Skip to content

feat(admin-ui): add test cases for redux state, auth/security utilities, and complex form components#2901

Merged
duttarnab merged 6 commits into
mainfrom
admin-ui-issue-2900
Jun 29, 2026
Merged

feat(admin-ui): add test cases for redux state, auth/security utilities, and complex form components#2901
duttarnab merged 6 commits into
mainfrom
admin-ui-issue-2900

Conversation

@faisalsiddique4400

@faisalsiddique4400 faisalsiddique4400 commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

feat(admin-ui): add test cases for redux state, auth/security utilities, and complex form components (#2900)

Summary

This PR expands automated test coverage across several critical areas of the Admin UI that currently contain important business logic but lack dedicated test coverage.

The work focuses on Redux state management, authentication and security utilities, complex form components, shared utilities, and data hooks that are difficult to validate manually and are susceptible to regressions.

The objective is to improve confidence in application behavior, strengthen regression protection, and support the ongoing initiative to improve overall Jest coverage across the Admin UI.


Fix Summary

  • Added reducer tests covering state transitions for Redux actions
  • Added listener middleware tests covering:
    • success paths
    • error paths
    • dispatched side effects
  • Added coverage for:
    • license validity updates
    • toast notification payload handling
    • webhook trigger flows
    • logout storage reset behavior
  • Added authentication and security utility tests for:
    • TokenController
    • AuditLogger
    • sessionExpiredRedirect
    • ApiKeyRedirect
    • AppAuthProvider
  • Added branch coverage for:
    • 403 detection
    • issuer storage
    • audit payload generation
    • missing token scenarios
    • invalid configuration scenarios
    • authentication initialization flows
  • Added render and interaction tests for:
    • JsonPropertyBuilder
    • JsonPropertyBuilderConfigApi
    • PasswordChangeModal
    • User2FADevicesModal
    • AssetForm
    • RolePermissionCard
    • DateRangeSelector
    • PolicyStoreUploadConfirmDialog
  • Added coverage for shared utilities and plugin helper modules
  • Added coverage for query and mutation hooks across supported modules
  • Increased overall Jest coverage across previously untested areas
  • Preserved existing runtime behavior and architecture boundaries

Verification

npm run test:all
npm run check:all

passes successfully.

  • Verified reducer state transitions are covered by automated tests
  • Verified listener success and failure paths are covered
  • Verified authentication and security decision branches are covered
  • Verified complex form components render correctly and support primary user interactions
  • Verified utility and hook test suites execute successfully
  • Verified existing test suites remain green
  • Verified no runtime behavior changes

🔗 Ticket

Closes: #2900

Summary by CodeRabbit

  • Refactor
    • Updated accordion, theme, and menu/sidebar components to use hook-based context access and simplified JSX while preserving existing behavior.
    • Improved Gluu dropdown search text extraction and standardized resize/height tracking across multiple components.
    • Theme loading now prefers the stored theme when available (including Gluu loading).
  • Bug Fixes
    • Improved submenu/plugin sidebar rendering consistency by handling children more reliably.
  • Tests
    • Expanded Jest/React Testing Library coverage across reducers, listeners, utilities, and UI dialogs/forms (including token/audit, webhooks, and session expiry).

#2890)

Signed-off-by: faisalsiddique4400 <faisalsiddique10886@gmail.com>
…es, and complex form components (#2900)

Signed-off-by: faisalsiddique4400 <faisalsiddique10886@gmail.com>
@coderabbitai

coderabbitai Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 07b31fca-1a4c-4cae-8b65-3b4d7e4e50a2

📥 Commits

Reviewing files that changed from the base of the PR and between 28dfe2e and 13c476b.

📒 Files selected for processing (2)
  • admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts
  • admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts

📝 Walkthrough

Walkthrough

The PR updates accordion and theme context usage to hook-based reads, adjusts sidebar and layout measurement logic, and adds Redux, utility, listener, and component tests across admin-ui app and plugin modules.

