From ba072b90f0db68eb7fd53a85ba9fccf09be13bb9 Mon Sep 17 00:00:00 2001 From: olsch01 Date: Thu, 21 May 2026 14:22:41 -0400 Subject: [PATCH 1/5] fix: correct monthly actuals pre-population, void double-reversal, and cash flow history MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Monthly actuals grid now filters actual_amount to entry_type='monthly_actual' only, so other posted JEs in the same month don't bleed into the actuals UI - Remove manual accounts.balance reversal from void() — the reversal JE's post() call already handles balance updates, preventing double-decrement per void - Date void reversal entries to the original entry's date (not today) so historical monthly cash-flow periods stay accurate when actuals are re-edited - Cash flow forecast now derives opening investment balances from investments purchased before the forecast start date rather than using current-snapshot totals, fixing historical months showing wrong investment balances Co-Authored-By: Claude Sonnet 4.6 --- .../journal-entries.service.ts | 20 +++++------------ .../monthly-actuals.service.ts | 1 + .../src/modules/reports/reports.service.ts | 22 ++++++++++++++++--- 3 files changed, 26 insertions(+), 17 deletions(-) diff --git a/backend/src/modules/journal-entries/journal-entries.service.ts b/backend/src/modules/journal-entries/journal-entries.service.ts index 95098a3..51bad9e 100644 --- a/backend/src/modules/journal-entries/journal-entries.service.ts +++ b/backend/src/modules/journal-entries/journal-entries.service.ts @@ -162,26 +162,18 @@ export class JournalEntriesService { if (!je.is_posted) throw new BadRequestException('Cannot void an unposted entry'); if (je.is_void) throw new BadRequestException('Already voided'); - // Reverse account balances - for (const line of je.lines) { - const debit = parseFloat(line.debit) || 0; - const credit = parseFloat(line.credit) || 0; - const reverseAmount = credit - debit; - - await this.tenant.query( - `UPDATE accounts SET balance = balance + $1, updated_at = NOW() WHERE id = $2`, - [reverseAmount, line.account_id], - ); - } - await this.tenant.query( `UPDATE journal_entries SET is_void = true, voided_by = $1, voided_at = NOW(), void_reason = $2 WHERE id = $3`, [userId, reason, id], ); - // Create reversing entry + // Create a reversing entry dated to the original entry's date so historical + // period balances stay accurate. The post() call handles accounts.balance updates — + // we do NOT manually reverse balances here to avoid double-counting. const reverseDto: CreateJournalEntryDto = { - entryDate: new Date().toISOString().split('T')[0], + entryDate: je.entry_date instanceof Date + ? je.entry_date.toISOString().split('T')[0] + : String(je.entry_date).split('T')[0], description: `VOID: ${je.description}`, referenceNumber: `VOID-${je.reference_number || je.id.slice(0, 8)}`, entryType: 'adjustment', diff --git a/backend/src/modules/monthly-actuals/monthly-actuals.service.ts b/backend/src/modules/monthly-actuals/monthly-actuals.service.ts index 00baeb9..1892178 100644 --- a/backend/src/modules/monthly-actuals/monthly-actuals.service.ts +++ b/backend/src/modules/monthly-actuals/monthly-actuals.service.ts @@ -38,6 +38,7 @@ export class MonthlyActualsService { LEFT JOIN journal_entry_lines jel ON jel.account_id = a.id LEFT JOIN journal_entries je ON je.id = jel.journal_entry_id AND je.is_posted = true AND je.is_void = false + AND je.entry_type = 'monthly_actual' AND EXTRACT(YEAR FROM je.entry_date) = $1 AND EXTRACT(MONTH FROM je.entry_date) = $2 WHERE a.is_active = true diff --git a/backend/src/modules/reports/reports.service.ts b/backend/src/modules/reports/reports.service.ts index a1e9554..cc9a393 100644 --- a/backend/src/modules/reports/reports.service.ts +++ b/backend/src/modules/reports/reports.service.ts @@ -1089,9 +1089,25 @@ export class ReportsService { else projectIndex[key].reserve += cost; } - // Investment opening balances at start of period (approximate: use current values) - let runOpInv = opInv; - let runResInv = resInv; + // Investment balances at the start of the period — computed from the investment_accounts + // table as of startYear-01-01. We use current_value for all active investments that + // existed before startYear (purchase_date < startYear-01-01). Investments purchased + // after that date will be added when their purchase month is processed in the forecast loop. + const openingInvOp = await this.tenant.query(` + SELECT COALESCE(SUM(current_value), 0) as total + FROM investment_accounts + WHERE fund_type = 'operating' AND is_active = true + AND (purchase_date IS NULL OR purchase_date < $1::date) + `, [`${startYear}-01-01`]); + const openingInvRes = await this.tenant.query(` + SELECT COALESCE(SUM(current_value), 0) as total + FROM investment_accounts + WHERE fund_type = 'reserve' AND is_active = true + AND (purchase_date IS NULL OR purchase_date < $1::date) + `, [`${startYear}-01-01`]); + + let runOpInv = parseFloat(openingInvOp[0]?.total || '0'); + let runResInv = parseFloat(openingInvRes[0]?.total || '0'); // Determine which months have actual journal