')" :aria-label="t('groups.manageMembers')" @click="openMembers(data)" />
+          <Button icon="pi pi-key" text rounded v-tooltip.top="t('groups.manageRoles')" :aria-label="t('groups.manageRoles')" @click="openRoles(data)" />
+          <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('common.ariaRename')" :aria-label="t('common.ariaRename')" @click="openRename(data)" />
           <Button
             icon="pi pi-trash"
             text
             rounded
             severity="danger"
-            :aria-label="t('common.ariaDelete')"
+            v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
             @click="confirmDelete(data)"
           />
         </template>
diff --git a/src/views/LoginView.vue b/src/views/LoginView.vue
index 7f2c2f1..9138747 100644
--- a/src/views/LoginView.vue
+++ b/src/views/LoginView.vue
@@ -7,6 +7,7 @@ import Card from 'primevue/card'
 import InputText from 'primevue/inputtext'
 import Password from 'primevue/password'
 import Button from 'primevue/button'
+import Message from 'primevue/message'
 import { useAuthStore } from '@/stores/auth'
 import { authApi } from '@/api/auth'
 
@@ -16,6 +17,9 @@ const route = useRoute()
 const toast = useToast()
 const { t } = useI18n()
 
+// Set by the router guard / axios interceptor when an expired session was bounced here.
+const sessionExpired = route.query.expired === '1'
+
 const tenantId = ref('default')
 const loginId = ref('')
 const rawPassword = ref('')
@@ -61,6 +65,9 @@ async function submit() {
         </div>
       </template>
       <template #content>
+        <Message v-if="sessionExpired" severity="warn" :closable="false" class="mb-4">
+          {{ t('login.sessionExpired') }}
+        </Message>
         <form class="flex flex-col gap-4" @submit.prevent="submit">
           <div class="flex flex-col gap-1">
             <label for="tenantId" class="text-sm font-medium">{{ t('login.tenant') }}</label>
diff --git a/src/views/MenusView.vue b/src/views/MenusView.vue
index e87564e..da3da04 100644
--- a/src/views/MenusView.vue
+++ b/src/views/MenusView.vue
@@ -3,6 +3,7 @@ import { onMounted, ref } from 'vue'
 import { useI18n } from 'vue-i18n'
 import TreeTable from 'primevue/treetable'
 import Column from 'primevue/column'
+import EmptyState from '@/components/EmptyState.vue'
 import Button from 'primevue/button'
 import Dialog from 'primevue/dialog'
 import InputText from 'primevue/inputtext'
@@ -172,14 +173,14 @@ onMounted(() => {
     <div class="flex items-center justify-between">
       <h1 class="text-xl font-semibold">{{ t('menus.title') }}</h1>
       <div class="flex items-center gap-2">
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('menus.addRoot')" @click="openCreate(null)" />
       </div>
     </div>
 
     <TreeTable :value="nodes" :loading="loading" data-key="key" :indent-size="24">
       <template #empty>
-        <div class="py-6 text-center text-surface-500">{{ t('common.noResults') }}</div>
+        <EmptyState :message="t('common.noResults')" />
       </template>
       <Column field="label" :header="t('menus.columns.label')" expander style="min-width: 16rem">
         <template #body="{ node }">
@@ -203,14 +204,14 @@ onMounted(() => {
       <Column field="displayOrder" :header="t('menus.columns.order')" style="width: 6rem" />
       <Column header="" style="width: 12rem; text-align: right">
         <template #body="{ node }">
-          <Button icon="pi pi-plus" text rounded :aria-label="t('menus.ariaAddChild')" @click="openCreate(node.data.id)" />
-          <Button icon="pi pi-pencil" text rounded :aria-label="t('common.ariaEdit')" @click="openEdit(node.data)" />
+          <Button icon="pi pi-plus" text rounded v-tooltip.top="t('menus.ariaAddChild')" :aria-label="t('menus.ariaAddChild')" @click="openCreate(node.data.id)" />
+          <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('common.ariaEdit')" :aria-label="t('common.ariaEdit')" @click="openEdit(node.data)" />
           <Button
             icon="pi pi-trash"
             text
             rounded
             severity="danger"
-            :aria-label="t('common.ariaDelete')"
+            v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
             @click="confirmDelete(node.data)"
           />
         </template>
diff --git a/src/views/PermissionsView.vue b/src/views/PermissionsView.vue
index d5c1b28..f157c4d 100644
--- a/src/views/PermissionsView.vue
+++ b/src/views/PermissionsView.vue
@@ -3,6 +3,7 @@ import { computed, onMounted, ref } from 'vue'
 import { useI18n } from 'vue-i18n'
 import DataTable from 'primevue/datatable'
 import Column from 'primevue/column'
+import EmptyState from '@/components/EmptyState.vue'
 import Button from 'primevue/button'
 import Dialog from 'primevue/dialog'
 import InputText from 'primevue/inputtext'
@@ -138,7 +139,7 @@ onMounted(reload)
       <h1 class="text-xl font-semibold">{{ t('permissions.title') }}</h1>
       <div class="flex items-center gap-2">
