fix(admin-ui): Use typescript generated client for Auth Server Logging pages

[syntrydy]

#2462
Closes #2462

Summary by CodeRabbit

• New Features

  • Permission-gated, server-backed loading and saving for logging config with commit dialog, success/error toasts, and permission-error UI.
  • Audit-logging hook to record structured update events including changed fields.
  • Helpers to merge values and compute changed fields for updates.

• Bug Fixes

  • Stricter validation and safer initialization for logging level, layout, and booleans.
  • Consolidated loading/error state and improved submit/apply flow.

• Tests

  • Tests updated to run with a query client provider and mocked API hooks, asserting UI against mocked responses.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Warning

Rate limit exceeded

@moabu has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 25 minutes and 27 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 9834bf5 and 6cd05ac.

📒 Files selected for processing (1)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)

📝 Walkthrough

Walkthrough

Replaces Redux-driven logging state with React Query API hooks, adds permission gating and an audit-logging hook, introduces merge/diff utilities and stricter validations, and updates tests to run under a QueryClientProvider with JansConfigApi hook mocks. (28 words)

Changes

Cohort / File(s)	Summary
Component admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx	Replaced Redux selectors/dispatch with useGetConfigLogging/usePutConfigLogging; added permission initialization (permissionsInitialized/permissionError) and mounted-safety; moved to local localLogging state; added pending/commit dialog flow using getMergedValues/getChangedFields; triggers non-blocking audit via useLoggingActions; explicit loading/error UI; typed React return.
Tests admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.test.tsx	Tests now wrap component with QueryClientProvider (retry disabled) and Redux Provider; module-scoped mock of JansConfigApi stubs useGetConfigLogging/usePutConfigLogging; extended mock auth state (token, config, userinfo); test dynamically requires/configures hooks and asserts UI values via test IDs.
Audit Hook admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts	New useLoggingActions hook and ModifiedFields interface; reads token/client_id/userinfo from Redux, builds audit payload, enriches with addAdditionalData (UPDATE, API_LOGGING), posts via postUserAction, handles missing token/userinfo and backend failures, exposes logLoggingUpdate(message, modifiedFields?).
Utilities admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts	Removed cloneDeep; added isValidLevel/isValidLayout guards; rewrote getLoggingInitialValues with validation and defaults; added getMergedValues<T> and getChangedFields<T> helpers to merge updates and compute diffs with explicit null/undefined handling.
Validations admin-ui/plugins/auth-server/components/Configuration/Defaults/validations.ts	Strengthened loggingValidationSchema: loggingLevel/loggingLayout are required and constrained via oneOf against LOG_LEVELS/LOG_LAYOUTS; added required booleans httpLoggingEnabled, disableJdkLogger, and enabledOAuthAuditLogging.

Sequence Diagram(s)

sequenceDiagram
    actor User
    participant Page as LoggingPage
    participant Auth as Redux (auth state)
    participant Perm as Permission Init
    participant Q as React Query
    participant API as Config API
    participant Audit as useLoggingActions

    Page->>Auth: read token, client_id, userinfo
    Page->>Perm: init(LOGGING_READ, LOGGING_WRITE)
    Perm-->>Page: permissionsInitialized / permissionError

    alt permissions OK
      Page->>Q: useGetConfigLogging (enabled)
      Q->>API: GET /config/logging
      API-->>Q: logging data
      Q-->>Page: populate localLogging / form
    else permissions fail
      Page-->>User: render permission error UI
    end

    User->>Page: submit form
    Page->>Page: merged = getMergedValues(orig, updated)
    Page->>Page: changed = getChangedFields(orig, updated)
    Page->>Q: usePutConfigLogging.mutateAsync(merged)
    Q->>API: PUT /config/logging
    API-->>Q: updated logging
    Q-->>Page: update localLogging

    rect rgba(76,175,80,0.08)
      Page->>Audit: logLoggingUpdate(msg, changed) [non-blocking]
      Audit->>API: POST /audit/action
      API-->>Audit: ack
    end

    Page-->>User: show toast / updated UI

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

• Pay attention to:
  • Permission initialization gating and conditional query enablement in LoggingPage.tsx.
  • Correctness and typing of getMergedValues / getChangedFields (null/undefined handling).
  • Audit payload composition, error handling and side-effects in useLoggingActions.ts.
  • Test mocks for JansConfigApi hooks and QueryClientProvider setup.

