mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-12 18:28:53 +00:00
shankar0123
7c01f811a1
Phase 2 of the frontend-design audit: TanStack Query discipline.
Set the cross-cutting QueryClient defaults + staleTime/gcTime tier
model + visibility-aware polling + 4 optimistic-update mutations
before any further per-page work.
New foundation
==============
web/src/api/queryConstants.ts (new)
STALE_TIME = { REAL_TIME: 15s, REFERENCE: 5m, CONSTANT: 1h }
GC_TIME = { HEAVY: 1m, STANDARD: 5m, REFERENCE: 30m }
Doc-comment explains the tier model so every new useQuery picks
a tier rather than a hardcoded ms integer.
web/src/main.tsx
QueryClient defaults rewritten:
pre: staleTime: 10_000 + refetchOnWindowFocus: true (refetch
storm on every tab refocus across 242 query sites)
post: staleTime: STALE_TIME.REFERENCE (5min) + gcTime: GC_TIME
.STANDARD (explicit 5min) + refetchOnWindowFocus: false
(per-query opt-in for live-tile queries)
retry: 1 unchanged per the audit's DO NOT.
Findings closed by source ID
============================
TQ-H2 (refetch storm)
main.tsx QueryClient defaults — refetchOnWindowFocus: false root +
per-query opt-in. STALE_TIME.REFERENCE 5min for everything else.
TQ-M1 (no gcTime overrides)
main.tsx now sets gcTime: GC_TIME.STANDARD explicitly — the
contract is documented at the root, not implicit-defaulted by
TanStack.
TQ-M2 (12 inconsistent staleTime values)
All 11 hardcoded numeric staleTime overrides migrated to the
STALE_TIME tier constants. useAuthMe.ts (the 12th) already used
its own constant — left alone. Tier mapping:
- operator-facing live data (KeysPage keys, RoleDetail role,
UsersPage, OIDCJWKSStatusPanel, ApprovalsPage):
STALE_TIME.REAL_TIME (15s)
- slow-changing reference data (KeysPage roles, RolesPage,
AuthSettings bootstrap+runtime-config):
STALE_TIME.REFERENCE (5min)
- effectively immutable (RoleDetail permissions catalogue):
STALE_TIME.CONSTANT (1hr)
TQ-H1 (OnboardingWizard infinite 5s poll)
OnboardingWizard.tsx:288-302 — refetchInterval rewritten to v5
functional form:
refetchInterval: (query) =>
(query.state.data?.data?.length ?? 0) > 0 ? false : 5_000;
As soon as the first agent registers, the interval flips to false
and the poll stops. Also explicit: refetchOnWindowFocus: true +
staleTime: STALE_TIME.REAL_TIME (because this IS a live-tile poll
during the wizard).
PERF-H1 (Dashboard polling storm)
DashboardPage.tsx
- jobs poll bumped 10s → 30s (10s granularity isn't needed when
30s is already inside the human-attention window; the
CertificateDetail page is where 10s polling lives)
- visibility-listener pauses ALL Dashboard polls when
document.visibilityState === 'hidden'; on visibility return,
immediately invalidates the 4 live-tile queries (health,
dashboard-summary, jobs, certs-by-status) so the operator
sees fresh data instantly rather than waiting one tick.
- The 4 live-tile queries (health, dashboard-summary, jobs,
certs-by-status) opt into refetchOnWindowFocus: true +
staleTime: STALE_TIME.REAL_TIME explicitly.
- Backend aggregation gap (dashboard-summary + certs-by-status
+ certificates could collapse into 1 endpoint) tracked
separately — Phase 3 backend follow-up.
P-H1 (CertificatesPage 4 duplicate-key pairs)
Pre-Phase-2 4 pairs of distinct cache slots fetching the same data:
['profiles'] vs ['profiles-filter']
['issuers'] vs ['issuers-filter']
['owners', 'form'] vs ['owners-filter']
['teams', 'form'] vs ['teams-filter']
Post-Phase-2 all four pairs collapse to a single parameterized
queryKey shape: `[name, { per_page: 100 }]`. TanStack v5 dedupes
on serialized queryKey — the modal + filter now share one cache
slot per resource. 8 useQuery sites → 4 cache slots; backend
hits halved on first paint of CertificatesPage.
