QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-05-25 21:44:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
65bed0db2fb0e4e8a36c0cb9a255d92917de55c2
sure/test/models/provider/brex_adapter_test.rb
ghost 95f6451b39 feat(sync): add Brex provider connections (#1752) 
* feat(sync): add Brex provider schema

Adds Brex item and account tables with per-family credentials, scoped upstream account uniqueness, encrypted token storage, and sanitized provider payload columns.

* feat(sync): add Brex provider core

Adds Brex item/account models, provider client and adapter support, family connection helpers, and provider enum registration for read-only Brex cash and card data.

* feat(sync): add Brex import pipeline

Adds Brex account discovery, linked-account sync, cash/card balance processors, transaction import, sanitized metadata handling, and idempotent provider entry processing.

* feat(sync): add Brex connection flows

Adds Mercury-style Brex connection management, explicit item-scoped account selection and linking, settings provider UI, account index visibility, localized copy, and per-item cache handling.

* test(sync): cover Brex provider workflows

Adds targeted coverage for Brex provider requests, adapter config, item/account guards, importer behavior, entry processing, and Mercury-style controller flows.

* fix(sync): align Brex API edge cases

Tightens Brex account fetching against the official card-account response shape, sends transaction start filters as RFC3339 date-times, and keeps provider error bodies out of user-facing messages while expanding provider client guard coverage.

* fix(sync): harden Brex provider integration

Restrict Brex API base URLs to official hosts, tighten account-selection UI behavior, and add tests for invalid credentials, cache scoping, and provider setup edge cases.

* test(sync): avoid Brex secret-shaped fixtures

* refactor(sync): extract Brex account flows

* fix(sync): address Brex provider review feedback

* fix(sync): address Brex review follow-ups

Move remaining Brex review cleanup into focused model behavior, tighten link/setup edge cases, localize summaries, and add regression coverage from CodeRabbit feedback.

Also records the security-review pass as no-findings after diff-scoped inspection and Brakeman validation.

* refactor(sync): split Brex account flow controllers

Route Brex account selection and setup actions through small namespaced controllers while keeping existing URLs and helpers stable.

Business flow remains in BrexItem::AccountFlow; the main Brex item controller now only handles connection CRUD, provider-panel rendering, destroy, and sync.

* fix(sync): address Brex CodeRabbit review

* fix(sync): address Brex follow-up review

* fix(sync): address Brex review follow-ups

* fix(sync): address Brex sync review findings

* fix(sync): polish Brex review copy and errors

* fix(sync): register Brex provider health

* fix(sync): polish Brex bank sync presentation

* fix(sync): address Brex review follow-ups

* fix(sync): tighten Brex setup params

* test(api): stabilize usage rate-limit window

* fix(sync): polish Brex setup flow nits

* fix(sync): harden Brex setup params

* fix(sync): finalize Brex review cleanup

---------

Signed-off-by: Juan José Mata <juanjo.mata@gmail.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
2026-05-13 18:13:48 +02:00