entries // A month is "actual" only if it's not in the future AND has real journal entry data From 72161f81f516f384c2e4e8cfbace1282d802eaa6 Mon Sep 17 00:00:00 2001 From: olsch01 Date: Thu, 21 May 2026 14:36:17 -0400 Subject: [PATCH 2/5] fix: monthly actuals equity offset (Option A) + scenario activation creates accounts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Monthly Actuals — Option A: - Replace operating cash account offset with per-fund equity account clearing - Equity accounts 3000/3100 now absorb the net P&L from actuals entries - Cash account is never touched by monthly actuals, eliminating the balance discrepancy that required manual cash adjustments - Per-fund routing: operating income/expense clears to 3000, reserve to 3100 - Falls back gracefully if only one equity account exists Scenario Activation (Issue 4): - updateScenario now accepts userId and triggers materialisation when status transitions to 'active' - Each pending scenario investment is created as a real investment_accounts record dated to its purchase_date (future dates are supported) - Journal entries are posted at the purchase_date using the fund's primary cash account and equity offset (matching manual account creation) - Rollover detection: if an existing active investment matures within 7 days of the new investment's purchase_date and shares the same fund_type, the system creates a maturity JE (proceeds → cash) and a reinvestment JE (cash → new CD) rather than a fresh cash deduction, then retires the source investment - Per-investment failures are logged but do not abort the rest of the batch Co-Authored-By: Claude Sonnet 4.6 --- .../board-planning.controller.ts | 4 +- .../board-planning/board-planning.service.ts | 190 +++++++++++++++++- .../monthly-actuals.service.ts | 81 ++++---- 3 files changed, 236 insertions(+), 39 deletions(-) diff --git a/backend/src/modules/board-planning/board-planning.controller.ts b/backend/src/modules/board-planning/board-planning.controller.ts index 7692db9..9d792d0 100644 --- a/backend/src/modules/board-planning/board-planning.controller.ts +++ b/backend/src/modules/board-planning/board-planning.controller.ts @@ -43,8 +43,8 @@ export class BoardPlanningController { @Put('scenarios/:id') @RequireCapability('planning.scenarios.edit') - updateScenario(@Param('id') id: string, @Body() dto: any) { - return this.service.updateScenario(id, dto); + updateScenario(@Param('id') id: string, @Body() dto: any, @Req() req: any) { + return this.service.updateScenario(id, dto, req.user.sub); } @Delete('scenarios/:id') diff --git a/backend/src/modules/board-planning/board-planning.service.ts b/backend/src/modules/board-planning/board-planning.service.ts index efb65b1..eafdc38 100644 --- a/backend/src/modules/board-planning/board-planning.service.ts +++ b/backend/src/modules/board-planning/board-planning.service.ts @@ -51,8 +51,8 @@ export class BoardPlanningService { return rows[0]; } - async updateScenario(id: string, dto: any) { - await this.getScenarioRow(id); + async updateScenario(id: string, dto: any, userId?: string) { + const existing = await this.getScenarioRow(id); const rows = await this.tenant.query( `UPDATE board_scenarios SET name = COALESCE($2, name), @@ -63,7 +63,191 @@ export class BoardPlanningService { WHERE id = $1 RETURNING *`, [id, dto.name, dto.description, dto.status, dto.projectionMonths], ); - return rows[0]; + const updated = rows[0]; + + // When a scenario first transitions to 'active', materialise all pending + // investments as real investment_accounts records, dated to their purchase_date. + if (dto.status === 'active' && existing.status !== 'active' && userId) { + await this.activateScenarioInvestments(id, userId); + } + + await this.invalidateProjectionCache(id); + return updated; + } + + private async activateScenarioInvestments(scenarioId: string, userId: string) { + const investments = await this.tenant.query( + `SELECT * FROM scenario_investments + WHERE scenario_id = $1 AND executed_investment_id IS NULL + ORDER BY sort_order, purchase_date`, + [scenarioId], + ); + + for (const inv of investments) { + try { + await this.materialiseScenarioInvestment(inv, userId); + } catch (err: any) { + // Log failure per-investment but don't abort the rest + console.error(`[scenario activation] Failed to execute investment ${inv.id} (${inv.label}):`, err?.message); + } + } + } + + private async materialiseScenarioInvestment(inv: any, userId: string) { + const purchaseDate: string = inv.purchase_date + ? (inv.purchase_date instanceof Date + ? inv.purchase_date.toISOString().split('T')[0] + : String(inv.purchase_date).split('T')[0]) + : new Date().toISOString().split('T')[0]; + + // Detect a CD rollover: an existing active investment in the same fund that + // matures within 7 days of this investment's purchase date. + const rolloverRows = await this.tenant.query( + `SELECT id, name, current_value, principal, interest_rate, maturity_date + FROM investment_accounts + WHERE fund_type = $1 + AND is_active = true + AND maturity_date IS NOT NULL + AND ABS(maturity_date - $2::date) <= 7 + ORDER BY ABS(maturity_date - $2::date) + LIMIT 1`, + [inv.fund_type, purchaseDate], + ); + const isRollover = rolloverRows.length > 0; + const rolloverSource = isRollover ? rolloverRows[0] : null; + + // 1. Create the real investment_accounts record (purchase_date = scenario date) + const invRows = await this.tenant.query( + `INSERT INTO investment_accounts + (name, institution, investment_type, fund_type, principal, interest_rate, + maturity_date, purchase_date, current_value, notes, is_active) + VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, true) + RETURNING *`, + [ + inv.label, + inv.institution, + inv.investment_type || 'cd', + inv.fund_type, + inv.principal, + inv.interest_rate || 0, + inv.maturity_date, + purchaseDate, + inv.principal, + `Activated from scenario. ${inv.notes || ''}`.trim(), + ], + ); + const realInvestment = invRows[0]; + + // 2. Journal entries — only if a fiscal period exists for the purchase month + const d = new Date(purchaseDate); + const yr = d.getFullYear(); + const mo = d.getMonth() + 1; + const periods = await this.tenant.query( + 'SELECT id FROM fiscal_periods WHERE year = $1 AND month = $2', + [yr, mo], + ); + + if (periods.length) { + const equityAcctNum = inv.fund_type === 'reserve' ? '3100' : '3000'; + const equityRows = await this.tenant.query( + 'SELECT id FROM accounts WHERE account_number = $1 AND is_active = true LIMIT 1', + [equityAcctNum], + ); + const primaryRows = await this.tenant.query( + `SELECT id FROM accounts + WHERE is_primary = true AND fund_type = $1 AND account_type = 'asset' AND is_active = true + LIMIT 1`, + [inv.fund_type], + ); + + if (equityRows.length && primaryRows.length) { + const primaryId = primaryRows[0].id; + const equityId = equityRows[0].id; + const periodId = periods[0].id; + + if (isRollover && rolloverSource) { + // ── Rollover path ── + // Step A: return maturing CD proceeds to primary cash + const srcValue = parseFloat(rolloverSource.current_value) || parseFloat(rolloverSource.principal) || 0; + const maturityMemo = `Maturity: ${rolloverSource.name} → rollover to ${inv.label}`; + + const matJERows = await this.tenant.query( + `INSERT INTO journal_entries (entry_date, description, entry_type, fiscal_period_id, is_posted, posted_at, created_by) + VALUES ($1, $2, 'transfer', $3, true, NOW(), $4) RETURNING id`, + [purchaseDate, maturityMemo, periodId, userId], + ); + const matJEId = matJERows[0].id; + // Debit primary cash (proceeds arrive) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, $3, 0, $4)`, + [matJEId, primaryId, srcValue, maturityMemo], + ); + // Credit equity (reverses the original investment transfer) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, 0, $3, $4)`, + [matJEId, equityId, srcValue, maturityMemo], + ); + + // Step B: deploy proceeds into the new CD + const reinvestMemo = `Rollover investment: ${inv.label}`; + const newJERows = await this.tenant.query( + `INSERT INTO journal_entries (entry_date, description, entry_type, fiscal_period_id, is_posted, posted_at, created_by) + VALUES ($1, $2, 'transfer', $3, true, NOW(), $4) RETURNING id`, + [purchaseDate, reinvestMemo, periodId, userId], + ); + const newJEId = newJERows[0].id; + // Credit primary cash (funds deployed) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, 0, $3, $4)`, + [newJEId, primaryId, inv.principal, reinvestMemo], + ); + // Debit equity (fund balance reduced by deployed amount) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, $3, 0, $4)`, + [newJEId, equityId, inv.principal, reinvestMemo], + ); + + // Retire the source investment + await this.tenant.query( + 'UPDATE investment_accounts SET is_active = false, updated_at = NOW() WHERE id = $1', + [rolloverSource.id], + ); + } else { + // ── Fresh purchase path ── + const memo = `Scenario investment: ${inv.label}`; + const jeRows = await this.tenant.query( + `INSERT INTO journal_entries (entry_date, description, entry_type, fiscal_period_id, is_posted, posted_at, created_by) + VALUES ($1, $2, 'transfer', $3, true, NOW(), $4) RETURNING id`, + [purchaseDate, memo, periodId, userId], + ); + const jeId = jeRows[0].id; + // Credit primary cash (funds leave operating/reserve account) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, 0, $3, $4)`, + [jeId, primaryId, inv.principal, memo], + ); + // Debit equity (marks the transfer out of the fund balance) + await this.tenant.query( + `INSERT INTO journal_entry_lines (journal_entry_id, account_id, debit, credit, memo) + VALUES ($1, $2, $3, 0, $4)`, + [jeId, equityId, inv.principal, memo], + ); + } + } + } + + // 3. Link scenario investment back to the real account + await this.tenant.query( + 'UPDATE scenario_investments SET executed_investment_id = $1, updated_at = NOW() WHERE id = $2', + [realInvestment.id, inv.id], + ); + + return realInvestment; } async deleteScenario(id: string) { diff --git a/backend/src/modules/monthly-actuals/monthly-actuals.service.ts b/backend/src/modules/monthly-actuals/monthly-actuals.service.ts index 1892178..0142a96 100644 --- a/backend/src/modules/monthly-actuals/monthly-actuals.service.ts +++ b/backend/src/modules/monthly-actuals/monthly-actuals.service.ts @@ -92,21 +92,28 @@ export class MonthlyActualsService { await this.journalEntriesService.void(entry.id, userId, `Replaced by updated monthly actuals for ${monthLabel} ${year}`); } - // 2. Find primary operating cash account (offset account for double-entry) - let cashAccounts = await this.tenant.query( - `SELECT id FROM accounts WHERE is_primary = true AND fund_type = 'operating' AND account_type = 'asset' LIMIT 1`, + // 2. Find equity accounts per fund type to use as the double-entry clearing offset. + // Using equity instead of cash means monthly actuals never move the cash balance — + // cash is tracked exclusively via real transaction journal entries. + // Equity normal balance is credit; a debit position here represents recognized income + // exceeding expenses (the P&L surplus cleared to fund balance). + const equityAccountRows = await this.tenant.query( + `SELECT id, fund_type FROM accounts + WHERE account_type = 'equity' AND is_active = true + ORDER BY + CASE WHEN account_number IN ('3000','3100') THEN 0 ELSE 1 END, + account_number`, ); - if (!cashAccounts.length) { - cashAccounts = await this.tenant.query( - `SELECT id FROM accounts WHERE account_number = '1000' AND account_type = 'asset' LIMIT 1`, - ); + const equityByFund: Record = {}; + for (const row of equityAccountRows) { + if (!equityByFund[row.fund_type]) equityByFund[row.fund_type] = row.id; } - if (!cashAccounts.length) { + const fallbackEquityId = equityByFund['operating'] || equityByFund['reserve'] || null; + if (!fallbackEquityId) { throw new BadRequestException( - 'No primary cash account found. Please set a primary operating account on the Accounts page.', + 'No equity account found. Please ensure equity accounts (3000/3100) are set up in your Chart of Accounts.', ); } - const cashAccountId = cashAccounts[0].id; // 3. Filter to lines with actual amounts const filteredLines = lines.filter((l) => l.amount !== 0); @@ -114,53 +121,59 @@ export class MonthlyActualsService { return { message: 'No actuals to save', journal_entry_id: null }; } - // 4. Look up account types for each line + // 4. Look up account types AND fund types for each line const accountIds = filteredLines.map((l) => l.accountId); const accountRows = await this.tenant.query( - `SELECT id, account_type FROM accounts WHERE id = ANY($1)`, + `SELECT id, account_type, fund_type FROM accounts WHERE id = ANY($1)`, [accountIds], ); - const accountTypeMap = new Map(accountRows.map((a: any) => [a.id, a.account_type])); + const accountInfoMap = new Map( + accountRows.map((a: any) => [a.id, { type: a.account_type as string, fundType: (a.fund_type || 'operating') as string }]), + ); - // 5. Build journal entry lines + // 5. Build journal entry lines; track net equity offset per fund const jeLines: any[] = []; - let totalCashDebit = 0; - let totalCashCredit = 0; + // equityNetByFund: positive → net debit on equity (income > expense for fund) + // negative → net credit on equity (expense > income for fund) + const equityNetByFund: Record = {}; for (const line of filteredLines) { - const acctType = accountTypeMap.get(line.accountId); - if (!acctType) continue; + const acctInfo = accountInfoMap.get(line.accountId); + if (!acctInfo) continue; const abs = Math.abs(line.amount); + const fund = acctInfo.fundType; - if (acctType === 'expense') { + if (acctInfo.type === 'expense') { if (line.amount > 0) { - // Normal expense: debit expense, credit cash jeLines.push({ accountId: line.accountId, debit: abs, credit: 0, memo: `${monthLabel} actual` }); - totalCashCredit += abs; + equityNetByFund[fund] = (equityNetByFund[fund] || 0) + abs; // equity to be credited } else { - // Negative expense (refund/correction): credit expense, debit cash jeLines.push({ accountId: line.accountId, debit: 0, credit: abs, memo: `${monthLabel} actual (correction)` }); - totalCashDebit += abs; + equityNetByFund[fund] = (equityNetByFund[fund] || 0) - abs; } - } else if (acctType === 'income') { + } else if (acctInfo.type === 'income') { if (line.amount > 0) { - // Normal income: credit income, debit cash jeLines.push({ accountId: line.accountId, debit: 0, credit: abs, memo: `${monthLabel} actual` }); - totalCashDebit += abs; + equityNetByFund[fund] = (equityNetByFund[fund] || 0) - abs; // equity to be debited } else { - // Negative income (correction): debit income, credit cash jeLines.push({ accountId: line.accountId, debit: abs, credit: 0, memo: `${monthLabel} actual (correction)` }); - totalCashCredit += abs; + equityNetByFund[fund] = (equityNetByFund[fund] || 0) + abs; } } } - // 6. Add offsetting cash line(s) to balance the entry - const netCash = totalCashDebit - totalCashCredit; - if (netCash > 0) { - jeLines.push({ accountId: cashAccountId, debit: netCash, credit: 0, memo: `${monthLabel} actuals offset` }); - } else if (netCash < 0) { - jeLines.push({ accountId: cashAccountId, debit: 0, credit: Math.abs(netCash), memo: `${monthLabel} actuals offset` }); + // 6. Add one equity clearing line per fund to balance the entry + for (const [fund, net] of