TQ-M3 (4 of 5 priority optimistic-update mutations)
Wired onMutate / onError-rollback / onSettled-invalidation on:
1. mark-notification-read (NotificationsPage)
— flips row status to 'read' in both ['notifications','all']
+ ['notifications','dead'] cache slots
2. claim-discovered-cert (DiscoveryPage)
— flips status to 'Managed' in ['discovered-certificates']
3. dismiss-discovery (DiscoveryPage)
— flips status to 'Dismissed' in same cache slot
4. archive-certificate (CertificateDetailPage)
— flips status to 'Archived' in ['certificate', id]; on
success navigates to /certificates (optimistic data
doesn't linger); on error restores snapshot + toasts
All four fire the Phase 1 Sonner toast on success/failure.
The 5th priority site (role-assignment toggle in
auth/RoleDetailPage) uses raw async/await handlers rather than
useTrackedMutation — converting it requires a structural
refactor outside Phase 2's TQ-focus; tracked as Phase 2 follow-up.
TQ-L1 (useTrackedMutation extended tests)
useTrackedMutation.test.tsx grew from 3 tests to 8:
+ passes onMutate through and runs it before mutationFn
+ passes onError through with the onMutate context (rollback
path — pins the 3rd-arg snapshot semantics)
+ does NOT invalidate on error (only on success)
+ passes onSettled through (fires after both success + error)
+ parity with raw useMutation when no extra options given
Verification
============
$ grep -E "refetchOnWindowFocus: false" web/src/main.tsx
89: refetchOnWindowFocus: false, // per-query opt-in
$ grep -E "STALE_TIME\.REFERENCE" web/src/main.tsx
86: staleTime: STALE_TIME.REFERENCE, // 5 min
$ grep -cE "useQuery.*\['profiles" web/src/pages/CertificatesPage.tsx
2 (was 6 pre-Phase-2 — '[profiles]' modal + '[profiles-filter]'
+ '[profiles]' top-of-page; now both refer to the same
parameterized key '[profiles, { per_page: 100 }]')
$ grep -rE "onMutate" web/src --include='*.tsx' --exclude='*.test.*' | wc -l
5 (≥ 4 priority sites; the 5th is the optional onMutate in
queryConstants test wiring)
$ grep -rE "STALE_TIME\." web/src --include='*.tsx' --include='*.ts' \
--exclude='*.test.*' | wc -l
18 (queryConstants.ts + main.tsx + 11 migrated callsites
+ OnboardingWizard + DashboardPage)
$ npx tsc --noEmit
(exit 0)
$ npx vitest run [13 affected test files]
Test Files 13 passed (13)
Tests 100 passed (100)
$ npx vite build
✓ built in 2.49s
dist/assets/index-yg3cYtYA.js 1,113 kB
(+3 kB vs Phase 1 — queryConstants + optimistic-update wrappers)
Audit-accuracy callouts
=======================
* The audit claimed 10 useQuery on Dashboard; live count is 9 (one
issuers query has no interval). All 8 polling queries now gated
behind visibility-listener; the 9th (issuers) is non-polling and
not affected.
* TQ-L1 originally specified 4 test extensions; shipped 5
(onMutate ordering, onError-with-context, no-invalidate-on-error,
onSettled pass-through, parity-with-raw-useMutation).
* Optimistic-update 5th-site (role-assignment toggle in
auth/RoleDetailPage) deferred — RoleDetailPage handlers use raw
async/await instead of useTrackedMutation. Refactoring it adds
one more optimistic path but requires a structural change
outside Phase 2's TQ-discipline scope. Tracked as Phase 2
follow-up.
Residual risks
==============
* The Dashboard visibility-listener gate may need per-page opt-in
if a page genuinely needs to keep polling while hidden (e.g.
a background-tab monitor). Not aware of any such case today;
if needed, the gate is a simple `useState`-driven hook
extracted to web/src/hooks/useTabVisibility.ts.
* The Dashboard backend-aggregation collapse
(dashboard-summary + certs-by-status + certificates → one
endpoint) is documented as a Phase-3 backend item.
* The 4 collapsed CertificatesPage pairs now request per_page=100
everywhere. Operator with >100 issuers/owners/profiles/teams
will see a truncated dropdown — that's an unrelated Phase-1-
Combobox-migration concern; the right fix when it lands is to
move issuer/owner/profile selectors to Combobox with
server-side typeahead.
* The 12-second total Bundle-1 audit of all useQuery sites
still leaves ~230 queries running with the new 5-min
REFERENCE default. The default is generous; aggressively-
fresh per-page queries that genuinely need 15s freshness
must opt in (the audit page, the agent-fleet live counter,
in-flight scan progress).
