fix(link): ensure disabled links are actually disabled when tab-navigated

[kevinvenclovas]

Closes #137

Summary by CodeRabbit

• Bug Fixes
  • Improved link component accessibility: disabled links now properly prevent navigation and include accessibility attributes (aria-disabled, tabindex) for assistive technologies. External link attributes are correctly managed based on disabled state.

[coderabbitai]

📝 Walkthrough

Walkthrough

Modified the LumexLink component to properly disable links by conditionally setting HTML attributes. When disabled, the href attribute is removed and accessibility attributes (tabindex="-1", aria-disabled="true") are applied, preventing navigation and tab-access.

Changes

Cohort / File(s)	Summary
Disabled Link Accessibility src/LumexUI/Components/Link/LumexLink.razor.cs	Implemented conditional attribute initialization in Attributes dictionary: omit href and add accessibility attributes (tabindex="-1", aria-disabled="true") when Disabled is true; gate external link attributes (target, rel) by both External and Disabled conditions.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A link that's disabled now stays put,
No sneaky tabs or spacebar route,
With aria-disabled loud and clear,
Accessibility draws near,
Disabled links behave, my dear! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description only contains 'Closes #137' and lacks the required sections: 'What's been done?' with bullet-point changes, and the checklist items from the template.	Expand the description to include a 'What's been done?' section listing specific changes (e.g., adding tabindex and aria-disabled attributes when disabled) and complete the project checklist items.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	The code changes appropriately address issue #137 by preventing disabled links from being keyboard navigable and activatable by adding tabindex='-1' and aria-disabled='true' attributes when disabled.
Out of Scope Changes check	✅ Passed	All changes in LumexLink.razor.cs are scoped to the disability functionality and directly address the linked issue #137 requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title directly addresses the main issue: ensuring disabled links are not keyboard-navigable and activated via tab and Space key, which matches the core changes in the PR that add accessibility attributes and conditional href handling.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/LumexUI/Components/Link/LumexLink.razor.cs (1)

92-97: ⚠️ Potential issue | 🟠 Major

Prevent AdditionalAttributes from re-enabling disabled links.

At Line 92 onward, consumer-supplied attributes are merged last, so href, tabindex, target, or rel can override disabled safeguards. That can reintroduce the exact behavior this PR is fixing.

Suggested hardening diff

 		get
 		{
 			var attributes = new Dictionary<string, object>();
 
-			// Only add href if not disabled
-			if( !Disabled )
-			{
-				attributes["href"] = Href;
-			}
-			else
-			{
-				// For disabled links, add accessibility attributes
-				attributes["tabindex"] = "-1";
-				attributes["aria-disabled"] = "true";
-			}
-
-			if( External && !Disabled )
-			{
-				attributes["target"] = "_blank";
-				attributes["rel"] = "noopener noreferrer";
-			}
-
 			if( AdditionalAttributes is not null )
 			{
 				foreach( var attribute in AdditionalAttributes )
 				{
 					attributes[attribute.Key] = attribute.Value;
 				}
 			}
+
+			if( !Disabled )
+			{
+				attributes["href"] = Href;
+				if( External )
+				{
+					attributes["target"] = "_blank";
+					attributes["rel"] = "noopener noreferrer";
+				}
+			}
+			else
+			{
+				attributes.Remove("href");
+				attributes.Remove("target");
+				attributes.Remove("rel");
+				attributes["tabindex"] = "-1";
+				attributes["aria-disabled"] = "true";
+			}
 
 			return attributes;
 		}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/LumexUI/Components/Link/LumexLink.razor.cs` around lines 92 - 97, The
merge of AdditionalAttributes in LumexLink.razor.cs currently allows consumer
attributes to override safeguards; update the foreach that copies
AdditionalAttributes into attributes to skip protected keys when Disabled is
true (at least "href", "tabindex", "target", "rel") so consumers cannot
re-enable the link; perform case-insensitive key checks (e.g., use a
HashSet<string>(StringComparer.OrdinalIgnoreCase)) and only assign
attributes[attribute.Key] = attribute.Value when either Disabled is false or the
attribute key is not in the protected set.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@src/LumexUI/Components/Link/LumexLink.razor.cs`:
- Around line 92-97: The merge of AdditionalAttributes in LumexLink.razor.cs
currently allows consumer attributes to override safeguards; update the foreach
that copies AdditionalAttributes into attributes to skip protected keys when
Disabled is true (at least "href", "tabindex", "target", "rel") so consumers
cannot re-enable the link; perform case-insensitive key checks (e.g., use a
HashSet<string>(StringComparer.OrdinalIgnoreCase)) and only assign
attributes[attribute.Key] = attribute.Value when either Disabled is false or the
attribute key is not in the protected set.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 198d7c3 and 20e39a6.

📒 Files selected for processing (1)

• src/LumexUI/Components/Link/LumexLink.razor.cs

[desmondinho]

I actually think we should keep the href for semantics. Since a link is not navigable, it won't harm anyway

[desmondinho]

And I am not sure that Disabled should affect externality. Is there any specific reason to check if a link is disabled here?