         <InputText v-model="search" :placeholder="t('common.search')" class="w-56" />
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('common.create')" @click="openCreate" />
       </div>
     </div>
@@ -152,19 +153,19 @@ onMounted(reload)
       data-key="id"
     >
       <template #empty>
-        <div class="py-6 text-center text-surface-500">{{ t('common.noResults') }}</div>
+        <EmptyState :message="t('common.noResults')" />
       </template>
       <Column field="code" :header="t('common.code')" sortable />
       <Column field="description" :header="t('common.description')" />
       <Column header="" style="width: 10rem; text-align: right">
         <template #body="{ data }">
-          <Button icon="pi pi-pencil" text rounded :aria-label="t('common.ariaEdit')" @click="openEdit(data)" />
+          <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('common.ariaEdit')" :aria-label="t('common.ariaEdit')" @click="openEdit(data)" />
           <Button
             icon="pi pi-trash"
             text
             rounded
             severity="danger"
-            :aria-label="t('common.ariaDelete')"
+            v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
             @click="confirmDelete(data)"
           />
         </template>
diff --git a/src/views/PoliciesView.vue b/src/views/PoliciesView.vue
index a0b8a80..e019585 100644
--- a/src/views/PoliciesView.vue
+++ b/src/views/PoliciesView.vue
@@ -118,7 +118,7 @@ onMounted(reload)
   <div class="flex flex-col gap-4">
     <div class="flex items-center justify-between">
       <h1 class="text-xl font-semibold">{{ t('policies.title') }}</h1>
-      <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+      <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
     </div>
 
     <Message severity="info" :closable="false">
@@ -141,7 +141,7 @@ onMounted(reload)
       </Column>
       <Column header="" style="width: 8rem; text-align: right">
         <template #body="{ data }">
-          <Button icon="pi pi-play" text rounded :aria-label="t('policies.ariaTest')" @click="openTest(data)" />
+          <Button icon="pi pi-play" text rounded v-tooltip.top="t('policies.ariaTest')" :aria-label="t('policies.ariaTest')" @click="openTest(data)" />
         </template>
       </Column>
     </DataTable>
diff --git a/src/views/RolesView.vue b/src/views/RolesView.vue
index 2895a52..aa6184f 100644
--- a/src/views/RolesView.vue
+++ b/src/views/RolesView.vue
@@ -3,6 +3,7 @@ import { computed, onMounted, ref } from 'vue'
 import { useI18n } from 'vue-i18n'
 import DataTable from 'primevue/datatable'
 import Column from 'primevue/column'
+import EmptyState from '@/components/EmptyState.vue'
 import Button from 'primevue/button'
 import Dialog from 'primevue/dialog'
 import InputText from 'primevue/inputtext'
@@ -150,7 +151,7 @@ onMounted(reload)
       <h1 class="text-xl font-semibold">{{ t('roles.title') }}</h1>
       <div class="flex items-center gap-2">
         <InputText v-model="search" :placeholder="t('common.search')" class="w-56" />
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('common.create')" @click="openCreate" />
       </div>
     </div>
@@ -164,7 +165,7 @@ onMounted(reload)
       data-key="id.value"
     >
       <template #empty>
-        <div class="py-6 text-center text-surface-500">{{ t('common.noResults') }}</div>
+        <EmptyState :message="t('common.noResults')" />
       </template>
       <Column field="code" :header="t('common.code')" sortable />
       <Column field="name" :header="t('common.name')" sortable />
@@ -174,16 +175,16 @@ onMounted(reload)
             icon="pi pi-key"
             text
             rounded
-            :aria-label="t('roles.managePermissions')"
+            v-tooltip.top="t('roles.managePermissions')" :aria-label="t('roles.managePermissions')"
             @click="openPermissions(data)"
           />
-          <Button icon="pi pi-pencil" text rounded :aria-label="t('common.ariaRename')" @click="openRename(data)" />
+          <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('common.ariaRename')" :aria-label="t('common.ariaRename')" @click="openRename(data)" />
           <Button
             icon="pi pi-trash"
             text
             rounded
             severity="danger"
-            :aria-label="t('common.ariaDelete')"
+            v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
             @click="confirmDelete(data)"
           />
         </template>
diff --git a/src/views/SettingsView.vue b/src/views/SettingsView.vue
index 928aef3..6bff6bf 100644
--- a/src/views/SettingsView.vue
+++ b/src/views/SettingsView.vue
@@ -51,7 +51,7 @@ onMounted(reload)
         severity="secondary"
         outlined
         :loading="loading"
-        :aria-label="t('common.ariaRefresh')"
+        v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')"
         @click="reload"
       />
     </div>
diff --git a/src/views/TenantsView.vue b/src/views/TenantsView.vue
index edd700d..e02ea9f 100644
