Merge pull request #497 from icovada/pagination_simplification

refactor(api): apply CustomNumberPagination to all API views

.dockerignore

@@ -0,0 +1 @@
+__pycache__/

.github/workflows/translations.yml

@@ -32,15 +32,16 @@ jobs:
           token: ${{ secrets.PAT }}
           ref: ${{ github.head_ref }}
 
-      - name: Set up Python 3.11
-        uses: actions/setup-python@v4
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.11'
+          enable-cache: true
+
+      - name: Set up Python 3.11
+        run: uv python install 3.11
 
       - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install -r requirements.txt
+        run: uv sync --frozen --no-dev
 
       - name: Install gettext
         run: sudo apt-get install -y gettext
@@ -48,7 +49,7 @@ jobs:
       - name: Run makemessages
         run: |
           cd app
-          python manage.py makemessages -a
+          uv run python manage.py makemessages -a
 
       - name: Check for changes
         id: check_changes

README.md

@@ -127,7 +127,7 @@ To create the first user, open the container's console using Unraid's UI, by cli
 
 | variable                      | type        | default                           | explanation                                                                                                                                                                                                                              |
 |-------------------------------|-------------|-----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| INTERNAL_PORT                 | int         | 8000                              | The port on which the app listens on. Defaults to 8000 if not set.                                                                                                                                       |
+| INTERNAL_PORT                 | int         | 8000                              | The port on which the app listens on. Defaults to 8000 if not set.                                                                                                                                                                       |
 | DJANGO_ALLOWED_HOSTS          | string      | localhost 127.0.0.1               | A list of space separated domains and IPs representing the host/domain names that WYGIWYH site can serve. [Click here](https://docs.djangoproject.com/en/5.1/ref/settings/#allowed-hosts) for more details                               |
 | HTTPS_ENABLED                 | true\|false | false                             | Whether to use secure cookies. If this is set to true, the cookie will be marked as “secure”, which means browsers may ensure that the cookie is only sent under an HTTPS connection                                                     |
 | URL                           | string      | http://localhost http://127.0.0.1 | A list of space separated domains and IPs (with the protocol) representing the trusted origins for unsafe requests (e.g. POST). [Click here](https://docs.djangoproject.com/en/5.1/ref/settings/#csrf-trusted-origins ) for more details |
@@ -145,7 +145,10 @@ To create the first user, open the container's console using Unraid's UI, by cli
 | DEMO                          | true\|false | false                             | If demo mode is enabled.                                                                                                                                                                                                                 |
 | ADMIN_EMAIL                   | string      | None                              | Automatically creates an admin account with this email. Must have `ADMIN_PASSWORD` also set.                                                                                                                                             |
 | ADMIN_PASSWORD                | string      | None                              | Automatically creates an admin account with this password. Must have `ADMIN_EMAIL` also set.                                                                                                                                             |
-| CHECK_FOR_UPDATES             | bool        | true                              | Check and notify users about new versions. The check is done by doing a single query to Github's API every 12 hours.                                                                                  |
+| CHECK_FOR_UPDATES             | true\|false | true                              | Check and notify users about new versions. The check is done by doing a single query to Github's API every 12 hours.                                                                                                                     |
+| DJANGO_VITE_DEV_MODE          | true\|false | false                             | Enables Vite dev server mode for frontend development. When true, assets are served from Vite's dev server instead of the build manifest. For development only!                                                                          |
+| DJANGO_VITE_DEV_SERVER_PORT   | int         | 5173                              | The port where Vite's dev server is running. Only used when DJANGO_VITE_DEV_MODE is true. For development only!                                                                                                                          |
+| DJANGO_VITE_DEV_SERVER_HOST   | string      | localhost                         | The host where Vite's dev server is running. Only used when DJANGO_VITE_DEV_MODE is true. For development only!                                                                                                                          |
 
 ## OIDC Configuration
 

app/WYGIWYH/settings.py

@@ -70,6 +70,7 @@ INSTALLED_APPS = [
     "apps.api.apps.ApiConfig",
     "cachalot",
     "rest_framework",
+    "rest_framework.authtoken",
     "drf_spectacular",
     "django_cotton",
     "apps.rules.apps.RulesConfig",
@@ -143,6 +144,9 @@ WSGI_APPLICATION = "WYGIWYH.wsgi.application"
 # Database
 # https://docs.djangoproject.com/en/5.1/ref/settings/#databases
 
+THREADS = int(os.getenv("GUNICORN_THREADS", 1))
+MAX_POOL_SIZE = THREADS + 1
+
 DATABASES = {
     "default": {
         "ENGINE": "django.db.backends.postgresql",
@@ -151,6 +155,17 @@ DATABASES = {
         "PASSWORD": os.getenv("SQL_PASSWORD", "password"),
         "HOST": os.getenv("SQL_HOST", "localhost"),
         "PORT": os.getenv("SQL_PORT", "5432"),
+        "CONN_MAX_AGE": 0,
+        "CONN_HEALTH_CHECKS": True,
+        "OPTIONS": {
+            "pool": {
+                "min_size": 1,
+                "max_size": MAX_POOL_SIZE,
+                "timeout": 10,
+                "max_lifetime": 600,
+                "max_idle": 300,
+            },
+        },
     }
 }
 
@@ -316,9 +331,9 @@ CACHES = {
 
 DJANGO_VITE_ASSETS_PATH = STATIC_ROOT
 DJANGO_VITE_MANIFEST_PATH = DJANGO_VITE_ASSETS_PATH / "manifest.json"
-DJANGO_VITE_DEV_MODE = DEBUG
-DJANGO_VITE_DEV_SERVER_PORT = 5173
-DJANGO_VITE_DEV_SERVER_HOST = "localhost"
+DJANGO_VITE_DEV_MODE = os.getenv("DJANGO_VITE_DEV_MODE", "false").lower() == "true"
+DJANGO_VITE_DEV_SERVER_PORT = int(os.getenv("DJANGO_VITE_DEV_SERVER_PORT", "5173"))
+DJANGO_VITE_DEV_SERVER_HOST = os.getenv("DJANGO_VITE_DEV_SERVER_HOST", "localhost")
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.1/ref/settings/#default-auto-field
@@ -419,8 +434,16 @@ REST_FRAMEWORK = {
         "apps.api.permissions.NotInDemoMode",
         "rest_framework.permissions.DjangoModelPermissions",
     ],
-    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
-    "PAGE_SIZE": 10,
+    'DEFAULT_FILTER_BACKENDS': [
+        'django_filters.rest_framework.DjangoFilterBackend',
+        'rest_framework.filters.OrderingFilter',
+    ],
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.TokenAuthentication',
+    ],
+    "DEFAULT_PAGINATION_CLASS": "apps.api.custom.pagination.CustomPageNumberPagination",
     "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
 }
 

app/apps/accounts/services.py

@@ -0,0 +1,33 @@
+from decimal import Decimal
+
+from django.db import models
+
+from apps.accounts.models import Account
+from apps.transactions.models import Transaction
+
+
+def get_account_balance(account: Account, paid_only: bool = True) -> Decimal:
+    """
+    Calculate account balance (income - expense).
+
+    Args:
+        account: Account instance to calculate balance for.
+        paid_only: If True, only count paid transactions (current balance).
+                   If False, count all transactions (projected balance).
+
+    Returns:
+        Decimal: The calculated balance (income - expense).
+    """
+    filters = {"account": account}
+    if paid_only:
+        filters["is_paid"] = True
+
+    income = Transaction.objects.filter(
+        type=Transaction.Type.INCOME, **filters
+    ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
+
+    expense = Transaction.objects.filter(
+        type=Transaction.Type.EXPENSE, **filters
+    ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
+
+    return income - expense

app/apps/accounts/tests.py

@@ -1,3 +1,5 @@
+from datetime import date
+
 from django.test import TestCase
 
 from apps.accounts.models import Account, AccountGroup
@@ -39,3 +41,135 @@ class AccountTests(TestCase):
             exchange_currency=self.exchange_currency,
         )
         self.assertEqual(account.exchange_currency, self.exchange_currency)
+
+
+class GetAccountBalanceServiceTests(TestCase):
+    """Tests for the get_account_balance service function"""
+
+    def setUp(self):
+        """Set up test data"""
+        from apps.transactions.models import Transaction
+        self.Transaction = Transaction
+        
+        self.currency = Currency.objects.create(
+            code="BRL", name="Brazilian Real", decimal_places=2, prefix="R$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Service Test Group")
+        self.account = Account.objects.create(
+            name="Service Test Account", group=self.account_group, currency=self.currency
+        )
+
+    def test_balance_with_no_transactions(self):
+        """Test balance is 0 when no transactions exist"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        balance = get_account_balance(self.account, paid_only=True)
+        self.assertEqual(balance, Decimal("0"))
+
+    def test_current_balance_only_counts_paid(self):
+        """Test current balance only counts paid transactions"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        # Paid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        # Unpaid income (should not count)
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid income",
+        )
+        # Paid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("30.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid expense",
+        )
+
+        balance = get_account_balance(self.account, paid_only=True)
+        self.assertEqual(balance, Decimal("70.00"))  # 100 - 30
+
+    def test_projected_balance_counts_all(self):
+        """Test projected balance counts all transactions"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        # Paid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        # Unpaid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid income",
+        )
+        # Paid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("30.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid expense",
+        )
+        # Unpaid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("20.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid expense",
+        )
+
+        balance = get_account_balance(self.account, paid_only=False)
+        self.assertEqual(balance, Decimal("100.00"))  # (100 + 50) - (30 + 20)
+
+    def test_balance_defaults_to_paid_only(self):
+        """Test that paid_only defaults to True"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid",
+        )
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid",
+        )
+
+        balance = get_account_balance(self.account)  # defaults to paid_only=True
+        self.assertEqual(balance, Decimal("100.00"))
+

app/apps/accounts/views/account_groups.py

@@ -25,7 +25,7 @@ def account_groups_index(request):
 @login_required
 @require_http_methods(["GET"])
 def account_groups_list(request):
-    account_groups = AccountGroup.objects.all().order_by("id")
+    account_groups = AccountGroup.objects.all().order_by("name")
     return render(
         request,
         "account_groups/fragments/list.html",

app/apps/accounts/views/accounts.py

@@ -25,7 +25,7 @@ def accounts_index(request):
 @login_required
 @require_http_methods(["GET"])
 def accounts_list(request):
-    accounts = Account.objects.all().order_by("id")
+    accounts = Account.objects.all().order_by("name")
     return render(
         request,
         "accounts/fragments/list.html",

app/apps/accounts/views/balance.py

@@ -11,23 +11,13 @@ from django.utils.translation import gettext_lazy as _
 
 from apps.accounts.forms import AccountBalanceFormSet
 from apps.accounts.models import Account, Transaction
+from apps.accounts.services import get_account_balance
 from apps.common.decorators.htmx import only_htmx
 
