Files
sure/test/controllers/questrade_items_controller_test.rb
Jestin Palamuttam 5803023fa7 feat(provider): add native Questrade brokerage provider integration (#2534)
* Add native Questrade brokerage provider integration

Adds a per-family Questrade provider so users can sync their Questrade
investment accounts (TFSA, FHSA, RRSP, margin, etc.) directly via
Questrade's free personal API, with no paid aggregator.

- OAuth2 refresh-token flow with single-use token rotation, persisted
  under a row lock. Tokens self-renew on each sync; the connected panel
  lets users paste a fresh token if a connection goes stale (no need to
  disconnect and re-link).
- Imports accounts, balances, positions and activities; multi-currency
  holdings with per-currency cash holdings; Norbert's Gambit journals.
- New-account and link-existing-account flows, settings card with
  desktop-only setup steps, and connect/update/disconnect.
- Restricted to Investment account types. Registered in the provider
  connection-status registry with a syncable scope so it participates in
  nightly family sync.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix: linting error

* fix: refresh token encrypted

The OAuth token exchange passed the single-use refresh token as a GET
query parameter, so it could leak into URL-based logs (Sentry
breadcrumbs, APM spans, debug output). Switch to POST with a
form-encoded body (RFC 6749 3.2) so the credential stays out of URLs.
Verified Questrade's token endpoint accepts POST (returns 400 for a bad
token, not 405). Adds a test asserting the token travels in the body.

* Address PR review: authz, data integrity, retries, logging

Batch of fixes from the automated PR review:

- Require admin for all mutating/linking Questrade actions, and gate
  existing-account linking through accessible_accounts + write permission
  (was only Current.family scoped).
- Clear requires_update when a fresh token is accepted; use a real 302
  redirect (not 422) on full-page failures.
- Require refresh_token on all saves (not just create) unless the item is
  scheduled for deletion.
- Migrations target Rails 7.2; questrade_items state columns are NOT NULL.
- Background activity dedup keys on Questrade fields (matches the importer)
  so multiple activities no longer collapse to one.
- Persist the normalized account payload; date-scope synthetic cash
  holdings so daily history is not overwritten.
- Retry 429/5xx via a RetryableResponseError instead of hard-failing.
- Route provider error bodies to DebugLogEntry instead of Rails.logger /
  exception messages, so payloads do not leak into application logs.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Address PR review: atomic linking, sync health, retry loop, USD cash

- Wrap account creation + provider linking (+ sync_start_date) in a
  transaction in both link paths so a link failure rolls back the orphan
  account.
- Surface per-account process/schedule failures in the item sync health
  instead of always reporting healthy.
- Always stamp last_activities_sync once the background fetch completes,
  so legitimately empty accounts stop being re-queued every sync.
- Treat only the account-currency (CAD) balance as primary cash; other
  currencies (e.g. USD) now surface as separate cash holdings instead of
  being hidden as primary.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Address PR review: serialize token exchange, real processor tests

- Single-use token race: the SDK now wraps every token exchange (initial
  and 401 re-auth) in a model-supplied lock that reloads and spends the
  freshest persisted token (provided.rb#synchronize_exchange). Two
  concurrent syncs/jobs can no longer double-spend the same refresh token.
  Adds a test asserting the exchange runs inside the lock with the fresh
  token.
- Replace the all-skipped QuestradeAccount processor test stubs with real
  fixture-backed tests covering balance anchoring, holdings import, and
  Buy-trade import (plus blank-symbol / blank-type guards).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Fix indentation of spliced Questrade schema blocks

The manually added questrade_accounts/questrade_items create_table blocks
sat at column 0 instead of the file 2-space indent, so rubocop flagged
them as inconsistent. Re-indent to match the rest of the schema.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Include currency and type in the Questrade activity merge key

Two activities that differ only by currency or type could collapse to a
single row in merge_activities. Add both fields to activity_key in the
importer and the background fetch job so multi-currency imports dedup
correctly.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Address review: infer account currency, Encryptable, safer flag clear

From @jjmata's review:

- Currency: QuestradeAccount#upsert_from_questrade! no longer hardcodes CAD
  for every account. upsert_balances! now infers the home currency from the
  per-currency balances (the currency holding the cash wins, ties broken by
  total equity, default CAD) so USD-denominated accounts are labelled USD and
  match the right combinedBalances anchor. Adds tests for USD and CAD cases.
- QuestradeItem now includes the shared Encryptable concern instead of
  reimplementing encryption_ready? inline.
- QuestradeActivitiesFetchJob#clear_pending_flag is now best-effort so it can
  never mask (and swallow) the original error in perform's rescue.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Fix review issues: safe_return_to_path, DebugLogEntry, financial reset, turbo_prefetch, N+1 counts

