Fix Access Management path in settings dropdown

[jjaquish]

The current path is to /iam/access-management/overview for the Access Management item in the settings dropdown for a user with workspaces enabled. In RBAC V2 this path doesn't exist, and directs the user to their my access page instead. It should be /iam/overview for workspaces org admins

Summary by CodeRabbit

• Bug Fixes

  • Identity & Access Management navigation now directs org admins to the correct overview depending on workspace configuration; regular users continue to reach their personal access page.
  • Breadcrumb generation is more resilient to missing route data, preventing runtime errors.

• Tests

  • Expanded automated tests and helpers to validate IAM routing, settings dropdown links, and breadcrumb behaviors under different feature flags and user roles.

• Chores

  • Updated engine and dependency version constraints.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Org-admin IAM routing in Tools now chooses between /iam/overview and /iam/user-access/overview based on the platform.rbac.workspaces flag; non-org-admins still route to /iam/my-user-access. Tests, mocks, and a helper were added/updated to cover flag and identity permutations; a small breadcrumb null-safety fix and deps bumps were included.

Changes

Cohort / File(s)	Summary
Routing Logic src/components/Header/Tools.tsx	Changed identityAndAccessManagmentPath to select /iam/overview when workspaces feature is enabled for org admins, otherwise /iam/user-access/overview; non-org-admin path remains /iam/my-user-access.
Tests & Jest Mocks src/components/Header/HeaderTests/Tools.test.js	Added renderTools helper, updated imports (screen), expanded mocks (mocked SettingsToggle, simplified @scalprum/react-core, added togglePreviewWithCheckAtom), introduced mockFlagValues and flag-driven useFlag, and added tests asserting IAM link hrefs across org-admin/non-admin and workspaces on/off.
Breadcrumbs Hook + Tests src/hooks/useBreadcrumbsLinks.ts, src/hooks/useBreadcrumbsLinks.test.tsx	Made fallbackMatch?.[0]?.pathnameBase?.split('/') ?? [] null-safe to avoid runtime errors; added comprehensive tests covering bundle-only, missing match fragments, empty fragments, and valid route match scenarios.
Deps / Engines package.json	Bumped Node/npm engine min versions and updated multiple runtime/dev dependency versions (minor/patch bumps across Playwright, SWC, TypeScript/ESLint packages, Cypress, webpack, Amplitude, axios, jotai, lodash, oidc-client-ts, etc.).

Sequence Diagram(s)

mermaid
sequenceDiagram
participant User
participant Tools as "Tools Component"
participant Flags as "Feature Flag (unleash)"
participant Auth as "ChromeAuthContext"
participant Router as "Router / Link generator"

User->>Tools: open Settings menu
Tools->>Flags: query `platform.rbac.workspaces`
Tools->>Auth: read user identity (`is_org_admin`)
Tools->>Router: decide `identityAndAccessManagmentPath`
alt org_admin & workspaces enabled
    Router-->>User: render link `/iam/overview`
else org_admin & workspaces disabled
    Router-->>User: render link `/iam/user-access/overview`
else non-org-admin
    Router-->>User: render link `/iam/my-user-access`
end

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 8

✅ Passed checks (8 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: fixing the Access Management routing path in the settings dropdown based on workspace enablement status.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Tests Required	✅ Passed	All modified source code files have corresponding test coverage. Tools.tsx routing logic and useBreadcrumbsLinks.ts null-safe extraction are both covered by comprehensive test suites. package.json configuration changes are exempt.
Typescript Strict Mode	✅ Passed	PR adheres to TypeScript strict mode with all compiler flags enabled, no 'any' type instances, explicit type annotations throughout, and null-safe extraction using nullish coalescing operator.
Auth Abstraction Layer	✅ Passed	PR does not introduce direct imports of OIDC libraries outside src/auth/OIDCConnector/ directory; authentication handled through ChromeAuthContext abstraction layer.
Chrome Api Breaking Changes	✅ Passed	PR does not modify src/chrome/create-chrome.ts or public Chrome API; scope limited to Access Management routing fix and dependency updates.
Module Federation Compatibility	✅ Passed	PR maintains full Module Federation compatibility with no changes to webpack configuration, exposed modules, or shared dependencies.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/components/Header/HeaderTests/Tools.test.js (1)

123-138: Consider extracting a shared auth-context fixture for these tests.

The three mockAuthContext blocks are mostly identical; centralizing them will reduce maintenance cost and keep route-specific intent clearer.

Also applies to: 158-173, 193-208

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/components/Header/HeaderTests/Tools.test.js` around lines 123 - 138,
Multiple tests define nearly identical mockAuthContext objects; extract a shared
fixture (e.g., export const mockAuthContext or function createMockAuthContext)
at the top of Tools.test.js or in a test-utils file and import/use it in each
test to avoid duplication; update the three locations that currently declare
mockAuthContext to instead call the shared factory or reference the exported
constant, and adjust any test-specific overrides by cloning or spreading the
shared object (e.g., { ...mockAuthContext, token: 'override' }) so
route-specific intent remains clear.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/components/Header/HeaderTests/Tools.test.js`:
- Around line 80-98: Replace all uses of container.querySelector in the Tools
tests with React Testing Library queries (use screen.getByTestId for the
provided test IDs) to make assertions more robust: in the renderTools helper
keep returning the rendered container but update each assertion that selects
elements by ID/attributes to use screen.getByTestId('settings-toggle') for the
settings button and screen.getByTestId('UserAccess') for the IAM link (also
update the similar selectors at the other occurrences noted around the other
test blocks), and remove direct DOM query usage in favor of screen.* queries so
tests target the elements by their data-testid attributes when interacting with
the Tools component.

