Skip to content

ENG-2828: Disable delete button on default DSR policies#7526

Open
gilluminate wants to merge 4 commits intomainfrom
gill/ENG-2828/fe-disable-delete-button-on-default-dsr-policies
Open

ENG-2828: Disable delete button on default DSR policies#7526
gilluminate wants to merge 4 commits intomainfrom
gill/ENG-2828/fe-disable-delete-button-on-default-dsr-policies

Conversation

@gilluminate
Copy link
Contributor

@gilluminate gilluminate commented Feb 28, 2026
edited
Loading

Ticket ENG-2828

Description Of Changes

Disable the delete button on default DSR policies (both the list page and detail page) by fetching the default policy keys from the /api/v1/plus/dsr/policy/default endpoint. Default policies display a disabled delete button with a tooltip explaining "Default policies cannot be deleted". Non-default policies are unaffected.

Also:

  • Removes the unnecessary <span> wrapper around disabled <Tooltip> buttons in MonitorConfigTab (Ant Design handles this natively)
  • Replaces the temporary startsWith("default_") sorting heuristic with the endpoint data

Code Changes

  • clients/admin-ui/src/features/policies/policy.slice.ts - Added getDefaultPolicies RTK Query endpoint for GET /plus/dsr/policy/default
  • clients/admin-ui/src/features/policies/constants.ts - New shared DEFAULT_POLICY_TOOLTIP constant
  • clients/admin-ui/src/features/policies/PolicyBox.tsx - Added isDefault prop; disables delete button with tooltip when true
  • clients/admin-ui/src/pages/privacy-request-policies/index.tsx - Fetch default policy keys, disable delete on defaults, use endpoint data for sorting
  • clients/admin-ui/src/pages/privacy-request-policies/[key].tsx - Fetch default policy keys, pass isDefault to PolicyBox
  • clients/admin-ui/src/features/integrations/configure-monitor/MonitorConfigTab.tsx - Remove unnecessary <span> wrapper for Tooltip on disabled button
  • clients/admin-ui/cypress/support/stubs.ts - Stub the default policies endpoint
  • clients/admin-ui/cypress/fixtures/policies/list.json - Added non-default custom policy fixture
  • clients/admin-ui/cypress/e2e/policies/policies-list.cy.ts - Tests for disabled delete on default policies
  • clients/admin-ui/cypress/e2e/policies/policy-crud.cy.ts - Updated delete tests to use non-default policy
  • clients/admin-ui/cypress/e2e/policies/policy-detail.cy.ts - Tests for disabled delete on detail page

Steps to Confirm

  1. Navigate to the DSR Policies list page
  2. Verify default policies (Default Access, Erasure, Consent) have disabled delete buttons
  3. Hover over a disabled delete button and confirm the tooltip "Default policies cannot be deleted" appears
  4. Verify non-default policies still have an enabled, clickable delete button
  5. Navigate to a default policy's detail page and confirm the delete button is disabled with tooltip
  6. Navigate to a non-default policy's detail page and confirm delete works normally

Pre-Merge Checklist

  • Issue requirements met
  • All CI pipelines succeeded
  • CHANGELOG.md updated
  • UX feedback:
    • All UX related changes have been reviewed by a designer
  • Followup issues:
    • No followup issues
  • Database migrations:
    • No migrations
  • Documentation:
    • No documentation updates required

Made with Cursor

@vercel
Copy link
Contributor

vercel bot commented Feb 28, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
fides-plus-nightly Ready Ready Preview, Comment Feb 28, 2026 1:14am
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
fides-privacy-center Ignored Ignored Feb 28, 2026 1:14am

Request Review

@gilluminate
Disable delete button on default DSR policies
e8dfb98 
Fetch default policy keys from the /plus/dsr/policy/default endpoint
and disable the delete button (with tooltip) on both the list and
detail pages. Also removes unnecessary span wrapper for Tooltip on
disabled buttons in MonitorConfigTab, and replaces the temporary
startsWith("default_") sorting heuristic with the endpoint data.

Made-with: Cursor
@gilluminate
fix lint
eecd6df
@gilluminate
fix tests
e4cc503
@gilluminate gilluminate force-pushed the gill/ENG-2828/fe-disable-delete-button-on-default-dsr-policies branch from d22bd8a to e4cc503 Compare February 28, 2026 00:32
@gilluminate gilluminate marked this pull request as ready for review February 28, 2026 01:13
@gilluminate gilluminate requested a review from a team as a code owner February 28, 2026 01:13
@gilluminate gilluminate requested review from speaker-ender and removed request for a team February 28, 2026 01:13
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 28, 2026

Greptile Summary

This PR successfully implements protection for default DSR policies by disabling their delete buttons with explanatory tooltips.

Key Changes

  • Added getDefaultPolicies RTK Query endpoint to fetch default policy keys from /plus/dsr/policy/default
  • Conditionally disabled delete buttons on both list and detail pages for default policies (Access, Erasure, Consent)
  • Replaced temporary startsWith("default_") sorting heuristic with actual endpoint data
  • Added DEFAULT_POLICY_TOOLTIP constant for consistent messaging across components
  • Comprehensive test coverage for the new functionality

Observations

The implementation follows Ant Design patterns correctly and uses proper React patterns (useMemo for derived state). The code gracefully handles missing data by defaulting to treating policies as deletable, which is appropriate since the backend should also validate deletion attempts.

The PR includes an unrelated cleanup in MonitorConfigTab.tsx (removing unnecessary <span> wrapper around Tooltip), which while beneficial, is outside the scope of the main feature.

Confidence Score: 4/5

  • This PR is safe to merge with minor observations about error handling
  • Clean implementation with good test coverage. The code follows existing patterns and uses proper React/RTK Query conventions. Minor deduction for lack of explicit error handling on the default policies query (though the implicit fail-open behavior is acceptable) and an unrelated cleanup change in MonitorConfigTab.
  • The two page files (index.tsx and [key].tsx) don't explicitly handle errors from useGetDefaultPoliciesQuery(), but this is acceptable since they fail open (treating policies as deletable) and the backend should validate.

Important Files Changed

Filename Overview
clients/admin-ui/src/features/policies/policy.slice.ts Added getDefaultPolicies RTK Query endpoint to fetch default policy keys from /plus/dsr/policy/default. Endpoint correctly uses providesTags for cache management.
clients/admin-ui/src/features/policies/constants.ts Added shared constant DEFAULT_POLICY_TOOLTIP for consistent tooltip messaging across components. Follows custom rule for defining magic strings as named variables.
clients/admin-ui/src/features/policies/PolicyBox.tsx Added isDefault prop to conditionally disable delete button with tooltip. Implementation correctly uses Ant Design Tooltip pattern with disabled buttons.
clients/admin-ui/src/pages/privacy-request-policies/index.tsx Fetches default policies and conditionally disables delete buttons. Replaces startsWith heuristic with API data. No explicit error handling for default policies query - silently treats all policies as deletable on failure.
clients/admin-ui/src/pages/privacy-request-policies/[key].tsx Fetches default policies to determine if current policy is default. Passes isDefault to PolicyBox. No explicit error handling - defaults to false (deletable) on query failure.

Last reviewed commit: 14416a2

greptile-apps[bot]
greptile-apps bot reviewed Feb 28, 2026
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

12 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@speaker-ender speaker-ender Awaiting requested review from speaker-ender speaker-ender is a code owner automatically assigned from ethyca/frontend

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gilluminate