 
 @only_htmx
 @login_required
 def account_reconciliation(request):
-    def get_account_balance(account):
-        income = Transaction.objects.filter(
-            account=account, type=Transaction.Type.INCOME, is_paid=True
-        ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
-
-        expense = Transaction.objects.filter(
-            account=account, type=Transaction.Type.EXPENSE, is_paid=True
-        ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
-
-        return income - expense
-
     initial_data = [
         {
             "account_id": account.id,

app/apps/api/fields/transactions.py

@@ -10,15 +10,19 @@ from apps.transactions.models import (
 
 @extend_schema_field(
     {
-        "oneOf": [{"type": "string"}, {"type": "integer"}],
-        "description": "TransactionCategory ID or name. If the name doesn't exist, a new one will be created",
+        "oneOf": [{"type": "string"}, {"type": "integer"}, {"type": "null"}],
+        "description": "TransactionCategory ID or name. If the name doesn't exist, a new one will be created. Can be null if no category is assigned.",
     }
 )
 class TransactionCategoryField(serializers.Field):
     def to_representation(self, value):
+        if value is None:
+            return None
         return {"id": value.id, "name": value.name}
 
     def to_internal_value(self, data):
+        if data is None:
+            return None
         if isinstance(data, int):
             try:
                 return TransactionCategory.objects.get(pk=data)

app/apps/api/serializers/__init__.py

@@ -2,3 +2,5 @@ from .transactions import *
 from .accounts import *
 from .currencies import *
 from .dca import *
+from .imports import *
+

app/apps/api/serializers/accounts.py

@@ -67,3 +67,12 @@ class AccountSerializer(serializers.ModelSerializer):
             setattr(instance, attr, value)
         instance.save()
         return instance
+
+
+class AccountBalanceSerializer(serializers.Serializer):
+    """Serializer for account balance response."""
+
+    current_balance = serializers.DecimalField(max_digits=20, decimal_places=10)
+    projected_balance = serializers.DecimalField(max_digits=20, decimal_places=10)
+    currency = CurrencySerializer()
+

app/apps/api/serializers/imports.py

@@ -0,0 +1,41 @@
+from rest_framework import serializers
+
+from apps.import_app.models import ImportProfile, ImportRun
+
+
+class ImportProfileSerializer(serializers.ModelSerializer):
+    """Serializer for listing import profiles."""
+
+    class Meta:
+        model = ImportProfile
+        fields = ["id", "name", "version", "yaml_config"]
+
+
+class ImportRunSerializer(serializers.ModelSerializer):
+    """Serializer for listing import runs."""
+
+    class Meta:
+        model = ImportRun
+        fields = [
+            "id",
+            "status",
+            "profile",
+            "file_name",
+            "logs",
+            "processed_rows",
+            "total_rows",
+            "successful_rows",
+            "skipped_rows",
+            "failed_rows",
+            "started_at",
+            "finished_at",
+        ]
+
+
+class ImportFileSerializer(serializers.Serializer):
+    """Serializer for uploading a file to import using an existing profile."""
+
+    profile_id = serializers.PrimaryKeyRelatedField(
+        queryset=ImportProfile.objects.all(), source="profile"
+    )
+    file = serializers.FileField()

app/apps/api/tests/__init__.py

@@ -0,0 +1,5 @@
+# Import all test classes for Django test discovery
+from .test_imports import *
+from .test_accounts import *
+from .test_data_isolation import *
+from .test_shared_access import *

app/apps/api/tests/test_accounts.py

@@ -0,0 +1,99 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.transactions.models import Transaction
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountBalanceAPITests(TestCase):
+    """Tests for the Account Balance API endpoint"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account", group=self.account_group, currency=self.currency
+        )
+
+        # Create some transactions
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("500.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("200.00"),
+            is_paid=False,
+            date=date(2025, 1, 15),
+            description="Unpaid income",
+        )
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 10),
+            description="Paid expense",
+        )
+
+    def test_get_balance_success(self):
+        """Test successful balance retrieval"""
+        response = self.client.get(f"/api/accounts/{self.account.id}/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn("current_balance", response.data)
+        self.assertIn("projected_balance", response.data)
+        self.assertIn("currency", response.data)
+
+        # Current: 500 - 100 = 400
+        self.assertEqual(Decimal(response.data["current_balance"]), Decimal("400.00"))
+        # Projected: (500 + 200) - 100 = 600
+        self.assertEqual(Decimal(response.data["projected_balance"]), Decimal("600.00"))
+
+        # Check currency data
+        self.assertEqual(response.data["currency"]["code"], "USD")
+
+    def test_get_balance_nonexistent_account(self):
+        """Test balance for non-existent account returns 404"""
+        response = self.client.get("/api/accounts/99999/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_get_balance_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get(
+            f"/api/accounts/{self.account.id}/balance/"
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

app/apps/api/tests/test_data_isolation.py

@@ -0,0 +1,719 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.dca.models import DCAStrategy, DCAEntry
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+    TransactionEntity,
+    InstallmentPlan,
+    RecurringTransaction,
+)
+
+
+ACCESS_DENIED_CODES = [status.HTTP_403_FORBIDDEN, status.HTTP_404_NOT_FOUND]
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' accounts."""
+
+    def setUp(self):
+        """Set up test data with two distinct users."""
+        User = get_user_model()
+
+        # User 1 - the requester
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        # User 2 - owner of data that user1 should NOT access
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        # Shared currency
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account
+        self.user1_account_group = AccountGroup.all_objects.create(
+            name="User1 Group", owner=self.user1
+        )
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account",
+            group=self.user1_account_group,
+            currency=self.currency,
+            owner=self.user1,
+        )
+
+        # User 2's account (private, should be invisible to user1)
+        self.user2_account_group = AccountGroup.all_objects.create(
+            name="User2 Group", owner=self.user2
+        )
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account",
+            group=self.user2_account_group,
+            currency=self.currency,
+            owner=self.user2,
+        )
+
+    def test_user_cannot_see_other_users_accounts_in_list(self):
+        """GET /api/accounts/ should only return user's own accounts."""
+        response = self.client1.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        # User1 should only see their own account
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.user1_account.id, account_ids)
+        self.assertNotIn(self.user2_account.id, account_ids)
+
+    def test_user_cannot_access_other_users_account_detail(self):
+        """GET /api/accounts/{id}/ should deny access to other user's account."""
+        response = self.client1.get(f"/api/accounts/{self.user2_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_account(self):
+        """PATCH on other user's account should deny access."""
+        response = self.client1.patch(
+            f"/api/accounts/{self.user2_account.id}/",
+            {"name": "Hacked Account"},
+        )
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        # Verify account name wasn't changed
+        self.user2_account.refresh_from_db()
+        self.assertEqual(self.user2_account.name, "User2 Account")
+
+    def test_user_cannot_delete_other_users_account(self):
+        """DELETE on other user's account should deny access."""
+        response = self.client1.delete(f"/api/accounts/{self.user2_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        # Verify account still exists
+        self.assertTrue(Account.all_objects.filter(id=self.user2_account.id).exists())
+
+    def test_user_cannot_get_balance_of_other_users_account(self):
+        """Balance action on other user's account should deny access."""
+        response = self.client1.get(f"/api/accounts/{self.user2_account.id}/balance/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_access_own_account(self):
+        """User can access their own account normally."""
+        response = self.client1.get(f"/api/accounts/{self.user1_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "User1 Account")
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountGroupDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' account groups."""
+
+    def setUp(self):
+        """Set up test data with two distinct users."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        # User 1's account group
+        self.user1_group = AccountGroup.all_objects.create(
+            name="User1 Group", owner=self.user1
+        )
+
+        # User 2's account group
+        self.user2_group = AccountGroup.all_objects.create(
+            name="User2 Group", owner=self.user2
+        )
+
+    def test_user_cannot_see_other_users_account_groups(self):
+        """GET /api/account-groups/ should only return user's own groups."""
+        response = self.client1.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [grp["id"] for grp in response.data["results"]]
+        self.assertIn(self.user1_group.id, group_ids)
+        self.assertNotIn(self.user2_group.id, group_ids)
+
+    def test_user_cannot_access_other_users_account_group_detail(self):
+        """GET /api/account-groups/{id}/ should deny access to other user's group."""
+        response = self.client1.get(f"/api/account-groups/{self.user2_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_account_group(self):
+        """PATCH on other user's account group should deny access."""
+        response = self.client1.patch(
+            f"/api/account-groups/{self.user2_group.id}/",
+            {"name": "Hacked Group"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.user2_group.refresh_from_db()
+        self.assertEqual(self.user2_group.name, "User2 Group")
+
+    def test_user_cannot_delete_other_users_account_group(self):
+        """DELETE on other user's account group should deny access."""
+        response = self.client1.delete(f"/api/account-groups/{self.user2_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            AccountGroup.all_objects.filter(id=self.user2_group.id).exists()
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class TransactionDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' transactions."""
+
+    def setUp(self):
+        """Set up test data with transactions for two distinct users."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account and transaction
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account", currency=self.currency, owner=self.user1
+        )
+        self.user1_transaction = Transaction.userless_all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="User1 Income",
+            owner=self.user1,
+        )
+
+        # User 2's account and transaction
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account", currency=self.currency, owner=self.user2
+        )
+        self.user2_transaction = Transaction.userless_all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="User2 Expense",
+            owner=self.user2,
+        )
+
+    def test_user_cannot_see_other_users_transactions_in_list(self):
+        """GET /api/transactions/ should only return user's own transactions."""
+        response = self.client1.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.user1_transaction.id, transaction_ids)
+        self.assertNotIn(self.user2_transaction.id, transaction_ids)
+
+    def test_user_cannot_access_other_users_transaction_detail(self):
+        """GET /api/transactions/{id}/ should deny access to other user's transaction."""
+        response = self.client1.get(f"/api/transactions/{self.user2_transaction.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_transaction(self):
+        """PATCH on other user's transaction should deny access."""
+        response = self.client1.patch(
+            f"/api/transactions/{self.user2_transaction.id}/",
+            {"description": "Hacked Transaction"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.user2_transaction.refresh_from_db()
+        self.assertEqual(self.user2_transaction.description, "User2 Expense")
+
+    def test_user_cannot_delete_other_users_transaction(self):
+        """DELETE on other user's transaction should deny access."""
+        response = self.client1.delete(
+            f"/api/transactions/{self.user2_transaction.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            Transaction.userless_all_objects.filter(
+                id=self.user2_transaction.id
+            ).exists()
+        )
+
+    def test_user_cannot_create_transaction_in_other_users_account(self):
+        """POST /api/transactions/ with other user's account should fail."""
+        response = self.client1.post(
+            "/api/transactions/",
+            {
+                "account": self.user2_account.id,
+                "type": "IN",
+                "amount": "100.00",
+                "date": "2025-01-15",
+                "description": "Sneaky transaction",
+            },
+            format="json",
+        )
+
+        # Should deny access - 400 (validation error), 403, or 404
+        self.assertIn(
+            response.status_code,
+            ACCESS_DENIED_CODES + [status.HTTP_400_BAD_REQUEST],
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class CategoryTagEntityIsolationTests(TestCase):
+    """Tests for isolation of categories, tags, and entities between users."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        # User 1's categories, tags, entities
+        self.user1_category = TransactionCategory.all_objects.create(
+            name="User1 Category", owner=self.user1
+        )
+        self.user1_tag = TransactionTag.all_objects.create(
+            name="User1 Tag", owner=self.user1
+        )
+        self.user1_entity = TransactionEntity.all_objects.create(
+            name="User1 Entity", owner=self.user1
+        )
+
+        # User 2's categories, tags, entities
+        self.user2_category = TransactionCategory.all_objects.create(
+            name="User2 Category", owner=self.user2
+        )
+        self.user2_tag = TransactionTag.all_objects.create(
+            name="User2 Tag", owner=self.user2
+        )
+        self.user2_entity = TransactionEntity.all_objects.create(
+            name="User2 Entity", owner=self.user2
+        )
+
+    def test_user_cannot_see_other_users_categories(self):
+        """GET /api/categories/ should only return user's own categories."""
+        response = self.client1.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.user1_category.id, category_ids)
+        self.assertNotIn(self.user2_category.id, category_ids)
+
+    def test_user_cannot_access_other_users_category_detail(self):
+        """GET /api/categories/{id}/ should deny access to other user's category."""
+        response = self.client1.get(f"/api/categories/{self.user2_category.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_tags(self):
+        """GET /api/tags/ should only return user's own tags."""
+        response = self.client1.get("/api/tags/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        tag_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.user1_tag.id, tag_ids)
+        self.assertNotIn(self.user2_tag.id, tag_ids)
+
+    def test_user_cannot_access_other_users_tag_detail(self):
+        """GET /api/tags/{id}/ should deny access to other user's tag."""
+        response = self.client1.get(f"/api/tags/{self.user2_tag.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_entities(self):
+        """GET /api/entities/ should only return user's own entities."""
+        response = self.client1.get("/api/entities/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        entity_ids = [e["id"] for e in response.data["results"]]
+        self.assertIn(self.user1_entity.id, entity_ids)
+        self.assertNotIn(self.user2_entity.id, entity_ids)
+
+    def test_user_cannot_access_other_users_entity_detail(self):
+        """GET /api/entities/{id}/ should deny access to other user's entity."""
+        response = self.client1.get(f"/api/entities/{self.user2_entity.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_category(self):
+        """PATCH on other user's category should deny access."""
+        response = self.client1.patch(
+            f"/api/categories/{self.user2_category.id}/",
+            {"name": "Hacked Category"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_tag(self):
+        """DELETE on other user's tag should deny access."""
+        response = self.client1.delete(f"/api/tags/{self.user2_tag.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            TransactionTag.all_objects.filter(id=self.user2_tag.id).exists()
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class DCADataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' DCA strategies and entries."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency1 = Currency.objects.create(
+            code="BTC", name="Bitcoin", decimal_places=8, prefix=""
+        )
+        self.currency2 = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's DCA strategy and entry
+        self.user1_strategy = DCAStrategy.all_objects.create(
+            name="User1 BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+        self.user1_entry = DCAEntry.objects.create(
+            strategy=self.user1_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("100.00"),
+            amount_received=Decimal("0.001"),
+        )
+
+        # User 2's DCA strategy and entry
+        self.user2_strategy = DCAStrategy.all_objects.create(
+            name="User2 BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user2,
+        )
+        self.user2_entry = DCAEntry.objects.create(
+            strategy=self.user2_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("200.00"),
+            amount_received=Decimal("0.002"),
+        )
+
+    def test_user_cannot_see_other_users_dca_strategies(self):
+        """GET /api/dca/strategies/ should only return user's own strategies."""
+        response = self.client1.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertIn(self.user1_strategy.id, strategy_ids)
+        self.assertNotIn(self.user2_strategy.id, strategy_ids)
+
+    def test_user_cannot_access_other_users_dca_strategy_detail(self):
+        """GET /api/dca/strategies/{id}/ should deny access to other user's strategy."""
+        response = self.client1.get(f"/api/dca/strategies/{self.user2_strategy.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_dca_entries(self):
+        """GET /api/dca/entries/ filtered by other user's strategy should return empty."""
+        response = self.client1.get(
+            f"/api/dca/entries/?strategy={self.user2_strategy.id}"
+        )
+
+        # Either OK with empty results or error
+        if response.status_code == status.HTTP_200_OK:
+            entry_ids = [e["id"] for e in response.data["results"]]
+            self.assertNotIn(self.user2_entry.id, entry_ids)
+
+    def test_user_cannot_access_other_users_dca_entry_detail(self):
+        """GET /api/dca/entries/{id}/ should deny access to other user's entry."""
+        response = self.client1.get(f"/api/dca/entries/{self.user2_entry.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_investment_frequency(self):
+        """investment_frequency action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/investment_frequency/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_price_comparison(self):
+        """price_comparison action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/price_comparison/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_current_price(self):
+        """current_price action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/current_price/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_dca_strategy(self):
+        """PATCH on other user's DCA strategy should deny access."""
+        response = self.client1.patch(
+            f"/api/dca/strategies/{self.user2_strategy.id}/",
+            {"name": "Hacked Strategy"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_dca_entry(self):
+        """DELETE on other user's DCA entry should deny access."""
+        response = self.client1.delete(f"/api/dca/entries/{self.user2_entry.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(DCAEntry.objects.filter(id=self.user2_entry.id).exists())
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class InstallmentRecurringIsolationTests(TestCase):
+    """Tests for isolation of installment plans and recurring transactions."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account", currency=self.currency, owner=self.user1
+        )
+
+        # User 2's account
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account", currency=self.currency, owner=self.user2
+        )
+
+        # User 1's installment plan
+        self.user1_installment = InstallmentPlan.all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.EXPENSE,
+            description="User1 Installment",
+            number_of_installments=12,
+            start_date=date(2025, 1, 1),
+            installment_amount=Decimal("100.00"),
+        )
+
+        # User 2's installment plan
+        self.user2_installment = InstallmentPlan.all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.EXPENSE,
+            description="User2 Installment",
+            number_of_installments=6,
+            start_date=date(2025, 1, 1),
+            installment_amount=Decimal("200.00"),
+        )
+
+        # User 1's recurring transaction
+        self.user1_recurring = RecurringTransaction.all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            description="User1 Recurring",
+            start_date=date(2025, 1, 1),
+            recurrence_type=RecurringTransaction.RecurrenceType.MONTH,
+            recurrence_interval=1,
+        )
+
+        # User 2's recurring transaction
+        self.user2_recurring = RecurringTransaction.all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("1000.00"),
+            description="User2 Recurring",
+            start_date=date(2025, 1, 1),
+            recurrence_type=RecurringTransaction.RecurrenceType.MONTH,
+            recurrence_interval=1,
+        )
+
+    def test_user_cannot_see_other_users_installment_plans(self):
+        """GET /api/installment-plans/ should only return user's own plans."""
+        response = self.client1.get("/api/installment-plans/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        plan_ids = [p["id"] for p in response.data["results"]]
+        self.assertIn(self.user1_installment.id, plan_ids)
+        self.assertNotIn(self.user2_installment.id, plan_ids)
+
+    def test_user_cannot_access_other_users_installment_plan_detail(self):
+        """GET /api/installment-plans/{id}/ should deny access to other user's plan."""
+        response = self.client1.get(
+            f"/api/installment-plans/{self.user2_installment.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_recurring_transactions(self):
+        """GET /api/recurring-transactions/ should only return user's own recurring."""
+        response = self.client1.get("/api/recurring-transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        recurring_ids = [r["id"] for r in response.data["results"]]
+        self.assertIn(self.user1_recurring.id, recurring_ids)
+        self.assertNotIn(self.user2_recurring.id, recurring_ids)
+
+    def test_user_cannot_access_other_users_recurring_transaction_detail(self):
+        """GET /api/recurring-transactions/{id}/ should deny access to other user's recurring."""
+        response = self.client1.get(
+            f"/api/recurring-transactions/{self.user2_recurring.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_installment_plan(self):
+        """PATCH on other user's installment plan should deny access."""
+        response = self.client1.patch(
+            f"/api/installment-plans/{self.user2_installment.id}/",
+            {"description": "Hacked Installment"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_recurring_transaction(self):
+        """DELETE on other user's recurring transaction should deny access."""
+        response = self.client1.delete(
+            f"/api/recurring-transactions/{self.user2_recurring.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            RecurringTransaction.all_objects.filter(id=self.user2_recurring.id).exists()
+        )