Changes

Admin UI refactors and coverage updates

Layer / File(s) Summary
Accordion context refactor
admin-ui/app/components/Accordion/*
AccordionContextType is exported from types.ts, the context module now exports AccordionContext, and the accordion header, body, and indicator read isOpen and onToggle with use(AccordionContext).
Theme context and fallback
admin-ui/app/components/Theme/*, admin-ui/app/context/theme/themeContext.tsx, admin-ui/app/routes/Apps/Gluu/GluuLoader.tsx
ThemeContext replaces provider and consumer exports, ThemeClass reads it with use(ThemeContext), and GluuLoader falls back to getStoredTheme().
Sidebar and dropdown context cleanup
admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx, admin-ui/app/components/GluuDropdown/GluuDropdown.tsx, admin-ui/app/routes/Apps/Gluu/GluuAppSidebar.tsx
SidebarMenuItem and GluuAppSidebar stop using consumer wrappers, and GluuDropdown moves text extraction into a top-level helper.
Observer and layout state refactors
admin-ui/plugins/auth-server/components/Ssa/components/SsaForm.tsx, admin-ui/plugins/fido/components/Metrics/components/PasskeyAdoptionChart.tsx, admin-ui/plugins/user-management/components/UserForm.tsx, admin-ui/plugins/user-management/components/User2FADevicesModal.tsx
ResizeObserver setup moves to callback refs in SsaForm, PasskeyAdoptionChart, and UserForm, and User2FADevicesModal relocates its pagination state hooks.
App redux and session listener coverage
admin-ui/app/redux/features/__tests__/*, admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts
Reducer tests cover auth, cedar permissions, init, logout, session, and toast state transitions, and sessionListener is tested for logout audit outcomes.
Plugin redux and auth utility coverage
admin-ui/plugins/admin/redux/features/__tests__/WebhookSlice.test.ts, admin-ui/plugins/admin/redux/listeners/__tests__/webhookListener.test.ts, admin-ui/app/utils/__tests__/TokenController.test.ts, admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts, admin-ui/plugins/auth-server/redux/features/__tests__/scopeSlice.test.ts
WebhookSlice actions and webhookListener success, no-webhook, and error paths are covered, along with TokenController, redirectSessionExpired, and scopeSlice tests.
Component interaction tests
admin-ui/plugins/admin/components/..., admin-ui/plugins/auth-server/components/..., admin-ui/plugins/user-management/components/...
New tests cover AssetForm, PolicyStoreUploadConfirmDialog, DateRangeSelector, RolePermissionCard, JsonPropertyBuilder, JsonPropertyBuilderConfigApi, PasswordChangeModal, and User2FADevicesModal.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

  • GluuFederation/flex#2893: The retrieved PR’s new Accordion component test suite directly exercises the same Accordion open/close toggle behavior that was refactored in the main PR via AccordionContext/use(...).

Suggested labels

kind-enhancement

Suggested reviewers

  • duttarnab
  • moabu

Poem

A bunny hopped through contexts bright,
With tests like carrots, crisp and light.
It twitched its nose at each new state,
And tucked in hooks that felt just great. 🐰

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Linked Issues check ⚠️ Warning The PR adds many requested tests, but the linked scope also asked for AuditLogger, ApiKeyRedirect, AppAuthProvider, and broader utility/hook coverage that is not shown here. Add the missing tests for AuditLogger, ApiKeyRedirect, AppAuthProvider, and the requested utility/hook areas, or document them as deferred.
Out of Scope Changes check ⚠️ Warning Several non-test refactors touch Accordion, Theme, Sidebar, GluuDropdown, and form components, which go beyond the issue’s test-coverage scope. Remove the unrelated implementation refactors or split them into separate PRs focused on the requested test coverage.
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly matches the PR’s main goal of adding test coverage for admin-ui Redux, auth utilities, and complex components.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch admin-ui-issue-2900

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Base automatically changed from admin-ui-issue-2890 to main June 25, 2026 07:53
Signed-off-by: faisalsiddique4400 <faisalsiddique10886@gmail.com>
@sonarqubecloud