Possibly related PRs

• feat(admin): adding uniformity in cancel and back buttons present in Logging #2416 — modifies LoggingPage and shared utilities/validation (LOG_LEVELS/LOG_LAYOUTS, initial values); likely overlapping changes.

Suggested reviewers

• duttarnab
• moabu

Poem

🐰 I hopped through logs and fields anew,
I swapped Redux crumbs for Query's clearer view,
I merged what changed, then counted what was true,
I whispered audit notes — a tiny clue,
A carrot cheer — commit and off I flew. 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main objective: switching Auth Server Logging pages from manually created types to TypeScript-generated client.
Linked Issues check	✅ Passed	The PR successfully replaces Redux-based logging management with TypeScript-generated client hooks (useGetConfigLogging, usePutConfigLogging) and updates type validations, addressing the core objective from issue #2462.
Out of Scope Changes check	✅ Passed	All changes directly relate to migrating from Redux to TypeScript-generated API client for logging configuration; no extraneous modifications detected.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8a40c79 and 259ccad.

📒 Files selected for processing (5)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.test.tsx (2 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (8 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/validations.ts (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/validations.ts (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (2)

• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (3)

admin-ui/app/utils/TokenController.ts (1)

• addAdditionalData (49-124)

admin-ui/app/audit/Resources.ts (1)

• API_LOGGING (7-7)

admin-ui/app/redux/api/backend-api.ts (1)

• postUserAction (51-69)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (31-36)
• useLoggingActions (58-121)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (4)

• LoggingFormValues (15-21)
• getLoggingInitialValues (38-56)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)

🔇 Additional comments (19)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (4)

1-22: LGTM! Well-structured type definitions.

The use of as const for literal type inference and clear separation between nullable API types (LoggingConfigLike) and non-nullable form types (LoggingFormValues) follows best practices.

---

23-33: LGTM! Proper type guard implementation.

The type guards correctly validate runtime values with both type checking and array inclusion, providing safe narrowing for TypeScript.

---

35-56: LGTM! Robust initialization with proper validation.

The function correctly handles null/undefined inputs, validates logging levels and layouts using the type guards, and explicitly converts nullable booleans. This prevents invalid states in the form.

---

72-91: LGTM! Type-safe change detection.

The function correctly returns Partial<T> and uses shallow equality comparison, which is appropriate for the primitive values in logging configuration. The null handling is safe.

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

1-36: LGTM! Well-defined types for audit logging.

The type definitions clearly structure the audit log payload and expose ModifiedFields for external use, supporting proper type safety across the module boundary.

---

70-116: No verification issues found.

The code at line 86 correctly constructs the Authorization header. The access_token stored in Redux is a raw token value without the "Bearer " prefix, and the code properly prepends "Bearer " when creating the header. This pattern is consistent across the entire codebase (50+ locations), confirming the implementation is correct.

admin-ui/plugins/auth-server/components/Configuration/Defaults/validations.ts (1)

1-14: LGTM! Proper validation schema with type safety.

The validation schema correctly imports and uses the logging constants for oneOf validation, ensuring runtime validation matches the TypeScript type definitions. The addition of required boolean validations aligns with the expanded LoggingFormValues interface.

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.test.tsx (3)

1-58: LGTM! Proper test setup for React Query integration.

The test correctly:

• Mocks the API hooks at module level
• Configures QueryClient with retry: false to prevent test flakiness
• Expands AUTH_STATE to include all fields required by the new hook-based audit logging

The test infrastructure properly supports the refactored data flow.

