Files
sure/app/helpers/settings_helper.rb
Jake dc2a565b6a feat(up): add Up Bank (AU) provider integration (#2391)
* feat(up): add Up Bank (AU) provider integration

Adds Up Bank as a per-family, token-based bank sync provider, modelled on
the existing Akahu integration. Up uses a JSON:API REST API with a personal
access token (Bearer), cursor pagination via links.next, and returns both
HELD (pending) and SETTLED transactions from one endpoint.

New:
- Provider::Up client (JSON:API unwrap, links.next pagination, retries,
  typed errors, /util/ping) + Provider::UpAdapter (Factory-registered,
  Depository + Loan).
- UpItem / UpAccount models with Provided, Unlinking, Syncer,
  SyncCompleteEvent, Importer, Processor, Transactions::Processor, and
  UpEntry::Processor (amount sign flip, HELD->pending, foreignAmount FX,
  merchant from description, stale-pending pruning).
- Family::UpConnectable, UpItemsController, routes, settings panel + connect
  flow views, accounts index wiring, initializer, en locale, and model tests.

Core wiring:
- "up" added to Transaction::PENDING_PROVIDERS, the three pending-match SQL
  blocks in Account::ProviderImportAdapter, Provider::Metadata::REGISTRY,
  ProviderMerchant/DataEnrichment source enums, ProviderConnectionStatus,
  settings provider panels, and financial data reset.

Migration create_up_items_and_accounts must be run before use. No external
API endpoints added (no OpenAPI changes).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(up): dump up tables to schema and make since filter TZ-safe

The feature commit added the up_items/up_accounts migration but never
re-dumped db/schema.rb, leaving the schema version and tables stale.
Add the two table definitions and foreign keys and bump the schema
version so a fresh DB load matches the migration.

Also format a bare Date `since` as UTC midnight instead of the server's
local zone, so `filter[since]` is deterministic regardless of where the
app runs (previously shifted by the local UTC offset).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(up): address code review feedback

Behavior/correctness:
- Persist skipped accounts via a new up_accounts.ignored flag and a
  needs_setup scope, so skipped accounts stop resurfacing as "needs
  setup" on every sync. Linking clears the flag.
- destroy now checks unlink_all! per-account results and aborts deletion
  (alert) if any unlink failed, instead of swallowing failures.
- render_provider_panel_error redirect uses :see_other (was an invalid
  4xx redirect status).
- Up provider adapter falls back to item institution name/url when
  institution_metadata is absent (early return previously blocked it).

Resilience/security:
- fetch_all_resources guards against an API repeating the same
  links.next cursor (Set#add?), preventing infinite pagination.
- HTTP client validates absolute URLs (from links.next) against Up's
  HTTPS host before sending the bearer token, preventing credential
  leakage to untrusted hosts.

Diagnostics:
- Route provider sync/import failures through DebugLogEntry.capture
  (controller, UpItem, syncer, unlinking) with family/account context.
  Low-level HTTP client and currency-normalization warnings keep
  Rails.logger to match existing provider conventions.

Data integrity:
- up_accounts.name and currency are NOT NULL (align with model presence
  validations); account_id stays nullable (allow_nil uniqueness).

Forms:
- select_existing_account radio is required; controller guards a blank/
  unknown up_account_id with a friendly alert instead of RecordNotFound.

Tests:
- Add UpAccount needs_setup scope test, pagination loop guard test,
  untrusted-host rejection test; tighten filter[since] assertion to the
  exact UTC timestamp.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(up): address second-round review feedback

- Capture sync/import failures via DebugLogEntry so swallowed errors in
  account/transaction fetching and transaction processing surface in
  /settings/debug instead of only Rails.logger.
- Gate UP_DEBUG_RAW raw payload dump to local envs to avoid leaking PII
  (merchant names, amounts, account IDs) in managed/production logs.
- Collapse linked/unlinked/total account counts into one memoized query
  instead of 3 separate COUNTs per rendered item.
- Rename "Set Up Up Accounts" locale title to "Link Up Accounts".

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* docs(up): add method docstrings and align failed_result keys

Add docstrings to all Up provider source files (controller, models,
providers, concerns) to satisfy the 80% docstring coverage threshold.

