Enhanced the appearance of the 'Cancel' and 'Export data' buttons by adding text and background color classes, as well as hover effects, for improved UI consistency.
- Simplified `name_id_format` selection logic in SSO provider form.
- Switched raw database query to sanitized SQL in client secret tests.
- Added condition to log JIT account creation only when identity persists.
- Sanitized failure reasons in SSO login failure handling.
- Added SSO provider connection test policy tests for super admin and regular users.
- Removed the `Settings::SsoIdentitiesController` and views for a simplified user experience.
- Moved SSO identity management to the Security settings page (`Settings::SecuritiesController`).
- Updated locale keys and layout for the new structure.
- Fixed unlink protection warnings and adjusted redirection path.
- Cleaned up routes, helper methods, and redundant code.
Multi-provider SSO support:
- Database-backed SSO provider management with admin UI
- Support for OpenID Connect, Google OAuth2, GitHub, and SAML 2.0
- Flipper feature flag (db_sso_providers) for dynamic provider loading
- ProviderLoader service for YAML or database configuration
Admin functionality:
- Admin::SsoProvidersController for CRUD operations
- Admin::UsersController for super_admin role management
- Pundit policies for authorization
- Test connection endpoint for validating provider config
User provisioning improvements:
- JIT (just-in-time) account creation with configurable default role
- Changed default JIT role from admin to member (security)
- User attribute sync on each SSO login
- Group/role mapping from IdP claims
SSO identity management:
- Settings::SsoIdentitiesController for users to manage connected accounts
- Issuer validation for OIDC identities
- Unlink protection when no password set
Audit logging:
- SsoAuditLog model tracking login, logout, link, unlink, JIT creation
- Captures IP address, user agent, and metadata
Advanced OIDC features:
- Custom scopes per provider
- Configurable prompt parameter (login, consent, select_account, none)
- RP-initiated logout (federated logout to IdP)
- id_token storage for logout
SAML 2.0 support:
- omniauth-saml gem integration
- IdP metadata URL or manual configuration
- Certificate and fingerprint validation
- NameID format configuration
* Initial plan
* Fix transaction name rule rendering and add tests
Co-authored-by: jjmata <187772+jjmata@users.noreply.github.com>
* Remove redundant integration tests for set_transaction_name
The functionality is already covered by existing unit tests in test/models/rule/action_test.rb. The core fix for this PR is the view rendering logic, not the action functionality.
Co-authored-by: jjmata <187772+jjmata@users.noreply.github.com>
* Localize placeholder text for rule action value input
Replace hardcoded "Enter a value" placeholder with localized t() lookup at lines 22 and 41 in app/views/rule/actions/_action.html.erb. Add corresponding translation key to config/locales/views/rules/en.yml under rules.actions.value_placeholder.
Co-authored-by: jjmata <187772+jjmata@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jjmata <187772+jjmata@users.noreply.github.com>
* feat: Add toggle on mobile to show/hide checkboxes in transaction page
* fix: Add multi-select toggle also in activities page. Make JS controller compatible also in this view.
* feat: Add category in mobile view
* feat: Add mobile layout for transaction categories
* feat: Add margin for pagination on mobile
* fix: Ensure category exists when displaying the name
* fix: Adjust mobile paddings
* fix: Display "uncategorized" label if no category is set
* fix: Expand transaction name/subtitle
* feat: Add merchant name on desktop view
* feat: Move merchant name before account name
* fix: Add class to hide merchant on mobile
* feat: Add merchant logo on mobile
* fix: add pointer-events-none to merchant image on mobile view
* feat: toggle header checkbox in transaction page when button is clicked
* Remove unnecessary CSS class
* Remove duplicate CSS class
* Remove wrong Enable Banking logo URL
* Update app/views/transactions/_transaction.html.erb
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Alessio Cappa <104093777+alessiocappa@users.noreply.github.com>
* Revert "Update app/views/transactions/_transaction.html.erb"
This reverts commit 9766c50a1d.
