lisa/feat/ui-create-ssp

[ccf-lisa]

automated implementation by lisa.

Summary by CodeRabbit

• New Features

  • Create new System Security Plans via a dedicated form with automatic UUID generation/regeneration, title and version inputs, submission-state handling, API submission, and navigation on success.
  • Quick-access "New System Security Plan" button added to the plans list.

• Bug Fixes

  • Create route now opens the correct form view.

• Tests

  • Added tests for router, create and list views covering form submission, UUID behavior, disabled-submit handling, navigation, and error/toast flows; test mounts now stub tooltip directive.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 388006e6-57a8-4941-a6a1-c9c7a9461b81

📥 Commits

Reviewing files that changed from the base of the PR and between 0301000 and fee1e07.

📒 Files selected for processing (1)

• src/views/__tests__/PreferencesView.spec.ts

---

📝 Walkthrough

Walkthrough

Adds a create route and SystemSecurityPlanCreateView with UUID generation/regeneration, title/version inputs, POST submission to /api/oscal/system-security-plans (decamelized), toast error handling, isSubmitting guard, navigation to the editor on success, and tests for routing, creation, list navigation, and test harness updates.

Changes

System Security Plan Creation Feature

Layer / File(s)	Summary
Route configuration and router test src/router/index.ts, src/router/__tests__/index.spec.ts	Route /system-security-plans/create lazy-loads the create view. Router test verifies route exists, path /system-security-plans/create, and that the route's component loader is a function.
Create view UI and submit logic src/views/system-security-plans/SystemSecurityPlanCreateView.vue	Create view presents UUID (regenerable), title and version inputs, generates UUID on mount, submits POST to /api/oscal/system-security-plans with decamelized payload, guards concurrent submits, shows toast on errors, and routes to system-security-plan-editor when API returns a UUID.
Create view tests src/views/__tests__/SystemSecurityPlanCreateView.spec.ts	Vitest suite with mocks for useDataApi, toast, router, and UUID generation; tests request config (decamelizeKeys), UUID generation/regeneration, successful submission and redirect, in-flight submit prevention, missing-UUID handling, and API validation error handling.
List view create navigation and tests src/views/system-security-plans/SystemSecurityPlanListView.vue, src/views/__tests__/SystemSecurityPlanListView.spec.ts	List view adds a RouterLinkButton to the create route. Tests include mount helpers and mocks, and assert the "New System Security Plan" button routes to { name: 'system-security-plans-create' }.
Preferences test mounting helper update src/views/__tests__/PreferencesView.spec.ts	Mount helper now provides a no-op tooltip directive in test mounts to support components that rely on it during rendering.

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant CreateView as SystemSecurityPlanCreateView
  participant API as /api/oscal/system-security-plans
  participant Router
  participant Toast

  User->>CreateView: Mount (UUID generated)
  User->>CreateView: Regenerate UUID
  User->>CreateView: Enter title + submit
  CreateView->>API: POST { uuid, metadata.title } (decamelizeKeys)
  alt Success (response.uuid)
    API-->>CreateView: created plan with uuid
    CreateView->>Router: push editor route with uuid
  else Missing uuid
    API-->>CreateView: created plan without uuid
    CreateView->>Toast: show missing id error
  else Validation error
    API-->>CreateView: AxiosError with validation details
    CreateView->>Toast: show validation error
  end

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped to add a form so new plans could start,
UUIDs that twinkle, a title close to heart,
I pushed the POST, the editor waits to receive,
Toasts sing of errors when responses misbehave,
A cheerful rabbit nods — new plans now take part!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'lisa/feat/ui-create-ssp' uses a branch naming convention rather than a clear, descriptive pull request title that conveys the meaningful change to reviewers.	Replace the branch name with a descriptive title such as 'Add UI for creating System Security Plans' that clearly summarizes the main change in plain language.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/views/system-security-plans/SystemSecurityPlanCreateView.vue`:
- Around line 6-7: The submit handler in SystemSecurityPlanCreateView.vue lacks
an in-flight guard causing duplicate POSTs; add a reactive flag (e.g., data
property or ref named isSubmitting) and update the submit method to return early
if isSubmitting is true, set isSubmitting = true before the async create call
and reset it in a finally block (try { await ... } finally { isSubmitting =
false }); also bind this flag to the form controls (disable the submit button
and any inputs, e.g., :disabled="isSubmitting") so rapid repeats are
prevented—apply the same pattern to the other submit paths referenced (the other
submit handlers around the component).
- Around line 73-76: The redirect after creation uses data.value?.uuid directly
when calling router.push (name: 'system-security-plan-editor') which can push an
invalid route if the UUID is missing; update the create/submit handler in
SystemSecurityPlanCreateView.vue to check that data.value and data.value.uuid
are present before calling router.push, and if missing avoid the navigation and
instead handle the failure (e.g., show a user-facing error/toast or navigate to
a safe fallback like the list view); ensure you reference the same router.push
call and data.value?.uuid symbols so the guard is applied at the exact
redirection site.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: ea9b7c60-17df-4d07-8217-b4d63a83d065

📥 Commits

Reviewing files that changed from the base of the PR and between 93e0a8a and 9170915.

📒 Files selected for processing (6)

• src/router/__tests__/index.spec.ts
• src/router/index.ts
• src/views/__tests__/SystemSecurityPlanCreateView.spec.ts
• src/views/__tests__/SystemSecurityPlanListView.spec.ts
• src/views/system-security-plans/SystemSecurityPlanCreateView.vue
• src/views/system-security-plans/SystemSecurityPlanListView.vue

[gusfcarvalho]

Findings inline. The UUID field is missing required (Medium) and there is a silent undefined navigation risk on the redirect (Low). Two low-severity test concerns are also noted.

[gusfcarvalho]

All findings resolved. UUID required added; isSubmitting guard locks the form during submission and resets in finally; createdUuid guard prevents silent navigation to /undefined; __name assertion removed. CI green on 53edd51. Good to merge.

[ccf-lisa]

PR approved. Marking as ready for e2e.

[gusfcarvalho]

The SSP creation form will always fail with from the API because is never initialised in the reactive ref.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/views/__tests__/PreferencesView.spec.ts`:
- Around line 88-95: Add a brief inline comment next to the tooltip directive
stub in the mountPreferencesView test helper explaining why it's stubbed (e.g.,
to avoid mounting the real tooltip directive and its DOM side-effects in unit
tests), so future maintainers understand the intent; update the block where
mountPreferencesView is defined (the tooltip: () => undefined entry for
PreferencesView) with that short explanatory comment consistent with other mocks
in the file.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 67561b84-1ff6-45d0-8e90-4009510e291a

📥 Commits

Reviewing files that changed from the base of the PR and between 8638de7 and 0301000.

📒 Files selected for processing (2)

• src/views/__tests__/PreferencesView.spec.ts
• src/views/__tests__/SystemSecurityPlanCreateView.spec.ts

[ccf-lisa]

PR approved. Marking as ready for e2e.