[19.0][MIG] account_statement_import_online_ramp: Migration to 19.0#1
Open
dnplkndll wants to merge 3 commits into
Open
[19.0][MIG] account_statement_import_online_ramp: Migration to 19.0#1dnplkndll wants to merge 3 commits into
dnplkndll wants to merge 3 commits into
Conversation
New OCA online-statement provider that imports Ramp corporate-card transactions via the Ramp Developer API. A Ramp organization has one credit line shared across all cards, billed as a single monthly statement and paid via one ACH transfer. The module follows that accounting reality: one Ramp credit line maps to one Odoo bank-type journal, regardless of how many cards are issued under it. Key features ============ * OAuth2 client_credentials auth — the module mints and caches a short-lived bearer keyed on the provider record. Refreshes transparently on expiry or HTTP 401. * Concurrent-safe token refresh — SELECT ... FOR UPDATE on the provider row plus a post-lock cache re-check ensures two parallel cron runs on the same provider can't mint two separate bearers. * Transient-failure retry — urllib3 Retry adapter mounted on https://: 3 tries with exponential backoff on 502/503/504. Applied to both the token mint and the data-fetch session. * SSRF / bearer-leak guard on pagination — Ramp's `page.next` URL is validated to be HTTPS on the configured Ramp host (hostname comparison, port- and case-tolerant) before being followed, so a tampered response cannot redirect the bearer. * Bounded pagination — fetch loop caps at 1000 pages with an explicit UserError if Ramp's cursor never terminates. * State filter — transactions in DECLINED, PENDING_INITIATION, or ERROR are skipped before producing statement lines. * Sign convention — Ramp returns positive amounts on spend; the module flips the sign so spend lands as a negative line on the credit-line liability journal (standard Odoo bank-statement convention). * raw_data preservation — the full Ramp transaction payload including card_id, user_id, sk_category_name, accounting_categories is stored on each statement line for downstream automation. 35 mocked-HTTP tests covering: service registration, single/multi- page cursor pagination (and max-pages safeguard), mapping, sign flip, state filtering, OAuth2 token cache hit/miss/refresh, missing-token and missing-expires_in edge cases, 401 → refresh → retry, network errors, missing-credentials guard, SSRF cursor guard (cross-env, port-tolerant, case-insensitive, user-authority bypass).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Port of account_statement_import_online_ramp from 18.0 to 19.0 (migration guide).
Depends on
account_statement_import_online(already on OCA 19.0).Non-mechanical adaptations worth flagging
_("…%(x)s") % {…}→self.env._("…%(x)s", x=…)across the 11 error strings (matches the sibling 19.0 mercury/plaid providers). No other 19.0 breakers — views already useinvisible=, no_sql_constraints/osv.expression/<tree>.