Third-round review: failed_result now mirrors import's result shape
(accounts_updated/created/failed, transactions_imported/failed) instead
of the stale accounts_imported key, so failure results stay consistent.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-20 20:33:09 +02:00

231 lines
9.7 KiB
Ruby

module SettingsHelper
SETTINGS_ORDER = [
# General section
{ name: -> { t("settings.settings_nav.accounts_label") }, path: :accounts_path },
{ name: -> { t("settings.settings_nav.bank_sync_label") }, path: :settings_providers_path, condition: :admin_user? },
{ name: -> { t("settings.settings_nav.preferences_label") }, path: :settings_preferences_path },
{ name: -> { t("settings.settings_nav.appearance_label") }, path: :settings_appearance_path },
{ name: -> { t("settings.settings_nav.profile_label") }, path: :settings_profile_path },
{ name: -> { t("settings.settings_nav.security_label") }, path: :settings_security_path },
{ name: -> { t("settings.settings_nav.payment_label") }, path: :settings_payment_path, condition: :not_self_hosted? },
# Transactions section
{ name: -> { t("settings.settings_nav.categories_label") }, path: :categories_path },
{ name: -> { t("settings.settings_nav.tags_label") }, path: :tags_path },
{ name: -> { t("settings.settings_nav.rules_label") }, path: :rules_path },
{ name: -> { t("settings.settings_nav.merchants_label") }, path: :family_merchants_path },
{ name: -> { t("settings.settings_nav.recurring_transactions_label") }, path: :recurring_transactions_path },
{ name: -> { t("settings.settings_nav.statement_vault_label") }, path: :account_statements_path, condition: :admin_user? },
# Advanced section
{ name: -> { t("settings.settings_nav.ai_prompts_label") }, path: :settings_ai_prompts_path, condition: :admin_user? },
{ name: -> { t("settings.settings_nav.llm_usage_label") }, path: :settings_llm_usage_path, condition: :admin_user? },
{ name: -> { t("settings.settings_nav.api_key_label") }, path: :settings_api_key_path, condition: :admin_user? },
{ name: -> { t("settings.settings_nav.self_hosting_label") }, path: :settings_hosting_path, condition: :self_hosted_and_admin? },
{ name: -> { t("settings.settings_nav.imports_label") }, path: :imports_path, condition: :admin_user? },
{ name: -> { t("settings.settings_nav.exports_label") }, path: :family_exports_path, condition: :admin_user? },
# More section
{ name: -> { t("settings.settings_nav.guides_label") }, path: :settings_guides_path },
{ name: -> { t("settings.settings_nav.whats_new_label") }, path: :changelog_path },
{ name: -> { t("settings.settings_nav.feedback_label") }, path: :feedback_path }
]
def adjacent_setting(current_path, offset)
visible_settings = SETTINGS_ORDER.select { |setting| setting[:condition].nil? || send(setting[:condition]) }
current_index = visible_settings.index { |setting| send(setting[:path]) == current_path }
return nil unless current_index
adjacent_index = current_index + offset
return nil if adjacent_index < 0 || adjacent_index >= visible_settings.size
adjacent = visible_settings[adjacent_index]
render partial: "settings/settings_nav_link_large", locals: {
path: send(adjacent[:path]),
direction: offset > 0 ? "next" : "previous",
title: setting_name(adjacent)
}
end
def settings_section(title: nil, subtitle: nil, collapsible: false, open: true, auto_open_param: nil, status: nil, meta: nil, actions: nil, badge: nil, &block)
content = capture(&block)
render partial: "settings/section", locals: { title: title, subtitle: subtitle, content: content, collapsible: collapsible, open: open, auto_open_param: auto_open_param, status: status, meta: meta, actions: actions, badge: badge }
end
def provider_summary(provider_key)
key = provider_key.to_s.downcase
case key
when "plaid", "plaid_eu"
configured = @provider_configurations&.find { |c| c.provider_key.to_s.casecmp(key).zero? }&.configured?
configured ? { status: :ok } : { status: :off }
when "akahu"
return { status: :off } unless @akahu_items&.any?
sync_based_summary(key)
when "up"
return { status: :off } unless @up_items&.any?
sync_based_summary(key)
when "simplefin"
return { status: :off } unless @simplefin_items&.any?
sync_based_summary(key)
when "lunchflow"
return { status: :off } unless @lunchflow_items&.any?
sync_based_summary(key)
when "enable_banking"
return { status: :off } unless @enable_banking_items&.any?
enable_banking_summary
when "coinstats"
return { status: :off } unless @coinstats_items&.any?
sync_based_summary(key)
when "mercury"
return { status: :off } unless @mercury_items&.any?
sync_based_summary(key)
when "brex"
return { status: :off } unless @brex_items&.any?