Object.entries(equityNetByFund)) { + if (net === 0) continue; + const equityId = equityByFund[fund] || fallbackEquityId; + // net > 0 means expenses exceed income for this fund → credit equity (equity absorbs expense) + // net < 0 means income exceeds expenses → debit equity (income clears through equity) + jeLines.push({ + accountId: equityId, + debit: net < 0 ? Math.abs(net) : 0, + credit: net > 0 ? net : 0, + memo: `${monthLabel} actuals clearing`, + }); } // 7. Set entry_date to last day of the month From ce3dc79e4705081f48656bca53805604537e0b57 Mon Sep 17 00:00:00 2001 From: olsch01 Date: Fri, 22 May 2026 09:27:31 -0400 Subject: [PATCH 3/5] fix: resolve New Relic ghost traffic and blind APM transaction naming MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Three root causes addressed: 1. nginx routing gap — bare GET /api (no trailing slash) fell through `location /api/` to the Vite dev proxy, which forwarded it to the backend as an unmatched path. Added `location = /api` exact-match block before the prefix block to catch it and proxy directly to the backend health handler. 2. AppController root handler — added @Get() (maps to GET /api with global prefix) so bare /api requests return a clean 200 instead of a 404 that registers as a phantom NR transaction. 3. New Relic transaction naming — NestJS's setGlobalPrefix('api') causes NR's Express instrumentation to bucket ALL requests into the generic "Expressjs/GET/api$" segment, making per-endpoint APM data completely useless. The new NewRelicTransactionInterceptor calls newrelic.setTransactionName() with "METHOD /route/pattern" for every request (after routing, so req.route is populated with the matched template). Gracefully no-ops in dev where NR is not loaded. Co-Authored-By: Claude Sonnet 4.6 --- backend/src/app.controller.ts | 17 +++++++ backend/src/app.module.ts | 5 ++ .../newrelic-transaction.interceptor.ts | 46 +++++++++++++++++++ nginx/default.conf | 16 +++++++ 4 files changed, 84 insertions(+) create mode 100644 backend/src/common/interceptors/newrelic-transaction.interceptor.ts diff --git a/backend/src/app.controller.ts b/backend/src/app.controller.ts index 22f2b73..8f8d114 100644 --- a/backend/src/app.controller.ts +++ b/backend/src/app.controller.ts @@ -2,6 +2,23 @@ import { Controller, Get } from '@nestjs/common'; @Controller() export class AppController { + /** + * GET /api — bare root of the API. + * Handles requests that omit the trailing slash so nginx's `location /api/` + * block (which requires a trailing slash) doesn't fall through to the Vite + * frontend proxy. Also gives New Relic and health checkers a real 200 rather + * than a 404 that would register as a phantom transaction. + */ + @Get() + getRoot() { + return { + status: 'ok', + timestamp: new Date().toISOString(), + service: 'hoa-financial-platform', + }; + } + + /** GET /api/health — explicit named health endpoint for uptime monitors */ @Get('health') getHealth() { return { diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts index 3e8c30b..1f0d4a1 100644 --- a/backend/src/app.module.ts +++ b/backend/src/app.module.ts @@ -9,6 +9,7 @@ import { TenantMiddleware } from './database/tenant.middleware'; import { WriteAccessGuard } from './common/guards/write-access.guard'; import { CapabilityGuard } from './common/guards/capability.guard'; import { NoCacheInterceptor } from './common/interceptors/no-cache.interceptor'; +import { NewRelicTransactionInterceptor } from './common/interceptors/newrelic-transaction.interceptor'; import { AuthModule } from './modules/auth/auth.module'; import { OrganizationsModule } from './modules/organizations/organizations.module'; import { UsersModule } from './modules/users/users.module'; @@ -109,6 +110,10 @@ import { ScheduleModule } from '@nestjs/schedule'; provide: APP_INTERCEPTOR, useClass: NoCacheInterceptor, }, + { + provide: APP_INTERCEPTOR, + useClass: NewRelicTransactionInterceptor, + }, ], }) export class AppModule implements NestModule { diff --git a/backend/src/common/interceptors/newrelic-transaction.interceptor.ts b/backend/src/common/interceptors/newrelic-transaction.interceptor.ts new file mode 100644 index 0000000..71adeaa --- /dev/null +++ b/backend/src/common/interceptors/newrelic-transaction.interceptor.ts @@ -0,0 +1,46 @@ +import { Injectable, NestInterceptor, ExecutionContext, CallHandler } from '@nestjs/common'; +import { Observable } from 'rxjs'; +import { Request } from 'express'; + +/** + * Sets a meaningful New Relic transaction name for every HTTP request. + * + * Without this, NestJS's setGlobalPrefix('api') causes the New Relic Express + * instrumentation to group ALL requests under the generic bucket + * "Expressjs/GET/api$" (the compiled regex for the global prefix router), + * making per-endpoint APM data completely blind. + * + * This interceptor runs after NestJS routing (so req.route is populated with + * the matched pattern, e.g. "/api/accounts/:id") and calls newrelic.setTransactionName() + * to override the auto-detected name with "METHOD /route/pattern". + * + * Gracefully no-ops when: + * - NEW_RELIC_ENABLED is not 'true' (dev / CI) + * - newrelic package is not installed + * - The NR agent fails to load for any reason + */ + +let newrelic: any; +try { + if (process.env.NEW_RELIC_ENABLED === 'true') { + // eslint-disable-next-line @typescript-eslint/no-require-imports + newrelic = require('newrelic'); + } +} catch { + // Package not installed in this environment — skip instrumentation silently +} + +@Injectable() +export class NewRelicTransactionInterceptor implements NestInterceptor { + intercept(context: ExecutionContext, next: CallHandler): Observable { + if (newrelic) { + const req = context.switchToHttp().getRequest(); + // req.route.path is the Express matched route template (e.g. "/api/accounts/:id"). + // Falls back to req.path (the actual URL) for unmatched requests so even + // 404s get a useful name like "GET /api/unknown-path" instead of "Expressjs/GET/api$". + const route: string = (req.route as any)?.path ?? req.path; + newrelic.setTransactionName(`${req.method} ${route}`); + } + return next.handle(); + } +} diff --git a/nginx/default.conf b/nginx/default.conf index 6f921b3..019417f 100644 --- a/nginx/default.conf +++ b/nginx/default.conf @@ -10,6 +10,22 @@ server { listen 80; server_name localhost; + # Exact match for bare /api (no trailing slash). + # nginx's `location /api/` below requires a trailing slash, so a request for + # GET /api would fall through to the Vite proxy, which then forwards it to + # the backend — arriving as an unmatched path that New Relic registers as + # the phantom "Expressjs/GET/api$" transaction bucket. + # This exact-match block catches it first and proxies it directly to the + # backend, where AppController's @Get() handler returns a clean 200. + location = /api { + proxy_pass http://backend; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + # API requests -> NestJS backend location /api/ { proxy_pass http://backend; From 922674eca4869fab0f746a0c5846a664cec96857 Mon Sep 17 00:00:00 2001 From: olsch01 Date: Fri, 22 May 2026 09:42:56 -0400 Subject: [PATCH 4/5] fix: cash flow forecast drops investments purchased within the charted window MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Issue 2 fix made the opening investment balance point-in-time (only CDs purchased before startYear-01-01), with a comment promising that later purchases would be re-added "when their purchase month is processed in the forecast loop" — but that loop code never existed. The loop only ever subtracted maturing CDs, never added purchased ones. Result: every CD bought during the charted window vanished from the chart. For Pine Creek (all 5 CDs purchased in 2026) the operating investment line showed $0 instead of $65,000 and reserve showed $10,000 instead of $60,032. Fix: build a purchaseIndex (mirroring maturityIndex) of investments purchased on/after startYear-01-01, keyed by purchase year-month, and credit each CD's value to the running investment balance in its purchase month — applied before the historical/forecast branch so it works for both actual and projected months. Co-Authored-By: Claude Sonnet 4.6 --- .../src/modules/reports/reports.service.ts | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/backend/src/modules/reports/reports.service.ts b/backend/src/modules/reports/reports.service.ts index cc9a393..9bb7918 100644 --- a/backend/src/modules/reports/reports.service.ts +++ b/backend/src/modules/reports/reports.service.ts @@ -1008,6 +1008,19 @@ export class ReportsService { WHERE is_active = true AND maturity_date IS NOT NULL AND maturity_date > CURRENT_DATE `); + // ── 5b) Get investment purchases (cash converts to an investment balance in the + // month the CD is bought). Only investments purchased on/after startYear-01-01 are + // indexed here — anything earlier is already counted in the opening investment + // balance below. Without this, point-in-time opening balances would silently drop + // every CD bought during the charted window. + const purchases = await this.tenant.query(` + SELECT fund_type, current_value, purchase_date + FROM investment_accounts + WHERE is_active = true + AND purchase_date IS NOT NULL + AND purchase_date >= $1::date + `, [`${startYear}-01-01`]); + // ── 6) Get capital project planned expenses ── const projectExpenses = await this.tenant.query(` SELECT estimated_cost, target_year, target_month, fund_source @@ -1077,6 +1090,19 @@ export class ReportsService { else maturityIndex[key].reserve += maturityTotal; } + // Index investment purchases by year-month — added to the running investment + // balance in the month the CD was bought (applies to both historical & forecast + // months, since a purchase is a real event regardless of where "now" falls). + const purchaseIndex: Record = {}; + for (const inv of purchases) { + const d = new Date(inv.purchase_date); + const key = `${d.getFullYear()}-${d.getMonth() + 1}`; + if (!purchaseIndex[key]) purchaseIndex[key] = { operating: 0, reserve: 0 }; + const val = parseFloat(inv.current_value) || 0; + if (inv.fund_type === 'operating') purchaseIndex[key].operating += val; + else