* test(web): migrate superuser-org-actions.cy.ts to Playwright
Migrate Cypress E2E tests for superuser organization actions to Playwright
following the project's MIGRATION.md guidelines.
Changes:
- Add new test file: playwright/e2e/superuser/org-actions.spec.ts
- Consolidate 12 Cypress tests into 5 focused Playwright tests
- Use real API data instead of mocked fixtures
- Auto-cleanup via TestApi fixture
Test coverage:
- Superuser sees actions column and options menu for organizations
- Regular user does not see organization options menu
- Superuser can rename organization
- Superuser can delete organization
- Superuser can take ownership of organization
Skipped from migration:
- Quota menu tests (already covered by quota.spec.ts)
- Fresh login requirement tests (low value, complex to mock)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(web): set superuser feature tag
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): migrate superuser-messages.cy.ts to Playwright
Migrate superuser messages tests from Cypress to Playwright, consolidating
14 original tests into 6 focused, value-add tests.
Tests cover:
- Non-superuser redirect to organization page
- Full CRUD flow: create, view, and delete messages via UI
- Error state when API fails to load messages
- Loading spinner during message fetch
- Read-only superuser can access and view messages
- Read-only superuser sees disabled create/delete actions
Infrastructure additions:
- Add message() method to TestApi with auto-cleanup
- Add CreatedMessage interface for type safety
- Add SUPERUSERS_FULL_ACCESS feature tag
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(web): migrate superuser-user-management.cy.ts to Playwright
Consolidates 29 Cypress tests into 11 Playwright tests covering
superuser user management functionality.
Changes:
- Add CreatedUser interface and user() method to TestApi for
user creation with auto-cleanup
- Add createUserAsSuperuser() to API client using superuser endpoint
- Add QuayAuthType and skipUnlessAuthType() helper for auth-type
conditional tests
- Create user-management.spec.ts with consolidated tests
Tests cover:
- Create user via UI (Database/AppToken auth only)
- User access control based on user type
- Change email and password (Database auth only)
- Toggle user status (disable/enable)
- Delete user
- Take ownership (convert user to org)
- Fresh login error handling with mocked responses
- Send recovery email (MAILING feature)
- Auth type visibility
Key patterns:
- Uses search to find users in paginated list
- page.route() only for error scenarios per MIGRATION.md
- skipUnlessAuthType() for auth-dependent tests
- @feature:SUPERUSERS_FULL_ACCESS tag for all tests
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): delete more migrated cypress tests
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): migrate superuser-framework Cypress test to Playwright
Consolidates 7 Cypress tests into 4 Playwright tests covering:
- Superuser navigation to all superuser pages
- Navigation section visibility and expansion
- Organizations table Settings column and actions menu
- Regular user restrictions and redirects
Uses real superuserPage/authenticatedPage fixtures instead of mocking.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): migrate superuser-service-keys Cypress test to Playwright
Consolidates 17 Cypress tests into 5 Playwright tests:
- non-superuser redirect to organization page
- superuser CRUD lifecycle (create, view, search, update, delete)
- error handling when create fails
- read-only superuser permission restrictions
- bulk select and delete operations
Adds service key API methods to Playwright test utilities:
- getServiceKeys, createServiceKey, updateServiceKey, deleteServiceKey
- TestApi.serviceKey() with auto-cleanup support
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(web): migrate superuser-change-log Cypress test to Playwright
Migrate superuser-change-log.cy.ts to Playwright with test consolidation:
- 7 original tests reduced to 2 focused tests
- Access control tests already covered by framework.spec.ts
- Loading spinner and empty state tests skipped (low value)
- Uses real API calls except for error state (acceptable mock)
- No PatternFly class dependencies, uses role-based selectors
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(web): migrate superuser-usage-logs Cypress test to Playwright
- Consolidate 7 Cypress tests into 2 Playwright tests
- Access control tests already covered by framework.spec.ts
- Add data-testid="usage-logs-table" to UsageLogsTable component
- Tests verify: page header, date pickers, chart toggle, table loading,
and filter functionality
- Use structural assertions for parallel test safety
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): remove unneeded comments
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
When FEATURE_ANONYMOUS_ACCESS is disabled, API calls like /api/v1/messages
return 401. The axios interceptor was unconditionally redirecting to /signin
on 401 errors, causing an infinite loop when already on auth pages.