---

60-70: LGTM! Proper provider composition.

The Wrapper component correctly composes multiple providers in the right order, ensuring both React Query and Redux state are available to the tested component.

---

72-99: LGTM! Test correctly verifies React Query integration.

The test properly:

• Dynamically imports and mocks the API hooks
• Sets up appropriate return values for both query and mutation hooks
• Verifies that the UI renders the fetched data correctly

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (9)

1-54: LGTM! Clean refactor to React Query with proper type definitions.

The imports reflect the migration from Redux-based data management to React Query hooks. The local TypeScript interfaces provide clear type safety for component state.

---

56-77: LGTM! Proper permission-gated data fetching.

The query is correctly disabled until permissions are initialized and the user has the required read permission (line 74). This prevents unnecessary API calls and ensures proper authorization flow.

---

79-109: LGTM! Robust permission initialization with proper cleanup.

The permission initialization:

• Uses parallel authorization checks for better performance (line 85)
• Implements the isMounted pattern to prevent memory leaks
• Gracefully handles errors by still setting permissionsInitialized to unblock the UI (line 93)
• Properly cleans up on unmount

---

105-118: LGTM! Efficient form initialization.

The component properly:

• Syncs server data to local state (lines 106-108)
• Memoizes initial form values with correct dependency (line 112)
• Uses constants directly from utils for dropdown options

---

120-164: LGTM! Robust form submission with proper error handling.

The form submission flow is well-designed:

• handleSubmit: Validates data is loaded (line 122), prepares merged/changed values, and shows confirmation dialog
• handleAccept:
  • Updates API first and uses server response as source of truth (lines 144-147)
  • Audit logging is non-blocking to prevent submission failure from audit issues (lines 150-152)
  • Keeps dialog open on API errors so users can retry (lines 158-161)

Note: The getMergedValues call on line 127 is affected by the type safety issue flagged in utils.ts, but runtime behavior should be safe since localLogging is null-checked.

---

166-179: LGTM! Proper loading state composition.

Line 166 correctly combines the data fetching loading state with the mutation pending state, ensuring the UI is blocked during both operations.

---

195-197: LGTM! Explicit event handler typing.

The event handlers properly use explicit React.ChangeEvent<HTMLInputElement> typing, providing better type safety and preventing common event-related bugs.

Also applies to: 223-225, 240-242, 251-253

---

262-264: Consider adding explicit event type for consistency.

While the handler on line 263 works correctly, it's missing the explicit React.ChangeEvent<HTMLInputElement> type annotation that other handlers have (lines 195, 223, 240, 251). Consider adding it for consistency:

-                    handler={(e: React.ChangeEvent<HTMLInputElement>) =>
+                    handler={(e: React.ChangeEvent<HTMLInputElement>) =>
                       formik.setFieldValue('enabledOAuthAuditLogging', e.target.checked)
                     }

Wait, looking at the code again, line 262 already has the type annotation. Let me re-examine... Actually, it appears line 263 doesn't have the explicit type shown in the diff, but it might be inferred. Let me check the actual line numbers again.

Actually, reviewing the code more carefully, I see that line 262 shows:

handler={(e: React.ChangeEvent<HTMLInputElement>) =>

So it does have the explicit typing. This is already consistent. I should not flag this.

[actions]
Skip this comment

[scratchpad_end] -->

---

180-306: LGTM! Well-structured form with proper permission gating.

The form implementation:

• Uses Formik for form management with proper validation
• Implements consistent event handler typing across all fields
• Properly gates the form footer behind write permissions (line 271)
• Correctly passes the composed isLoading state to the footer (line 288)

[coderabbitai]

Actionable comments posted: 5

♻️ Duplicate comments (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (1)

31-34: Align PendingValues.changedFields with getChangedFields result and ModifiedFields

PendingValues defines:

interface PendingValues {
  mergedValues: Logging
  changedFields: ModifiedFields
}

while changedFields is produced via:

const mergedValues = getMergedValues(localLogging, values)
const changedFields = getChangedFields(localLogging, mergedValues)
setPendingValues({ mergedValues, changedFields })

Given the current getChangedFields implementation, changedFields is Partial<Logging> (new values only), not { oldValue; newValue }. This both disagrees with the ModifiedFields interface and will fail type‑checking once getChangedFields is tightened.