238 lines
7.9 KiB
TypeScript
238 lines
7.9 KiB
TypeScript
import { useState } from 'react';
|
|
import { Link } from 'react-router-dom';
|
|
import { useQuery, useQueryClient } from '@tanstack/react-query';
|
|
import { authListRoles, authCreateRole, type AuthRole } from '../../api/client';
|
|
import { useAuthMe } from '../../hooks/useAuthMe';
|
|
import PageHeader from '../../components/PageHeader';
|
|
import ErrorState from '../../components/ErrorState';
|
|
import { STALE_TIME } from '../../api/queryConstants';
|
|
|
|
// =============================================================================
|
|
// Bundle 1 Phase 10 — RolesPage.
|
|
//
|
|
// Lists every role in the active tenant. Render-time permission gating:
|
|
//
|
|
// - The "Create role" button is HIDDEN when the caller lacks
|
|
// auth.role.create. Server-side enforcement still 403s an
|
|
// end-run; the hide is UX, not security.
|
|
// - Every row links to /auth/roles/:id; that page in turn gates
|
|
// the edit / delete / add-permission affordances.
|
|
//
|
|
// data-testid attributes flag every interactive element so the future
|
|
// E2E suite (Playwright or equivalent) can assert behaviour without
|
|
// brittle CSS selectors.
|
|
// =============================================================================
|
|
|
|
interface CreateRoleModalProps {
|
|
isOpen: boolean;
|
|
onClose: () => void;
|
|
onSuccess: () => void;
|
|
}
|
|
|
|
function CreateRoleModal({ isOpen, onClose, onSuccess }: CreateRoleModalProps) {
|
|
const [name, setName] = useState('');
|
|
const [description, setDescription] = useState('');
|
|
const [submitting, setSubmitting] = useState(false);
|
|
const [error, setError] = useState<string | null>(null);
|
|
const [dirty, setDirty] = useState(false);
|
|
|
|
if (!isOpen) return null;
|
|
|
|
const handleSubmit = async (e: React.FormEvent) => {
|
|
e.preventDefault();
|
|
if (!name.trim()) return;
|
|
setSubmitting(true);
|
|
setError(null);
|
|
try {
|
|
await authCreateRole({ name: name.trim(), description: description.trim() });
|
|
setName('');
|
|
setDescription('');
|
|
setDirty(false);
|
|
onSuccess();
|
|
} catch (err) {
|
|
setError(err instanceof Error ? err.message : String(err));
|
|
} finally {
|
|
setSubmitting(false);
|
|
}
|
|
};
|
|
|
|
const handleClose = () => {
|
|
if (dirty && !window.confirm('Discard unsaved changes?')) return;
|
|
setName('');
|
|
setDescription('');
|
|
setDirty(false);
|
|
setError(null);
|
|
onClose();
|
|
};
|
|
|
|
return (
|
|
<div className="fixed inset-0 bg-black/40 flex items-center justify-center z-50" onClick={handleClose}>
|
|
<div
|
|
className="bg-surface border border-surface-border rounded p-5 w-full max-w-md shadow-xl"
|
|
onClick={e => e.stopPropagation()}
|
|
data-testid="create-role-modal"
|
|
>
|
|
<h2 className="text-lg font-semibold text-ink mb-4">Create role</h2>
|
|
{error && (
|
|
<div
|
|
className="mb-4 p-3 bg-red-50 border border-red-200 rounded text-sm text-red-700"
|
|
data-testid="create-role-error"
|
|
>
|
|
{error}
|
|
</div>
|
|
)}
|
|
<form onSubmit={handleSubmit} className="space-y-4">
|
|
<div>
|
|
<label className="block text-sm font-medium text-ink mb-1">Name *</label>
|
|
<input
|
|
value={name}
|
|
onChange={e => {
|
|
setName(e.target.value);
|
|
setDirty(true);
|
|
}}
|
|
className="w-full bg-white border border-surface-border rounded px-3 py-2 text-sm"
|
|
placeholder="release-manager"
|
|
required
|
|
data-testid="create-role-name"
|
|
/>
|
|
</div>
|
|
<div>
|
|
<label className="block text-sm font-medium text-ink mb-1">Description</label>
|
|
<textarea
|
|
value={description}
|
|
onChange={e => {