Now checks if on /signin, /createaccount, or /oauth before redirecting.
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* fix(web): display correct robot account permissions in modal (PROJQUAY-10084)
Fix race condition in DropdownWithDescription where the permission
dropdown was incorrectly defaulting to 'Read' when loading existing
robot account permissions.
The issue occurred because rows were being marked as selected before
the actual permission values were loaded, causing the dropdown to
trigger its default 'Read' behavior.
The fix:
- Prioritize valid permission values when they exist
- Only default to 'Read' when user manually selects a row (isUserEntry=true)
- Do not default to 'Read' during auto-selection from loading existing perms
Also adds Playwright tests to verify:
- Initial permission displays correctly
- Write permission displays correctly (not defaulting to Read)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix(web): pass isWizardStep to dropdown for proper permission defaults (PROJQUAY-10084)
- Pass isWizardStep prop from AddToRepository to DropdownWithDescription
- In wizard mode, always default to 'Read' when a row is selected
- In non-wizard mode (robot permissions modal), only show actual values
- Fix prettier formatting in robot-accounts.spec.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* minor fix
---------
Co-authored-by: Claude <noreply@anthropic.com>
* test(web): migrate repository-autopruning to Playwright
Consolidate 17 Cypress tests into 6 Playwright tests:
- policy lifecycle (create, update, delete)
- policy with tag pattern filter
- multiple policies lifecycle
- namespace policy display in repository settings
- registry policy display
- error handling (load failure)
Uses @feature:AUTO_PRUNE tag for automatic test skipping.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test: enable features by default
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): migrate create-account.cy.ts to Playwright
Migrates the Create Account Cypress tests to Playwright following
the MIGRATION.md guide:
- Consolidates 10 Cypress tests into 6 focused Playwright tests
- Uses real API calls instead of mocks
- Adds data-testid attributes to CreateAccount component
- Uses @feature:MAILING and @feature:QUOTA_MANAGEMENT tags
to skip tests when features are not enabled
- Creates custom fixtures for unauthenticated page access
- Implements proper user cleanup after tests
Tests:
- form validation prevents invalid submissions
- creates account with valid inputs and redirects
- shows error for existing username
- navigates to signin page via link
- shows verification message (requires MAILING)
- redirects to updateuser (requires QUOTA_MANAGEMENT)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* chore(dev) add Mailpit for local email testing
Add Mailpit email testing server to the local development environment
to enable testing of FEATURE_MAILING functionality with Playwright.
Changes:
- Add mailpit service to docker-compose.yaml (ports 8025/1025)
- Enable FEATURE_MAILING and configure SMTP settings in config.yaml
- Add mailpit utilities to Playwright fixtures (getEmails, clearInbox,
waitForEmail, getEmailBody, isAvailable)
Usage:
podman-compose up mailpit -d
# Access Web UI at http://localhost:8025🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(web) use mailpit helpers for email confirmation support
Test updates:
- "creates account and redirects to organization" now confirms email
- "redirects to updateuser when user has prompts" now confirms email
- Tests detect FEATURE_MAILING at runtime and adapt accordingly
- Email search uses recipient address for parallel test safety
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): use mailpit for email notification test
Replace mocked email authorization with real Mailpit verification
in the notifications.spec.ts test.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): mock user response in cypress test
this broke when mailing was enabled
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
When viewing a child manifest of a multi-architecture image, the Layers
tab was showing "No layers found" because manifestData was fetched for
the parent manifest list digest (which has no layers) but never
re-fetched when the user selected a specific architecture.
Fix: Make the Layers component fetch its own manifest data based on the
digest prop using a new useManifestByDigest hook. This ensures layers
are fetched for the correct child manifest digest.