- Add safe_return_to_path to QuestradeItemsController (blocks //evil.com
  protocol-relative open redirect; same 3-check guard as PR #2591 Wise provider)
- Pass return_to through select_accounts and complete_account_setup so
  users land back on the account they were linking from
- Replace Rails.logger.error/warn with DebugLogEntry.capture in controller
  and unlinking concern (surface errors in the app debug log UI)
- Add questrade_items to Family::FinancialDataReset::PROVIDER_ITEM_ASSOCIATIONS
  so Reset Financial Data actually removes Questrade data
- Add when "questrade" case to load_provider_items in providers_controller
  so the settings panel lazy-load refresh works
- Fix turbo_prefetch: false on non-lunchflow provider links in
  _method_selector.html.erb and select_provider.html.erb (prevents
  prefetch-cache blank-modal bug for all generic sync providers)
- Preload questrade_accounts: :account_provider and build
  @questrade_account_counts_map in AccountsController; read from map in
  partial instead of calling .count on associations (eliminates N+1)
- Localize default connection name via I18n.t(questrade_items.default_name)
- Add default_name key to questrade_items locale

Patterns and bugs surfaced during review of PR #2591 (Wise provider).

* Cross-apply Wise learnings to Questrade provider

Encryption (matched convention from Wise/jjmata review):
- Add deterministic: true to QuestradeItem#refresh_token
- Add encrypts :raw_payload + :raw_institution_payload to QuestradeItem
- Add Encryptable + encrypts :raw_payload, :raw_holdings_payload,
  :raw_activities_payload, :raw_balances_payload to QuestradeAccount
  (brokerage-specific columns; matches MercuryAccount/UpAccount pattern)

Bug fix:
- Add missing RetryableResponseError class to Provider::Questrade
  (used in with_retries rescue clause but never defined — would cause
  NameError on any rate-limited or 5xx response)

Logging:
- Replace Rails.logger.error with DebugLogEntry.capture in
  QuestradeItem#import_latest_questrade_data, #process_accounts,
  and #schedule_account_syncs to surface errors in the support UI

Consistency:
- Extract update_sync_status(sync, key, **i18n_options) helper in
  QuestradeItem::Syncer, replacing 5 inline sync.update! guard calls
- Use blank? instead of ||= for default name fallback in create action

Tests:
- Add QuestradeItemsControllerTest (18 tests: CRUD, sync, account
  linking/setup flows, admin guard enforcement)
- Add questrade fixtures: questrade_items.yml, questrade_accounts.yml
- Add retry/backoff tests to Provider::QuestradeTest (network error,
  429, 5xx — all verify MAX_RETRIES exhaustion raises Error)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Signed-off-by: Jestin Palamuttam <34907800+jestinjoshi@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-08 09:00:49 +02:00

