regression: ABAC table & form fixes

[MartinSchoeler]

Fixes:

• Table cells overflowing
• Add Duplicated values validation
• Fixes forms reseting when save fail

Proposed changes (including videos or screenshots)

Issue(s)

ABAC-98

Steps to test or reproduce

Further comments

Summary by CodeRabbit

• New Features

  • Prevent adding duplicate attribute values with inline validation; validation now runs as you edit.

• Bug Fixes

  • Show field-level error messages instead of aggregate errors; error indicators now render only when present.
  • Improved post-save cache refresh to ensure updated lists reflect changes sooner.

• Style

  • Truncate long attribute names and values in admin tables for clearer display.

• Localization

  • Added a localized message for repeated-value errors.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: 308ad7c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (2)

• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/__snapshots__/AttributesForm.spec.tsx.snap is excluded by !**/*.snap
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/__snapshots__/RoomFormAttributeField.spec.tsx.snap is excluded by !**/*.snap

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Form validation was changed to per-field, with form mode set to 'onChange'; duplicate attribute-value validation was added. UI cells and select components now truncate long text. Cache invalidation after save mutations was narrowed to .list() query keys. A new i18n key for repeated values was added. Minor FieldError rendering made conditional.

Changes

Cohort / File(s)	Summary
Form configuration & validation apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx, apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx	Set form mode to 'onChange'. Added per-field validation to prevent duplicate attribute values across attributeValues and lockedAttributes (validateRepeatedValues) and replaced aggregate error rendering with per-field FieldError components. Imported Fragment and i18n hook for localized messages.
Cache invalidation adjustments apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx, apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx	Changed post-mutation invalidation targets from ABACQueryKeys.*.all() to ABACQueryKeys.*.list() (rooms and roomAttributes) in onSettled handlers.
Table cell truncation (presentation) apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx, apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx	Applied withTruncatedText to attribute key/value cells to truncate long content in tables.
Selects & field error conditional rendering apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx, apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx	Added withTruncatedText to PaginatedSelectFiltered and MultiSelect. Changed FieldError to render only when errors.<field> exists (conditional rendering).
Localization packages/i18n/src/locales/en.i18n.json	Added ABAC_No_repeated_values with message "Value already added".

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Focus review items:
  • AttributesForm.tsx — verify validateRepeatedValues correctly detects duplicates across both lists and integrates with per-field validation rules and form reactivity (mode: 'onChange').
  • AttributesContextualBar.tsx / RoomsContextualBar.tsx — ensure switching invalidation from .all() to .list() still refreshes all necessary cached views.
  • UI changes (withTruncatedText, select components) — confirm no layout regressions and accessibility/overflow behavior.

Possibly related PRs

• feat: ABAC Rooms attributes tab #37408 — touches ABAC room-attributes UI and uses ABACQueryKeys for query invalidation; related to the .list() vs .all() change.
• chore: ABAC add/edit room attributes form #37244 — modifies ABAC attributes form validation and form configuration; related to per-field validation and mode: 'onChange'.

Suggested labels

stat: ready to merge, stat: QA assured

Suggested reviewers

• tassoevan
• dougfabris

Poem

🐰 I hop through fields both short and long,
I nibble duplicates — they don't belong.
I tuck long text to keep rows neat,
I nudge cache keys to stay discrete.
Hooray — the ABAC garden feels complete! 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main changes: ABAC interface fixes for table overflow and form validation issues.
Linked Issues check	✅ Passed	Code changes address all stated objectives: table cell truncation for overflow prevention, duplicate value validation, and form mode configuration to prevent unwanted resets.
Out of Scope Changes check	✅ Passed	All changes are directly related to ABAC form and table fixes with no unrelated modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

📦 Docker Image Size Report

📈 Changes

Service	Current	Baseline	Change	Percent
sum of all images	1.2GiB	1.2GiB	+14MiB
rocketchat	360MiB	347MiB	+14MiB
omnichannel-transcript-service	132MiB	132MiB	+11KiB
queue-worker-service	132MiB	132MiB	+11KiB
ddp-streamer-service	126MiB	126MiB	+8.4KiB
account-service	113MiB	113MiB	+9.2KiB
authorization-service	111MiB	111MiB	+69KiB
stream-hub-service	111MiB	111MiB	+8.2KiB
presence-service	111MiB	111MiB	+8.6KiB