Changes:
- Add useManifestByDigest hook using React Query
- Update Layers component to fetch manifest data internally
- Remove manifestData prop from Layers in TagDetailsTabs
- Add Playwright e2e tests for multi-arch manifest layers
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Replace hardcoded expiration date '2025-12-31T23:59' with dynamically
generated future date. The tests were failing with "Expiration date
must be in the future" validation error since it's now 2026.
Added getFutureExpirationDate() helper that returns a date 1 year
from now in the required datetime-local format.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* test(web): migrate logout Cypress test to Playwright
Uses unique temporary users per test to avoid session invalidation
conflicts when running in parallel. Quay's signout endpoint invalidates
all sessions for a user, which would break parallel tests sharing users.
Also documents the session-destructive test pattern in MIGRATION.md.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): migrate mirroring Cypress test to Playwright
Migrates web/cypress/e2e/mirroring.cy.ts to Playwright following the
MIGRATION.md guide. Consolidates 18 Cypress tests into 5 Playwright
tests using real API calls instead of mocks.
Changes:
- Add mirroring API utilities to client.ts (changeRepositoryState,
createMirrorConfig, getMirrorConfig, updateMirrorConfig,
triggerMirrorSync, cancelMirrorSync)
- Create mirroring.spec.ts with 5 consolidated tests covering:
- State warning and form visibility
- New mirror configuration lifecycle
- Existing mirror configuration management
- Sync operations
- Error handling (only mock used for 400 error scenario)
- Update MIGRATION.md checklist (8/54, 15%)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): add TestApi fixture with auto-cleanup for Playwright tests
Introduce a TestApi class that wraps ApiClient and automatically tracks
created resources for cleanup after each test. This eliminates the need
for manual beforeEach/afterEach cleanup patterns and ensures resources
are always cleaned up even when tests fail.
Changes:
- Add TestApi class to fixtures.ts with methods for creating orgs,
repos, teams, robots, and prototypes with auto-cleanup
- Add api and superuserApi fixtures that provide TestApi instances
- Migrate all committed Playwright tests to use the new api fixture
- Update MIGRATION.md with documentation for the new pattern
The api fixture provides:
- api.organization(prefix?) - creates org with unique name
- api.repository(namespace?, prefix?, visibility?) - creates repo
- api.team(orgName, prefix?, role?) - creates team
- api.robot(orgName, prefix?, description?) - creates robot
- api.prototype(orgName, role, delegate, activatingUser?) - creates default permission
- api.setMirrorState(namespace, repoName) - sets repo to MIRROR state
- api.raw - access underlying ApiClient for non-tracked operations
Resources are cleaned up in reverse order (LIFO) after each test.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): remove migrated tests
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): auto-skip Playwright tests based on @feature: tags
Adds an auto-fixture to fixtures.ts that automatically skips tests
when their @feature:X tags reference disabled Quay features. This
eliminates duplication between tags and manual test.skip() calls.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix(web): set axios baseURL at module level for all routes (PROJQUAY-0000)
Previously axios baseURL was only set inside StandaloneMain component,
causing requests from /signin and other auth routes to go to the wrong
URL (localhost:9000 instead of localhost:8080).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): use cy.session() for Cypress authentication
Replace manual CSRF token + loginByCSRF pattern with cy.session()
for proper session handling. Fixes race condition where React app
made API calls before Cypress login completed.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): fix notification drawer test flakiness with toPass polling
Use Playwright's toPass to poll for notification appearance instead of
a single assertion. The backend may take time to process push
notifications, so reload and retry until the notification is visible.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* test(web): migrate notification-drawer Cypress test to Playwright
Convert the notification-drawer.cy.ts test from mocked API responses to
real API interactions. The test now creates a repository, configures a
quay_notification for repo_push events, pushes an image to trigger the
notification, then validates the drawer UI behavior (open, read, delete).