purchaseIndex[key].reserve += val; + } + // Index project expenses by year-month const projectIndex: Record = {}; for (const p of projectExpenses) { @@ -1129,6 +1155,12 @@ export class ReportsService { const isHistorical = isPastMonth && hasActuals; const label = `${monthLabels[month - 1]} ${year}`; + // Apply investment purchases for this month before branching — a CD bought + // this month raises the investment balance whether the month is actual or forecast. + const purchased = purchaseIndex[key] || { operating: 0, reserve: 0 }; + runOpInv += purchased.operating; + runResInv += purchased.reserve; + if (isHistorical) { // Use actual journal entry changes from asset accounts const opChange = histIndex[`${year}-${month}-operating`] || 0; From 1dc3353e6e70a40eaabded32c9ca57f831e654b5 Mon Sep 17 00:00:00 2001 From: olsch01 Date: Fri, 22 May 2026 10:03:44 -0400 Subject: [PATCH 5/5] feat: dynamic app version sourced from root VERSION file Replaces the hardcoded version string in SettingsPage.tsx with a single source of truth: a /VERSION file at the repo root. To cut a new release, edit only that one file. Frontend: - vite.config.ts reads /VERSION at dev-server startup and injects it as the __APP_VERSION__ global via Vite's define mechanism (compile-time, zero runtime cost). Falls back to VITE_APP_VERSION env var for prod Docker builds that pass it as a build arg. - vite-env.d.ts adds the TypeScript declaration for __APP_VERSION__. - SettingsPage.tsx Badge now renders {__APP_VERSION__} instead of the literal string. Backend: - app.controller.ts reads /VERSION once at module load and includes "version" in both GET /api and GET /api/health responses. - NewRelicTransactionInterceptor tags every NR transaction with newrelic.addCustomAttribute('appVersion', version) so releases can be compared in NRQL: SELECT average(duration) FROM Transaction WHERE appVersion = '2026.5.22' Docker: - docker-compose.yml mounts ./VERSION:/app/VERSION:ro in both backend and frontend dev containers. - Production Dockerfiles include COPY VERSION ./ with a comment instructing CI to copy the root VERSION into each build context before docker build. Co-Authored-By: Claude Sonnet 4.6 --- VERSION | 1 + backend/Dockerfile | 6 ++++- backend/src/app.controller.ts | 18 +++++++++++++ .../newrelic-transaction.interceptor.ts | 25 ++++++++++++++++--- docker-compose.yml | 2 ++ frontend/Dockerfile | 3 +++ frontend/src/pages/settings/SettingsPage.tsx | 2 +- frontend/src/vite-env.d.ts | 3 +++ frontend/vite.config.ts | 18 +++++++++++++ 9 files changed, 73 insertions(+), 5 deletions(-) create mode 100644 VERSION diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..5c13e7f --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +2026.5.22 diff --git a/backend/Dockerfile b/backend/Dockerfile index 52774f6..11ae9e1 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -7,6 +7,9 @@ WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . +# VERSION must be copied into the build context before `docker build`. +# In CI / deploy scripts run: cp VERSION backend/VERSION (or pass --build-arg) +COPY VERSION ./ RUN npm run build # Stage 2: Production @@ -17,9 +20,10 @@ WORKDIR /app COPY package*.json ./ RUN npm ci --omit=dev && npm cache clean --force -# Copy compiled output and New Relic preload from builder +# Copy compiled output, New Relic preload, and VERSION from builder COPY --from=builder /app/dist ./dist COPY --from=builder /app/newrelic-preload.js ./newrelic-preload.js +COPY --from=builder /app/VERSION ./VERSION # New Relic agent — configured entirely via environment variables ENV NEW_RELIC_NO_CONFIG_FILE=true diff --git a/backend/src/app.controller.ts b/backend/src/app.controller.ts index 8f8d114..65acacc 100644 --- a/backend/src/app.controller.ts +++ b/backend/src/app.controller.ts @@ -1,4 +1,20 @@ import { Controller, Get } from '@nestjs/common'; +import { readFileSync } from 'fs'; +import { resolve } from 'path'; + +// Read at module load time — one I/O call for the lifetime of the process. +// VERSION file lives at the container root (/app/VERSION), mounted from the +// repo root via docker-compose. Falls back to package.json version if absent +// (e.g. in environments that pass APP_VERSION as an env var instead). +function readAppVersion(): string { + try { + return readFileSync(resolve(process.cwd(), 'VERSION'), 'utf-8').trim(); + } catch { + return process.env.APP_VERSION ?? 