After updating getChangedFields as suggested in utils.ts to emit { oldValue, newValue }, this code will naturally line up: changedFields will have a structure compatible with ModifiedFields, and you won’t need casts. Until then, there is a real risk of either compile‑time errors or incorrect audit payloads.

#!/bin/bash
# Focus on this call chain to ensure all typings are consistent.
rg -n "PendingValues" admin-ui/plugins/auth-server/components/Configuration/Defaults -C3
rg -n "logLoggingUpdate\(" admin-ui/plugins/auth-server/components/Configuration/Defaults -C3

Also applies to: 100-121

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 259ccad and 7cbd08a.

📒 Files selected for processing (3)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (8 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (3)

admin-ui/app/utils/TokenController.ts (1)

• addAdditionalData (49-124)

admin-ui/app/audit/Resources.ts (1)

• API_LOGGING (7-7)

admin-ui/app/redux/api/backend-api.ts (1)

• postUserAction (51-69)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1)

admin-ui/app/helpers/utility.js (1)

• changed (3-3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (15-20)
• useLoggingActions (46-109)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (4)

• LoggingFormValues (15-21)
• getLoggingInitialValues (38-56)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)

🔇 Additional comments (4)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1)

23-55: Logging level/layout guards and initial values look solid

The type guards and getLoggingInitialValues logic are consistent with the declared unions, handle null/undefined safely, and provide deterministic defaults. No issues from a correctness or typing perspective.

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1)

15-41: ModifiedFields interface is clear and compatible with suggested getChangedFields change

The ModifiedFields shape here ({ oldValue; newValue } per key) aligns with the proposed change to getChangedFields in utils.ts. Once getChangedFields is updated to emit { oldValue, newValue }, the structural typing will match and audit logs will carry both before/after values as intended.

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (2)

116-144: Audit logging after mutation is non‑blocking and generally correct

The submit/accept flow looks good:

• handleSubmit computes merged values and changed fields, then opens the commit dialog.
• handleAccept awaits usePutConfigLogging().mutateAsync, updates localLogging from the server response, and only then fires logLoggingUpdate in a fire‑and‑forget way (.catch logs any failure).

This ensures API updates drive the source of truth and audit logging failures don’t block the user. If you adopt the updated getChangedFields shape, changedFields here will also include meaningful old/new pairs for the audit trail.

---

268-269: Nice touch wiring form footer loading to mutation/query state

Passing isLoading down to GluuFormFooter ensures the apply button reflects both data fetch and mutation states and aligns visually with the top‑level GluuLoader. No issues here.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7cbd08a and faad642.

📒 Files selected for processing (3)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (8 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-07T12:55:26.241Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:93-104
Timestamp: 2025-11-07T12:55:26.241Z
Learning: In the Cedarling configuration feature (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), the sync role to scopes mappings operation depends on the `auiPolicyStoreUrl`. The backend fetches content from this URL and syncs roles based on the response. Therefore, the audit log for the sync operation should include the `auiPolicyStoreUrl` in its payload to provide proper audit context.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts
• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (2)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (3)

admin-ui/app/utils/TokenController.ts (1)

• addAdditionalData (49-124)

admin-ui/app/audit/Resources.ts (1)

• API_LOGGING (7-7)

admin-ui/app/redux/api/backend-api.ts (1)

• postUserAction (51-69)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-86)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (4)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)

🔇 Additional comments (4)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (1)

23-69: Logging helpers and diff logic look sound and type-safe

The new validators, initialization logic, and merge/diff helpers are consistent with the generated Logging type usage in LoggingPage.tsx and with ModifiedFields in useLoggingActions.ts. Shallow diffing with old/new pairs is appropriate for these scalar fields, and requiring a non-null original in getMergedValues removes the earlier unsafe cast.