📊 Historical Trend

---
config:
  theme: "dark"
  xyChart:
    width: 900
    height: 400
---
xychart
  title "Image Size Evolution by Service (Last 30 Days + This PR)"
  x-axis ["11/15 22:28", "11/16 01:28", "11/17 23:50", "11/18 22:53", "11/19 23:02", "11/21 16:49", "11/24 17:34", "11/27 22:32", "11/28 19:05", "12/01 23:01", "12/02 21:57", "12/03 21:00", "12/04 18:17", "12/05 21:56", "12/08 20:15", "12/09 22:17", "12/10 23:26", "12/11 21:56", "12/12 17:30", "12/12 19:50 (PR)"]
  y-axis "Size (GB)" 0 --> 0.5
  line "account-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11]
  line "authorization-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11]
  line "ddp-streamer-service" [0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12]
  line "omnichannel-transcript-service" [0.14, 0.14, 0.14, 0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13]
  line "presence-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11]
  line "queue-worker-service" [0.14, 0.14, 0.14, 0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13]
  line "rocketchat" [0.36, 0.36, 0.35, 0.35, 0.35, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.35]
  line "stream-hub-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11]

Loading

Statistics (last 19 days):

• 📊 Average: 1.5GiB
• ⬇️ Minimum: 1.2GiB
• ⬆️ Maximum: 1.6GiB
• 🎯 Current PR: 1.2GiB

ℹ️ About this report

This report compares Docker image sizes from this build against the develop baseline.

• Tag: pr-37782
• Baseline: develop
• Timestamp: 2025-12-12 19:50:52 UTC
• Historical data points: 19

---

Updated: Fri, 12 Dec 2025 19:50:53 GMT

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (feat/abac@1a719f7). Learn more about missing BASE report.

Additional details and impacted files

@@             Coverage Diff              @@
##             feat/abac   #37782   +/-   ##
============================================
  Coverage             ?   54.28%           
============================================
  Files                ?     2633           
  Lines                ?    50105           
  Branches             ?    11224           
============================================
  Hits                 ?    27201           
  Misses               ?    20727           
  Partials             ?     2177           

Flag	Coverage Δ
e2e	57.26% <ø> (?)
e2e-api	43.71% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (1)

14-54: Fix validate callback return value and add defensive guards for watch() results.

Lines 40–41: Add null coalescing to safely handle potential undefined values from watch() before spreading them in line 50.

Lines 47–54: In the validateRepeatedValues callback, return true on success instead of undefined. According to react-hook-form 7.45.4 behavior, returning undefined from a validate function can produce inconsistent validation state. Additionally, skip the duplicate-check for empty strings to let the required rule handle that case without redundant errors.

- const attributeValues = watch('attributeValues');
- const lockedAttributes = watch('lockedAttributes');
+ const attributeValues = watch('attributeValues') ?? [];
+ const lockedAttributes = watch('lockedAttributes') ?? [];

  const validateRepeatedValues = useCallback(
    (value: string) => {
+     if (!value) {
+       return true;
+     }
-     // Only one instance of the same attribute value is allowed to be in the form at a time
-     const repeatedAttributes = [...lockedAttributes, ...attributeValues].filter((attribute) => attribute.value === value).length > 1;
-     return repeatedAttributes ? t('ABAC_No_repeated_values') : undefined;
+     const repeatedAttributes =
+       [...lockedAttributes, ...attributeValues].filter((attribute) => attribute.value === value).length > 1;
+     return repeatedAttributes ? t('ABAC_No_repeated_values') : true;
    },
    [lockedAttributes, attributeValues, t],
  );

🧹 Nitpick comments (2)

packages/i18n/src/locales/en.i18n.json (1)

55-57: Localization key addition looks correct; consider slightly more specific copy if needed.

ABAC_No_repeated_values is consistent with existing ABAC keys and the JSON placement/formatting looks fine. If this error can appear in contexts where “Value” is ambiguous, consider “Attribute value already added” for clarity.