'unknown'; + } +} + +const APP_VERSION = readAppVersion(); @Controller() export class AppController { @@ -13,6 +29,7 @@ export class AppController { getRoot() { return { status: 'ok', + version: APP_VERSION, timestamp: new Date().toISOString(), service: 'hoa-financial-platform', }; @@ -23,6 +40,7 @@ export class AppController { getHealth() { return { status: 'ok', + version: APP_VERSION, timestamp: new Date().toISOString(), service: 'hoa-financial-platform', }; diff --git a/backend/src/common/interceptors/newrelic-transaction.interceptor.ts b/backend/src/common/interceptors/newrelic-transaction.interceptor.ts index 71adeaa..e471bb9 100644 --- a/backend/src/common/interceptors/newrelic-transaction.interceptor.ts +++ b/backend/src/common/interceptors/newrelic-transaction.interceptor.ts @@ -1,12 +1,15 @@ import { Injectable, NestInterceptor, ExecutionContext, CallHandler } from '@nestjs/common'; import { Observable } from 'rxjs'; import { Request } from 'express'; +import { readFileSync } from 'fs'; +import { resolve } from 'path'; /** - * Sets a meaningful New Relic transaction name for every HTTP request. + * Sets a meaningful New Relic transaction name for every HTTP request and + * tags each transaction with the running app version. * - * Without this, NestJS's setGlobalPrefix('api') causes the New Relic Express - * instrumentation to group ALL requests under the generic bucket + * Without the name override, NestJS's setGlobalPrefix('api') causes the New Relic + * Express instrumentation to group ALL requests under the generic bucket * "Expressjs/GET/api$" (the compiled regex for the global prefix router), * making per-endpoint APM data completely blind. * @@ -14,12 +17,25 @@ import { Request } from 'express'; * the matched pattern, e.g. "/api/accounts/:id") and calls newrelic.setTransactionName() * to override the auto-detected name with "METHOD /route/pattern". * + * The appVersion custom attribute lets you filter / compare releases in NRQL: + * SELECT average(duration) FROM Transaction WHERE appVersion = '2026.5.22' + * * Gracefully no-ops when: * - NEW_RELIC_ENABLED is not 'true' (dev / CI) * - newrelic package is not installed * - The NR agent fails to load for any reason */ +function readAppVersion(): string { + try { + return readFileSync(resolve(process.cwd(), 'VERSION'), 'utf-8').trim(); + } catch { + return process.env.APP_VERSION ?? 'unknown'; + } +} + +const APP_VERSION = readAppVersion(); + let newrelic: any; try { if (process.env.NEW_RELIC_ENABLED === 'true') { @@ -40,6 +56,9 @@ export class NewRelicTransactionInterceptor implements NestInterceptor { // 404s get a useful name like "GET /api/unknown-path" instead of "Expressjs/GET/api$". const route: string = (req.route as any)?.path ?? req.path; newrelic.setTransactionName(`${req.method} ${route}`); + // Tag every transaction with the release version so you can segment NR + // dashboards and alerts by deployment. + newrelic.addCustomAttribute('appVersion', APP_VERSION); } return next.handle(); } diff --git a/docker-compose.yml b/docker-compose.yml index 63cdc0a..d176d0c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -60,6 +60,7 @@ services: - ./backend/nest-cli.json:/app/nest-cli.json - ./backend/tsconfig.json:/app/tsconfig.json - ./backend/tsconfig.build.json:/app/tsconfig.build.json + - ./VERSION:/app/VERSION:ro depends_on: postgres: condition: service_healthy @@ -80,6 +81,7 @@ services: - ./frontend/src:/app/src - ./frontend/index.html:/app/index.html - ./frontend/vite.config.ts:/app/vite.config.ts + - ./VERSION:/app/VERSION:ro depends_on: - backend networks: diff --git a/frontend/Dockerfile b/frontend/Dockerfile index b56bd2b..ebee601 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -7,6 +7,9 @@ WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . +# VERSION must be copied into the build context before `docker build`. +# In CI / deploy scripts run: cp VERSION frontend/VERSION (or pass VITE_APP_VERSION as build arg) +COPY VERSION ./ RUN npm run build # Stage 2: Serve with nginx diff --git a/frontend/src/pages/settings/SettingsPage.tsx b/frontend/src/pages/settings/SettingsPage.tsx index 272de0c..a2abb9b 100644 --- a/frontend/src/pages/settings/SettingsPage.tsx +++ b/frontend/src/pages/settings/SettingsPage.tsx @@ -237,7 +237,7 @@ export function SettingsPage() { Version - 2026.4.6 + {__APP_VERSION__} API diff --git a/frontend/src/vite-env.d.ts b/frontend/src/vite-env.d.ts index 2399b4a..8faf3dc 100644 --- a/frontend/src/vite-env.d.ts +++ b/frontend/src/vite-env.d.ts @@ -4,3 +4,6 @@ declare module '*.svg' { const src: string; export default src; } + +/** Injected by vite.config.ts define — value comes from the root /VERSION file. */ +declare const __APP_VERSION__: string; diff --git a/frontend/vite.config.ts b/frontend/vite.config.ts index de3bd57..d251344 100644 --- a/frontend/vite.config.ts +++ b/frontend/vite.config.ts @@ -1,9 +1,27 @@ import { defineConfig } from 'vite'; import react from '@vitejs/plugin-react'; import path from 'path'; +import fs from 'fs'; + +// Read the canonical version from /VERSION (repo root, mounted at /app/VERSION in Docker). +// Falls back to the VITE_APP_VERSION env var so production Docker builds can pass it +// as a build arg (--build-arg VITE_APP_VERSION=$(cat VERSION)) without needing the file. +function readAppVersion(): string { + try { + return fs.readFileSync(path.resolve(__dirname, 'VERSION'), 'utf-8').trim(); + } catch { + return process.env.VITE_APP_VERSION ?? 'dev'; + } +} + +const APP_VERSION = readAppVersion(); export default defineConfig({ plugins: [react()], + define: { + // Injected at compile time — use __APP_VERSION__ anywhere in frontend source. + __APP_VERSION__: JSON.stringify(APP_VERSION), + }, resolve: { alias: { '@': path.resolve(__dirname, './src'),