* Add translation for Loan Payment/Transfer
* Apply review comments
* Add accessible name for toggle based on review comments
* Use border instead of border-1 class
* Apply review comments
* Missing l10n key
---------
Signed-off-by: Alessio Cappa <104093777+alessiocappa@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
- Add institution name & domain, to allow fetching logos when no provider is configured
- Add free-form textarea for storing misc. notes (eg. sort codes, account numbers)
- Update account settings form to support these new fields
* Add configuration and logic for dynamic SSO provider support and stricter JIT account creation
- Introduced `config/auth.yml` for centralized auth configuration and documentation.
- Added support for multiple SSO providers, including Google, GitHub, and OpenID Connect.
- Implemented stricter JIT SSO account creation modes (`create_and_link` vs `link_only`).
- Enabled optional restriction of JIT creation by allowed email domains.
- Enhanced OmniAuth initializer for dynamic provider setup and better configurability.
- Refined login UI to handle local login disabling and emergency super-admin override.
- Updated account creation flow to respect JIT mode and domain checks.
- Added tests for SSO account creation, login form visibility, and emergency overrides.
# Conflicts:
# app/controllers/sessions_controller.rb
* remove non-translation
* Refactor authentication views to use translation keys and update locale files
- Extracted hardcoded strings in `oidc_accounts/link.html.erb` and `sessions/new.html.erb` into translation keys for better localization support.
- Added missing translations for English and Spanish in `sessions` and `oidc_accounts` locale files.
* Enhance OmniAuth provider configuration and refine local login override logic
- Updated OmniAuth initializer to support dynamic provider configuration with `name` and scoped parameters for Google and GitHub.
- Improved local login logic to enforce stricter handling of super-admin override when local login is disabled.
- Added test for invalid super-admin override credentials.
* Document Google sign-in configuration for local development and self-hosted environments
---------
Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>
* add zh-CN.yml for chinese
* The files appear to use CRLF line endings instead of LF (Unix-style).
* Add the missing entries to the zh-CN.yml file and include the Simplified Chinese option.
* Fix grammatical errors
Signed-off-by: jiang123574 <jiang123574@163.com>
* Update languages_helper.rb
Signed-off-by: jiang123574 <jiang123574@163.com>
* Update 'SimpleFin' to 'SimpleFIN' in translations
Signed-off-by: jiang123574 <jiang123574@163.com>
* update zh-CN.yml
* update zh-CN.yml
* add new zh-CN.yml
* CodeRabbit comments
* Enable Banking i18n
---------
Signed-off-by: jiang123574 <jiang123574@163.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
* Update SimpleFIN relinking flow and enhance duplicate account handling
- Updated logic to allow relinking of SimpleFIN accounts while preserving legacy mappings.
- Introduced clean-up logic to hide orphaned duplicate accounts after relinking.
- Enhanced UI to display current mappings for linked accounts.
- Improved test coverage for relinking scenarios and SimpleFIN account visibility.
* Localize SimpleFIN account selection messages and remove hardcoded text
- Added translations for user-facing messages in `select_existing_account` flow (`pt-BR` and `en` locales).
- Replaced hardcoded strings in the view with localized keys.
* Localize Enable Banking and SimpleFIN account linking messages; add support for investment accounts.
- Added translations for Enable Banking and SimpleFIN account linking flows.
- Updated views and controllers to replace hardcoded strings with localized keys.
- Introduced support for investment accounts in `Provider::LunchflowAdapter`.
- Enhanced relinking logic for SimpleFIN accounts and improved test coverage for related scenarios.
---------
Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>
* - Add support for `SIMPLEFIN_INCLUDE_PENDING` to control pending behavior via ENV.
- Enhance debug logging for SimpleFin API requests and raw payloads.
- Refine pending flag handling in `SimplefinEntry::Processor` based on provider data and inferred conditions.
- Improve FX metadata processing for transactions with currency mismatches.
- Add new tests for pending detection, FX metadata, and edge cases involving `posted` values.
- Add pending indicator UI to transaction view.
* Document pending transaction detection, storage, and UI behavior for SimpleFIN and Plaid integrations. Add debug flags for troubleshooting.
* Add `pending?` method to `Transaction` model, refactor UI indicator, and centralize SimpleFIN configuration
- Introduced `pending?` method in `Transaction` for unified pending state detection.
- Refactored transaction pending indicator in the UI to use `pending?` method.
- Centralized SimpleFIN configuration in initializer with ENV-backed toggles.