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1)

9-31: ModifiedFields and AuditLog shapes align with callers

The ModifiedFields map and AuditLog structure line up with getChangedFields and addAdditionalData/postUserAction usage, giving you a clean, typed surface for audit logging. This is a solid consolidation of the logging-audit concerns.

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (2)

40-51: Permissions gating and loader behavior are well‑structured

Initializing both LOGGING_READ and LOGGING_WRITE via authorize with an isMounted guard, and folding !permissionsInitialized into isLoading, avoids flashes of unauthorized/empty UI and respects the earlier guidance about keeping console.error in catch blocks for diagnostics. The query enabled condition and GluuViewWrapper permission gate work together cleanly.

Also applies to: 52-76, 132-136

---

88-90: Formik wiring, event typings, and footer loading flag look correct

Reusing LOG_LEVELS/LOG_LAYOUTS for dropdown options, updating the select handlers to ChangeEvent<HTMLSelectElement>, keeping checkbox toggles as ChangeEvent<HTMLInputElement>, and passing the combined isLoading into both GluuLoader and GluuFormFooter makes the form interactions and loading UX consistent and type‑aligned with the underlying components.

Also applies to: 155-163, 183-191, 203-209, 215-219, 225-230, 254-255

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between faad642 and 94c30bd.

📒 Files selected for processing (2)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)
• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-07T12:55:26.241Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:93-104
Timestamp: 2025-11-07T12:55:26.241Z
Learning: In the Cedarling configuration feature (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), the sync role to scopes mappings operation depends on the `auiPolicyStoreUrl`. The backend fetches content from this URL and syncs roles based on the response. Therefore, the audit log for the sync operation should include the `auiPolicyStoreUrl` in its payload to provide proper audit context.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts
• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts
• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (2)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (3)

admin-ui/app/utils/TokenController.ts (1)

• addAdditionalData (49-124)

admin-ui/app/audit/Resources.ts (1)

• API_LOGGING (7-7)

admin-ui/app/redux/api/backend-api.ts (1)

• postUserAction (51-69)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-91)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (6)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)
• getMergedValues (49-54)
• getChangedFields (56-69)

🔇 Additional comments (4)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (1)

1-91: LGTM! Audit logging hook is well-implemented.

The hook correctly:

• Validates authorization token and user information before constructing audit logs.
• Handles the -1 sentinel return value from postUserAction by throwing an explicit error.
• Uses addAdditionalData with omitPayload: true and includes modifiedFields in the action data, aligning with established audit patterns.
• Applies proper error handling with console.error and rethrows to allow callers to treat audit as non-blocking.
• Memoizes the callback with appropriate dependencies.

The implementation addresses all previous review feedback and follows the codebase patterns. Based on learnings, the console.error calls in catch blocks are appropriate for debugging.

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

138-138: Loading state properly reflects all initialization phases.

The isLoading calculation now includes !permissionsInitialized, which addresses the previous review feedback. This ensures the loader blocks the UI during permission checks, data fetching, and mutation operations, providing a consistent loading experience.

---

167-169: Event handler types are correct.

The event handlers use appropriate DOM event types:

• React.ChangeEvent<HTMLSelectElement> for CustomInput type="select" (lines 167, 195)
• React.ChangeEvent<HTMLInputElement> for GluuToogleRow checkboxes (lines 212, 223, 234)

This provides proper type safety and addresses previous feedback about event typing.

Also applies to: 195-197, 212-214, 223-225, 234-236

---

102-104: No-op guard prevents unnecessary commits.

The guard correctly skips the commit dialog and audit logging when no fields have changed, improving UX by avoiding unnecessary operations. This implements the optional refactor suggested in previous review feedback.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 94c30bd and f4cbb62.