app/apps/api/tests/test_imports.py

@@ -0,0 +1,404 @@
+from io import BytesIO
+from unittest.mock import patch
+
+from django.contrib.auth import get_user_model
+from django.core.files.uploadedfile import SimpleUploadedFile
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.import_app.models import ImportProfile, ImportRun
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportAPITests(TestCase):
+    """Tests for the Import API endpoint"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        # Create a basic import profile with minimal valid YAML config
+        self.profile = ImportProfile.objects.create(
+            name="Test Profile",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+    @patch("apps.import_app.tasks.process_import.defer")
+    @patch("django.core.files.storage.FileSystemStorage.save")
+    @patch("django.core.files.storage.FileSystemStorage.path")
+    def test_create_import_success(self, mock_path, mock_save, mock_defer):
+        """Test successful file upload creates ImportRun and queues task"""
+        mock_save.return_value = "test_file.csv"
+        mock_path.return_value = "/usr/src/app/temp/test_file.csv"
+
+        csv_content = b"date,description,amount,account\n2025-01-01,Test,100,Main"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
+        self.assertIn("import_run_id", response.data)
+        self.assertEqual(response.data["status"], "queued")
+
+        # Verify ImportRun was created
+        import_run = ImportRun.objects.get(id=response.data["import_run_id"])
+        self.assertEqual(import_run.profile, self.profile)
+        self.assertEqual(import_run.file_name, "test_file.csv")
+
+        # Verify task was deferred
+        mock_defer.assert_called_once_with(
+            import_run_id=import_run.id,
+            file_path="/usr/src/app/temp/test_file.csv",
+            user_id=self.user.id,
+        )
+
+    def test_create_import_missing_profile(self):
+        """Test request without profile_id returns 400"""
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("profile_id", response.data)
+
+    def test_create_import_missing_file(self):
+        """Test request without file returns 400"""
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("file", response.data)
+
+    def test_create_import_invalid_profile(self):
+        """Test request with non-existent profile returns 400"""
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": 99999, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("profile_id", response.data)
+
+    @patch("apps.import_app.tasks.process_import.defer")
+    @patch("django.core.files.storage.FileSystemStorage.save")
+    @patch("django.core.files.storage.FileSystemStorage.path")
+    def test_create_import_xlsx(self, mock_path, mock_save, mock_defer):
+        """Test successful XLSX file upload"""
+        mock_save.return_value = "test_file.xlsx"
+        mock_path.return_value = "/usr/src/app/temp/test_file.xlsx"
+
+        # Create a simple XLSX-like content (just for the upload test)
+        xlsx_content = BytesIO(b"PK\x03\x04")  # XLSX files start with PK header
+        file = SimpleUploadedFile(
+            "test_file.xlsx",
+            xlsx_content.getvalue(),
+            content_type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
+        self.assertIn("import_run_id", response.data)
+
+    def test_unauthenticated_request(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = unauthenticated_client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportProfileAPITests(TestCase):
+    """Tests for the Import Profile API endpoints"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.profile1 = ImportProfile.objects.create(
+            name="Profile 1",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+        self.profile2 = ImportProfile.objects.create(
+            name="Profile 2",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_income
+  is_paid:
+    detection_method: always_unpaid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+    def test_list_profiles(self):
+        """Test listing all profiles"""
+        response = self.client.get("/api/import/profiles/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 2)
+        self.assertEqual(len(response.data["results"]), 2)
+
+    def test_retrieve_profile(self):
+        """Test retrieving a specific profile"""
+        response = self.client.get(f"/api/import/profiles/{self.profile1.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["id"], self.profile1.id)
+        self.assertEqual(response.data["name"], "Profile 1")
+        self.assertIn("yaml_config", response.data)
+
+    def test_retrieve_nonexistent_profile(self):
+        """Test retrieving a non-existent profile returns 404"""
+        response = self.client.get("/api/import/profiles/99999/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_profiles_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get("/api/import/profiles/")
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportRunAPITests(TestCase):
+    """Tests for the Import Run API endpoints"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.profile1 = ImportProfile.objects.create(
+            name="Profile 1",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+        self.profile2 = ImportProfile.objects.create(
+            name="Profile 2",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_income
+  is_paid:
+    detection_method: always_unpaid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+        # Create import runs
+        self.run1 = ImportRun.objects.create(
+            profile=self.profile1,
+            file_name="file1.csv",
+            status=ImportRun.Status.FINISHED,
+        )
+        self.run2 = ImportRun.objects.create(
+            profile=self.profile1,
+            file_name="file2.csv",
+            status=ImportRun.Status.QUEUED,
+        )
+        self.run3 = ImportRun.objects.create(
+            profile=self.profile2,
+            file_name="file3.csv",
+            status=ImportRun.Status.FINISHED,
+        )
+
+    def test_list_all_runs(self):
+        """Test listing all runs"""
+        response = self.client.get("/api/import/runs/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 3)
+        self.assertEqual(len(response.data["results"]), 3)
+
+    def test_list_runs_by_profile(self):
+        """Test filtering runs by profile_id"""
+        response = self.client.get(f"/api/import/runs/?profile_id={self.profile1.id}")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 2)
+        for run in response.data["results"]:
+            self.assertEqual(run["profile"], self.profile1.id)
+
+    def test_list_runs_by_other_profile(self):
+        """Test filtering runs by another profile_id"""
+        response = self.client.get(f"/api/import/runs/?profile_id={self.profile2.id}")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 1)
+        self.assertEqual(response.data["results"][0]["profile"], self.profile2.id)
+
+    def test_retrieve_run(self):
+        """Test retrieving a specific run"""
+        response = self.client.get(f"/api/import/runs/{self.run1.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["id"], self.run1.id)
+        self.assertEqual(response.data["file_name"], "file1.csv")
+        self.assertEqual(response.data["status"], "FINISHED")
+
+    def test_retrieve_nonexistent_run(self):
+        """Test retrieving a non-existent run returns 404"""
+        response = self.client.get("/api/import/runs/99999/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_runs_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get("/api/import/runs/")
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