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx (1)

86-87: Truncation change looks right; consider adding a “full text” affordance (title/tooltip) for discoverability.
withTruncatedText should address the overflow regression, but users may need an easy way to see the full key/value (e.g., title={attribute.key} / title={attribute.values.join(', ')}) when truncated.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1a719f7 and a5f188d.

⛔ Files ignored due to path filters (1)

• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/__snapshots__/AttributesForm.spec.tsx.snap is excluded by !**/*.snap

📒 Files selected for processing (6)

• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx (2 hunks)
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (3 hunks)
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx (1 hunks)
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx (1 hunks)
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx (1 hunks)
• packages/i18n/src/locales/en.i18n.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)

**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation

Files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx

🧠 Learnings (6)

📓 Common learnings

Learnt from: KevLehman
Repo: RocketChat/Rocket.Chat PR: 37303
File: apps/meteor/tests/end-to-end/api/abac.ts:1125-1137
Timestamp: 2025-10-27T14:38:46.994Z
Learning: In Rocket.Chat ABAC feature, when ABAC is disabled globally (ABAC_Enabled setting is false), room-level ABAC attributes are not evaluated when changing room types. This means converting a private room to public will succeed even if the room has ABAC attributes, as long as the global ABAC setting is disabled.

Learnt from: MartinSchoeler
Repo: RocketChat/Rocket.Chat PR: 37244
File: apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.spec.tsx:125-146
Timestamp: 2025-10-30T19:30:46.541Z
Learning: In the AdminABACRoomAttributesForm component (apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.tsx), the first attribute value field is mandatory and does not have a Remove button. Only additional values beyond the first have Remove buttons. This means trashButtons[0] corresponds to the second value's Remove button, not the first value's.

📚 Learning: 2025-11-27T17:56:26.050Z

Learnt from: MartinSchoeler
Repo: RocketChat/Rocket.Chat PR: 37557
File: apps/meteor/client/views/admin/ABAC/AdminABACRooms.tsx:115-116
Timestamp: 2025-11-27T17:56:26.050Z
Learning: In Rocket.Chat, the GET /v1/abac/rooms endpoint (implemented in ee/packages/abac/src/index.ts) only returns rooms where abacAttributes exists and is not an empty array (query: { abacAttributes: { $exists: true, $ne: [] } }). Therefore, in components consuming this endpoint (like AdminABACRooms.tsx), room.abacAttributes is guaranteed to be defined for all returned rooms, and optional chaining before calling array methods like .join() is sufficient without additional null coalescing.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx

📚 Learning: 2025-10-27T14:38:46.994Z

Learnt from: KevLehman
Repo: RocketChat/Rocket.Chat PR: 37303
File: apps/meteor/tests/end-to-end/api/abac.ts:1125-1137
Timestamp: 2025-10-27T14:38:46.994Z
Learning: In Rocket.Chat ABAC feature, when ABAC is disabled globally (ABAC_Enabled setting is false), room-level ABAC attributes are not evaluated when changing room types. This means converting a private room to public will succeed even if the room has ABAC attributes, as long as the global ABAC setting is disabled.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx

📚 Learning: 2025-11-07T14:50:33.544Z

Learnt from: KevLehman
Repo: RocketChat/Rocket.Chat PR: 37423
File: packages/i18n/src/locales/en.i18n.json:18-18
Timestamp: 2025-11-07T14:50:33.544Z
Learning: Rocket.Chat settings: in apps/meteor/ee/server/settings/abac.ts, the Abac_Cache_Decision_Time_Seconds setting uses invalidValue: 0 as the fallback when ABAC is unlicensed. With a valid license, admins can still set the value to 0 to intentionally disable the ABAC decision cache.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx

📚 Learning: 2025-10-30T19:30:46.541Z

Learnt from: MartinSchoeler
Repo: RocketChat/Rocket.Chat PR: 37244
File: apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.spec.tsx:125-146
Timestamp: 2025-10-30T19:30:46.541Z
Learning: In the AdminABACRoomAttributesForm component (apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.tsx), the first attribute value field is mandatory and does not have a Remove button. Only additional values beyond the first have Remove buttons. This means trashButtons[0] corresponds to the second value's Remove button, not the first value's.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesPage.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx

📚 Learning: 2025-09-18T17:32:33.969Z

Learnt from: aleksandernsilva
Repo: RocketChat/Rocket.Chat PR: 36974
File: apps/meteor/client/components/Omnichannel/OutboundMessage/components/OutboundMessageWizard/forms/MessageForm/MessageForm.tsx:124-129
Timestamp: 2025-09-18T17:32:33.969Z
Learning: The ARIA mismatch issue in MessageForm's template field (where FieldError id used templateId instead of messageFormId) was addressed in PR #36972 through refactoring the template field into a separate TemplateField component, which uses consistent templateFieldId for both aria-describedby and FieldError id.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx

🧬 Code graph analysis (3)

apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsContextualBar.tsx (2)

packages/mock-providers/src/MockedAppRootBuilder.tsx (1)

• queryClient (269-279)

apps/meteor/client/lib/queryKeys.ts (1)

• ABACQueryKeys (142-159)

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (1)

packages/ui-contexts/src/index.ts (1)

• useTranslation (81-81)

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx (2)

packages/mock-providers/src/MockedAppRootBuilder.tsx (1)

• queryClient (269-279)

apps/meteor/client/lib/queryKeys.ts (1)

• ABACQueryKeys (142-159)

🔇 Additional comments (5)

apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomsPage.tsx (1)

109-114: LGTM! Truncation properly addresses overflow issue.

The addition of withTruncatedText to both ABAC attribute cells correctly addresses the table overflow issue mentioned in the PR objectives.

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesContextualBar.tsx (2)

41-42: mode: 'onChange' aligns with per-field validation, but re-check validation cost/UX.
This will run validations on every change (including the repeated-values scan), which is probably intended here—just ensure there’s no noticeable lag with many values.

---

78-79: Verify TanStack Query invalidation behavior with parameterized queries in this context.

The cache invalidation claim assumes invalidateQueries({ queryKey: list() }) won't match queries keyed with list(query) where query is an object. However, TanStack Query's standard behavior for prefix matching typically would match ['abac','room-attributes', undefined] to any key starting with ['abac','room-attributes'] regardless of the third element.

Without access to the actual ABACQueryKeys implementation and how queries are constructed in this file, verify:

1. Whether roomAttributes.all() exists and what query keys it targets
2. Whether roomAttributes.list(query) actually uses the query parameter in the key tuple
3. Whether the current list() invalidation is insufficient by checking if stale query results persist after save operations

If the issue is confirmed, update to use roomAttributes.all() for broader invalidation.

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (2)

104-140: Per-field errors are a nice improvement; verify the “remove”/min-length UX doesn’t create a submit-blocking state without a visible error.
You now allow removing attributeValues[0] when lockedAttributesFields.length > 0 (Line 134-136). If the field array still enforces minLength: 1, that can block submit with only an array-level error (and you won’t render it via per-row FieldError). Based on learnings about the “first value mandatory / no remove” pattern, please double-check this flow for both “create” and “edit”.

---

67-74: [rewritten comment]
[classification tag]

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (1)

105-121: Per-field validation improves UX, but note optional chaining inconsistency.

The Fragment wrappers and per-field validation with validateRepeatedValues provide clear, actionable error messages for each field. However, there's an inconsistency in how error messages are accessed:

• Line 120 uses optional chaining: errors.lockedAttributes?.[index]?.value?.message
• Line 138 omits optional chaining: errors.attributeValues[index].value.message

While both should work (react-hook-form guarantees the structure), consider standardizing to use optional chaining consistently for defensive coding.

Apply this diff for consistency:

-								{errors.attributeValues?.[index]?.value && <FieldError>{errors.attributeValues[index].value.message}</FieldError>}
+								{errors.attributeValues?.[index]?.value && <FieldError>{errors.attributeValues[index].value?.message}</FieldError>}

Also applies to: 124-139

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a5f188d and 81da92a.

📒 Files selected for processing (3)

• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (3 hunks)
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx (1 hunks)
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)

**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation

Files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx

🧠 Learnings (4)

📓 Common learnings

Learnt from: KevLehman
Repo: RocketChat/Rocket.Chat PR: 37303
File: apps/meteor/tests/end-to-end/api/abac.ts:1125-1137
Timestamp: 2025-10-27T14:38:46.994Z
Learning: In Rocket.Chat ABAC feature, when ABAC is disabled globally (ABAC_Enabled setting is false), room-level ABAC attributes are not evaluated when changing room types. This means converting a private room to public will succeed even if the room has ABAC attributes, as long as the global ABAC setting is disabled.