📒 Files selected for processing (1)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-07T12:17:39.857Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:43-149
Timestamp: 2025-11-07T12:17:39.857Z
Learning: In the Cedarling configuration UI PR (#2378), the `configApiPolicyStoreUrl` field is intentionally out of scope. It relates to config API configuration and will be covered in a separate PR. The current PR focuses on the Admin UI policy store URL (`auiPolicyStoreUrl`).

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-91)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (6)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)
• getMergedValues (49-54)
• getChangedFields (56-69)

🔇 Additional comments (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

10-17: Good consolidation of logging utilities, types, and pending state

Using LOG_LEVELS / LOG_LAYOUTS, getLoggingInitialValues, and the shared LoggingFormValues type keeps the form tightly aligned with the API surface, and the PendingValues wrapper cleanly couples the server Logging payload with audit ModifiedFields. This removes manual duplication and will help avoid drift between the UI and the generated client types.

Also applies to: 27-33, 87-90, 92-93

---

41-45: Permissions, loading state, and gated rendering are wired coherently

The combination of:

• explicit permission initialization via authorize with an isMounted guard,
• permissionsInitialized folded into isLoading,
• enabled: permissionsInitialized && hasCedarPermission(LOGGING_READ) on the query,
• a dedicated permissionError UI branch, and
• GluuViewWrapper + hasCedarPermission(LOGGING_READ/WRITE)

gives a clear, fail-closed permissions story and avoids UI flashes while auth/logging config are in flight. Passing isLoading through to both GluuLoader and GluuFormFooter also keeps the spinner and buttons in sync.

Also applies to: 47-52, 54-79, 145-146, 147-159, 161-166, 264-282

---

188-190: Event typings now match control types and Formik integration

Updating the handlers to use React.ChangeEvent<HTMLSelectElement> for the CustomInput type="select" controls and React.ChangeEvent<HTMLInputElement> for the toggle rows aligns the TS types with the underlying DOM elements while keeping the Formik setFieldValue calls straightforward. This should eliminate the earlier typing friction around these handlers without introducing any.

Also applies to: 216-218, 233-235, 244-246, 255-257

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (1)

191-207: Formik handlers and control typings are consistent; optional minor typing polish

The select and toggle handlers now match their underlying DOM elements:

• ChangeEvent<HTMLSelectElement> for CustomInput type="select",
• ChangeEvent<HTMLInputElement> for GluuToogleRow handlers,

and all updates flow through formik.setFieldValue, with LOG_LEVELS/LOG_LAYOUTS driving the options. Passing isLoading into GluuFormFooter in addition to the outer GluuLoader keeps the footer in sync with permission/query/mutation state.

If you want to tighten types further, you could cast e.target.value to the specific union (e.g., as LoggingFormValues['loggingLevel']) to retain strong typing on LoggingFormValues, but that’s strictly optional given Formik’s setFieldValue signature.

Also applies to: 218-235, 246-273, 280-299

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f4cbb62 and a3ba35b.

📒 Files selected for processing (1)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-07T12:17:39.857Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:43-149
Timestamp: 2025-11-07T12:17:39.857Z
Learning: In the Cedarling configuration UI PR (#2378), the `configApiPolicyStoreUrl` field is intentionally out of scope. It relates to config API configuration and will be covered in a separate PR. The current PR focuses on the Admin UI policy store URL (`auiPolicyStoreUrl`).

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-91)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (6)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)
• getMergedValues (49-54)
• getChangedFields (56-69)

🔇 Additional comments (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

10-33: Type-safe wiring to utils and JansConfigApi aligns with PR goals

Imports of LOG_LEVELS, LOG_LAYOUTS, getLoggingInitialValues, getMergedValues, getChangedFields, and LoggingFormValues plus the Logging type and ModifiedFields/PendingValues give the page a clean, strongly typed contract with the generated client and audit hook. This is exactly the direction described in the PR objectives; no issues spotted here.

