Disable Save Changes when API credentials empty or invalid#322
Conversation
- Disable Save Changes button when username/password empty, credential check is in flight, or inline credential error is shown - Mark JSON API Username and Password as required (visual asterisk + aria-required) to surface the requirement before user clicks Save
There was a problem hiding this comment.
Code Review
This pull request improves the API credentials configuration UI by adding required field indicators and accessibility attributes to the username and password inputs. It also updates the 'Save Changes' button logic to prevent submission when credentials are missing, invalid, or being validated. Feedback suggests closing a 1000ms debounce window where the button remains enabled after a field change but before validation starts, by updating the credential status to 'checking' immediately within the input change handlers.
| <Button | ||
| className="sp-min-w-[120px]" | ||
| onClick={saveCredentials} | ||
| disabled={saving || !hasCredentials || credentialStatus === 'invalid' || credentialStatus === 'checking'} |
There was a problem hiding this comment.
The disabled logic correctly prevents saving when credentials are known to be invalid or are currently being checked. However, there is a 1000ms window (the debounce period defined in the useEffect) where the button remains enabled after a user modifies a previously valid field but before the validation status updates to checking.
This allows a user to click 'Save' with potentially invalid credentials if they are quick. While the backend likely handles validation, you might consider updating the credentialStatus to checking immediately within the onChange handlers of the username and password fields to close this gap and provide immediate visual feedback to the user.
efbf236
into
SL-346/accessibility-eaa-compliance
Summary
aria-required="true") so the requirement is clear before the user clicks Save.Why
Surfaced during SL-351 testing (TC-351.5): submitting the form with an empty JSON API Username silently saved an empty string to
SAFERPAY_USERNAME[_TEST]and a NULLSAFERPAY_CUSTOMER_ID[_TEST], with no validation message. The terminal-fetch endpoint already shows a single inline credential error for invalid formats, so disabling the Save action avoids a duplicate toast on top of that inline message.Test plan
asdasasd) with any password → inline "Invalid credentials" error shown, Save Changes disabled, no duplicate toast