At a Glance
Module purpose: Self-service page where a signed-in user views and edits their own identity fields and changes their password · Audience: The signed-in user themselves · Access: authenticated-only — the/profileroute carries norequiredPermission· Key entities/tables:user,user_info,business_unit(read-only display) · Sub-pages: 0
Profile is the personal-account page of the Carmen Platform admin product. Every authenticated user reaches it from the avatar menu at the bottom of the sidebar — there is no top-level navigation entry for /profile. The page shows the user's current identity (alias name, first/middle/last name, telephone, email, account ID, member-since date) and, in a separate read-only card, the list of business units assigned to that account. The Profile Overview card renders a small role badge only when the API response carries a role string; the legacy platform_role display was removed when the SPA moved to permission-based RBAC (rbac).
Two write operations are supported, both sent as PATCH /api/user/profile. The first edits the identity fields — alias name, first name, middle name, last name, telephone; the Profile Information card opens read-only and an Edit button switches it into edit mode (with a Save Changes / Cancel pair and an unsaved-changes guard). Email cannot be changed from this page. The second changes the account password through a Change Password modal dialog that requires the current password plus a new password of at least six characters and a matching confirmation. Saving an identity edit re-fetches the profile and refreshes the local auth context, so the sidebar avatar and display name update immediately. Password changes do not refresh the auth context — the dialog just closes on success.
The page is intentionally narrow in scope. It does not assign or revoke business-unit memberships, grant permissions, or manage other users — those flows belong to the users and rbac modules and require the corresponding permission grants. The /profile route is wrapped in a plain <PrivateRoute> with no requiredPermission — like the Dashboard, it is reachable by any authenticated session regardless of permission grants.
Profile is a self-service maintenance page; it has no external business driver beyond keeping each user's identity information current so that audit logs, notifications, and BU rosters reference accurate names and contact details.
useUnsavedChanges hook fires a browser warning on navigation with unsaved edits. Ctrl/Cmd+S submits, Escape cancels.PATCH /api/user/profile endpoint as identity edits, but with currentPassword / newPassword populated instead.Used by the signed-in user themselves. The /profile route is wrapped in a plain <PrivateRoute> with no requiredPermission prop — authentication is the only gate, and no <Can> gates appear within the page. No RBAC grant is required or checked.
../carmen-platform/SITEMAP.md, ../carmen-platform/src/pages/Profile.tsx (calls GET / PATCH /api/user/profile directly via the shared axios instance in src/services/api.ts — there is no dedicated profile service file), ../carmen-platform/src/App.tsx (the bare <PrivateRoute> on /profile)This module is a single page; see the parent Platform book index.