---

91-98: Submit/commit/audit pipeline is well-structured and robust

The form lifecycle is clean:

• initialValues derived via getLoggingInitialValues(localLogging) gives safe defaults while still reinitializing when server data arrives.
• handleSubmit correctly guards on localLogging, merges via getMergedValues, computes a precise diff with getChangedFields, and skips no-op commits.
• PendingValues cleanly carries both mergedValues and changedFields into handleAccept.
• handleAccept awaits the mutation, refreshes localLogging from the server result, fires non-blocking logLoggingUpdate(userMessage, changedFields).catch(...), and surfaces success/error via toasts while keeping the commit dialog open on failure.

The explicit console.error calls in the permission init and both update/audit error paths are appropriate for unexpected failures and align with previous guidance about keeping full error objects in logs. Based on learnings.

Also applies to: 100-118, 120-145

---

147-175: Combined loading and error branches prevent “fake editable” states

Deriving isLoading from !permissionsInitialized || isLoadingData || updateLogging.isPending and then short-circuiting on loggingError and permissionError before rendering the editable form avoids the earlier issue where users could see a form that could never successfully save. The error UIs mirror the existing permission error pattern and keep the UX consistent.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a3ba35b and dcc2f98.

📒 Files selected for processing (1)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-07T12:17:39.857Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:43-149
Timestamp: 2025-11-07T12:17:39.857Z
Learning: In the Cedarling configuration UI PR (#2378), the `configApiPolicyStoreUrl` field is intentionally out of scope. It relates to config API configuration and will be covered in a separate PR. The current PR focuses on the Admin UI policy store URL (`auiPolicyStoreUrl`).

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-91)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (6)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)
• getMergedValues (49-54)
• getChangedFields (56-69)

🔇 Additional comments (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (1)

47-172: Solid error handling, loading states, and permission flow.

The implementation properly addresses all major concerns:

• Error handling: Both loggingError (lines 146-158) and permissionError (lines 160-172) are surfaced with clear error UI blocks, preventing the "fake editable" state.
• Loading states: isLoading (line 144) correctly combines permission initialization, data fetch, and mutation states to block the UI appropriately.
• Permission gating: The pattern of checking readResult.isAuthorized explicitly (lines 67-70) to block the page while relying on hasCedarPermission(LOGGING_WRITE) (line 277) to gate write actions cleanly supports read-only access.
• Submit guards: The defensive check at lines 99-102 prevents submission when data isn't loaded.
• User feedback: Toast notifications (lines 132, 138) provide clear success/error messages.
• Audit logging: The non-blocking pattern with catch(console.error) (lines 128-130) aligns with the learning about keeping error details for debugging.
• Data flow: The merge/diff logic (lines 104-105) and early return for no-op changes (lines 107-109) ensure clean state management and precise audit trails.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dcc2f98 and 9834bf5.

📒 Files selected for processing (1)

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (7 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-11-10T14:18:58.310Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:107-109
Timestamp: 2025-11-10T14:18:58.310Z
Learning: In the Cedarling configuration page (admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx), console.error calls should be kept in catch blocks when there are multiple operations in the try block, as they help print the whole error object with details for debugging unexpected errors.

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

📚 Learning: 2025-11-07T12:17:39.857Z

Learnt from: kdhttps
Repo: GluuFederation/flex PR: 2378
File: admin-ui/plugins/admin/components/Cedarling/CedarlingConfigPage.tsx:43-149
Timestamp: 2025-11-07T12:17:39.857Z
Learning: In the Cedarling configuration UI PR (#2378), the `configApiPolicyStoreUrl` field is intentionally out of scope. It relates to config API configuration and will be covered in a separate PR. The current PR focuses on the Admin UI policy store URL (`auiPolicyStoreUrl`).