app/apps/api/tests/test_shared_access.py

@@ -0,0 +1,587 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.dca.models import DCAStrategy, DCAEntry
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+    TransactionEntity,
+)
+
+
+ACCESS_DENIED_CODES = [status.HTTP_403_FORBIDDEN, status.HTTP_404_NOT_FOUND]
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedAccountAccessTests(TestCase):
+    """Tests for shared account access via shared_with field."""
+
+    def setUp(self):
+        """Set up test data with shared accounts."""
+        User = get_user_model()
+
+        # User 1 - owner
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        # User 2 - will have shared access
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        # User 3 - no shared access
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account shared with user 2
+        self.shared_account = Account.all_objects.create(
+            name="Shared Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+        self.shared_account.shared_with.add(self.user2)
+
+        # User 1's private account (not shared)
+        self.private_account = Account.all_objects.create(
+            name="Private Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+
+        # Transaction in shared account
+        self.shared_transaction = Transaction.userless_all_objects.create(
+            account=self.shared_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Shared Transaction",
+            owner=self.user1,
+        )
+
+        # Transaction in private account
+        self.private_transaction = Transaction.userless_all_objects.create(
+            account=self.private_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Private Transaction",
+            owner=self.user1,
+        )
+
+    def test_user_can_see_accounts_shared_with_them(self):
+        """User2 should see the account shared with them."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.shared_account.id, account_ids)
+
+    def test_user_cannot_see_accounts_not_shared_with_them(self):
+        """User2 should NOT see user1's private (non-shared) account."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertNotIn(self.private_account.id, account_ids)
+
+    def test_user_can_access_shared_account_detail(self):
+        """User2 should be able to access shared account details."""
+        response = self.client2.get(f"/api/accounts/{self.shared_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Account")
+
+    def test_user_without_share_cannot_access_shared_account(self):
+        """User3 should NOT be able to access the shared account."""
+        response = self.client3.get(f"/api/accounts/{self.shared_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_see_transactions_in_shared_account(self):
+        """User2 should see transactions in the shared account."""
+        response = self.client2.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.shared_transaction.id, transaction_ids)
+        self.assertNotIn(self.private_transaction.id, transaction_ids)
+
+    def test_user_can_access_transaction_in_shared_account(self):
+        """User2 should be able to access transaction details in shared account."""
+        response = self.client2.get(f"/api/transactions/{self.shared_transaction.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["description"], "Shared Transaction")
+
+    def test_user_cannot_access_transaction_in_non_shared_account(self):
+        """User2 should NOT access transactions in user1's private account."""
+        response = self.client2.get(f"/api/transactions/{self.private_transaction.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_get_balance_of_shared_account(self):
+        """User2 should be able to get balance of shared account."""
+        response = self.client2.get(f"/api/accounts/{self.shared_account.id}/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn("current_balance", response.data)
+
+    def test_sharing_works_with_multiple_users(self):
+        """Account shared with multiple users should be accessible by all."""
+        # Add user3 to shared_with
+        self.shared_account.shared_with.add(self.user3)
+
+        # User2 still has access
+        response2 = self.client2.get(f"/api/accounts/{self.shared_account.id}/")
+        self.assertEqual(response2.status_code, status.HTTP_200_OK)
+
+        # User3 now has access
+        response3 = self.client3.get(f"/api/accounts/{self.shared_account.id}/")
+        self.assertEqual(response3.status_code, status.HTTP_200_OK)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class PublicVisibilityTests(TestCase):
+    """Tests for public visibility access."""
+
+    def setUp(self):
+        """Set up test data with public accounts."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's public account
+        self.public_account = Account.all_objects.create(
+            name="Public Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="public",
+        )
+
+        # User 1's private account
+        self.private_account = Account.all_objects.create(
+            name="Private Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+
+        # Transaction in public account
+        self.public_transaction = Transaction.userless_all_objects.create(
+            account=self.public_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Public Transaction",
+            owner=self.user1,
+        )
+
+    def test_user_can_see_public_accounts(self):
+        """User2 should see user1's public account."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.public_account.id, account_ids)
+        self.assertNotIn(self.private_account.id, account_ids)
+
+    def test_user_can_access_public_account_detail(self):
+        """User2 should be able to access public account details."""
+        response = self.client2.get(f"/api/accounts/{self.public_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Public Account")
+
+    def test_user_can_see_transactions_in_public_accounts(self):
+        """User2 should see transactions in public accounts."""
+        response = self.client2.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.public_transaction.id, transaction_ids)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedCategoryTagEntityTests(TestCase):
+    """Tests for shared categories, tags, and entities."""
+
+    def setUp(self):
+        """Set up test data with shared categories/tags/entities."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        # User 1's category shared with user 2
+        self.shared_category = TransactionCategory.all_objects.create(
+            name="Shared Category", owner=self.user1
+        )
+        self.shared_category.shared_with.add(self.user2)
+
+        # User 1's private category
+        self.private_category = TransactionCategory.all_objects.create(
+            name="Private Category", owner=self.user1
+        )
+
+        # User 1's public category
+        self.public_category = TransactionCategory.all_objects.create(
+            name="Public Category", owner=self.user1, visibility="public"
+        )
+
+        # User 1's tag shared with user 2
+        self.shared_tag = TransactionTag.all_objects.create(
+            name="Shared Tag", owner=self.user1
+        )
+        self.shared_tag.shared_with.add(self.user2)
+
+        # User 1's entity shared with user 2
+        self.shared_entity = TransactionEntity.all_objects.create(
+            name="Shared Entity", owner=self.user1
+        )
+        self.shared_entity.shared_with.add(self.user2)
+
+    def test_user_can_see_shared_categories(self):
+        """User2 should see categories shared with them."""
+        response = self.client2.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.shared_category.id, category_ids)
+        self.assertNotIn(self.private_category.id, category_ids)
+
+    def test_user_can_access_shared_category_detail(self):
+        """User2 should be able to access shared category details."""
+        response = self.client2.get(f"/api/categories/{self.shared_category.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Category")
+
+    def test_user_can_see_public_categories(self):
+        """User3 should see public categories."""
+        response = self.client3.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.public_category.id, category_ids)
+
+    def test_user_without_share_cannot_see_shared_category(self):
+        """User3 should NOT see category shared only with user2."""
+        response = self.client3.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertNotIn(self.shared_category.id, category_ids)
+
+    def test_user_can_see_shared_tags(self):
+        """User2 should see tags shared with them."""
+        response = self.client2.get("/api/tags/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        tag_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.shared_tag.id, tag_ids)
+
+    def test_user_can_access_shared_tag_detail(self):
+        """User2 should be able to access shared tag details."""
+        response = self.client2.get(f"/api/tags/{self.shared_tag.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Tag")
+
+    def test_user_can_see_shared_entities(self):
+        """User2 should see entities shared with them."""
+        response = self.client2.get("/api/entities/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        entity_ids = [e["id"] for e in response.data["results"]]
+        self.assertIn(self.shared_entity.id, entity_ids)
+
+    def test_user_can_access_shared_entity_detail(self):
+        """User2 should be able to access shared entity details."""
+        response = self.client2.get(f"/api/entities/{self.shared_entity.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Entity")
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedDCAAccessTests(TestCase):
+    """Tests for shared DCA strategy access."""
+
+    def setUp(self):
+        """Set up test data with shared DCA strategies."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        self.currency1 = Currency.objects.create(
+            code="BTC", name="Bitcoin", decimal_places=8, prefix=""
+        )
+        self.currency2 = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's DCA strategy shared with user 2
+        self.shared_strategy = DCAStrategy.all_objects.create(
+            name="Shared BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+        self.shared_strategy.shared_with.add(self.user2)
+
+        # Entry in shared strategy
+        self.shared_entry = DCAEntry.objects.create(
+            strategy=self.shared_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("100.00"),
+            amount_received=Decimal("0.001"),
+        )
+
+        # User 1's private strategy
+        self.private_strategy = DCAStrategy.all_objects.create(
+            name="Private BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+
+    def test_user_can_see_shared_dca_strategies(self):
+        """User2 should see DCA strategies shared with them."""
+        response = self.client2.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertIn(self.shared_strategy.id, strategy_ids)
+        self.assertNotIn(self.private_strategy.id, strategy_ids)
+
+    def test_user_can_access_shared_dca_strategy_detail(self):
+        """User2 should be able to access shared strategy details."""
+        response = self.client2.get(f"/api/dca/strategies/{self.shared_strategy.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared BTC Strategy")
+
+    def test_user_without_share_cannot_see_shared_strategy(self):
+        """User3 should NOT see strategy shared only with user2."""
+        response = self.client3.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertNotIn(self.shared_strategy.id, strategy_ids)
+
+    def test_user_can_access_shared_strategy_actions(self):
+        """User2 should be able to access actions on shared strategy."""
+        # investment_frequency
+        response1 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/investment_frequency/"
+        )
+        self.assertEqual(response1.status_code, status.HTTP_200_OK)
+
+        # price_comparison
+        response2 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/price_comparison/"
+        )
+        self.assertEqual(response2.status_code, status.HTTP_200_OK)
+
+        # current_price
+        response3 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/current_price/"
+        )
+        self.assertEqual(response3.status_code, status.HTTP_200_OK)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedAccountGroupTests(TestCase):
+    """Tests for shared account group access."""
+
+    def setUp(self):
+        """Set up test data with shared account groups."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        # User 1's account group shared with user 2
+        self.shared_group = AccountGroup.all_objects.create(
+            name="Shared Group", owner=self.user1
+        )
+        self.shared_group.shared_with.add(self.user2)
+
+        # User 1's private account group
+        self.private_group = AccountGroup.all_objects.create(
+            name="Private Group", owner=self.user1
+        )
+
+        # User 1's public account group
+        self.public_group = AccountGroup.all_objects.create(
+            name="Public Group", owner=self.user1, visibility="public"
+        )
+
+    def test_user_can_see_shared_account_groups(self):
+        """User2 should see account groups shared with them."""
+        response = self.client2.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [g["id"] for g in response.data["results"]]
+        self.assertIn(self.shared_group.id, group_ids)
+        self.assertNotIn(self.private_group.id, group_ids)
+
+    def test_user_can_access_shared_account_group_detail(self):
+        """User2 should be able to access shared account group details."""
+        response = self.client2.get(f"/api/account-groups/{self.shared_group.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Group")
+
+    def test_user_can_see_public_account_groups(self):
+        """User3 should see public account groups."""
+        response = self.client3.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [g["id"] for g in response.data["results"]]
+        self.assertIn(self.public_group.id, group_ids)
+
+    def test_user_without_share_cannot_access_shared_group(self):
+        """User3 should NOT be able to access shared account group."""
+        response = self.client3.get(f"/api/account-groups/{self.shared_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)

app/apps/api/urls.py

@@ -16,7 +16,11 @@ router.register(r"currencies", views.CurrencyViewSet)
 router.register(r"exchange-rates", views.ExchangeRateViewSet)
 router.register(r"dca/strategies", views.DCAStrategyViewSet)
 router.register(r"dca/entries", views.DCAEntryViewSet)
+router.register(r"import/profiles", views.ImportProfileViewSet, basename="import-profiles")
+router.register(r"import/runs", views.ImportRunViewSet, basename="import-runs")
+router.register(r"import/import", views.ImportViewSet, basename="import-import")
 
 urlpatterns = [
     path("", include(router.urls)),
 ]
+

app/apps/api/views/__init__.py

@@ -2,3 +2,5 @@ from .transactions import *
 from .accounts import *
 from .currencies import *
 from .dca import *
+from .imports import *
+

app/apps/api/views/accounts.py

@@ -1,27 +1,79 @@
+from drf_spectacular.utils import extend_schema, extend_schema_view
 from rest_framework import viewsets
+from rest_framework.decorators import action
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
 