Adds createRepositoryNotification method to the Playwright API client.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): migrate default-permissions Cypress test to Playwright
- Add robot and prototype API methods to test client
- Fix undefined allMembers bug in CreateTeamWizard.tsx
- Fix missing return value in AddTeamMember.tsx setDeletedTeamMembers
- Tests run in parallel with isolated state per test
Co-authored-by: Claude <noreply@anthropic.com>
* test(web): migrate external-scripts Cypress test to Playwright
Co-authored-by: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* test(web): consolidate Playwright API utils into ApiClient class
Migrate from individual function-based API utilities to a unified
ApiClient class with CSRF token caching. This eliminates redundant
token requests when tests make multiple API calls.
Key changes:
- Create ApiClient class with cached CSRF token
- Add signIn() method for authentication flows
- Update all test files to use ApiClient instances
- Remove individual api/csrf.ts, organization.ts, repository.ts,
team.ts, user.ts files in favor of single client.ts
- Update fixtures.ts to use ApiClient for login
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(web): run playwright on small machine for chrome only
while we are migrating, swap things around to save time and money
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* test(web): migrate theme-switcher tests from Cypress to Playwright
Replace Cypress theme-switcher.cy.ts with Playwright equivalent.
Uses real API calls instead of mocked intercepts per migration guide.
Tests theme toggle visibility, persistence, and browser color scheme
detection via Playwright's emulateMedia API.
- Add data-testid to user-menu-toggle for stable selector
- Create playwright/e2e/ui/theme-switcher.spec.ts with 3 test cases
- Update MIGRATION.md checklist (2/54 migrated)
- Delete original Cypress test file
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): migrate breadcrumbs tests from Cypress to Playwright
Add organization, team, and container API utilities to support the
breadcrumbs test migration. Tests cover:
- List pages (no breadcrumbs)
- Organization, repository, tag, and team page breadcrumbs
- Edge cases with same-name org/repo/team combinations
The container utility supports both podman and docker for pushing
test images when testing tag breadcrumbs.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(web): migrate overview tests from Cypress to Playwright
Migrates web/cypress/e2e/overview.cy.ts to Playwright with 4 tests:
- Expandable dropdowns show content
- External links navigate correctly
- Tabs switch content correctly
- Purchase plans dropdown shows pricing options
Uses getByRole for tab selection instead of PatternFly-generated IDs.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* test(ci): ignore test files for web preview
no need in deploying the web preview if only tests or docs are modified
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* chore: add Playwright e2e test infrastructure
Add Playwright test framework with custom fixtures for authenticated
contexts, API utilities for test data management, and repository
delete test as initial migration from Cypress.
Key additions:
- global-setup.ts: Creates admin, testuser, readonly test users
- fixtures.ts: Pre-authenticated page/request fixtures by role
- utils/api.ts: CRUD utilities for repositories
- MIGRATION.md: Guide for migrating Cypress tests to Playwright
- repository-delete.spec.ts: First migrated test with full cleanup
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* chore: update web/.dockerignore
exclude tests from being included in the intermediate build - this
should improve caching when only tests change
Signed-off-by: Brady Pratt <bpratt@redhat.com>
* chore: add pre-commit check to block new cypress tests
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
This commit adds a cyan "Global Readonly Superuser" label to identify
global readonly superusers in the Organizations list, making it easier
for administrators to distinguish them from regular superusers.
Backend change: Updated User.to_dict() to include global_readonly_super_user
property in the /api/v1/superuser/users/ API response.
Frontend changes: Propagated the property through the data flow and added
label rendering with cyan color to visually distinguish from regular
superusers (blue).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Build IDs are UUIDs displayed as hex strings. The previous localeCompare
sorting treated them lexicographically, causing incorrect sort order.
Now detects hex/UUID patterns and sorts by parsing the first 8 hex
digits numerically.
Co-authored-by: Claude <noreply@anthropic.com>
ClipboardCopy children were passed as JSX expressions which creates an
array of React nodes. PatternFly's ClipboardCopy may join array children
with commas when extracting text, causing pull commands like:
"docker pull ,hostname,/,org,/,repo,:,tag"
Using template literals ensures a single string child is passed,
preventing the comma issue.
