QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-05-29 15:34:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c07236f715c30aedf5e89692240c8d4e078d64f
sure/test/models/brex_item/account_flow_test.rb
ghost 95f6451b39 feat(sync): add Brex provider connections (#1752) 
* feat(sync): add Brex provider schema

Adds Brex item and account tables with per-family credentials, scoped upstream account uniqueness, encrypted token storage, and sanitized provider payload columns.

* feat(sync): add Brex provider core

Adds Brex item/account models, provider client and adapter support, family connection helpers, and provider enum registration for read-only Brex cash and card data.

* feat(sync): add Brex import pipeline

Adds Brex account discovery, linked-account sync, cash/card balance processors, transaction import, sanitized metadata handling, and idempotent provider entry processing.

* feat(sync): add Brex connection flows

Adds Mercury-style Brex connection management, explicit item-scoped account selection and linking, settings provider UI, account index visibility, localized copy, and per-item cache handling.

* test(sync): cover Brex provider workflows

Adds targeted coverage for Brex provider requests, adapter config, item/account guards, importer behavior, entry processing, and Mercury-style controller flows.

* fix(sync): align Brex API edge cases

Tightens Brex account fetching against the official card-account response shape, sends transaction start filters as RFC3339 date-times, and keeps provider error bodies out of user-facing messages while expanding provider client guard coverage.

* fix(sync): harden Brex provider integration

Restrict Brex API base URLs to official hosts, tighten account-selection UI behavior, and add tests for invalid credentials, cache scoping, and provider setup edge cases.

* test(sync): avoid Brex secret-shaped fixtures

* refactor(sync): extract Brex account flows

* fix(sync): address Brex provider review feedback

* fix(sync): address Brex review follow-ups

Move remaining Brex review cleanup into focused model behavior, tighten link/setup edge cases, localize summaries, and add regression coverage from CodeRabbit feedback.

Also records the security-review pass as no-findings after diff-scoped inspection and Brakeman validation.

* refactor(sync): split Brex account flow controllers

Route Brex account selection and setup actions through small namespaced controllers while keeping existing URLs and helpers stable.

Business flow remains in BrexItem::AccountFlow; the main Brex item controller now only handles connection CRUD, provider-panel rendering, destroy, and sync.

* fix(sync): address Brex CodeRabbit review

* fix(sync): address Brex follow-up review

* fix(sync): address Brex review follow-ups

* fix(sync): address Brex sync review findings

* fix(sync): polish Brex review copy and errors

* fix(sync): register Brex provider health

* fix(sync): polish Brex bank sync presentation

* fix(sync): address Brex review follow-ups

* fix(sync): tighten Brex setup params

* test(api): stabilize usage rate-limit window

* fix(sync): polish Brex setup flow nits

* fix(sync): harden Brex setup params

* fix(sync): finalize Brex review cleanup

---------

Signed-off-by: Juan José Mata <juanjo.mata@gmail.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
2026-05-13 18:13:48 +02:00