Applied to files:

• admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx

🧬 Code graph analysis (1)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (3)

admin-ui/plugins/auth-server/components/Configuration/Defaults/hooks/useLoggingActions.ts (2)

• ModifiedFields (9-14)
• useLoggingActions (33-91)

admin-ui/app/utils/PermChecker.ts (2)

• LOGGING_READ (73-73)
• LOGGING_WRITE (74-74)

admin-ui/plugins/auth-server/components/Configuration/Defaults/utils.ts (6)

• LoggingFormValues (15-21)
• getLoggingInitialValues (29-47)
• LOG_LEVELS (1-1)
• LOG_LAYOUTS (2-2)
• getMergedValues (49-54)
• getChangedFields (56-69)

🔇 Additional comments (6)

admin-ui/plugins/auth-server/components/Configuration/Defaults/LoggingPage.tsx (6)

10-18: Integration with JansConfigApi hooks and shared logging utils looks correct

Using LOG_LEVELS/LOG_LAYOUTS, LoggingFormValues, getLoggingInitialValues, getMergedValues, getChangedFields, and the generated useGetConfigLogging/usePutConfigLogging hooks plus useLoggingActions cleanly replaces the old Redux/manual types and aligns with the PR objectives.

Please re-run the existing LoggingPage.test.tsx suite to confirm the generated client types stay in sync with the backend contract after this change.

Also applies to: 21-22, 27-33

---

35-45: Component typing and core local state wiring are consistent

Declaring LoggingPage(): React.ReactElement and introducing pendingValues, localLogging, permissionsInitialized, and permissionError provides a clear separation of concerns between form state, loaded config, and permission lifecycle. No functional issues spotted here.

---

82-86: Merge/diff + pendingValues submit flow looks correct and resilient

Using localLogging as the source of truth, deriving initialValues via getLoggingInitialValues(localLogging), then computing mergedValues = getMergedValues(localLogging, values) and changedFields = getChangedFields(localLogging, mergedValues) gives you both a full Logging payload for the API and a precise diff for auditing. The guards for !localLogging and Object.keys(changedFields).length === 0 prevent invalid submissions and no-op commits, and pendingValues cleanly passes data into the commit dialog.

Also applies to: 88-91, 93-94, 97-115

---

117-142: Update + audit logging pipeline correctly separates concerns and user feedback

handleAccept awaiting updateLogging.mutateAsync, updating localLogging from the server result, firing logLoggingUpdate(userMessage, changedFields).catch(...) non-blockingly, and showing success/error toasts gives a clear UX while keeping audit logging out of the critical path. On failures, the commit dialog remains open and pendingValues is preserved, allowing the user to retry. The console.error calls in both the update and audit paths retain full error objects for debugging, which matches prior guidance.

Based on learnings

---

201-203: Formik field handlers for selects and toggles are wired appropriately

The explicit React.ChangeEvent<HTMLSelectElement>/HTMLInputElement typings and use of formik.setFieldValue for loggingLevel, loggingLayout, and the three boolean toggles correctly bridge DOM events into the strongly-typed LoggingFormValues shape. This should keep the form state in sync with the API model without surprising coercions.

If CustomInput/GluuToogleRow have stricter prop typings, re-run TypeScript builds to ensure these handler signatures align with their expected event types.

Also applies to: 229-231, 246-248, 257-259, 268-269

---

47-56: Review comment is incorrect; authorize never rejects

The authorize function from useCedarling (admin-ui/app/cedarling/hooks/useCedarling.ts:123-170) handles all error cases internally with a try/catch and always returns a structured Promise<AuthorizationResult>. It never rejects or throws.

Even token_authorizeCedarRequestBuilder errors (which can throw for missing tokens) are caught within authorize's try/catch block (lines 166-169) and returned as { isAuthorized: false, error: '...' }.

LoggingPage already correctly handles authorization results by checking readResult.isAuthorized and setting permissionError when needed. The suggested try/catch wrapper is unnecessary because the promise never rejects.

Likely an incorrect or invalid review comment.

[moabu]

@coderabbitai resolve

[coderabbitai]

✅ Actions performed

Comments resolved.

[sonarqubecloud]

Quality Gate passed for 'Gluu Admin UI'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed for 'flex_linux_setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud