feat: add masked corporate card number and employee name

[anishfyle]

Description

• add masked corporate card number and employee name to description

Clickup

• https://app.clickup.com/t/86cx1b2tw

Summary by CodeRabbit

• New Features

  • Introduced a new field for storing masked corporate card numbers in the Expense model.
  • Enhanced expense processing with additional fields for employee name and card number in various methods.

• Improvements

  • Updated methods to ensure comprehensive memo generation and accurate financial records, including total amount calculations for bill payments.
  • Adjusted configuration settings for workspace general settings impacting expense handling.

These changes improve the accuracy and detail of expense tracking within the application.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The pull request introduces a new field, masked_corporate_card_number, to the Expense model in apps/fyle/models.py, enhancing the model's structure without altering existing logic. Additionally, several methods in apps/quickbooks_online/models.py are updated to include new fields, employee_name and card_number, improving the functionality of expense processing. Method signatures are also modified to reflect these changes, ensuring that the new attributes are integrated into the relevant processes.

Changes

File Path	Change Summary
apps/fyle/models.py	Added new field masked_corporate_card_number to the Expense model.
apps/fyle/migrations/0040_expense_masked_corporate_card_number.py	Migration added for the new field masked_corporate_card_number in the expense model.
apps/quickbooks_online/models.py	Updated get_expense_purpose to include employee_name and card_number. Modified several methods to incorporate these fields and adjusted method signatures to include return types.
tests/sql_fixtures/reset_db_fixtures/reset_db.sql	Added new column masked_corporate_card_number to the public.expenses table in SQL schema.
tests/test_fyle/fixtures.py	Added masked_corporate_card_number to expense-related dictionaries in the data dictionary.
tests/test_workspaces/fixtures.py	Added masked_corporate_card_number to the expenses list and updated various settings in general_settings.

Possibly related PRs

• fix edit expenses #644: The changes in this PR involve modifications to the create_expense_objects method in the Expense model, which may interact with the new masked_corporate_card_number field added in the main PR.
• feat: handle posted at #688: This PR introduces a new field is_posted_at_null to the Expense model, which is related to the structure of the model that was modified in the main PR by adding the masked_corporate_card_number field.
• Split Expenses: QBO #619: This PR focuses on splitting expenses and includes changes to the fixtures.py file, which may relate to the handling of expenses connected to the changes made in the main PR regarding the Expense model.

Suggested labels

size/L

Suggested reviewers

• ruuushhh

🐰 In the fields where expenses grow,
A masked card number now can show.
With names and cards in the mix,
Our records are neat, no need for tricks!
So hop along, let’s make it right,
With every detail shining bright! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Tests	Skipped	Failures	Errors	Time
261	0 💤	72 ❌	19 🔥	57.359s ⏱️

[github-actions]

Tests	Skipped	Failures	Errors	Time
261	0 💤	72 ❌	19 🔥	1m 1s ⏱️

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range and nitpick comments (2)

apps/fyle/models.py (1)

Line range hint 155-182: Update create_expense_objects to handle masked_corporate_card_number

The defaults dictionary in create_expense_objects method needs to be updated to include the new field.

Add the new field to the defaults dictionary:

     defaults = {
         'employee_email': expense['employee_email'],
         'employee_name': expense['employee_name'],
         'category': expense['category'],
         'sub_category': expense['sub_category'],
         'project': expense['project'],
         'expense_number': expense['expense_number'],
         'org_id': expense['org_id'],
+        'masked_corporate_card_number': expense.get('masked_corporate_card_number'),
         'amount': _round_to_currency_fraction(expense['amount'], expense['currency']),

apps/quickbooks_online/models.py (1)

37-38: Add null check for employee_name field

While the card number has proper null handling, consider adding similar null handling for employee_name to maintain consistency and prevent potential issues with None values.

-        'employee_name': lineitem.employee_name,
+        'employee_name': '{0}'.format(lineitem.employee_name) if lineitem.employee_name else '',

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 5ed16fb and 123a05b.

📒 Files selected for processing (2)

• apps/fyle/models.py (1 hunks)
• apps/quickbooks_online/models.py (1 hunks)

🔇 Additional comments (1)

apps/quickbooks_online/models.py (1)

Line range hint 1-1000: LGTM! Type annotations improve code clarity

The addition of return type annotations to methods and parameter type hints enhances code readability and type safety. The annotations are accurate and consistently applied across all methods.

[github-actions]

Tests	Skipped	Failures	Errors	Time
261	0 💤	0 ❌	0 🔥	50.749s ⏱️

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

tests/sql_fixtures/reset_db_fixtures/reset_db.sql (2)

999-1000: LGTM! Consider adding a column comment.

The column definition is appropriate with character varying(255) type and NULL constraint.

Consider adding a column comment to document the masking format:

    is_posted_at_null boolean NOT NULL,
-    masked_corporate_card_number character varying(255)
+    masked_corporate_card_number character varying(255),
+    COMMENT ON COLUMN public.expenses.masked_corporate_card_number IS 'Stores the masked version of corporate card number (e.g., XXXX-XXXX-XXXX-1234)'

---

999-1000: Important: Ensure proper card number masking implementation.

When implementing the masking logic, ensure:

1. Only the last 4 digits of the card number are visible
2. Masking is applied before storing in the database
3. Original card numbers are never logged or stored

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 123a05b and 583ce47.

📒 Files selected for processing (3)

• apps/fyle/migrations/0040_expense_masked_corporate_card_number.py (1 hunks)
• apps/fyle/models.py (1 hunks)
• tests/sql_fixtures/reset_db_fixtures/reset_db.sql (4 hunks)

✅ Files skipped from review due to trivial changes (1)

• apps/fyle/migrations/0040_expense_masked_corporate_card_number.py

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/fyle/models.py

🔇 Additional comments (2)

tests/sql_fixtures/reset_db_fixtures/reset_db.sql (2)

4075-4075: Migration sequence properly updated.

The migration sequence is correctly incremented to 193 and the migration history is updated with the new migration for adding the masked corporate card number.

Also applies to: 34004-34004

---

33387-33447: Verify proper NULL handling in sample data.

The sample data appropriately handles the new column by setting NULL values for existing records, maintaining data integrity during the migration.

✅ Verification successful

Let me analyze the results and generate additional verification scripts to ensure proper NULL handling.

---

Based on the results, I can now provide the final response:

Proper NULL handling confirmed for masked_corporate_card_number column

The verification shows:

• Column is defined as character varying(255) without NOT NULL constraint
• Sample data shows NULL values are properly handled in existing records
• No default values are enforced, allowing NULL values as expected

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify that the masked card numbers follow proper format when present
rg -A 1 'masked_corporate_card_number.*?[^N]' tests/sql_fixtures/reset_db_fixtures/reset_db.sql

Length of output: 1518

---

Script:

#!/bin/bash
# Check for any non-NULL values in masked_corporate_card_number column
rg -B 1 'masked_corporate_card_number.*?[^\\N]' tests/sql_fixtures/reset_db_fixtures/reset_db.sql

# Check the column definition and constraints
rg -A 3 'ADD COLUMN.*masked_corporate_card_number' tests/sql_fixtures/reset_db_fixtures/reset_db.sql

# Look for any default values or NOT NULL constraints
rg 'masked_corporate_card_number.*NOT NULL' tests/sql_fixtures/reset_db_fixtures/reset_db.sql

Length of output: 1254

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

tests/test_workspaces/fixtures.py (2)

133-134: Consider using consistent test data patterns for sensitive information.

While the masked card number follows a common pattern (**** 4567), consider:

1. Using a consistent format that matches your production masking pattern
2. Adding a comment to indicate this is test data
3. Using constants for sensitive test data to maintain consistency across test cases

-            'masked_corporate_card_number': '**** 4567',
+            # Test data: masked card number following production pattern XXXX XXXX XXXX 4567
+            'masked_corporate_card_number': 'XXXX XXXX XXXX 4567',

---

Line range hint 77-134: Consider adding more test cases for edge scenarios.

The current test data covers basic scenarios, but consider adding test cases for:

1. Different card number formats (e.g., Amex vs. Visa)
2. Missing or null card numbers
3. Special characters in employee names
4. International employee names with non-ASCII characters

Consider adding additional test cases to the expenses array:

{
    # Test case for Amex format
    'masked_corporate_card_number': 'XXXX XXXXXX XXXXX',
    'employee_name': 'João Silva',  # International name
},
{
    # Test case for null card
    'masked_corporate_card_number': None,
    'employee_name': "O'Connor-Smith",  # Special characters
}

tests/test_fyle/fixtures.py (1)

512-512: Fix indentation inconsistencies

The indentation of the 'masked_corporate_card_number' field is inconsistent in these locations. Some lines have extra spaces.

Apply consistent indentation:

-                'masked_corporate_card_number': '**** 4567',
+            'masked_corporate_card_number': '**** 4567',

Also applies to: 557-557, 603-603, 1593-1593, 1688-1688

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 583ce47 and d54e916.

📒 Files selected for processing (3)

• apps/fyle/models.py (2 hunks)
• tests/test_fyle/fixtures.py (28 hunks)
• tests/test_workspaces/fixtures.py (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/fyle/models.py

🔇 Additional comments (4)

tests/test_workspaces/fixtures.py (1)

Line range hint 69-77: Verify configuration changes align with feature requirements.

The general settings show significant changes that affect corporate card and employee handling:

1. corporate_credit_card_expenses_object is set to 'BILL'
2. employee_field_mapping is set to 'EMPLOYEE'
3. auto_create_destination_entity and sync_fyle_to_qbo_payments are disabled

Please verify these configuration changes support the new masked card number and employee name features as intended.

