mirror of
https://github.com/we-promise/sure.git
synced 2026-05-27 22:44:55 +00:00
95f6451b39
* feat(sync): add Brex provider schema Adds Brex item and account tables with per-family credentials, scoped upstream account uniqueness, encrypted token storage, and sanitized provider payload columns. * feat(sync): add Brex provider core Adds Brex item/account models, provider client and adapter support, family connection helpers, and provider enum registration for read-only Brex cash and card data. * feat(sync): add Brex import pipeline Adds Brex account discovery, linked-account sync, cash/card balance processors, transaction import, sanitized metadata handling, and idempotent provider entry processing. * feat(sync): add Brex connection flows Adds Mercury-style Brex connection management, explicit item-scoped account selection and linking, settings provider UI, account index visibility, localized copy, and per-item cache handling. * test(sync): cover Brex provider workflows Adds targeted coverage for Brex provider requests, adapter config, item/account guards, importer behavior, entry processing, and Mercury-style controller flows. * fix(sync): align Brex API edge cases Tightens Brex account fetching against the official card-account response shape, sends transaction start filters as RFC3339 date-times, and keeps provider error bodies out of user-facing messages while expanding provider client guard coverage. * fix(sync): harden Brex provider integration Restrict Brex API base URLs to official hosts, tighten account-selection UI behavior, and add tests for invalid credentials, cache scoping, and provider setup edge cases. * test(sync): avoid Brex secret-shaped fixtures * refactor(sync): extract Brex account flows * fix(sync): address Brex provider review feedback * fix(sync): address Brex review follow-ups Move remaining Brex review cleanup into focused model behavior, tighten link/setup edge cases, localize summaries, and add regression coverage from CodeRabbit feedback. Also records the security-review pass as no-findings after diff-scoped inspection and Brakeman validation. * refactor(sync): split Brex account flow controllers Route Brex account selection and setup actions through small namespaced controllers while keeping existing URLs and helpers stable. Business flow remains in BrexItem::AccountFlow; the main Brex item controller now only handles connection CRUD, provider-panel rendering, destroy, and sync. * fix(sync): address Brex CodeRabbit review * fix(sync): address Brex follow-up review * fix(sync): address Brex review follow-ups * fix(sync): address Brex sync review findings * fix(sync): polish Brex review copy and errors * fix(sync): register Brex provider health * fix(sync): polish Brex bank sync presentation * fix(sync): address Brex review follow-ups * fix(sync): tighten Brex setup params * test(api): stabilize usage rate-limit window * fix(sync): polish Brex setup flow nits * fix(sync): harden Brex setup params * fix(sync): finalize Brex review cleanup --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
155 lines
7.8 KiB
Plaintext
155 lines
7.8 KiB
Plaintext
<div id="brex-providers-panel" class="space-y-4">
|
|
<% active_items = local_assigns[:brex_items] || @brex_items || Current.family.brex_items.active.ordered %>
|
|
<% credentialed_items = active_items.select(&:credentials_configured?) %>
|
|
|
|
<div class="prose prose-sm text-secondary">
|
|
<p class="text-primary font-medium"><%= t("brex_items.provider_panel.setup_title") %></p>
|
|
<ol>
|
|
<li><%= t("brex_items.provider_panel.instructions.sign_in_html", link: link_to("Brex", "https://brex.com", target: "_blank", rel: "noopener noreferrer", class: "link")) %></li>
|
|
<li><%= t("brex_items.provider_panel.instructions.open_tokens") %></li>
|
|
<li><%= t("brex_items.provider_panel.instructions.create_token") %></li>
|
|
<li><%= t("brex_items.provider_panel.instructions.copy_token_html") %></li>
|
|
</ol>
|
|
|
|
<p class="text-sm text-subdued mt-2">
|
|
<%= t("brex_items.provider_panel.sandbox_note_html") %>
|
|
</p>
|
|
</div>
|
|
|
|
<% unless BrexItem.encryption_ready? %>
|
|
<div class="p-3 rounded-md bg-warning/10 text-warning text-sm">
|
|
<div class="flex items-start gap-2">
|
|
<%= icon "shield-alert", size: "sm", class: "mt-0.5 shrink-0" %>
|
|
<div>
|
|
<p class="font-medium"><%= t("brex_items.provider_panel.encryption_warning.title") %></p>
|
|
<p class="mt-1"><%= t("brex_items.provider_panel.encryption_warning.message") %></p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<% end %>
|
|
|
|
<% error_msg = local_assigns[:error_message] || @error_message %>
|
|
<% if error_msg.present? %>
|
|
<div class="p-2 rounded-md bg-destructive/10 text-destructive text-sm overflow-hidden">
|
|
<p class="line-clamp-3" title="<%= error_msg %>"><%= error_msg %></p>
|
|
</div>
|
|
<% end %>
|
|
|
|
<% if active_items.any? %>
|
|
<div class="space-y-3">
