QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-04-09 15:24:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e573896efe6dee2ee71fa187a869b4e593603565
sure/test/models/provider/indexa_capital_test.rb
David Gil ba442d5f26 Implement Indexa Capital provider with real API integration (#933) 
* Add Indexa Capital provider scaffold

Generate Indexa Capital provider scaffolding and align credential fields with the API authentication requirements.

* Fix PR 926 lint and schema CI failures

* Implement Indexa Capital provider with real API integration

- Rewrite all broken view templates (were meta-ERB from code generator)
- Create missing select_accounts.html.erb template
- Implement real API calls: list_accounts via /users/me, get_holdings
  via /accounts/{number}/fiscal-results, get_account_balance via
  /accounts/{number}/performance
- Add API token auth support (stored token > env token > credentials)
- Add api_token column with encryption support
- Redesign settings panel: API token prominent, credentials collapsible
- Fix account balances display using performance endpoint portfolios
- Fix accounts index empty-state guard missing indexa_capital_items
- Simplify activities fetch job (no activities API endpoint exists)
- Fix i18n interpolation (%%{ -> %{) throughout locale file

* Add tests for Indexa Capital provider integration

- IndexaCapitalItemTest: validations, credentials, scopes, sync status
- IndexaCapitalAccountTest: upsert, holdings, account provider linking
- Provider::IndexaCapitalTest: auth modes, API stubs, error handling
- IndexaCapitalItemsControllerTest: CRUD, setup, linking, authorization
- Fixtures for items (token + credentials) and accounts (mutual + pension)

52 tests, 98 assertions, 0 failures

* Address code review feedback from PR #933

- Fix zero balance bug: use `nil?` instead of `present?` so 0 is stored
- Fix has_indexa_capital_credentials? to check api_token (was ignored)
- Fix build_provider to delegate to Provided concern (was ignoring token)
- Fix IndexaCapital section outside encryption_error guard in settings
- Add account_number sanitization to prevent path traversal in API URLs
- Replace all skipped processor tests with real working tests
- Add zero-balance and path-traversal test coverage

61 tests, 107 assertions, 0 failures

* Address code review round 2: credentials validation, RuboCop, test quality

- Fix RuboCop SpaceInsideArrayLiteralBrackets in credentials check
- Chain where.not calls so all three username/document/password must be present
- Require all three credentials (||) instead of any one (&&) in validate_configuration!
- Move attr_reader to private to avoid exposing credentials publicly
- Parse dates with Date.parse in extract_balance for robustness
- Remove stale TODO and Crypto from supported_account_types
- Order build_provider query deterministically by created_at
- Replace no-op holdings assertion with meaningful assert_difference

* Address code review round 3: JSON parse safety and test precision

- Rescue JSON::ParserError on 2xx responses for clearer error messages
- Fix weak balance assertion: set balance to 0 before processing, assert
  expected value (27093.01 = sum of holdings amounts)

* Include Indexa Capital in automatic family sync

Add indexa_capital_items to Family::Syncer#child_syncables so balances
and holdings refresh on daily auto-sync and login sync, not only on
manual sync button clicks.

---------

Signed-off-by: Juan José Mata <juanjo.mata@gmail.com>
Co-authored-by: Juan José Mata <jjmata@jjmata.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
2026-02-08 18:19:37 +01:00

157 lines
4.8 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require "test_helper"
class Provider::IndexaCapitalTest < ActiveSupport::TestCase
test "initializes with api_token" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
assert_instance_of Provider::IndexaCapital, provider
end
test "initializes with username/document/password" do
provider = Provider::IndexaCapital.new(
username: "user@example.com",
document: "12345678A",
password: "secret"
)
assert_instance_of Provider::IndexaCapital, provider
end
test "raises ConfigurationError without credentials" do
assert_raises Provider::IndexaCapital::ConfigurationError do
Provider::IndexaCapital.new
end
end
test "raises ConfigurationError with partial credentials" do
assert_raises Provider::IndexaCapital::ConfigurationError do
Provider::IndexaCapital.new(username: "user@example.com")
end
assert_raises Provider::IndexaCapital::ConfigurationError do
Provider::IndexaCapital.new(username: "user@example.com", document: "12345678A")
end
end
test "list_accounts calls API and returns accounts" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
stub_response = OpenStruct.new(
code: 200,
body: {
accounts: [
{ account_number: "ABC12345", type: "mutual", status: "active" },
{ account_number: "DEF67890", type: "pension", status: "active" }
]
}.to_json
)
Provider::IndexaCapital.stubs(:get).returns(stub_response)
accounts = provider.list_accounts
assert_equal 2, accounts.size
assert_equal "ABC12345", accounts[0][:account_number]
assert_equal "Indexa Capital Mutual Fund (ABC12345)", accounts[0][:name]
assert_equal "EUR", accounts[0][:currency]
assert_equal "DEF67890", accounts[1][:account_number]
assert_equal "Indexa Capital Pension Plan (DEF67890)", accounts[1][:name]
end
test "get_holdings calls fiscal-results endpoint" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
stub_response = OpenStruct.new(
code: 200,
body: {
fiscal_results: [
{ amount: 1814.77, titles: 9.14, price: 175.34, instrument: { identifier: "IE00BFPM9P35" } }
],
total_fiscal_results: []
}.to_json
)
Provider::IndexaCapital.stubs(:get).returns(stub_response)
data = provider.get_holdings(account_number: "ABC12345")
assert data[:fiscal_results].is_a?(Array)
assert_equal 1, data[:fiscal_results].size
end
test "get_account_balance extracts total_amount from portfolios" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
stub_response = OpenStruct.new(
code: 200,
body: {
portfolios: [
{ date: "2026-02-05", total_amount: 38000.0 },
{ date: "2026-02-06", total_amount: 38905.21 }
]
}.to_json
)
Provider::IndexaCapital.stubs(:get).returns(stub_response)
balance = provider.get_account_balance(account_number: "ABC12345")
assert_equal 38905.21.to_d, balance
end
test "get_account_balance returns 0 when no portfolios" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
stub_response = OpenStruct.new(
code: 200,
body: { portfolios: [] }.to_json
)
Provider::IndexaCapital.stubs(:get).returns(stub_response)
balance = provider.get_account_balance(account_number: "ABC12345")
assert_equal 0, balance
end
test "get_activities returns empty array" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
result = provider.get_activities(account_number: "ABC12345")
assert_equal [], result
end
test "raises AuthenticationError on 401" do
provider = Provider::IndexaCapital.new(api_token: "bad_token")
stub_response = OpenStruct.new(code: 401, body: "Unauthorized")
Provider::IndexaCapital.stubs(:get).returns(stub_response)
assert_raises Provider::IndexaCapital::AuthenticationError do
provider.list_accounts
end
end
test "rejects invalid account_number with path traversal" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
assert_raises Provider::IndexaCapital::Error do
provider.get_holdings(account_number: "../admin")
end
end
test "rejects blank account_number" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
assert_raises Provider::IndexaCapital::Error do
provider.get_holdings(account_number: "")
end
end
test "raises Error on server error" do
provider = Provider::IndexaCapital.new(api_token: "test_token")
stub_response = OpenStruct.new(code: 500, body: "Internal Server Error")
Provider::IndexaCapital.stubs(:get).returns(stub_response)
assert_raises Provider::IndexaCapital::Error do
provider.list_accounts
end
end
end
Reference in New Issue View Git Blame Copy Permalink