Copy link
Copy Markdown

@mo-auto mo-auto added comp-admin-ui Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Jun 26, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 8

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx`:
- Around line 205-216: Remove the redundant menuContext prop spread from the
React.cloneElement call in SidebarMenuItem; entries, addEntry, updateEntry, and
removeEntry are already read via use(MenuContext) inside SidebarMenuItem and
should not be forwarded to cloned children as unused props. Update the clone
props to keep only the child-specific values like isSubNode, parentId,
currentUrl, and slim, and leave the existing
SidebarMenuItemProps/SidebarMenuContext typing intact for locating the change.

In `@admin-ui/app/context/theme/themeContext.tsx`:
- Around line 44-51: getStoredTheme currently calls
storage.get(STORAGE_KEYS.INIT_THEME) without protection, which can throw during
GluuLoader rendering when storage is blocked or unavailable. Update
getStoredTheme in themeContext.tsx to match the defensive pattern used by
getInitialTheme: wrap the storage read in try/catch, validate the returned value
with isValidTheme, and fall back to DEFAULT_THEME on any error or invalid value.

In `@admin-ui/app/redux/features/__tests__/authSlice.test.ts`:
- Around line 31-35: The auth slice tests are bypassing action payload type
safety by casting payloads to never, which hides contract drift. Update the
affected reducer tests in authSlice.test.ts to use properly typed fixtures or
minimal valid payload objects for the actions like getOAuth2ConfigResponse and
the other listed cases, so the tests fail at compile time if the slice payload
shapes change. Keep the assertions focused on reducer behavior, but remove the
unsafe as never casts and align the test inputs with the actual action creators’
payload contracts.

In `@admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts`:
- Around line 27-63: Add a dedicated test in sessionListener.test.ts for the 403
recovery path in auditLogoutLogs. The current suite covers success, non-2xx, and
non-403 failures, but it does not exercise the branch in auditLogoutLogs from
sessionListener.ts that handles a 403 by performing session cleanup and redirect
logic. Mock a 403 response via mockedPostUserAction, dispatch auditLogoutLogs,
and assert the expected side effects on the store and any redirect/cleanup
helpers used by sessionListener.

In `@admin-ui/plugins/admin/redux/features/__tests__/WebhookSlice.test.ts`:
- Line 29: The tests for WebhookSlice are bypassing the action payload types by
casting arguments with as never, which hides contract drift. Update the
assertions around triggerWebhook and setWebhookTriggerResults in
WebhookSlice.test so they use correctly typed payload values instead of forced
casts, keeping the test aligned with the real action creators and their payload
definitions.

In `@admin-ui/plugins/admin/redux/listeners/__tests__/webhookListener.test.ts`:
- Line 24: The webhook listener tests are bypassing type safety by casting
`listenerMiddleware.startListening` to `never`, which hides contract mismatches
between the test setup and production listener API. Remove the `as never` casts
in `setupWebhookListener` test calls and update the test helpers/mocks to match
the real `startListening` and `triggerWebhook` shapes so TypeScript enforces the
listener registration and payload contracts throughout the suite.

In `@admin-ui/plugins/auth-server/redux/features/__tests__/scopeSlice.test.ts`:
- Around line 10-12: The test for setClientSelectedScopes is asserting object
identity with toBe(scopes), which over-couples it to the reducer reusing the
same array instance. Update the assertion in scopeSlice.test.ts to verify the
selectedClientScopes contents/value instead of referential equality, so the test
remains valid if the reducer copies or normalizes the payload while preserving
behavior.

In `@admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts`:
- Around line 35-41: The test currently only covers token-fetch failure and
never reaches the cleanup path in redirectSessionExpired. Update the
sessionExpiredRedirect.test.ts case for redirectSessionExpired so
mockedFetchToken succeeds and mockedDeleteSession rejects, then keep asserting
the custom auditLogoutLogs dispatch and that the promise still resolves; this
will exercise the deleteAdminUiSession failure branch instead of the
fetchApiTokenWithDefaultScopes rejection branch.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 90aff19f-3069-4a88-8f02-b34ed22601b0

📥 Commits

Reviewing files that changed from the base of the PR and between 62d59a4 and 2c8e142.