395 lines
13 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require "test_helper"
class BrexItem::AccountFlowTest < ActiveSupport::TestCase
setup do
SyncJob.stubs(:perform_later)
@family = families(:dylan_family)
@brex_item = brex_items(:one)
end
test "requires explicit item when multiple credentialed connections exist" do
BrexItem.create!(
family: @family,
name: "Second Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
flow = BrexItem::AccountFlow.new(family: @family)
assert_not flow.selected?
assert flow.selection_required?
end
test "preload payload returns explicit selection error when multiple connections exist" do
BrexItem.create!(
family: @family,
name: "Second Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
payload = BrexItem::AccountFlow.new(family: @family).preload_payload
assert_equal false, payload[:success]
assert_equal "select_connection", payload[:error]
assert_nil payload[:has_accounts]
end
test "preload payload treats cached empty accounts as a cache hit" do
cache_key = BrexItem::AccountFlow.cache_key(@family, @brex_item)
Rails.cache.expects(:read).with(cache_key).returns([])
Rails.cache.expects(:write).never
@brex_item.expects(:brex_provider).never
payload = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item).preload_payload
assert payload[:success]
assert_equal false, payload[:has_accounts]
assert_equal true, payload[:cached]
end
test "account cache keys isolate multiple credentialed connections with shared upstream ids" do
second_item = BrexItem.create!(
family: @family,
name: "Second Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
first_cache_key = BrexItem::AccountFlow.cache_key(@family, @brex_item)
second_cache_key = BrexItem::AccountFlow.cache_key(@family, second_item)
refute_equal first_cache_key, second_cache_key
Rails.cache.expects(:read).with(first_cache_key).never
Rails.cache.expects(:read).with(second_cache_key).returns(
[ { id: BrexAccount.card_account_id, name: "Second Brex Card", account_kind: "card" } ]
)
Rails.cache.expects(:write).never
result = BrexItem::AccountFlow.new(family: @family, brex_item: second_item).select_accounts_result(accountable_type: "CreditCard")
assert result.success?
assert_equal [ "Second Brex Card" ], result.available_accounts.map { |account| account.with_indifferent_access[:name] }
end
test "preload payload reports invalid explicit connection as selection error" do
payload = BrexItem::AccountFlow.new(
family: @family,
brex_item_id: " #{SecureRandom.uuid} "
).preload_payload
assert_equal false, payload[:success]
assert_equal "select_connection", payload[:error]
assert_nil payload[:has_accounts]
end
test "import accounts reports missing selected item as no api token" do
flow = BrexItem::AccountFlow.new(family: @family, brex_item_id: SecureRandom.uuid)
assert_raises BrexItem::AccountFlow::NoApiTokenError do
flow.import_accounts_from_api_if_needed
end
end
test "link result returns navigation instead of raising expected selection errors" do
BrexItem.create!(
family: @family,
name: "Second Brex",
token: "second_brex_token",
base_url: "https://api.brex.com"
)
result = BrexItem::AccountFlow.new(family: @family).link_new_accounts_result(
account_ids: [ "cash_import_1" ],
accountable_type: "Depository"
)
assert_equal :settings_providers, result.target
assert_equal :alert, result.flash_type
assert_equal I18n.t("brex_items.link_accounts.select_connection"), result.message
end
test "link new accounts rejects unsupported account type before creating accounts" do
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
@brex_item.expects(:brex_provider).never
assert_no_difference [ "Account.count", "BrexAccount.count", "AccountProvider.count" ] do
result = flow.link_new_accounts_result(
account_ids: [ "cash_import_1" ],
accountable_type: "Investment"
)
assert_equal :new_account, result.target
assert_equal :alert, result.flash_type
assert_equal I18n.t("brex_items.link_accounts.invalid_account_type"), result.message
end
end
test "link new accounts converts unexpected errors into navigation alerts" do
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
flow.expects(:link_new_accounts!).raises(StandardError, "link failure")
result = flow.link_new_accounts_result(
account_ids: [ "cash_import_1" ],
accountable_type: "Depository"
)
assert_equal :new_account, result.target
assert_equal :alert, result.flash_type
assert_equal I18n.t("brex_items.errors.unexpected_error"), result.message
end
test "link existing account converts unexpected errors into navigation alerts" do
account = @family.accounts.create!(
name: "Manual Checking",
balance: 0,
currency: "USD",
accountable: Depository.new
)
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
flow.expects(:link_existing_account!).raises(StandardError, "link existing failure")
result = flow.link_existing_account_result(account: account, brex_account_id: "cash_import_1")
assert_equal :accounts, result.target
assert_equal :alert, result.flash_type
assert_equal I18n.t("brex_items.errors.unexpected_error"), result.message
end
test "imports provider accounts into the selected item" do
brex_item = BrexItem.create!(
family: @family,
name: "Import Brex",
token: "import_brex_token",
base_url: "https://api.brex.com"
)
provider = mock("brex_provider")
provider.expects(:get_accounts).returns(
accounts: [
{
id: "cash_import_1",
name: "Imported Cash",
account_kind: "cash",
current_balance: { amount: 12_345, currency: "USD" },
account_number: "account-last4-3456"
}
]
)
brex_item.expects(:brex_provider).returns(provider)
flow = BrexItem::AccountFlow.new(family: @family, brex_item: brex_item)
assert_difference -> { brex_item.brex_accounts.count }, 1 do
assert_nil flow.import_accounts_from_api_if_needed
end
brex_account = brex_item.brex_accounts.find_by!(account_id: "cash_import_1")