sync_based_summary(key)
when "coinbase"
return { status: :off } unless @coinbase_items&.any?
sync_based_summary(key)
when "binance"
return { status: :off } unless @binance_items&.any?
sync_based_summary(key)
when "kraken"
return { status: :off } unless @kraken_items&.any?
sync_based_summary(key)
when "snaptrade"
configured_item = @snaptrade_items&.find(&:credentials_configured?)
return { status: :off } unless configured_item
unless configured_item.user_registered?
return { status: :warn, meta: t("settings.providers.meta.registration_needed") }
end
sync_based_summary(key)
when "ibkr"
return { status: :off } unless @ibkr_items&.any?
sync_based_summary(key)
when "indexa_capital"
return { status: :off } unless @indexa_capital_items&.any?
sync_based_summary(key)
when "sophtron"
return { status: :off } unless @sophtron_items&.any?
sync_based_summary(key)
else
{ status: :off }
end
end
def settings_nav_footer
previous_setting = adjacent_setting(request.path, -1)
next_setting = adjacent_setting(request.path, 1)
content_tag :div, class: "hidden md:flex flex-row justify-between gap-4" do
concat(previous_setting)
concat(next_setting)
end
end
def settings_nav_footer_mobile
previous_setting = adjacent_setting(request.path, -1)
next_setting = adjacent_setting(request.path, 1)
content_tag :div, class: "md:hidden flex flex-col gap-4 pb-[env(safe-area-inset-bottom)]" do
concat(previous_setting)
concat(next_setting)
end
end
# Below this many synced accounts, the per-row pills already give the user
# enough at-a-glance signal and the strip is redundant chrome.
HEALTH_STRIP_MIN_ACCOUNTS = 10
# Slim health-strip data for the providers index. Pulls counts from the
# already-resolved entry summaries plus the family's distinct synced-account
# count for the trailing stat. Returns a hash consumed by the
# `settings/providers/_health_strip` partial, or nil when the family has
# fewer than HEALTH_STRIP_MIN_ACCOUNTS connected accounts.
def provider_health_strip(connected:, needs_attention:)
accounts_count = Current.family.accounts.joins(:account_providers).distinct.count
return nil if accounts_count < HEALTH_STRIP_MIN_ACCOUNTS
active_entries = connected + needs_attention
last_synced_at = active_entries.map { |e| e[:summary][:last_synced_at] }.compact.max
{
connected: active_entries.size,
needs_attention: needs_attention.size,
accounts_syncing: accounts_count,
last_synced_at: last_synced_at
}
end
# Strips the leading "about " from `time_ago_in_words` so copy reads as
# "Synced 6 hours ago" instead of "Synced about 6 hours ago".
def concise_time_ago(time)
time_ago_in_words(time).sub(/\Aabout /, "")
end
private
def sync_based_summary(provider_key)
health = @provider_sync_health&.dig(provider_key) || {}
last_synced_at = health[:last_synced_at]
base = if health[:error]
{ status: :err, meta: t("settings.providers.meta.sync_error") }
elsif health[:stale]
{ status: :warn, meta: t("settings.providers.meta.no_recent_sync") }
elsif last_synced_at.present?
{ status: :ok, meta: t("settings.providers.meta.last_synced", time: concise_time_ago(last_synced_at)) }
else
{ status: :ok }
end
base.merge(last_synced_at: last_synced_at)
end
def enable_banking_summary
health = @provider_sync_health&.dig("enable_banking") || {}
last_synced_at = health[:last_synced_at]
return { status: :err, meta: t("settings.providers.meta.sync_error"), last_synced_at: nil } if health[:error]
valid_items = @enable_banking_items&.select(&:session_valid?) || []
# All items have expired/missing sessions — need re-authorization
if valid_items.empty?
return { status: :warn, meta: t("settings.providers.meta.reconsent_required"), last_synced_at: last_synced_at }
end
expiring = valid_items.find do |item|
item.session_expires_at.present? && item.session_expires_at < 7.days.from_now
end
if expiring
days = [ ((expiring.session_expires_at - Time.current) / 1.day).ceil, 1 ].max
return { status: :warn, meta: t("settings.providers.meta.reconsent_needed", count: days), last_synced_at: last_synced_at }
end
return { status: :warn, meta: t("settings.providers.meta.no_recent_sync"), last_synced_at: last_synced_at } if health[:stale]
if last_synced_at.present?
{ status: :ok, meta: t("settings.providers.meta.last_synced", time: concise_time_ago(last_synced_at)), last_synced_at: last_synced_at }
else
{ status: :ok, last_synced_at: nil }
end
end
def not_self_hosted?
!self_hosted?
end
def setting_name(setting)
name = setting[:name]
name.respond_to?(:call) ? instance_exec(&name) : name
end
# Helper used by SETTINGS_ORDER conditions
def admin_user?
Current.user&.admin?
end
def self_hosted_and_admin?
self_hosted? && admin_user?
end
end