- Updated tests for `pending?` behavior and clarified docs for pending detection logic
* Add SimpleFIN debug and runtime flags to `.env.local.example` and `.env.test.example`
- Introduced `SIMPLEFIN_INCLUDE_PENDING` and `SIMPLEFIN_DEBUG_RAW` flags for controlling pending behavior and debugging.
- Updated example environment files with descriptions for new configuration options.
* Normalize formatting for `SIMPLEFIN_INCLUDE_PENDING` and `SIMPLEFIN_DEBUG_RAW` flags in `.env.local.example` and `.env.test.example`.
---------
Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>
* Fix record violation
and add toggle for recurring feature
* Run only once per sync cycle ( 30 sec )
* FIX params passing
* Add collapsible to recurring section
* FIX preferences error catch
* Address remaining CodeRabbit comments from PR #267
This commit addresses the remaining unresolved code review comments:
1. Fix down migration in drop_was_merged_from_transactions.rb
- Add null: false, default: false constraints to match original column
- Ensures proper rollback compatibility
2. Fix bare rescue in maps_helper.rb compute_duplicate_only_flag
- Replace bare rescue with rescue StandardError => e
- Add proper logging for debugging
- Follows Ruby best practices by being explicit about exception handling
These changes improve code quality and follow Rails/Ruby best practices.
* Refactor `SimplefinItemsController` and add tests for balances sync and account relinking behavior
- Replaced direct sync execution with `SyncJob` for asynchronous handling of balances sync.
- Updated account relinking logic to prevent disabling accounts with other active provider links.
- Removed unused `compute_relink_candidates` method.
- Added tests to verify `balances` action enqueues `SyncJob` and relinking respects account-provider relationships.
* Refactor balances sync to use runtime-only `balances_only` flag
- Replaced persistent `sync_stats` usage with runtime `balances_only?` predicate via `define_singleton_method`.
- Updated `SimplefinItemsController` `balances` action to pass `balances_only` flag to `SyncJob`.
- Enhanced `SyncJob` to attach transient `balances_only?` flag for execution.
- Adjusted `SimplefinItem::Syncer` logic to rely on the runtime `balances_only?` method.
- Updated controller tests to validate runtime flag usage in `SyncJob`.
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>
* Highlight current month in trends insights table
Refactored the logic to apply special styling and label to the row representing the current month, using a date comparison instead of relying on the last index. This ensures the current month is always highlighted, regardless of its position in the data.
* Highlight current month in trends insights
Added an is_current_month flag to trends data in the controller and updated the view to use this flag for highlighting the current month. This improves clarity and avoids redundant date comparisons in the view.
- Updated `date_utils.rb` to return `nil` for timestamps equal to 0.
- Enhanced `SimplefinItem::Importer` to merge transactions by prioritizing non-pending records with valid posted timestamps.
- Introduced a comparator and key-builder for resolving transaction conflicts systematically.
Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>
* Add API endpoint for triggering family sync
Introduces Api::V1::SyncController with a create action to queue a family sync, applying all active rules and syncing accounts. Adds corresponding route, JSON response view, and comprehensive controller tests for authorization and response validation.
* Rename started_at to syncing_at in sync API response
Updated the sync create JSON response to use 'syncing_at' instead of 'started_at'. Adjusted related controller test to check for 'syncing_at'. Also updated API authentication header in test to use 'X-Api-Key' instead of Bearer token.
* Update app/controllers/api/v1/sync_controller.rb
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Mark Hendriksen <hendriksen-mark@hotmail.com>
---------
Signed-off-by: Mark Hendriksen <hendriksen-mark@hotmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fix Rules page when no action on rule
* Reject new rules without actions
* Rule with no action translation
* Easy one to keep translations going
* Fix tests
* Learn something new every day
---------
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
* feat: combine icon + color in outflows section to optimize space on mobile
* fix: adjust spacing in outflows table
* fix: adjust padding and icon sizing
* Replace text-danger with text-destructive in reports views
Updated multiple report partials to use the 'text-destructive' class instead of 'text-danger' as this does not exist. This affects budget performance, summary dashboard, transactions breakdown, and trends insights views.
* Replace bg-danger with bg-destructive in report views