✅ Verification successful

Configuration changes are properly aligned with test cases

The configuration changes are well-supported by existing test cases across the codebase:

1. corporate_credit_card_expenses_object: 'BILL' is verified in multiple test files including test_tasks.py, test_utils.py, and test_models.py
2. employee_field_mapping: 'EMPLOYEE' is validated in employee mapping tests and QBO utils tests
3. The disabled settings (auto_create_destination_entity: False and sync_fyle_to_qbo_payments: False) are consistently used in advanced configuration and clone settings tests

The test coverage indicates these configurations are intentional and properly tested for the feature implementation.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any related configuration tests that might need updating

# Look for test files that verify these configuration settings
rg -l "corporate_credit_card_expenses_object|employee_field_mapping" tests/

Length of output: 810

---

Script:

#!/bin/bash
# Check the actual test cases and assertions related to these configurations
rg -A 5 "corporate_credit_card_expenses_object.*BILL|employee_field_mapping.*EMPLOYEE" tests/

# Also check for any test cases verifying auto_create and sync settings
rg -A 5 "auto_create_destination_entity.*False|sync_fyle_to_qbo_payments.*False" tests/

Length of output: 13370

tests/test_fyle/fixtures.py (3)

11-11: Consistent implementation of masked corporate card number

The masked card number format follows security best practices by only showing the last 4 digits. The field has been consistently added across various test scenarios.

Also applies to: 247-247, 292-292, 336-336, 380-380, 512-512, 557-557, 603-603, 640-640, 694-694, 739-739, 970-970, 1023-1023, 1075-1075, 1128-1128, 1181-1181, 1235-1235, 1286-1286, 1340-1340, 1593-1593, 1688-1688, 2112-2112, 2394-2394, 2786-2786, 10063-10063, 10120-10120, 10177-10177, 10237-10237

---

Line range hint 10062-10237: Verify complete test coverage

Let's ensure the new fields are added to all relevant test cases in the fixtures.

✅ Verification successful

Let me run another script to specifically check for the presence of the new field in all expense fixtures.

---

The new field masked_corporate_card_number has been consistently added to all expense fixtures

Based on the verification results, the field masked_corporate_card_number has been properly added to all relevant test fixtures including:

• Regular expenses
• CCC expenses
• Split expenses
• Expense groups
• Refund expenses
• Skipped expenses

The value '**** 4567' is consistently used across all test cases, maintaining proper test coverage.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Find all expense-related dictionaries in test fixtures
rg -A 5 "'id':\s*['\"]" tests/test_fyle/fixtures.py | grep -v "masked_corporate_card_number"

Length of output: 8812

---

Script:

#!/bin/bash
# Find all expense dictionaries and check for masked_corporate_card_number field
rg -B 5 -A 5 "'masked_corporate_card_number':" tests/test_fyle/fixtures.py

Length of output: 11581

---

246-246: Clarify the addition of 'is_posted_at_null' field

The PR objectives mention adding masked corporate card number and employee name, but there's no context for adding the 'is_posted_at_null' field. Please clarify if this is an intentional change.

Also applies to: 291-291, 335-335, 379-379, 511-511, 556-556, 602-602, 639-639, 693-693, 738-738, 969-969, 1022-1022, 1074-1074, 1127-1127, 1180-1180, 1234-1234, 1285-1285, 1339-1339, 1592-1592, 1687-1687, 2111-2111, 2393-2393, 2785-2785, 10062-10062, 10119-10119

✅ Verification successful

Let me check the migration history to understand when and why this field was added.

---

Let me check the PR description or commit messages to understand the context of this change.

---

Let me check if there are any references to this field in the actual code logic to understand its usage.

---

The is_posted_at_null field addition appears to be a valid and intentional change

Based on the codebase analysis, this field is a legitimate addition that works in conjunction with the existing posted_at field in the Expense model. It serves as a flag to explicitly track whether the posted_at field is null, as indicated by its help text. The field is properly:

• Defined in the model with appropriate default value and documentation
• Used in the expense data mapping logic
• Added through a proper migration (0039)
• Referenced consistently in test fixtures

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if this field is used in the codebase
rg "is_posted_at_null" --type py

Length of output: 2464

---

Script:

#!/bin/bash
# Check the migration file content
cat apps/fyle/migrations/0039_expense_is_posted_at_null.py

Length of output: 514

---

Script:

#!/bin/bash
# Check recent commits mentioning posted_at or the migration
git log --grep="posted_at\|0039_expense" -n 5

Length of output: 0

---

Script:

#!/bin/bash
# Look for usage of is_posted_at_null in actual code logic
rg "is_posted_at_null" apps/fyle/ -g "!migrations/*" -A 3 -B 3

Length of output: 2613

[github-actions]

Tests	Skipped	Failures	Errors	Time
261	0 💤	0 ❌	0 🔥	1m 1s ⏱️