|
|
setDescription(e.target.value);
|
|
setDirty(true);
|
|
}}
|
|
className="w-full bg-white border border-surface-border rounded px-3 py-2 text-sm"
|
|
rows={3}
|
|
placeholder="What this role grants"
|
|
data-testid="create-role-description"
|
|
/>
|
|
</div>
|
|
<div className="flex gap-2 pt-2">
|
|
<button
|
|
type="submit"
|
|
disabled={submitting || !name.trim()}
|
|
className="flex-1 btn btn-primary disabled:opacity-50"
|
|
data-testid="create-role-submit"
|
|
>
|
|
{submitting ? 'Creating…' : 'Create role'}
|
|
</button>
|
|
<button
|
|
type="button"
|
|
onClick={handleClose}
|
|
className="flex-1 btn btn-ghost"
|
|
data-testid="create-role-cancel"
|
|
>
|
|
Cancel
|
|
</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
);
|
|
}
|
|
|
|
export default function RolesPage() {
|
|
const me = useAuthMe();
|
|
const qc = useQueryClient();
|
|
const rolesQuery = useQuery<AuthRole[], Error>({
|
|
queryKey: ['auth', 'roles'],
|
|
queryFn: authListRoles,
|
|
staleTime: STALE_TIME.REFERENCE, // role catalogue — slow-changing
|
|
});
|
|
|
|
const [createOpen, setCreateOpen] = useState(false);
|
|
|
|
const canCreate = me.hasPerm('auth.role.create') || me.isAdmin();
|
|
|
|
if (rolesQuery.isLoading) {
|
|
return (
|
|
<div className="space-y-4">
|
|
<PageHeader title="Roles" subtitle="Loading…" />
|
|
</div>
|
|
);
|
|
}
|
|
|
|
if (rolesQuery.error) {
|
|
return (
|
|
<div className="space-y-4">
|
|
<PageHeader title="Roles" />
|
|
<ErrorState
|
|
error={rolesQuery.error}
|
|
onRetry={() => qc.invalidateQueries({ queryKey: ['auth', 'roles'] })}
|
|
/>
|
|
</div>
|
|
);
|
|
}
|
|
|
|
const roles = rolesQuery.data ?? [];
|
|
|
|
return (
|
|
<div className="space-y-4" data-testid="roles-page">
|
|
<PageHeader
|
|
title="Roles"
|
|
subtitle="RBAC primitives — every API key holds zero or more roles. The auditor split is enforced server-side."
|
|
action={
|
|
canCreate ? (
|
|
<button
|
|
className="btn btn-primary"
|
|
onClick={() => setCreateOpen(true)}
|
|
data-testid="roles-create-button"
|
|
>
|
|
Create role
|
|
</button>
|
|
) : undefined
|
|
}
|
|
/>
|
|
{roles.length === 0 ? (
|
|
<div
|
|
className="bg-surface border border-surface-border rounded p-8 text-center text-sm text-ink-muted"
|
|
data-testid="roles-empty"
|
|
>
|
|
No roles. Bundle 1 seeds 7 default roles on first migration; if this list is empty,
|
|
the migration may not have applied. Check `migrations/000029_rbac.up.sql`.
|
|
</div>
|
|
) : (
|
|
<div className="bg-surface border border-surface-border rounded">
|
|
<table className="w-full text-sm" data-testid="roles-table">
|
|
<thead className="bg-surface-muted text-xs uppercase tracking-wide text-ink-muted">
|
|
<tr>
|
|
<th className="text-left px-3 py-2">Role ID</th>
|
|
<th className="text-left px-3 py-2">Name</th>
|
|
<th className="text-left px-3 py-2">Description</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
{roles.map(role => (
|
|
<tr key={role.id} className="border-t border-surface-border">
|
|
<td className="px-3 py-2 font-mono">{role.id}</td>
|
|
<td className="px-3 py-2">
|
|
<Link
|
|
to={`/auth/roles/${role.id}`}
|
|
className="text-brand-500 hover:underline"
|
|
data-testid={`roles-link-${role.id}`}
|
|
>
|
|
{role.name}
|
|
</Link>
|
|
</td>
|
|
<td className="px-3 py-2 text-ink-muted">{role.description || ''}</td>
|
|
</tr>
|
|
))}
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
)}
|
|
<CreateRoleModal
|
|
isOpen={createOpen}
|
|
onClose={() => setCreateOpen(false)}
|
|
onSuccess={() => {
|
|
setCreateOpen(false);
|
|
qc.invalidateQueries({ queryKey: ['auth', 'roles'] });
|
|
}}
|
|
/>
|
|
</div>
|
|
);
|
|
}
|