---

Nitpick comments:
In `@src/components/Header/HeaderTests/Tools.test.js`:
- Around line 123-138: Multiple tests define nearly identical mockAuthContext
objects; extract a shared fixture (e.g., export const mockAuthContext or
function createMockAuthContext) at the top of Tools.test.js or in a test-utils
file and import/use it in each test to avoid duplication; update the three
locations that currently declare mockAuthContext to instead call the shared
factory or reference the exported constant, and adjust any test-specific
overrides by cloning or spreading the shared object (e.g., { ...mockAuthContext,
token: 'override' }) so route-specific intent remains clear.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: e5f742cb-6e81-47ef-bcaa-b14edb56ea20

📥 Commits

Reviewing files that changed from the base of the PR and between edae742 and 1eee5f1.

⛔ Files ignored due to path filters (1)

• src/components/Header/HeaderTests/__snapshots__/Tools.test.js.snap is excluded by !**/*.snap

📒 Files selected for processing (1)

• src/components/Header/HeaderTests/Tools.test.js

[coderabbitai]

🧹 Nitpick comments (2)

src/components/Header/HeaderTests/Tools.test.js (1)

20-27: Make the SettingsToggle mock respect isHidden items.

Rendering hidden items in the mock can mask real-world behavior and produce false-positive assertions.

Mock fidelity improvement

-          {props.dropdownItems.map((group, groupIndex) => (
+          {props.dropdownItems.map((group, groupIndex) => (
             <div key={groupIndex}>
-              {group.items.map((item, itemIndex) => (
+              {group.items
+                .filter((item) => !item.isHidden)
+                .map((item, itemIndex) => (
                 <a key={itemIndex} href={item.url} data-testid={item.ouiaId}>
                   {item.title}
                 </a>
-              ))}
+                ))}
             </div>
           ))}

As per coding guidelines, "**/*.test.{ts,tsx,js}: Check for proper mocking and test setup."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/components/Header/HeaderTests/Tools.test.js` around lines 20 - 27, The
SettingsToggle test mock currently renders every item from props.dropdownItems
and ignores the isHidden flag, causing hidden items to appear in tests; update
the mock used in Tools.test.js (the SettingsToggle mock) so that when rendering
group.items it first filters out items with item.isHidden (e.g. replace direct
group.items.map(...) with group.items.filter(item => !item.isHidden).map(...))
so the mock behavior matches real component behavior and prevents false-positive
assertions.

src/hooks/useBreadcrumbsLinks.test.tsx (1)

74-108: Tighten fallback-case assertions to catch structural regressions.

This case currently allows extra/incorrect segments while still passing. If the intended behavior is bundle + active item only, assert the exact array shape.

Suggested test hardening

-    expect(result.current.length).toBeGreaterThanOrEqual(1);
-    expect(result.current.some((s) => s.title === 'Advisor')).toBe(true);
+    expect(result.current).toEqual([
+      {
+        title: 'RHEL',
+        href: '/insights',
+      },
+      {
+        title: 'Advisor',
+        href: '/insights/advisor',
+        active: true,
+      },
+    ]);

As per coding guidelines, "**/*.test.{ts,tsx,js}: Verify test quality and coverage."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/hooks/useBreadcrumbsLinks.test.tsx` around lines 74 - 108, Tighten the
test "should fall back to bundle href when no route match fragments exist" to
assert the exact breadcrumb array shape instead of loose checks: when using
createWrapper('/insights/advisor', [], navigation) and rendering
useBreadcrumbsLinks(), expect result.current to strictly equal an array of two
segments — first the bundle segment ({ title: 'RHEL', href: '/insights' }) and
second the active item segment ({ title: 'Advisor', href: '/insights/advisor' })
— and assert length === 2; update the assertions to compare the full array (or
deepEqual) rather than only presence/length checks to catch structural
regressions.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@src/components/Header/HeaderTests/Tools.test.js`:
- Around line 20-27: The SettingsToggle test mock currently renders every item
from props.dropdownItems and ignores the isHidden flag, causing hidden items to
appear in tests; update the mock used in Tools.test.js (the SettingsToggle mock)
so that when rendering group.items it first filters out items with item.isHidden
(e.g. replace direct group.items.map(...) with group.items.filter(item =>
!item.isHidden).map(...)) so the mock behavior matches real component behavior
and prevents false-positive assertions.

In `@src/hooks/useBreadcrumbsLinks.test.tsx`:
- Around line 74-108: Tighten the test "should fall back to bundle href when no
route match fragments exist" to assert the exact breadcrumb array shape instead
of loose checks: when using createWrapper('/insights/advisor', [], navigation)
and rendering useBreadcrumbsLinks(), expect result.current to strictly equal an
array of two segments — first the bundle segment ({ title: 'RHEL', href:
'/insights' }) and second the active item segment ({ title: 'Advisor', href:
'/insights/advisor' }) — and assert length === 2; update the assertions to
compare the full array (or deepEqual) rather than only presence/length checks to
catch structural regressions.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 11ddb705-1723-4432-b614-4e7bafdc423a

📥 Commits

Reviewing files that changed from the base of the PR and between 2be7e67 and 7d888d3.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (4)

• package.json
• src/components/Header/HeaderTests/Tools.test.js
• src/hooks/useBreadcrumbsLinks.test.tsx
• src/hooks/useBreadcrumbsLinks.ts

[karelhala]

Looking good, can you please resolve the merge conflicts? Thank you.

[jjaquish]

@karelhala Thanks for looking, should be good now!