-from apps.api.custom.pagination import CustomPageNumberPagination
 from apps.accounts.models import AccountGroup, Account
-from apps.api.serializers import AccountGroupSerializer, AccountSerializer
+from apps.accounts.services import get_account_balance
+from apps.api.serializers import (
+    AccountGroupSerializer,
+    AccountSerializer,
+    AccountBalanceSerializer,
+)
 
 
 class AccountGroupViewSet(viewsets.ModelViewSet):
+    """ViewSet for managing account groups."""
+
     queryset = AccountGroup.objects.all()
     serializer_class = AccountGroupSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return AccountGroup.objects.all().order_by("id")
+        return AccountGroup.objects.all()
 
 
+@extend_schema_view(
+    balance=extend_schema(
+        summary="Get account balance",
+        description="Returns the current and projected balance for the account, along with currency data.",
+        responses={200: AccountBalanceSerializer},
+    ),
+)
 class AccountViewSet(viewsets.ModelViewSet):
+    """ViewSet for managing accounts."""
+
     queryset = Account.objects.all()
     serializer_class = AccountSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "group": ["exact", "isnull"],
+        "currency": ["exact"],
+        "exchange_currency": ["exact", "isnull"],
+        "is_asset": ["exact"],
+        "is_archived": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return (
-            Account.objects.all()
-            .order_by("id")
-            .select_related("group", "currency", "exchange_currency")
+        return Account.objects.all().select_related(
+            "group", "currency", "exchange_currency"
         )
+
+    @action(detail=True, methods=["get"], permission_classes=[IsAuthenticated])
+    def balance(self, request, pk=None):
+        """Get current and projected balance for an account."""
+        account = self.get_object()
+
+        current_balance = get_account_balance(account, paid_only=True)
+        projected_balance = get_account_balance(account, paid_only=False)
+
+        serializer = AccountBalanceSerializer(
+            {
+                "current_balance": current_balance,
+                "projected_balance": projected_balance,
+                "currency": account.currency,
+            }
+        )
+
+        return Response(serializer.data)

app/apps/api/views/currencies.py

@@ -9,8 +9,28 @@ from apps.currencies.models import ExchangeRate
 class CurrencyViewSet(viewsets.ModelViewSet):
     queryset = Currency.objects.all()
     serializer_class = CurrencySerializer
+    filterset_fields = {
+        'name': ['exact', 'icontains'],
+        'code': ['exact', 'icontains'],
+        'decimal_places': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'prefix': ['exact', 'icontains'],
+        'suffix': ['exact', 'icontains'],
+        'exchange_currency': ['exact'],
+        'is_archived': ['exact'],
+    }
+    search_fields = '__all__'
+    ordering_fields = '__all__'
 
 
 class ExchangeRateViewSet(viewsets.ModelViewSet):
     queryset = ExchangeRate.objects.all()
     serializer_class = ExchangeRateSerializer
+    filterset_fields = {
+        'from_currency': ['exact'],
+        'to_currency': ['exact'],
+        'rate': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'date': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'automatic': ['exact'],
+    }
+    search_fields = '__all__'
+    ordering_fields = '__all__'

app/apps/api/views/dca.py

@@ -8,6 +8,19 @@ from apps.api.serializers import DCAStrategySerializer, DCAEntrySerializer
 class DCAStrategyViewSet(viewsets.ModelViewSet):
     queryset = DCAStrategy.objects.all()
     serializer_class = DCAStrategySerializer
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "target_currency": ["exact"],
+        "payment_currency": ["exact"],
+        "notes": ["exact", "icontains"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+    }
+    search_fields = ["name", "notes"]
+    ordering_fields = "__all__"
+
+    def get_queryset(self):
+        return DCAStrategy.objects.all()
 
     @action(detail=True, methods=["get"])
     def investment_frequency(self, request, pk=None):
@@ -32,10 +45,22 @@ class DCAStrategyViewSet(viewsets.ModelViewSet):
 class DCAEntryViewSet(viewsets.ModelViewSet):
     queryset = DCAEntry.objects.all()
     serializer_class = DCAEntrySerializer
+    filterset_fields = {
+        "strategy": ["exact"],
+        "date": ["exact", "gte", "lte", "gt", "lt"],
+        "amount_paid": ["exact", "gte", "lte", "gt", "lt"],
+        "amount_received": ["exact", "gte", "lte", "gt", "lt"],
+        "expense_transaction": ["exact", "isnull"],
+        "income_transaction": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+    }
+    search_fields = ["notes"]
+    ordering_fields = "__all__"
+    ordering = ["-date"]
 
     def get_queryset(self):
-        queryset = DCAEntry.objects.all()
-        strategy_id = self.request.query_params.get("strategy", None)
-        if strategy_id is not None:
-            queryset = queryset.filter(strategy_id=strategy_id)
-        return queryset
+        # Filter entries by strategies the user has access to
+        accessible_strategies = DCAStrategy.objects.all()
+        return DCAEntry.objects.filter(strategy__in=accessible_strategies)

app/apps/api/views/imports.py

@@ -0,0 +1,147 @@
+from django.core.files.storage import FileSystemStorage
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiParameter, extend_schema, extend_schema_view, inline_serializer
+from rest_framework import serializers as drf_serializers
+from rest_framework import status, viewsets
+from rest_framework.parsers import MultiPartParser
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+
+from apps.api.serializers import ImportFileSerializer, ImportProfileSerializer, ImportRunSerializer
+from apps.import_app.models import ImportProfile, ImportRun
+from apps.import_app.tasks import process_import
+
+
+@extend_schema_view(
+    list=extend_schema(
+        summary="List import profiles",
+        description="Returns a paginated list of all available import profiles.",
+    ),
+    retrieve=extend_schema(
+        summary="Get import profile",
+        description="Returns the details of a specific import profile by ID.",
+    ),
+)
+class ImportProfileViewSet(viewsets.ReadOnlyModelViewSet):
+    """ViewSet for listing and retrieving import profiles."""
+
+    queryset = ImportProfile.objects.all()
+    serializer_class = ImportProfileSerializer
+    permission_classes = [IsAuthenticated]
+    filterset_fields = {
+        'name': ['exact', 'icontains'],
+        'yaml_config': ['exact', 'icontains'],
+        'version': ['exact'],
+    }
+    search_fields = ['name', 'yaml_config']
+    ordering_fields = '__all__'
+    ordering = ['name']
+
+
+@extend_schema_view(
+    list=extend_schema(
+        summary="List import runs",
+        description="Returns a paginated list of import runs. Optionally filter by profile_id.",
+        parameters=[
+            OpenApiParameter(
+                name="profile_id",
+                type=int,
+                location=OpenApiParameter.QUERY,
+                description="Filter runs by profile ID",
+                required=False,
+            ),
+        ],
+    ),
+    retrieve=extend_schema(
+        summary="Get import run",
+        description="Returns the details of a specific import run by ID, including status and logs.",
+    ),
+)
+class ImportRunViewSet(viewsets.ReadOnlyModelViewSet):
+    """ViewSet for listing and retrieving import runs."""
+
+    queryset = ImportRun.objects.all().order_by("-id")
+    serializer_class = ImportRunSerializer
+    permission_classes = [IsAuthenticated]
+    filterset_fields = {
+        'status': ['exact'],
+        'profile': ['exact'],
+        'file_name': ['exact', 'icontains'],
+        'logs': ['exact', 'icontains'],
+        'processed_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'total_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'successful_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'skipped_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'failed_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'started_at': ['exact', 'gte', 'lte', 'gt', 'lt', 'isnull'],
+        'finished_at': ['exact', 'gte', 'lte', 'gt', 'lt', 'isnull'],
+    }
+    search_fields = ['file_name', 'logs']
+    ordering_fields = '__all__'
+    ordering = ['-id']
+
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        profile_id = self.request.query_params.get("profile_id")
+        if profile_id:
+            queryset = queryset.filter(profile_id=profile_id)
+        return queryset
+
+
+@extend_schema_view(
+    create=extend_schema(
+        summary="Import file",
+        description="Upload a CSV or XLSX file to import using an existing import profile. The import is queued and processed asynchronously.",
+        request={
+            "multipart/form-data": {
+                "type": "object",
+                "properties": {
+                    "profile_id": {"type": "integer", "description": "ID of the ImportProfile to use"},
+                    "file": {"type": "string", "format": "binary", "description": "CSV or XLSX file to import"},
+                },
+                "required": ["profile_id", "file"],
+            },
+        },
+        responses={
+            202: inline_serializer(
+                name="ImportResponse",
+                fields={
+                    "import_run_id": drf_serializers.IntegerField(),
+                    "status": drf_serializers.CharField(),
+                },
+            ),
+        },
+    ),
+)
+class ImportViewSet(viewsets.ViewSet):
+    """ViewSet for importing data via file upload."""
+
+    permission_classes = [IsAuthenticated]
+    parser_classes = [MultiPartParser]
+
+    def create(self, request):
+        serializer = ImportFileSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        profile = serializer.validated_data["profile"]
+        uploaded_file = serializer.validated_data["file"]
+
+        # Save file to temp location
+        fs = FileSystemStorage(location="/usr/src/app/temp")
+        filename = fs.save(uploaded_file.name, uploaded_file)
+        file_path = fs.path(filename)
+
+        # Create ImportRun record
+        import_run = ImportRun.objects.create(profile=profile, file_name=filename)
+
+        # Queue import task
+        process_import.defer(
+            import_run_id=import_run.id,
+            file_path=file_path,
+            user_id=request.user.id,
+        )
+
+        return Response(
+            {"import_run_id": import_run.id, "status": "queued"},
+            status=status.HTTP_202_ACCEPTED,
+        )

app/apps/api/views/transactions.py

@@ -2,7 +2,6 @@ from copy import deepcopy
 
 from rest_framework import viewsets
 
-from apps.api.custom.pagination import CustomPageNumberPagination
 from apps.api.serializers import (
     TransactionSerializer,
     TransactionCategorySerializer,
@@ -25,14 +24,41 @@ from apps.rules.signals import transaction_updated, transaction_created
 class TransactionViewSet(viewsets.ModelViewSet):
     queryset = Transaction.objects.all()
     serializer_class = TransactionSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "account": ["exact"],
+        "type": ["exact"],
+        "is_paid": ["exact"],
+        "date": ["exact", "gte", "lte", "gt", "lt"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt"],
+        "mute": ["exact"],
+        "amount": ["exact", "gte", "lte", "gt", "lt"],
+        "description": ["exact", "icontains"],
+        "notes": ["exact", "icontains"],
+        "category": ["exact", "isnull"],
+        "installment_plan": ["exact", "isnull"],
+        "installment_id": ["exact", "gte", "lte"],
+        "recurring_transaction": ["exact", "isnull"],
+        "internal_note": ["exact", "icontains"],
+        "internal_id": ["exact"],
+        "deleted": ["exact"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+        "deleted_at": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "owner": ["exact"],
+    }
+    search_fields = ["description", "notes", "internal_note"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
+
+    def get_queryset(self):
+        return Transaction.objects.all()
 
     def perform_create(self, serializer):
         instance = serializer.save()
         transaction_created.send(sender=instance)
 
     def perform_update(self, serializer):
-        old_data = deepcopy(Transaction.objects.get(pk=serializer.data["pk"]))
+        old_data = deepcopy(self.get_object())
         instance = serializer.save()
         transaction_updated.send(sender=instance, old_data=old_data)
 