assert_equal "Imported Cash", brex_account.name
assert_equal "3456", brex_account.raw_payload["account_number_last4"]
refute_includes brex_account.raw_payload.to_s, "account-last4-3456"
end
test "refreshes existing provider accounts during setup discovery" do
brex_item = BrexItem.create!(
family: @family,
name: "Refresh Brex",
token: "refresh_brex_token",
base_url: "https://api.brex.com"
)
brex_item.brex_accounts.create!(
account_id: "cash_import_1",
name: "Old Cash",
currency: "USD",
account_kind: "cash",
current_balance: 1
)
provider = mock("brex_provider")
provider.expects(:get_accounts).returns(
accounts: [
{
id: "cash_import_1",
name: "Updated Cash",
account_kind: "cash",
current_balance: { amount: 12_345, currency: "USD" }
}
]
)
brex_item.expects(:brex_provider).returns(provider)
flow = BrexItem::AccountFlow.new(family: @family, brex_item: brex_item)
assert_no_difference -> { brex_item.brex_accounts.count } do
assert_nil flow.import_accounts_from_api_if_needed
end
brex_account = brex_item.brex_accounts.find_by!(account_id: "cash_import_1")
assert_equal "Updated Cash", brex_account.name
assert_equal BigDecimal("123.45"), brex_account.current_balance
end
test "complete setup result is unsuccessful when any account creation fails" do
first_brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_result_partial_1",
account_kind: "cash",
name: "Setup Result Partial One",
currency: "USD",
current_balance: 100
)
second_brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_result_partial_2",
account_kind: "cash",
name: "Setup Result Partial Two",
currency: "USD",
current_balance: 100
)
second_brex_account.update_column(:name, nil)
result = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item).complete_setup_result(
account_types: {
first_brex_account.id => "Depository",
second_brex_account.id => "Depository"
},
account_subtypes: {}
)
refute result.success?
assert_match(/failed/i, result.message)
assert first_brex_account.reload.account_provider.present?
assert_nil second_brex_account.reload.account_provider
end
test "complete setup creates account links with default subtype" do
brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_cash_1",
account_kind: "cash",
name: "Setup Cash",
currency: "USD",
current_balance: 100
)
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
assert_difference "AccountProvider.count", 1 do
result = flow.complete_setup!(
account_types: { brex_account.id => "Depository" },
account_subtypes: {}
)
assert_equal 1, result.created_count
assert_equal 0, result.skipped_count
end
account = brex_account.reload.account
assert_equal "Setup Cash", account.name
assert_equal Depository::DEFAULT_SUBTYPE, account.accountable.subtype
end
test "complete setup keeps prior accounts when one account creation fails" do
first_brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_partial_1",
account_kind: "cash",
name: "Setup Partial One",
currency: "USD",
current_balance: 100
)
second_brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_partial_2",
account_kind: "cash",
name: "Setup Partial Two",
currency: "USD",
current_balance: 100
)
second_brex_account.update_column(:name, nil)
result = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item).complete_setup!(
account_types: {
first_brex_account.id => "Depository",
second_brex_account.id => "Depository"
},
account_subtypes: {}
)
assert_equal 1, result.created_count
assert_equal 1, result.failed_count
assert first_brex_account.reload.account_provider.present?
assert_nil second_brex_account.reload.account_provider
end
test "link new accounts rolls back account creation when provider link fails" do
provider = mock("brex_provider")
provider.expects(:get_accounts).returns(
accounts: [
{
id: "rollback_cash_1",
name: "Rollback Cash",
account_kind: "cash",
current_balance: { amount: 12_345, currency: "USD" }
}
]
)
@brex_item.expects(:brex_provider).returns(provider)
AccountProvider.expects(:create!).raises(ActiveRecord::RecordInvalid.new(AccountProvider.new))
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
assert_no_difference [ "Account.count", "BrexAccount.count", "AccountProvider.count" ] do
assert_raises(ActiveRecord::RecordInvalid) do
flow.link_new_accounts!(account_ids: [ "rollback_cash_1" ], accountable_type: "Depository")
end
end
end
test "link existing account rolls back provider account when link creation fails" do
account = @family.accounts.create!(
name: "Existing Cash",
balance: 0,
currency: "USD",
accountable: Depository.new
)
provider = mock("brex_provider")
provider.expects(:get_accounts).returns(
accounts: [
{
id: "rollback_existing_cash_1",
name: "Rollback Existing Cash",
account_kind: "cash",
current_balance: { amount: 12_345, currency: "USD" }
}
]
)
@brex_item.expects(:brex_provider).returns(provider)
AccountProvider.expects(:create!).raises(ActiveRecord::RecordInvalid.new(AccountProvider.new))
flow = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item)
assert_no_difference [ "BrexAccount.count", "AccountProvider.count" ] do
assert_raises(ActiveRecord::RecordInvalid) do
flow.link_existing_account!(account: account, brex_account_id: "rollback_existing_cash_1")
end
end
end
test "complete setup result returns localized notice" do
brex_account = @brex_item.brex_accounts.create!(
account_id: "setup_result_cash_1",
account_kind: "cash",
name: "Setup Result Cash",
currency: "USD",
current_balance: 100
)
result = BrexItem::AccountFlow.new(family: @family, brex_item: @brex_item).complete_setup_result(
account_types: { brex_account.id => "Depository" },
account_subtypes: {}
)
assert result.success?
assert_equal I18n.t("brex_items.complete_account_setup.success", count: 1), result.message
end
end
Reference in New Issue View Git Blame Copy Permalink