Co-authored-by: Claude <noreply@anthropic.com>
Use mutateAsync instead of mutate so Promise errors propagate to the
calling code. Previously, mutate() was fire-and-forget, causing success
notifications even when the API returned 400 errors.
Remove duplicate alert notification - error is shown inline in the modal.
Co-authored-by: Claude <noreply@anthropic.com>
Remove reCAPTCHA integration from the password recovery flow
as the feature has been deprecated.
Changes:
- Delete ReCaptcha component
- Remove recaptcha token handling from Signin page
- Simplify UsePasswordRecovery hook
- Remove react-google-recaptcha dependencies
- Clean up test fixtures and CSS
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
The formatSize() function used a falsy check which treated 0 as invalid,
returning "N/A" instead of formatting it. Now 0 displays as "0.00 KiB"
matching the legacy UI behavior.
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
when using OIDC authentication and the user has no password set, display
an info alert with a "Set password" button to guide users through setting
up their CLI password
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* fix(web): enable user self-service email changes when FEATURE_MAILING enabled (PROJQUAY-9879)
This commit fixes the issue where users received 401 Unauthorized errors
when attempting to update their email address in the new React UI when
FEATURE_MAILING is enabled.
Root cause: ChangeEmailModal was using the superuser-only endpoint
/api/v1/superuser/users/{username}, which regular users cannot access.
Changes:
- Added useChangeEmail hook in UseCurrentUser.ts that calls the correct
user self-service endpoint /api/v1/user/ for email updates
- Modified ChangeEmailModal to support dual modes (superuser vs user)
with isSuperuserMode prop for backward compatibility
- Updated GeneralSettings to display email as clickable link when
FEATURE_MAILING is enabled, opening the modal for email changes
- Pre-fill modal with current email address for better UX
- Added validation to prevent submitting the same email address
- Added 8 comprehensive Cypress e2e tests covering email change flows
The fix implements the proper email verification workflow where users
receive a verification email and must confirm before the change is applied.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fixing tests
* resolving coderabbit suggestion
---------
Co-authored-by: Claude <noreply@anthropic.com>
Global readonly superusers could click Create Message and Service Key
buttons which then failed with 403 errors. These buttons are now disabled
using the existing useSuperuserPermissions hook's canModify flag.
Co-authored-by: Claude <noreply@anthropic.com>
The settings page showed "Organization" labels and helper text even
when viewing a user namespace. Changed to conditionally display
"Username" for users and "Organization" for organizations.
Co-authored-by: Claude <noreply@anthropic.com>
Normal users couldn't see their own namespace quota in the Organizations
list Size column. The backend already returns quota_report in /api/v1/user/
but the frontend wasn't using it. Added fallback to use current user's
quota_report when superuser data isn't available.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
Previously, all errors on the Organizations page showed "Org deletion failed"
as the modal title, even for unrelated operations like registry size
calculation. This was confusing for Global Readonly Superusers who saw
"Org deletion failed" when trying to calculate registry size.
Changes:
- Separated error states in OrganizationsList.tsx (deletionErr, registryCalcErr)
- Added separate ErrorModal for registry calculation with correct title
- Fixed RepositoriesList.tsx ErrorModal title to "Repository deletion failed"
- Added Cypress test to verify correct error modal title
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
The UI was showing the "Enable OIDC Team Sync" button even when
FEATURE_TEAM_SYNCING was disabled in the config. Added check for
config?.features?.TEAM_SYNCING before displaying the team sync button.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
fix(ui): ensure logout redirects to signin on network error (PROJQUAY-9792)
When the logout API call fails due to network error, the UI now properly
redirects to the signin page and clears the client-side session. Previously,
the user would be stuck on the current page with an error modal.
