Hide "Rotate password" button for Observer role in Recovery Lock modal

[sharon-fdm]

Closes #42249
Supersedes #42247 (stale draft with merge conflicts)

Summary

• Hides the "Rotate password" button entirely in the Recovery Lock password modal when the user has the Observer role (canRotatePassword is false), instead of showing a disabled span with a tooltip
• Removes unused TooltipWrapper import and orphaned SCSS styles for the disabled state
• Consistent with the existing pattern in ManagedAccountModal which already hides the button for observers

Changes

• RecoveryLockPasswordModal.tsx: Return null when !canRotatePassword instead of rendering disabled tooltip
• _styles.scss: Remove __rotate-button--disabled styles
• Added RecoveryLockPasswordModal.tests.tsx with two tests covering button visibility based on role

How I tested

• Added unit tests (following the ManagedAccountModal.tests.tsx pattern) that verify:
  • The "Rotate password" button is not rendered when canRotatePassword={false} (Observer role)
  • The "Rotate password" button is rendered when canRotatePassword={true} (Admin/Maintainer role)
• Both tests pass locally
• ESLint passed clean on all changed files
• Webpack build succeeded; verified the built bundle no longer contains the old tooltip text or disabled-button CSS class

Test plan

• Log in as an Observer, navigate to a macOS host with Recovery Lock, open the Recovery Lock password modal, and confirm the "Rotate password" button is not visible
• Log in as an Admin/Maintainer and confirm the "Rotate password" button still appears and works

Summary by CodeRabbit

• Bug Fixes

  • The password rotation button in the Recovery Lock Password modal is now hidden entirely when rotation is unavailable, rather than displaying as a disabled control.

• Tests

  • Added test coverage to verify the password rotation button visibility behavior based on user permissions.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[Copilot]

Pull request overview

This PR updates the Host details “Recovery Lock password” modal UI to fully hide the “Rotate password” action for users who lack permission (e.g., Observer role), aligning the behavior with existing patterns used in similar modals.

Changes:

• Hide the rotate action by returning null when canRotatePassword is false (instead of rendering a disabled/tooltip UI).
• Remove the now-unused TooltipWrapper import.
• Remove the SCSS styling that only applied to the previously-disabled rotate UI state.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
frontend/pages/hosts/details/HostDetailsPage/modals/RecoveryLockPasswordModal/RecoveryLockPasswordModal.tsx	Hide rotate button when canRotatePassword is false; remove tooltip-based disabled rendering and unused import.
frontend/pages/hosts/details/HostDetailsPage/modals/RecoveryLockPasswordModal/_styles.scss	Remove styles for the removed disabled rotate button UI state.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 5135c49b-0f3b-4c8a-85af-c65e8e673365

📥 Commits

Reviewing files that changed from the base of the PR and between 71da5ab and ff78508.

📒 Files selected for processing (1)

• frontend/pages/hosts/details/HostDetailsPage/modals/RecoveryLockPasswordModal/RecoveryLockPasswordModal.tests.tsx

---

Walkthrough

RecoveryLockPasswordModal is refactored to hide the "Rotate password" button entirely when the user lacks rotation permission, rather than displaying it as disabled with a tooltip. The TooltipWrapper import is removed, the renderRotateButton method now returns null when canRotatePassword is false, and the corresponding &__rotate-button--disabled SCSS styling block is deleted. The button remains visible and functional only when rotation is permitted.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title accurately describes the main change: hiding the 'Rotate password' button for Observer role users in the Recovery Lock modal.
Description check	✅ Passed	The PR description is comprehensive with linked issue, summary, detailed changes, testing approach, and test plan; however, the test plan checklist items are unchecked.
Linked Issues check	✅ Passed	The PR successfully addresses issue #42249 by hiding the 'Rotate password' button for Observer role users, matching the stated user story objective.
Out of Scope Changes check	✅ Passed	All changes are within scope: hiding the button for Observers, removing associated disabled styles, and adding tests to verify the behavior align with the linked issue #42249.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sharon/hide-rotate-password-observer-42249

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.75%. Comparing base (1e22a58) to head (ff78508).
⚠️ Report is 5 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #45649   +/-   ##
=======================================
  Coverage   66.74%   66.75%           
=======================================
  Files        2744     2744           
  Lines      219316   219316           
  Branches    10794    10794           
=======================================
+ Hits       146393   146411   +18     
+ Misses      59698    59679   -19     
- Partials    13225    13226    +1     

Flag	Coverage Δ
frontend	55.66% <100.00%> (+0.06%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.