--- a/src/views/TenantsView.vue
+++ b/src/views/TenantsView.vue
@@ -130,7 +130,7 @@ onMounted(reload)
     <div class="flex items-center justify-between">
       <h1 class="text-xl font-semibold">{{ t('tenants.title') }}</h1>
       <div class="flex items-center gap-2">
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('common.create')" @click="openCreate" />
       </div>
     </div>
@@ -157,14 +157,14 @@ onMounted(reload)
       </Column>
       <Column header="" style="width: 12rem; text-align: right">
         <template #body="{ data }">
-          <Button icon="pi pi-pencil" text rounded :aria-label="t('common.ariaRename')" @click="openRename(data)" />
-          <Button icon="pi pi-power-off" text rounded :aria-label="t('tenants.columns.status')" @click="openStatus(data)" />
+          <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('common.ariaRename')" :aria-label="t('common.ariaRename')" @click="openRename(data)" />
+          <Button icon="pi pi-power-off" text rounded v-tooltip.top="t('tenants.columns.status')" :aria-label="t('tenants.columns.status')" @click="openStatus(data)" />
           <Button
             icon="pi pi-trash"
             text
             rounded
             severity="danger"
-            :aria-label="t('common.ariaDelete')"
+            v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
             @click="confirmDelete(data)"
           />
         </template>
diff --git a/src/views/UsersView.vue b/src/views/UsersView.vue
index 2a3e577..115c9e1 100644
--- a/src/views/UsersView.vue
+++ b/src/views/UsersView.vue
@@ -3,6 +3,7 @@ import { computed, onMounted, ref } from 'vue'
 import { useI18n } from 'vue-i18n'
 import DataTable from 'primevue/datatable'
 import Column from 'primevue/column'
+import EmptyState from '@/components/EmptyState.vue'
 import Button from 'primevue/button'
 import Dialog from 'primevue/dialog'
 import InputText from 'primevue/inputtext'
@@ -230,7 +231,7 @@ onMounted(reload)
       <h1 class="text-xl font-semibold">{{ t('users.title') }}</h1>
       <div class="flex items-center gap-2">
         <InputText v-model="search" :placeholder="t('common.search')" class="w-56" />
-        <Button icon="pi pi-refresh" severity="secondary" outlined :aria-label="t('common.ariaRefresh')" @click="reload" />
+        <Button icon="pi pi-refresh" severity="secondary" outlined v-tooltip.top="t('common.ariaRefresh')" :aria-label="t('common.ariaRefresh')" @click="reload" />
         <Button icon="pi pi-plus" :label="t('common.create')" @click="openCreate" />
       </div>
     </div>
@@ -245,7 +246,7 @@ onMounted(reload)
       data-key="id.value"
     >
       <template #empty>
-        <div class="py-6 text-center text-surface-500">{{ t('common.noResults') }}</div>
+        <EmptyState :message="t('common.noResults')" />
       </template>
       <Column field="loginId" :header="t('users.columns.loginId')" sortable />
       <Column field="email" :header="t('users.columns.email')" />
@@ -268,19 +269,19 @@ onMounted(reload)
               :severity="data.locked ? 'success' : 'warn'"
               text
               rounded
-              :aria-label="data.locked ? t('users.ariaLockToggle.unlock') : t('users.ariaLockToggle.lock')"
+              v-tooltip.top="data.locked ? t('users.ariaLockToggle.unlock') : t('users.ariaLockToggle.lock')" :aria-label="data.locked ? t('users.ariaLockToggle.unlock') : t('users.ariaLockToggle.lock')"
               @click="toggleLock(data)"
             />
-            <Button icon="pi pi-key" text rounded :aria-label="t('users.ariaResetPassword')" @click="openPassword(data)" />
-            <Button icon="pi pi-id-card" text rounded :aria-label="t('users.ariaManageRoles')" @click="openRoles(data)" />
-            <Button icon="pi pi-users" text rounded :aria-label="t('users.ariaManageGroups')" @click="openGroups(data)" />
-            <Button icon="pi pi-pencil" text rounded :aria-label="t('users.ariaChangeStatus')" @click="openStatus(data)" />
+            <Button icon="pi pi-key" text rounded v-tooltip.top="t('users.ariaResetPassword')" :aria-label="t('users.ariaResetPassword')" @click="openPassword(data)" />
+            <Button icon="pi pi-id-card" text rounded v-tooltip.top="t('users.ariaManageRoles')" :aria-label="t('users.ariaManageRoles')" @click="openRoles(data)" />
+            <Button icon="pi pi-users" text rounded v-tooltip.top="t('users.ariaManageGroups')" :aria-label="t('users.ariaManageGroups')" @click="openGroups(data)" />
+            <Button icon="pi pi-pencil" text rounded v-tooltip.top="t('users.ariaChangeStatus')" :aria-label="t('users.ariaChangeStatus')" @click="openStatus(data)" />
             <Button
               icon="pi pi-trash"
               text
               rounded
               severity="danger"
-              :aria-label="t('common.ariaDelete')"
+              v-tooltip.top="t('common.ariaDelete')" :aria-label="t('common.ariaDelete')"
               @click="confirmDelete(data)"
             />
           </div>