220 lines
7.1 KiB
Ruby

# frozen_string_literal: true
require "test_helper"
class QuestradeItemsControllerTest < ActionDispatch::IntegrationTest
setup do
sign_in users(:family_admin)
SyncJob.stubs(:perform_later)
@family = families(:dylan_family)
@questrade_item = questrade_items(:one)
end
# ---------------------------------------------------------------------------
# create
# ---------------------------------------------------------------------------
test "create adds a new questrade connection" do
assert_difference "QuestradeItem.count", 1 do
post questrade_items_url, params: {
questrade_item: { name: "Business Questrade", refresh_token: "new_token_abc" }
}
end
assert_redirected_to settings_providers_path
assert_equal "new_token_abc", @family.questrade_items.find_by!(name: "Business Questrade").refresh_token
end
test "create uses localized default name when submitted name is blank" do
assert_difference "QuestradeItem.count", 1 do
post questrade_items_url, params: {
questrade_item: { name: " ", refresh_token: "default_name_token" }
}
end
assert_redirected_to settings_providers_path
assert_equal I18n.t("questrade_items.default_name"), @family.questrade_items.order(:created_at).last.name
end
# ---------------------------------------------------------------------------
# update
# ---------------------------------------------------------------------------
test "update renames item and resets status to good when new token provided" do
@questrade_item.update!(status: :requires_update)
patch questrade_item_url(@questrade_item), params: {
questrade_item: { name: "Renamed Questrade", refresh_token: "refreshed_token" }
}
@questrade_item.reload
assert_redirected_to settings_providers_path
assert_equal "Renamed Questrade", @questrade_item.name
assert_equal "refreshed_token", @questrade_item.refresh_token
assert_equal "good", @questrade_item.status
end
test "update with blank token preserves existing token" do
original_token = @questrade_item.refresh_token
patch questrade_item_url(@questrade_item), params: {
questrade_item: { name: "Renamed Questrade", refresh_token: "" }
}
@questrade_item.reload
assert_redirected_to settings_providers_path
assert_equal "Renamed Questrade", @questrade_item.name
assert_equal original_token, @questrade_item.refresh_token
end
# ---------------------------------------------------------------------------
# destroy
# ---------------------------------------------------------------------------
test "destroy schedules the item for deletion" do
delete questrade_item_url(@questrade_item)
assert_redirected_to settings_providers_path
assert @questrade_item.reload.scheduled_for_deletion?
end
# ---------------------------------------------------------------------------
# sync
# ---------------------------------------------------------------------------
test "sync enqueues a sync job" do
assert_difference -> { Sync.where(syncable: @questrade_item).count }, 1 do
post sync_questrade_item_url(@questrade_item)
end
assert_response :redirect
end
test "sync is a no-op when item is already syncing" do
@questrade_item.syncs.create!(status: :syncing)
assert_no_difference -> { Sync.where(syncable: @questrade_item).count } do
post sync_questrade_item_url(@questrade_item)
end
assert_response :redirect
end
# ---------------------------------------------------------------------------
# select_accounts / link_accounts
# ---------------------------------------------------------------------------
test "select_accounts redirects to setup_accounts when credentials configured" do
get select_accounts_questrade_items_url
assert_redirected_to setup_accounts_questrade_item_url(@questrade_item)
end
test "select_accounts redirects to settings when credentials not configured" do
@questrade_item.update_column(:refresh_token, nil)
get select_accounts_questrade_items_url
assert_redirected_to settings_providers_path
end
test "link_accounts creates new accounts for selected questrade_accounts" do
questrade_account = @questrade_item.questrade_accounts.create!(
name: "RRSP (87654321)",
questrade_account_id: "87654321",
account_type: "RRSP",
currency: "CAD",
current_balance: 5000
)
assert_difference "Account.count", 1 do
assert_difference "AccountProvider.count", 1 do
post link_accounts_questrade_items_url, params: {
selected_account_ids: [ questrade_account.id ],
accountable_type: "Investment"
}
end
end
assert_redirected_to accounts_path
end
test "link_accounts redirects to settings when no credentials configured" do
@questrade_item.update_column(:refresh_token, nil)
post link_accounts_questrade_items_url, params: {
selected_account_ids: [ 999 ]
}
assert_redirected_to settings_providers_path
end
test "link_accounts redirects when no account ids selected" do
post link_accounts_questrade_items_url, params: { selected_account_ids: [] }
assert_redirected_to select_accounts_questrade_items_url
end
# ---------------------------------------------------------------------------
# setup_accounts / complete_account_setup
# ---------------------------------------------------------------------------
test "setup_accounts renders unlinked accounts" do
get setup_accounts_questrade_item_url(@questrade_item)
assert_response :success
end
test "complete_account_setup creates accounts from config and redirects" do
questrade_account = @questrade_item.questrade_accounts.create!(
name: "Margin (11111111)",
questrade_account_id: "11111111",
account_type: "Margin",
currency: "CAD",
current_balance: 3000
)
assert_difference "Account.count", 1 do
post complete_account_setup_questrade_item_url(@questrade_item), params: {
accounts: {
questrade_account.id.to_s => { account_type: "investment", balance: "3000" }
}
}
end
assert_redirected_to accounts_path
end
test "complete_account_setup redirects with alert when no accounts provided" do
post complete_account_setup_questrade_item_url(@questrade_item), params: { accounts: {} }
assert_redirected_to setup_accounts_questrade_item_url(@questrade_item)
end
# ---------------------------------------------------------------------------
# admin guard
# ---------------------------------------------------------------------------
test "non-admin cannot create a questrade item" do
sign_in users(:family_member)
assert_no_difference "QuestradeItem.count" do
post questrade_items_url, params: {
questrade_item: { name: "Sneaky Questrade", refresh_token: "sneak_token" }
}
end
assert_redirected_to accounts_path
end
test "non-admin cannot destroy a questrade item" do
sign_in users(:family_member)
delete questrade_item_url(@questrade_item)
assert_redirected_to accounts_path
assert_not @questrade_item.reload.scheduled_for_deletion?
end
end