📒 Files selected for processing (38)
  • admin-ui/app/components/Accordion/Accordion.tsx
  • admin-ui/app/components/Accordion/AccordionBody.tsx
  • admin-ui/app/components/Accordion/AccordionHeader.tsx
  • admin-ui/app/components/Accordion/AccordionIndicator.tsx
  • admin-ui/app/components/Accordion/context.tsx
  • admin-ui/app/components/Accordion/types.ts
  • admin-ui/app/components/GluuDropdown/GluuDropdown.tsx
  • admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx
  • admin-ui/app/components/Theme/ThemeClass.tsx
  • admin-ui/app/components/Theme/ThemeContext.tsx
  • admin-ui/app/components/Theme/ThemeProvider.tsx
  • admin-ui/app/context/theme/themeContext.tsx
  • admin-ui/app/redux/features/__tests__/authSlice.test.ts
  • admin-ui/app/redux/features/__tests__/cedarPermissionsSlice.test.ts
  • admin-ui/app/redux/features/__tests__/initSlice.test.ts
  • admin-ui/app/redux/features/__tests__/logoutSlice.test.ts
  • admin-ui/app/redux/features/__tests__/sessionSlice.test.ts
  • admin-ui/app/redux/features/__tests__/toastSlice.test.ts
  • admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts
  • admin-ui/app/routes/Apps/Gluu/GluuAppSidebar.tsx
  • admin-ui/app/routes/Apps/Gluu/GluuLoader.tsx
  • admin-ui/app/utils/__tests__/TokenController.test.ts
  • admin-ui/plugins/admin/components/Assets/__tests__/AssetForm.test.tsx
  • admin-ui/plugins/admin/components/Cedarling/__tests__/PolicyStoreUploadConfirmDialog.test.tsx
  • admin-ui/plugins/admin/components/MAU/components/__tests__/DateRangeSelector.test.tsx
  • admin-ui/plugins/admin/components/Mapping/__tests__/RolePermissionCard.test.tsx
  • admin-ui/plugins/admin/redux/features/__tests__/WebhookSlice.test.ts
  • admin-ui/plugins/admin/redux/listeners/__tests__/webhookListener.test.ts
  • admin-ui/plugins/auth-server/components/AuthServerProperties/components/__tests__/JsonPropertyBuilder.test.tsx
  • admin-ui/plugins/auth-server/components/ConfigApiProperties/components/__tests__/JsonPropertyBuilderConfigApi.test.tsx
  • admin-ui/plugins/auth-server/components/Ssa/components/SsaForm.tsx
  • admin-ui/plugins/auth-server/redux/features/__tests__/scopeSlice.test.ts
  • admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts
  • admin-ui/plugins/fido/components/Metrics/components/PasskeyAdoptionChart.tsx
  • admin-ui/plugins/user-management/components/User2FADevicesModal.tsx
  • admin-ui/plugins/user-management/components/UserForm.tsx
  • admin-ui/plugins/user-management/components/__tests__/PasswordChangeModal.test.tsx
  • admin-ui/plugins/user-management/components/__tests__/User2FADevicesModal.test.tsx

Comment thread admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx
Comment thread admin-ui/app/context/theme/themeContext.tsx
Comment thread admin-ui/app/redux/features/__tests__/authSlice.test.ts Outdated
Comment thread admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts
Comment thread admin-ui/plugins/admin/redux/features/__tests__/WebhookSlice.test.ts Outdated
Comment thread admin-ui/plugins/admin/redux/listeners/__tests__/webhookListener.test.ts Outdated
Comment thread admin-ui/plugins/auth-server/redux/features/__tests__/scopeSlice.test.ts Outdated
Comment thread admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts Outdated
Signed-off-by: faisalsiddique4400 <faisalsiddique10886@gmail.com>

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

♻️ Duplicate comments (2)
admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts (1)

75-76: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Remove the as never mock result casts.