@@ -40,50 +66,109 @@ class TransactionViewSet(viewsets.ModelViewSet):
         kwargs["partial"] = True
         return self.update(request, *args, **kwargs)
 
-    def get_queryset(self):
-        return Transaction.objects.all().order_by("-id")
-
 
 class TransactionCategoryViewSet(viewsets.ModelViewSet):
     queryset = TransactionCategory.objects.all()
     serializer_class = TransactionCategorySerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "mute": ["exact"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionCategory.objects.all().order_by("id")
+        return TransactionCategory.objects.all()
 
 
 class TransactionTagViewSet(viewsets.ModelViewSet):
     queryset = TransactionTag.objects.all()
     serializer_class = TransactionTagSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionTag.objects.all().order_by("id")
+        return TransactionTag.objects.all()
 
 
 class TransactionEntityViewSet(viewsets.ModelViewSet):
     queryset = TransactionEntity.objects.all()
     serializer_class = TransactionEntitySerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionEntity.objects.all().order_by("id")
+        return TransactionEntity.objects.all()
 
 
 class InstallmentPlanViewSet(viewsets.ModelViewSet):
     queryset = InstallmentPlan.objects.all()
     serializer_class = InstallmentPlanSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "account": ["exact"],
+        "type": ["exact"],
+        "description": ["exact", "icontains"],
+        "number_of_installments": ["exact", "gte", "lte", "gt", "lt"],
+        "installment_start": ["exact", "gte", "lte", "gt", "lt"],
+        "installment_total_number": ["exact", "gte", "lte", "gt", "lt"],
+        "start_date": ["exact", "gte", "lte", "gt", "lt"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "end_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "recurrence": ["exact"],
+        "installment_amount": ["exact", "gte", "lte", "gt", "lt"],
+        "category": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "add_description_to_transaction": ["exact"],
+        "add_notes_to_transaction": ["exact"],
+    }
+    search_fields = ["description", "notes"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
 
     def get_queryset(self):
-        return InstallmentPlan.objects.all().order_by("-id")
+        return InstallmentPlan.objects.all()
 
 
 class RecurringTransactionViewSet(viewsets.ModelViewSet):
     queryset = RecurringTransaction.objects.all()
     serializer_class = RecurringTransactionSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "is_paused": ["exact"],
+        "account": ["exact"],
+        "type": ["exact"],
+        "amount": ["exact", "gte", "lte", "gt", "lt"],
+        "description": ["exact", "icontains"],
+        "category": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "start_date": ["exact", "gte", "lte", "gt", "lt"],
+        "end_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "recurrence_type": ["exact"],
+        "recurrence_interval": ["exact", "gte", "lte", "gt", "lt"],
+        "keep_at_most": ["exact", "gte", "lte", "gt", "lt"],
+        "last_generated_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "last_generated_reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "add_description_to_transaction": ["exact"],
+        "add_notes_to_transaction": ["exact"],
+    }
+    search_fields = ["description", "notes"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
 
     def get_queryset(self):
-        return RecurringTransaction.objects.all().order_by("-id")
+        return RecurringTransaction.objects.all()

app/apps/common/apps.py

@@ -23,3 +23,6 @@ class CommonConfig(AppConfig):
         # Delete the cache for update checks to prevent false-positives when the app is restarted
         # this will be recreated by the check_for_updates task
         cache.delete("update_check")
+
+        # Register system checks for required environment variables
+        from apps.common import checks  # noqa: F401

app/apps/common/checks.py

@@ -0,0 +1,103 @@
+"""
+Django System Checks for required environment variables.
+
+This module validates that required environment variables (those without defaults)
+are present before the application starts.
+"""
+
+import os
+
+from django.core.checks import Error, register
+
+
+# List of environment variables that are required (no default values)
+# Based on the README.md documentation
+REQUIRED_ENV_VARS = [
+    ("SECRET_KEY", "This is used to provide cryptographic signing."),
+    ("SQL_DATABASE", "The name of your postgres database."),
+]
+
+# List of environment variables that must be valid integers if set
+INT_ENV_VARS = [
+    ("TASK_WORKERS", "How many workers to have for async tasks."),
+    ("SESSION_EXPIRY_TIME", "The age of session cookies, in seconds."),
+    ("INTERNAL_PORT", "The port on which the app listens on."),
+    ("DJANGO_VITE_DEV_SERVER_PORT", "The port where Vite's dev server is running"),
+]
+
+
+@register()
+def check_required_env_vars(app_configs, **kwargs):
+    """
+    Check that all required environment variables are set.
+
+    Returns a list of Error objects for any missing required variables.
+    """
+    errors = []
+
+    for var_name, description in REQUIRED_ENV_VARS:
+        value = os.getenv(var_name)
+        if not value:
+            errors.append(
+                Error(
+                    f"Required environment variable '{var_name}' is not set.",
+                    hint=f"{description} Please set this variable in your .env file or environment.",
+                    id="wygiwyh.E001",
+                )
+            )
+
+    return errors
+
+
+@register()
+def check_int_env_vars(app_configs, **kwargs):
+    """
+    Check that environment variables that should be integers are valid.
+
+    Returns a list of Error objects for any invalid integer variables.
+    """
+    errors = []
+
+    for var_name, description in INT_ENV_VARS:
+        value = os.getenv(var_name)
+        if value is not None:
+            try:
+                int(value)
+            except ValueError:
+                errors.append(
+                    Error(
+                        f"Environment variable '{var_name}' must be a valid integer, got '{value}'.",
+                        hint=f"{description}",
+                        id="wygiwyh.E002",
+                    )
+                )
+
+    return errors
+
+
+@register()
+def check_soft_delete_config(app_configs, **kwargs):
+    """
+    Check that KEEP_DELETED_TRANSACTIONS_FOR is a valid integer when ENABLE_SOFT_DELETE is enabled.
+
+    Returns a list of Error objects if the configuration is invalid.
+    """
+    errors = []
+
+    enable_soft_delete = os.getenv("ENABLE_SOFT_DELETE", "false").lower() == "true"
+
+    if enable_soft_delete:
+        keep_deleted_for = os.getenv("KEEP_DELETED_TRANSACTIONS_FOR")
+        if keep_deleted_for is not None:
+            try:
+                int(keep_deleted_for)
+            except ValueError:
+                errors.append(
+                    Error(
+                        f"Environment variable 'KEEP_DELETED_TRANSACTIONS_FOR' must be a valid integer when ENABLE_SOFT_DELETE is enabled, got '{keep_deleted_for}'.",
+                        hint="Time in days to keep soft deleted transactions for. Set to 0 to keep all transactions indefinitely.",
+                        id="wygiwyh.E003",
+                    )
+                )
+
+    return errors

app/apps/common/tasks.py

@@ -17,7 +17,12 @@ logger = logging.getLogger(__name__)
 
 
 @app.periodic(cron="0 4 * * *")
-@app.task(queueing_lock="remove_old_jobs", pass_context=True, name="remove_old_jobs")
+@app.task(
+    lock="remove_old_jobs",
+    queueing_lock="remove_old_jobs",
+    pass_context=True,
+    name="remove_old_jobs",
+)
 async def remove_old_jobs(context, timestamp):
     try:
         return await builtin_tasks.remove_old_jobs(
@@ -36,7 +41,11 @@ async def remove_old_jobs(context, timestamp):
 
 
 @app.periodic(cron="0 6 1 * *")
-@app.task(queueing_lock="remove_expired_sessions", name="remove_expired_sessions")
+@app.task(
+    lock="remove_expired_sessions",
+    queueing_lock="remove_expired_sessions",
+    name="remove_expired_sessions",
+)
 async def remove_expired_sessions(timestamp=None):
     """Cleanup expired sessions by using Django management command."""
     try:
@@ -49,7 +58,7 @@ async def remove_expired_sessions(timestamp=None):
 
 
 @app.periodic(cron="0 8 * * *")
-@app.task(name="reset_demo_data")
+@app.task(lock="reset_demo_data", name="reset_demo_data")
 def reset_demo_data(timestamp=None):
     """
     Wipes the database and loads fresh demo data if DEMO mode is active.
@@ -86,9 +95,7 @@ def reset_demo_data(timestamp=None):
 
 
 @app.periodic(cron="0 */12 * * *")  # Every 12 hours
-@app.task(
-    name="check_for_updates",
-)
+@app.task(lock="check_for_updates", name="check_for_updates")
 def check_for_updates(timestamp=None):
     if not settings.CHECK_FOR_UPDATES:
         return "CHECK_FOR_UPDATES is disabled"

app/apps/currencies/exchange_rates/fetcher.py

@@ -1,5 +1,4 @@
 import logging
-from datetime import timedelta
 
 from django.db.models import QuerySet
 from django.utils import timezone
@@ -258,7 +257,10 @@ class ExchangeRateFetcher:
                     processed_pairs.add((from_currency.id, to_currency.id))
 
             service.last_fetch = timezone.now()
+            service.failure_count = 0
             service.save()
 
         except Exception as e:
             logger.error(f"Error fetching rates for {service.name}: {e}")
+            service.failure_count += 1
+            service.save()

app/apps/currencies/migrations/0023_add_failure_count.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.10 on 2026-01-10 06:08
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0022_currency_is_archived'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='exchangerateservice',
+            name='failure_count',
+            field=models.PositiveIntegerField(default=0),
+        ),
+    ]

app/apps/currencies/models.py

@@ -136,6 +136,8 @@ class ExchangeRateService(models.Model):
         null=True, blank=True, verbose_name=_("Last Successful Fetch")
     )
 
+    failure_count = models.PositiveIntegerField(default=0)
+
     target_currencies = models.ManyToManyField(
         Currency,
         verbose_name=_("Target Currencies"),
@@ -237,7 +239,7 @@ class ExchangeRateService(models.Model):
                     hours = self._parse_hour_ranges(self.fetch_interval)
                     # Store in normalized format (optional)
                     self.fetch_interval = ",".join(str(h) for h in sorted(hours))
-                except ValueError as e:
+                except ValueError:
                     raise ValidationError(
                         {
                             "fetch_interval": _(
@@ -248,7 +250,7 @@ class ExchangeRateService(models.Model):
                     )
         except ValidationError:
             raise
-        except Exception as e:
+        except Exception:
             raise ValidationError(
                 {
                     "fetch_interval": _(

app/apps/currencies/tasks.py

@@ -8,7 +8,7 @@ logger = logging.getLogger(__name__)
 