Learnt from: aleksandernsilva
Repo: RocketChat/Rocket.Chat PR: 36974
File: apps/meteor/client/components/Omnichannel/OutboundMessage/components/OutboundMessageWizard/forms/MessageForm/MessageForm.tsx:124-129
Timestamp: 2025-09-18T17:32:33.969Z
Learning: The ARIA mismatch issue in MessageForm's template field (where FieldError id used templateId instead of messageFormId) was addressed in PR #36972 through refactoring the template field into a separate TemplateField component, which uses consistent templateFieldId for both aria-describedby and FieldError id.

📚 Learning: 2025-10-30T19:30:46.541Z

Learnt from: MartinSchoeler
Repo: RocketChat/Rocket.Chat PR: 37244
File: apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.spec.tsx:125-146
Timestamp: 2025-10-30T19:30:46.541Z
Learning: In the AdminABACRoomAttributesForm component (apps/meteor/client/views/admin/ABAC/AdminABACRoomAttributesForm.tsx), the first attribute value field is mandatory and does not have a Remove button. Only additional values beyond the first have Remove buttons. This means trashButtons[0] corresponds to the second value's Remove button, not the first value's.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx
• apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx

📚 Learning: 2025-11-27T17:56:26.050Z

Learnt from: MartinSchoeler
Repo: RocketChat/Rocket.Chat PR: 37557
File: apps/meteor/client/views/admin/ABAC/AdminABACRooms.tsx:115-116
Timestamp: 2025-11-27T17:56:26.050Z
Learning: In Rocket.Chat, the GET /v1/abac/rooms endpoint (implemented in ee/packages/abac/src/index.ts) only returns rooms where abacAttributes exists and is not an empty array (query: { abacAttributes: { $exists: true, $ne: [] } }). Therefore, in components consuming this endpoint (like AdminABACRooms.tsx), room.abacAttributes is guaranteed to be defined for all returned rooms, and optional chaining before calling array methods like .join() is sufficient without additional null coalescing.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx

📚 Learning: 2025-09-18T17:32:33.969Z

Learnt from: aleksandernsilva
Repo: RocketChat/Rocket.Chat PR: 36974
File: apps/meteor/client/components/Omnichannel/OutboundMessage/components/OutboundMessageWizard/forms/MessageForm/MessageForm.tsx:124-129
Timestamp: 2025-09-18T17:32:33.969Z
Learning: The ARIA mismatch issue in MessageForm's template field (where FieldError id used templateId instead of messageFormId) was addressed in PR #36972 through refactoring the template field into a separate TemplateField component, which uses consistent templateFieldId for both aria-describedby and FieldError id.

Applied to files:

• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx
• apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: 📦 Build Packages
• GitHub Check: CodeQL-Build
• GitHub Check: CodeQL-Build

🔇 Additional comments (4)

apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomForm.tsx (1)

105-105: LGTM! Conditional error rendering improves UX.

The change to only render the FieldError component when an error exists prevents rendering an empty error container, aligning with the per-field validation pattern applied across the ABAC forms in this PR.

apps/meteor/client/views/admin/ABAC/ABACRoomsTab/RoomFormAttributeField.tsx (2)

78-78: LGTM! Text truncation prevents overflow.

The addition of withTruncatedText to both select components directly addresses the PR objective of preventing cell overflow, ensuring long attribute names and values display cleanly without breaking the layout.

Also applies to: 85-85

---

81-81: LGTM! Consistent error handling pattern.

The conditional FieldError rendering aligns with the per-field validation approach used throughout the PR, preventing empty error components from being rendered.

Also applies to: 92-92

apps/meteor/client/views/admin/ABAC/ABACAttributesTab/AttributesForm.tsx (1)

47-54: LGTM! Duplicate validation addresses PR objective.

The validateRepeatedValues function correctly implements duplicate detection across both locked and editable attribute values, directly addressing the PR objective to "add validation for duplicated values." The validation prevents users from entering the same value multiple times within the form.