225 lines
7.4 KiB
Ruby
Raw Blame History

require "uri"
require "test_helper"
class Provider::BrexAdapterTest < ActiveSupport::TestCase
test "supports Depository accounts" do
assert_includes Provider::BrexAdapter.supported_account_types, "Depository"
end
test "supports CreditCard accounts" do
assert_includes Provider::BrexAdapter.supported_account_types, "CreditCard"
end
test "does not support Investment accounts" do
assert_not_includes Provider::BrexAdapter.supported_account_types, "Investment"
end
test "returns fallback connection config when no credentials exist yet" do
# Brex is a per-family provider - any family can connect
family = families(:empty)
configs = Provider::BrexAdapter.connection_configs(family: family)
assert_equal 1, configs.length
assert_equal "brex", configs.first[:key]
assert_equal I18n.t("brex_items.provider_connection.default_name"), configs.first[:name]
assert configs.first[:can_connect]
end
test "returns one connection config per credentialed brex item" do
family = families(:dylan_family)
first_item = brex_items(:one)
second_item = BrexItem.create!(
family: family,
name: "Business Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
configs = Provider::BrexAdapter.connection_configs(family: family)
assert_equal 2, configs.length
assert_equal [ "brex_#{second_item.id}", "brex_#{first_item.id}" ], configs.map { |config| config[:key] }
assert_equal [
I18n.t("brex_items.provider_connection.name", name: second_item.name),
I18n.t("brex_items.provider_connection.name", name: first_item.name)
], configs.map { |config| config[:name] }
new_account_uri = URI.parse(configs.first[:new_account_path].call("Depository", "/accounts"))
assert_equal "/brex_items/select_accounts", new_account_uri.path
assert_includes new_account_uri.query, "brex_item_id=#{second_item.id}"
existing_account_uri = URI.parse(configs.first[:existing_account_path].call(accounts(:depository).id))
assert_equal "/brex_items/select_existing_account", existing_account_uri.path
assert_includes existing_account_uri.query, "brex_item_id=#{second_item.id}"
end
test "connection configs ignore items with whitespace-only tokens" do
family = families(:dylan_family)
BrexItem.create!(
family: family,
name: "Blank Brex",
token: "temporary_token",
base_url: "https://api.brex.com"
).update_column(:token, " ")
configs = Provider::BrexAdapter.connection_configs(family: family)
assert_equal [ "brex_#{brex_items(:one).id}" ], configs.map { |config| config[:key] }
end
test "build_provider returns nil when family is nil" do
assert_nil Provider::BrexAdapter.build_provider(family: nil)
end
test "build_provider returns nil when family has no brex items" do
family = families(:empty)
assert_nil Provider::BrexAdapter.build_provider(family: family)
end
test "build_provider returns Brex provider when credentials configured" do
family = families(:dylan_family)
provider = Provider::BrexAdapter.build_provider(family: family)
assert_instance_of Provider::Brex, provider
end
test "build_provider uses explicit brex item credentials" do
family = families(:dylan_family)
second_item = BrexItem.create!(
family: family,
name: "Business Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
provider = Provider::BrexAdapter.build_provider(family: family, brex_item_id: second_item.id)
assert_instance_of Provider::Brex, provider
assert_equal "second_brex_token", provider.token
assert_equal "https://api.brex.com", provider.base_url
end
test "build_provider does not pick the first connection when multiple credentials exist" do
family = families(:dylan_family)
BrexItem.create!(
family: family,
name: "Business Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
assert_nil Provider::BrexAdapter.build_provider(family: family)
end
test "build_provider strips surrounding token whitespace" do
family = families(:dylan_family)
second_item = BrexItem.create!(
family: family,
name: "Business Brex",
token: " second_brex_token \n",
base_url: "https://api.brex.com"
)
provider = Provider::BrexAdapter.build_provider(family: family, brex_item_id: second_item.id)
assert_equal "second_brex_token", provider.token
end
test "build_provider refuses brex items outside the family" do
family = families(:dylan_family)
other_item = BrexItem.create!(
family: families(:empty),
name: "Other Brex",
token: "other_brex_token",
base_url: "https://api.brex.com"
)
assert_nil Provider::BrexAdapter.build_provider(family: family, brex_item_id: other_item.id)
end
test "build_provider refuses explicit brex item without usable credentials" do
family = families(:dylan_family)
blank_item = BrexItem.create!(
family: family,
name: "Blank Brex",
token: "temporary_token",
base_url: "https://api.brex.com"
)
blank_item.update_column(:token, " ")
assert_nil Provider::BrexAdapter.build_provider(family: family, brex_item_id: blank_item.id)
end
test "build_provider refuses explicit brex item with invalid persisted base_url" do
family = families(:dylan_family)
item = BrexItem.create!(
family: family,
name: "Invalid URL Brex",
token: "token",
base_url: "https://api.brex.com"
)
item.update_column(:base_url, "https://evil.example.test")
assert_nil Provider::BrexAdapter.build_provider(family: family, brex_item_id: item.id)
end
test "reads institution metadata from brex account column" do
brex_account = brex_items(:one).brex_accounts.create!(
account_id: "metadata_cash",
account_kind: "cash",
name: "Metadata Cash",
currency: "USD",
institution_metadata: {
"name" => "Brex",
"domain" => "brex.com",
"url" => "https://brex.com"
}
)
adapter = Provider::BrexAdapter.new(brex_account)
assert_equal "brex.com", brex_account.institution_metadata["domain"]
assert_equal "brex.com", adapter.institution_domain
assert_equal "Brex", adapter.institution_name
assert_equal "https://brex.com", adapter.institution_url
end
test "falls back to brex item institution metadata" do
brex_item = brex_items(:one)
brex_item.update!(
institution_name: "Brex Item Name",
institution_url: "https://brex.com/item",
institution_color: "#123456"
)
brex_account = brex_item.brex_accounts.create!(
account_id: "metadata_fallback_cash",
account_kind: "cash",
name: "Metadata Fallback Cash",
currency: "USD"
)
adapter = Provider::BrexAdapter.new(brex_account)
assert_equal "Brex Item Name", adapter.institution_name
assert_equal "https://brex.com/item", adapter.institution_url
assert_equal "#123456", adapter.institution_color
end
test "logs institution urls without hosts" do
brex_account = brex_items(:one).brex_accounts.create!(
account_id: "metadata_bad_url_cash",
account_kind: "cash",
name: "Metadata Bad URL Cash",
currency: "USD",
institution_metadata: {
"url" => "not-a-url"
}
)
Rails.logger.expects(:warn).with(regexp_matches(/institution URL has no host/))
assert_nil Provider::BrexAdapter.new(brex_account).institution_domain
end
end
Reference in New Issue View Git Blame Copy Permalink