 
 @app.periodic(cron="0 * * * *")  # Run every hour
-@app.task(name="automatic_fetch_exchange_rates")
+@app.task(lock="automatic_fetch_exchange_rates", name="automatic_fetch_exchange_rates")
 def automatic_fetch_exchange_rates(timestamp=None):
     """Fetch exchange rates for all due services"""
     fetcher = ExchangeRateFetcher()
@@ -19,7 +19,7 @@ def automatic_fetch_exchange_rates(timestamp=None):
         logger.error(e, exc_info=True)
 
 
-@app.task(name="manual_fetch_exchange_rates")
+@app.task(lock="manual_fetch_exchange_rates", name="manual_fetch_exchange_rates")
 def manual_fetch_exchange_rates(timestamp=None):
     """Fetch exchange rates for all due services"""
     fetcher = ExchangeRateFetcher()

app/apps/currencies/tests/__init__.py

@@ -0,0 +1 @@
+# Tests package for currencies app

app/apps/currencies/tests/test_automatic_exchange_rates.py

@@ -0,0 +1,109 @@
+from decimal import Decimal
+from unittest.mock import patch, MagicMock
+
+from django.test import TestCase
+from django.utils import timezone
+
+from apps.currencies.models import Currency, ExchangeRateService
+from apps.currencies.exchange_rates.fetcher import ExchangeRateFetcher
+
+
+class ExchangeRateServiceFailureTrackingTests(TestCase):
+    """Tests for the failure count tracking functionality."""
+
+    def setUp(self):
+        """Set up test data."""
+        self.usd = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.eur = Currency.objects.create(
+            code="EUR", name="Euro", decimal_places=2, prefix="€ "
+        )
+        self.eur.exchange_currency = self.usd
+        self.eur.save()
+
+        self.service = ExchangeRateService.objects.create(
+            name="Test Service",
+            service_type=ExchangeRateService.ServiceType.FRANKFURTER,
+            is_active=True,
+        )
+        self.service.target_currencies.add(self.eur)
+
+    def test_failure_count_increments_on_provider_error(self):
+        """Test that failure_count increments when provider raises an exception."""
+        self.assertEqual(self.service.failure_count, 0)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertEqual(self.service.failure_count, 1)
+
+    def test_failure_count_resets_on_success(self):
+        """Test that failure_count resets to 0 on successful fetch."""
+        # Set initial failure count
+        self.service.failure_count = 5
+        self.service.save()
+
+        # Mock a successful provider
+        mock_provider = MagicMock()
+        mock_provider.requires_api_key.return_value = False
+        mock_provider.get_rates.return_value = [(self.usd, self.eur, Decimal("0.85"))]
+        mock_provider.rates_inverted = False
+
+        with patch.object(self.service, "get_provider", return_value=mock_provider):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertEqual(self.service.failure_count, 0)
+
+    def test_failure_count_accumulates_across_fetches(self):
+        """Test that failure_count accumulates with consecutive failures."""
+        self.assertEqual(self.service.failure_count, 0)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 1)
+
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 2)
+
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 3)
+
+    def test_last_fetch_not_updated_on_failure(self):
+        """Test that last_fetch is NOT updated when a failure occurs."""
+        original_last_fetch = self.service.last_fetch
+        self.assertIsNone(original_last_fetch)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertIsNone(self.service.last_fetch)
+        self.assertEqual(self.service.failure_count, 1)
+
+    def test_last_fetch_updated_on_success(self):
+        """Test that last_fetch IS updated when fetch succeeds."""
+        self.assertIsNone(self.service.last_fetch)
+
+        mock_provider = MagicMock()
+        mock_provider.requires_api_key.return_value = False
+        mock_provider.get_rates.return_value = [(self.usd, self.eur, Decimal("0.85"))]
+        mock_provider.rates_inverted = False
+
+        with patch.object(self.service, "get_provider", return_value=mock_provider):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertIsNotNone(self.service.last_fetch)
+        self.assertEqual(self.service.failure_count, 0)

app/apps/currencies/views/currencies.py

@@ -23,7 +23,7 @@ def currencies_index(request):
 @login_required
 @require_http_methods(["GET"])
 def currencies_list(request):
-    currencies = Currency.objects.all().order_by("id")
+    currencies = Currency.objects.all().order_by("name")
     return render(
         request,
         "currencies/fragments/list.html",

app/apps/dca/views.py

@@ -1,4 +1,3 @@
-# apps/dca_tracker/views.py
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
 from django.db.models import Sum, Avg
@@ -23,7 +22,7 @@ def strategy_index(request):
 @only_htmx
 @login_required
 def strategy_list(request):
-    strategies = DCAStrategy.objects.all().order_by("created_at")
+    strategies = DCAStrategy.objects.all().order_by("name")
     return render(
         request, "dca/fragments/strategy/list.html", {"strategies": strategies}
     )
@@ -234,7 +233,7 @@ def strategy_entry_add(request, strategy_id):
     if request.method == "POST":
         form = DCAEntryForm(request.POST, strategy=strategy)
         if form.is_valid():
-            entry = form.save()
+            form.save()
             messages.success(request, _("Entry added successfully"))
 
             return HttpResponse(

app/apps/export_app/resources/transactions.py

@@ -1,8 +1,10 @@
 from import_export import fields, resources
-from import_export.widgets import ForeignKeyWidget
 
 from apps.accounts.models import Account
-from apps.export_app.widgets.foreign_key import AutoCreateForeignKeyWidget
+from apps.export_app.widgets.foreign_key import (
+    AllObjectsForeignKeyWidget,
+    AutoCreateForeignKeyWidget,
+)
 from apps.export_app.widgets.many_to_many import AutoCreateManyToManyWidget
 from apps.export_app.widgets.string import EmptyStringToNoneField
 from apps.transactions.models import (
@@ -20,7 +22,7 @@ class TransactionResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -86,7 +88,7 @@ class RecurringTransactionResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -119,12 +121,16 @@ class RecurringTransactionResource(resources.ModelResource):
     def get_queryset(self):
         return RecurringTransaction.all_objects.all()
 
+    def dehydrate_account_owner(self, obj):
+        """Export the account's owner ID for proper import matching."""
+        return obj.account.owner_id if obj.account else None
+
 
 class InstallmentPlanResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -156,3 +162,7 @@ class InstallmentPlanResource(resources.ModelResource):
 
     def get_queryset(self):
         return InstallmentPlan.all_objects.all()
+
+    def dehydrate_account_owner(self, obj):
+        """Export the account's owner ID for proper import matching."""
+        return obj.account.owner_id if obj.account else None

app/apps/export_app/widgets/foreign_key.py

@@ -1,6 +1,60 @@
 from import_export.widgets import ForeignKeyWidget
 
 
+class AllObjectsForeignKeyWidget(ForeignKeyWidget):
+    """
+    ForeignKeyWidget that uses 'all_objects' manager for lookups,
+    bypassing user-filtered managers like SharedObjectManager.
+    Also filters by owner if available in the row data.
+    """
+
+    def get_queryset(self, value, row, *args, **kwargs):
+        # Use all_objects manager if available, otherwise fall back to default
+        if hasattr(self.model, "all_objects"):
+            qs = self.model.all_objects.all()
+            # Filter by owner if the row has an owner field and the model has owner
+            if row:
+                # Check for direct owner field first
+                owner_id = row.get("owner") if "owner" in row else None
+                # Fall back to account_owner for models like InstallmentPlan
+                if not owner_id and "account_owner" in row:
+                    owner_id = row.get("account_owner")
+                # If still no owner, try to get it from the existing record's account
+                # This handles backward compatibility with older exports
+                if not owner_id and "id" in row and row.get("id"):
+                    try:
+                        # Try to find the existing record and get owner from its account
+                        from apps.transactions.models import (
+                            InstallmentPlan,
+                            RecurringTransaction,
+                        )
+
+                        record_id = row.get("id")
+                        # Try to find the existing InstallmentPlan or RecurringTransaction
+                        for model_class in [InstallmentPlan, RecurringTransaction]:
+                            try:
+                                existing = model_class.all_objects.get(id=record_id)
+                                if existing.account:
+                                    owner_id = existing.account.owner_id
+                                    break
+                            except model_class.DoesNotExist:
+                                continue
+                    except Exception:
+                        pass
+                # Final fallback: use the current logged-in user
+                # This handles restoring to a fresh database with older exports
+                if not owner_id:
+                    from apps.common.middleware.thread_local import get_current_user
+
+                    user = get_current_user()
+                    if user and user.is_authenticated:
+                        owner_id = user.id
+                if owner_id:
+                    qs = qs.filter(owner_id=owner_id)
+            return qs
+        return super().get_queryset(value, row, *args, **kwargs)
+
+
 class AutoCreateForeignKeyWidget(ForeignKeyWidget):
     def clean(self, value, row=None, *args, **kwargs):
         if value:

app/apps/import_app/services/v1.py

@@ -459,12 +459,13 @@ class ImportService:
                 # Build query conditions for each field in the rule
                 for field in rule.fields:
                     if field in transaction_data:
-                        if rule.match_type == "strict":
-                            query = query.filter(**{field: transaction_data[field]})
-                        else:  # lax matching
-                            query = query.filter(
-                                **{f"{field}__iexact": transaction_data[field]}
-                            )
+                        value = transaction_data[field]
+                        # Use __iexact only for string fields; non-string types
+                        # (date, Decimal, bool, int, etc.) don't support UPPER()
+                        if rule.match_type == "strict" or not isinstance(value, str):
+                            query = query.filter(**{field: value})
+                        else:  # lax matching for strings only
+                            query = query.filter(**{f"{field}__iexact": value})
 
                 # If we found any matching transaction, it's a duplicate
                 if query.exists():
@@ -475,11 +476,27 @@ class ImportService:
     def _coerce_type(
         self, value: str, mapping: version_1.ColumnMapping
     ) -> Union[str, int, bool, Decimal, datetime, list, None]:
+        coerce_to = mapping.coerce_to
+
+        # Handle detection methods that don't require a source value
+        if coerce_to == "transaction_type" and isinstance(
+            mapping, version_1.TransactionTypeMapping
+        ):
+            if mapping.detection_method == "always_income":
+                return Transaction.Type.INCOME
+            elif mapping.detection_method == "always_expense":
+                return Transaction.Type.EXPENSE
+        elif coerce_to == "is_paid" and isinstance(
+            mapping, version_1.TransactionIsPaidMapping
+        ):
+            if mapping.detection_method == "always_paid":
+                return True
+            elif mapping.detection_method == "always_unpaid":
+                return False
+
         if not value:
             return None
 
-        coerce_to = mapping.coerce_to
-
         return self._coerce_single_type(value, coerce_to, mapping)
 
     @staticmethod

app/apps/import_app/tests.py

@@ -1,3 +0,0 @@
-from django.test import TestCase
-
-# Create your tests here.