These still erase the recovery-path API contracts, so this test can keep compiling even if fetchApiTokenWithDefaultScopes or deleteAdminUiSession change shape.

Suggested change
-    mockedFetchToken.mockResolvedValue({ access_token: 'tok' } as never)
-    mockedDeleteSession.mockResolvedValue({} as never)
+    mockedFetchToken.mockResolvedValue({ access_token: 'tok' })
+    mockedDeleteSession.mockResolvedValue({})
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts` around lines
75 - 76, The mocked return values in sessionListener.test.ts are being
force-cast to never, which hides type changes in fetchApiTokenWithDefaultScopes
and deleteAdminUiSession. Update the mockedFetchToken and mockedDeleteSession
setup to use properly typed mock responses instead of as never, so the test
continues to validate the recovery-path API contracts against the real
signatures.
admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts (1)

36-36: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Drop the as never on the mocked token response.

This lets the test keep compiling even if fetchApiTokenWithDefaultScopes stops returning the shape that redirectSessionExpired actually consumes.

Suggested change
-    mockedFetchToken.mockResolvedValue({ access_token: 'tok' } as never)
+    mockedFetchToken.mockResolvedValue({ access_token: 'tok' })
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts`
at line 36, The mocked token response in redirectSessionExpired test is being
force-cast with as never, which hides type mismatches between mockedFetchToken
and what fetchApiTokenWithDefaultScopes actually returns. Remove the unsafe cast
in sessionExpiredRedirect.test.ts and make the mock value match the real return
type expected by redirectSessionExpired so the test fails if the consumed token
shape changes.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In `@admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts`:
- Around line 75-76: The mocked return values in sessionListener.test.ts are
being force-cast to never, which hides type changes in
fetchApiTokenWithDefaultScopes and deleteAdminUiSession. Update the
mockedFetchToken and mockedDeleteSession setup to use properly typed mock
responses instead of as never, so the test continues to validate the
recovery-path API contracts against the real signatures.

In `@admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts`:
- Line 36: The mocked token response in redirectSessionExpired test is being
force-cast with as never, which hides type mismatches between mockedFetchToken
and what fetchApiTokenWithDefaultScopes actually returns. Remove the unsafe cast
in sessionExpiredRedirect.test.ts and make the mock value match the real return
type expected by redirectSessionExpired so the test fails if the consumed token
shape changes.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ea1e0baf-029e-48f9-bb28-9ee702f33de8

📥 Commits

Reviewing files that changed from the base of the PR and between 2c8e142 and 28dfe2e.

📒 Files selected for processing (7)
  • admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx
  • admin-ui/app/redux/features/__tests__/authSlice.test.ts
  • admin-ui/app/redux/listeners/__tests__/sessionListener.test.ts
  • admin-ui/plugins/admin/redux/features/__tests__/WebhookSlice.test.ts
  • admin-ui/plugins/admin/redux/listeners/__tests__/webhookListener.test.ts
  • admin-ui/plugins/auth-server/redux/features/__tests__/scopeSlice.test.ts
  • admin-ui/plugins/auth-server/utils/__tests__/sessionExpiredRedirect.test.ts
💤 Files with no reviewable changes (1)
  • admin-ui/app/components/SidebarMenu/SidebarMenuItem.tsx

Signed-off-by: faisalsiddique4400 <faisalsiddique10886@gmail.com>
@sonarqubecloud

Copy link
Copy Markdown

@duttarnab duttarnab merged commit 5dc6c12 into main Jun 29, 2026
9 checks passed
@duttarnab duttarnab deleted the admin-ui-issue-2900 branch June 29, 2026 06:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp-admin-ui Component affected by issue or PR kind-feature Issue or PR is a new feature request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat(admin-ui): Add tests cases for redux state, auth/security utilities, and complex form components

3 participants