Changes:
- Move redirect and cleanup to finally block in logout handler
- Add optional chaining to user.username to prevent undefined errors
- Remove unused addDisplayError import
- Add comprehensive Cypress e2e tests for logout functionality
The finally block ensures client-side logout always succeeds, even when
the server is unreachable, improving security and user experience.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
Stripe and StatusPage scripts were hardcoded in index.html, causing
85-second delays in air-gapped/restricted networks as browsers waited
for connection timeouts.
Created useExternalScripts hook to dynamically load scripts only when
BILLING feature is enabled. Scripts load asynchronously to prevent
blocking page render. On-premise deployments (BILLING=false) no longer
make external requests.
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
Previously only organizations and the logged-in user showed avatars.
Now all users and superusers display avatars by passing avatar data
from the API response through component props.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
Organization and user quota settings pages are view-only, but were
displaying an empty "Add Limit" form row with disabled controls.
This creates visual clutter and implies users can add limits when
they cannot.
Conditionally render the "Add Limit" card only when !isReadOnly to
match the behavior of the old Angular UI. Update Cypress tests to
verify the form does not exist (not just disabled) in view-only mode.
fix(web): prevent redirect to signin after OIDC username confirmation (PROJQUAY-9835)
When users authenticated via OIDC and confirmed their username, they were
incorrectly redirected back to the signin page instead of the home page.
This occurred because the OAuth flow stored the signin page URL in localStorage
as the redirect target. After username confirmation, the app would read this
stored URL and redirect back to signin, creating a loop.
The fix checks if the stored redirect URL contains '/signin' and navigates to
the home page instead.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
* fix(web): validate quota value input accepts only numbers (PROJQUAY-9837)
Changed Storage Quota input from type="text" to type="number" to prevent
non-numeric characters from being entered. Also enhanced validation to
catch edge cases where parseFloat could incorrectly parse mixed values
like "300xxxx" as 300.
Co-authored-by: Claude <noreply@anthropic.com>
* chore: move quota test seeding
locally the test goes from 8 minutes to 55 seconds :)
Signed-off-by: Brady Pratt <bpratt@redhat.com>
---------
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
When updating mirroring configuration fields like tag patterns, credentials
were being cleared because the password field is empty by default for security.
Modified UseMirroringConfig to conditionally exclude credentials from the
update payload when the password field is empty and updating existing config.
This matches the Angular UI behavior where only changed fields are sent.
Added Cypress tests to verify credentials are preserved when updating other
fields without changing the password, and that credentials are included when
explicitly updated.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* ui: redirect new UI super user for fresh login when authentication type is OIDC (PROJQUAY-9748)
* test(ui): Fix Cypress tests for fresh login OIDC flow (PROJQUAY-9748)
- Fixed incorrect API endpoint (/api/v1/superuser/logs* instead of /api/v1/superuserlogs**)
- Fixed incorrect route (/usage-logs instead of /superuser/usagelogs)
- Added proper authentication setup using cy.loginByCSRF
- Used fixtures (config.json, superuser.json) following existing test patterns
- Simplified tests to 3 critical cases: OIDC redirect, query param preservation, Database modal
---------
Co-authored-by: harishsurf <hgovinda@redhat.com>
adds two new static information pages to the React UI:
- /about page with company info cards and bill-of-materials table
- /security page with security practices and features documentation
implementation includes:
- PatternFly components for consistent UI design
- sortable/filterable packages table with pagination
- actual CoreOS and Red Hat logos
- nginx routing configuration for new paths
- webpack config updates to handle image assets from src/assets
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
Implement RFC 6749 Section 10.12 compliant state parameter to prevent
CSRF attacks in OAuth token generation flow.
Changes:
- Generate cryptographically secure state using crypto.randomUUID()
- Store state in sessionStorage before OAuth redirect
- Parent window validates state from popup via postMessage
- Read state from query params (backend echoes it back)
- Display security error for invalid/missing state
- Add Cypress tests for state validation and CSRF protection
Security Impact:
- Prevents CSRF token theft and session fixation attacks
- Complies with OAuth 2.0 security best practices
- React UI only; Angular UI remains unchanged
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