|
|
<% active_items.each do |item| %>
|
|
<details class="group bg-container p-4 shadow-border-xs rounded-xl">
|
|
<summary class="flex items-center justify-between gap-2">
|
|
<div class="flex items-center gap-3">
|
|
<div class="flex items-center justify-center h-8 w-8 bg-container-inset rounded-full">
|
|
<p class="text-primary text-xs font-medium"><%= item.name.to_s.first.to_s.upcase %></p>
|
|
</div>
|
|
<div>
|
|
<p class="font-medium text-primary"><%= item.name %></p>
|
|
<p class="text-xs text-secondary"><%= item.sync_status_summary %></p>
|
|
</div>
|
|
</div>
|
|
</summary>
|
|
|
|
<div class="mt-4 space-y-4">
|
|
<div class="flex items-center gap-2">
|
|
<%= button_to sync_brex_item_path(item),
|
|
method: :post,
|
|
class: "inline-flex items-center gap-1 px-3 py-1.5 text-sm font-medium text-secondary hover:text-primary border border-secondary rounded-lg hover:border-primary",
|
|
disabled: item.syncing? do %>
|
|
<%= icon "refresh-cw", size: "sm" %>
|
|
<%= t("brex_items.provider_panel.sync") %>
|
|
<% end %>
|
|
<%= button_to brex_item_path(item),
|
|
method: :delete,
|
|
class: "inline-flex items-center gap-1 px-3 py-1.5 text-sm font-medium text-destructive hover:bg-destructive/10 rounded-lg",
|
|
aria: { label: t("brex_items.provider_panel.disconnect_label", name: item.name) },
|
|
data: { turbo_confirm: t("brex_items.provider_panel.disconnect_confirm", name: item.name) } do %>
|
|
<%= icon "trash-2", size: "sm" %>
|
|
<% end %>
|
|
</div>
|
|
|
|
<%= styled_form_with model: item,
|
|
url: brex_item_path(item),
|
|
scope: :brex_item,
|
|
method: :patch,
|
|
data: { turbo: true },
|
|
class: "space-y-3" do |form| %>
|
|
<%= form.text_field :name,
|
|
label: t("brex_items.provider_panel.connection_name_label"),
|
|
placeholder: t("brex_items.provider_panel.connection_name_placeholder") %>
|
|
|
|
<%= form.text_field :token,
|
|
label: t("brex_items.provider_panel.token_label"),
|
|
placeholder: t("brex_items.provider_panel.keep_token_placeholder"),
|
|
type: :password,
|
|
value: nil %>
|
|
|
|
<%= form.text_field :base_url,
|
|
label: t("brex_items.provider_panel.base_url_label"),
|
|
placeholder: t("brex_items.provider_panel.base_url_placeholder"),
|
|
value: item.base_url %>
|
|
|
|
<div class="flex flex-wrap justify-end gap-2">
|
|
<%= render DS::Link.new(
|
|
text: t("brex_items.provider_panel.setup_accounts"),
|
|
icon: "settings",
|
|
variant: "secondary",
|
|
href: setup_accounts_brex_item_path(item),
|
|
frame: :modal
|
|
) %>
|
|
<%= form.submit t("brex_items.provider_panel.update_connection"),
|
|
class: "inline-flex items-center justify-center rounded-lg px-4 py-2 text-sm font-medium text-inverse bg-inverse hover:bg-inverse-hover focus:outline-none focus:ring-2 focus:ring-primary transition-colors" %>
|
|
</div>
|
|
<% end %>
|
|
</div>
|
|
</details>
|
|
<% end %>
|
|
</div>
|
|
<% end %>
|
|
|
|
<details <%= "open" unless active_items.any? %> class="group bg-container p-4 shadow-border-xs rounded-xl">
|
|
<summary class="flex items-center gap-2 text-sm font-medium text-primary">
|
|
<%= icon "plus" %>
|
|
<%= t("brex_items.provider_panel.add_connection") %>
|
|
</summary>
|
|
|
|
<% brex_item = Current.family.brex_items.build(name: t("brex_items.provider_panel.default_connection_name")) %>
|
|
<%= styled_form_with model: brex_item,
|
|
url: brex_items_path,
|
|
scope: :brex_item,
|
|
method: :post,
|
|
data: { turbo: true },
|
|
class: "space-y-3 mt-4" do |form| %>
|
|
<%= form.text_field :name,
|
|
label: t("brex_items.provider_panel.connection_name_label"),
|
|
placeholder: t("brex_items.provider_panel.connection_name_placeholder") %>
|
|
|
|
<%= form.text_field :token,
|
|
label: t("brex_items.provider_panel.token_label"),
|
|
placeholder: t("brex_items.provider_panel.token_placeholder"),
|
|
type: :password,
|
|
value: nil %>
|
|
|
|
<%= form.text_field :base_url,
|
|
label: t("brex_items.provider_panel.base_url_label"),
|
|
placeholder: t("brex_items.provider_panel.base_url_placeholder") %>
|
|
|
|
<div class="flex justify-end">
|
|
<%= form.submit t("brex_items.provider_panel.add_connection"),
|
|
class: "inline-flex items-center justify-center rounded-lg px-4 py-2 text-sm font-medium text-inverse bg-inverse hover:bg-inverse-hover focus:outline-none focus:ring-2 focus:ring-primary transition-colors" %>
|
|
</div>
|
|
<% end %>
|
|
</details>
|
|
|
|
<div class="flex items-center gap-2">
|
|
<% if credentialed_items.any? %>
|
|
<div class="w-2 h-2 bg-success rounded-full"></div>
|
|
<p class="text-sm text-secondary"><%= t("brex_items.provider_panel.configured_html", accounts_link: link_to(t("brex_items.provider_panel.accounts_link"), accounts_path, class: "link")) %></p>
|
|
<% else %>
|
|
<div class="w-2 h-2 bg-surface-inset rounded-full"></div>
|
|
<p class="text-sm text-secondary"><%= t("brex_items.provider_panel.not_configured") %></p>
|
|
<% end %>
|
|
</div>
|
|
</div>
|