app/apps/import_app/tests/test_import_service_v1.py

@@ -0,0 +1,275 @@
+"""
+Tests for ImportService v1, specifically for deduplication logic.
+
+These tests verify that the _check_duplicate_transaction method handles
+different field types correctly, particularly ensuring that __iexact
+is only used for string fields (not dates, decimals, etc.).
+"""
+
+from datetime import date
+from decimal import Decimal
+
+from django.test import TestCase
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.import_app.models import ImportProfile, ImportRun
+from apps.import_app.services.v1 import ImportService
+from apps.transactions.models import Transaction
+
+
+class DeduplicationTests(TestCase):
+    """Tests for transaction deduplication during import."""
+
+    def setUp(self):
+        """Set up test data."""
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account", group=self.account_group, currency=self.currency
+        )
+
+        # Create an existing transaction for deduplication tests
+        self.existing_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=date(2024, 1, 15),
+            amount=Decimal("100.00"),
+            description="Existing Transaction",
+            internal_id="ABC123",
+        )
+
+    def _create_import_service_with_deduplication(
+        self, fields: list[str], match_type: str = "lax"
+    ) -> ImportService:
+        """Helper to create an ImportService with specific deduplication rules."""
+        yaml_config = f"""
+settings:
+  file_type: csv
+  importing: transactions
+  trigger_transaction_rules: false
+mapping:
+  date_field:
+    source: date
+    target: date
+    format: "%Y-%m-%d"
+  amount_field:
+    source: amount
+    target: amount
+  description_field:
+    source: description
+    target: description
+  account_field:
+    source: account
+    target: account
+    type: id
+deduplication:
+  - type: compare
+    fields: {fields}
+    match_type: {match_type}
+"""
+        profile = ImportProfile.objects.create(
+            name=f"Test Profile {match_type} {'_'.join(fields)}",
+            yaml_config=yaml_config,
+            version=ImportProfile.Versions.VERSION_1,
+        )
+        import_run = ImportRun.objects.create(
+            profile=profile,
+            file_name="test.csv",
+        )
+        return ImportService(import_run)
+
+    def test_deduplication_with_date_field_strict_match(self):
+        """Test that date fields work with strict matching."""
+        service = self._create_import_service_with_deduplication(
+            fields=["date"], match_type="strict"
+        )
+
+        # Should find duplicate when date matches
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 1, 15)})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 2, 20)})
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_date_field_lax_match(self):
+        """
+        Test that date fields use strict matching even when match_type is 'lax'.
+
+        This is the fix for the UPPER(date) PostgreSQL error. Date fields
+        cannot use __iexact, so they should fall back to strict matching.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["date"], match_type="lax"
+        )
+
+        # Should find duplicate when date matches (using strict comparison)
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 1, 15)})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 2, 20)})
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_amount_field_lax_match(self):
+        """
+        Test that Decimal fields use strict matching even when match_type is 'lax'.
+
+        Decimal fields cannot use __iexact, so they should fall back to strict matching.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["amount"], match_type="lax"
+        )
+
+        # Should find duplicate when amount matches
+        is_duplicate = service._check_duplicate_transaction(
+            {"amount": Decimal("100.00")}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when amount differs
+        is_duplicate = service._check_duplicate_transaction(
+            {"amount": Decimal("200.00")}
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_string_field_lax_match(self):
+        """
+        Test that string fields use case-insensitive matching with match_type 'lax'.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["description"], match_type="lax"
+        )
+
+        # Should find duplicate with case-insensitive match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "EXISTING TRANSACTION"}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should find duplicate with exact case match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Existing Transaction"}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when description differs
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Different Transaction"}
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_string_field_strict_match(self):
+        """
+        Test that string fields use case-sensitive matching with match_type 'strict'.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["description"], match_type="strict"
+        )
+
+        # Should NOT find duplicate with different case (strict matching)
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "EXISTING TRANSACTION"}
+        )
+        self.assertFalse(is_duplicate)
+
+        # Should find duplicate with exact case match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Existing Transaction"}
+        )
+        self.assertTrue(is_duplicate)
+
+    def test_deduplication_with_multiple_fields_mixed_types(self):
+        """
+        Test deduplication with multiple fields of different types.
+
+        Verifies that string fields use __iexact while non-string fields
+        use strict matching, all in the same deduplication rule.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "amount", "description"], match_type="lax"
+        )
+
+        # Should find duplicate when all fields match (with case-insensitive description)
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("100.00"),
+                "description": "existing transaction",  # lowercase should match
+            }
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should NOT find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 2, 20),
+                "amount": Decimal("100.00"),
+                "description": "existing transaction",
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+        # Should NOT find duplicate when amount differs
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("999.99"),
+                "description": "existing transaction",
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_internal_id_lax_match(self):
+        """Test deduplication with internal_id field using lax matching."""
+        service = self._create_import_service_with_deduplication(
+            fields=["internal_id"], match_type="lax"
+        )
+
+        # Should find duplicate with case-insensitive match
+        is_duplicate = service._check_duplicate_transaction(
+            {"internal_id": "abc123"}  # lowercase should match ABC123
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should find duplicate with exact match
+        is_duplicate = service._check_duplicate_transaction({"internal_id": "ABC123"})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when internal_id differs
+        is_duplicate = service._check_duplicate_transaction({"internal_id": "XYZ789"})
+        self.assertFalse(is_duplicate)
+
+    def test_no_duplicate_when_no_transactions_exist(self):
+        """Test that no duplicate is found when there are no matching transactions."""
+        # Hard delete to bypass signals that require user context
+        self.existing_transaction.hard_delete()
+
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "amount"], match_type="lax"
+        )
+
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("100.00"),
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_missing_field_in_data(self):
+        """Test that missing fields in transaction_data are handled gracefully."""
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "nonexistent_field"], match_type="lax"
+        )
+
+        # Should still work, only checking the fields that exist
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+            }
+        )
+        self.assertTrue(is_duplicate)

app/apps/insights/urls.py

@@ -49,4 +49,14 @@ urlpatterns = [
         views.emergency_fund,
         name="insights_emergency_fund",
     ),
+    path(
+        "insights/year-by-year/",
+        views.year_by_year,
+        name="insights_year_by_year",
+    ),
+    path(
+        "insights/month-by-month/",
+        views.month_by_month,
+        name="insights_month_by_month",
+    ),
 ]

app/apps/insights/utils/month_by_month.py

@@ -0,0 +1,316 @@
+from collections import OrderedDict
+from decimal import Decimal
+
+from django.db import models
+from django.db.models import Sum, Case, When, Value
+from django.db.models.functions import Coalesce
+from django.utils import timezone
+
+from apps.currencies.models import Currency
+from apps.currencies.utils.convert import convert
+from apps.transactions.models import Transaction
+
+
+def get_month_by_month_data(year=None, group_by="categories"):
+    """
+    Aggregate transaction totals by month for a specific year, grouped by categories, tags, or entities.
+
+    Args:
+        year: The year to filter transactions (defaults to current year)
+        group_by: One of "categories", "tags", or "entities"
+
+    Returns:
+        {
+            "year": 2025,
+            "available_years": [2025, 2024, ...],
+            "months": [1, 2, 3, ..., 12],
+            "items": {
+                item_id: {
+                    "name": "Item Name",
+                    "month_totals": {
+                        1: {"currencies": {...}},
+                        ...
+                    },
+                    "total": {"currencies": {...}}
+                },
+                ...
+            },
+            "month_totals": {...},
+            "grand_total": {"currencies": {...}}
+        }
+    """
+    if year is None:
+        year = timezone.localdate(timezone.now()).year
+
+    # Base queryset - all paid transactions, non-muted
+    transactions = Transaction.objects.filter(
+        is_paid=True,
+        account__is_archived=False,
+    ).exclude(account__currency__is_archived=True)
+
+    # Get available years for the selector
+    available_years = list(
+        transactions.values_list("reference_date__year", flat=True)
+        .distinct()
+        .order_by("-reference_date__year")
+    )
+
+    # Filter by the selected year
+    transactions = transactions.filter(reference_date__year=year)
+
+    # Define grouping fields based on group_by parameter
+    if group_by == "tags":
+        group_field = "tags"
+        name_field = "tags__name"
+    elif group_by == "entities":
+        group_field = "entities"
+        name_field = "entities__name"
+    else:  # Default to categories
+        group_field = "category"
+        name_field = "category__name"
+
+    # Months 1-12
+    months = list(range(1, 13))
+
+    if not available_years:
+        return {
+            "year": year,
+            "available_years": [],
+            "months": months,
+            "items": {},
+            "month_totals": {},
+            "grand_total": {"currencies": {}},
+        }
+
+    # Aggregate by group, month, and currency
+    metrics = (
+        transactions.values(
+            group_field,
+            name_field,
+            "reference_date__month",
+            "account__currency",
+            "account__currency__code",
+            "account__currency__name",
+            "account__currency__decimal_places",
+            "account__currency__prefix",
+            "account__currency__suffix",
+            "account__currency__exchange_currency",
+        )
+        .annotate(
+            expense_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.EXPENSE, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.INCOME, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+        )
+        .order_by(name_field, "reference_date__month")
+    )
+
+    # Build result structure
+    result = {
+        "year": year,
+        "available_years": available_years,
+        "months": months,
+        "items": OrderedDict(),
+        "month_totals": {},
+        "grand_total": {"currencies": {}},
+    }
+
+    # Store currency info for later use in totals
+    currency_info = {}
+
+    for metric in metrics:
+        item_id = metric[group_field]
+        item_name = metric[name_field]
+        month = metric["reference_date__month"]
+        currency_id = metric["account__currency"]
+
+        # Use a consistent key for None (uncategorized/untagged/no entity)
+        item_key = item_id if item_id is not None else "__none__"
+
+        if item_key not in result["items"]:
+            result["items"][item_key] = {
+                "name": item_name,
+                "month_totals": {},
+                "total": {"currencies": {}},
+            }
+
+        if month not in result["items"][item_key]["month_totals"]:
+            result["items"][item_key]["month_totals"][month] = {"currencies": {}}
+
+        # Calculate final total (income - expense)
+        final_total = metric["income_total"] - metric["expense_total"]
+
+        # Store currency info for totals calculation
+        if currency_id not in currency_info:
+            currency_info[currency_id] = {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+                "exchange_currency_id": metric["account__currency__exchange_currency"],
+            }
+
+        currency_data = {
+            "currency": {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+            },
+            "final_total": final_total,
+            "income_total": metric["income_total"],
+            "expense_total": metric["expense_total"],
+        }
+
+        # Handle currency conversion if exchange currency is set
+        if metric["account__currency__exchange_currency"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=metric["account__currency__exchange_currency"]
+            )
+
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=final_total,
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+
+            if converted_amount is not None:
+                currency_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+        result["items"][item_key]["month_totals"][month]["currencies"][currency_id] = (
+            currency_data
+        )
+
+        # Accumulate item total (across all months for this item)
+        if currency_id not in result["items"][item_key]["total"]["currencies"]:
+            result["items"][item_key]["total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["items"][item_key]["total"]["currencies"][currency_id][
+            "final_total"
+        ] += final_total
+
+        # Accumulate month total (across all items for this month)
+        if month not in result["month_totals"]:
+            result["month_totals"][month] = {"currencies": {}}
+        if currency_id not in result["month_totals"][month]["currencies"]:
+            result["month_totals"][month]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["month_totals"][month]["currencies"][currency_id]["final_total"] += (
+            final_total
+        )
+
+        # Accumulate grand total
+        if currency_id not in result["grand_total"]["currencies"]:
+            result["grand_total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["grand_total"]["currencies"][currency_id]["final_total"] += final_total
+
+    # Add currency conversion for item totals
+    for item_key, item_data in result["items"].items():
+        for currency_id, total_data in item_data["total"]["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for month totals
+    for month, month_data in result["month_totals"].items():
+        for currency_id, total_data in month_data["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for grand total
+    for currency_id, total_data in result["grand_total"]["currencies"].items():
+        if currency_info[currency_id]["exchange_currency_id"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=currency_info[currency_id]["exchange_currency_id"]
+            )
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=total_data["final_total"],
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+            if converted_amount is not None:
+                total_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+    return result

app/apps/insights/utils/year_by_year.py

@@ -0,0 +1,303 @@
+from collections import OrderedDict
+from decimal import Decimal
+
+from django.db import models
+from django.db.models import Sum, Case, When, Value
+from django.db.models.functions import Coalesce
+
+from apps.currencies.models import Currency
+from apps.currencies.utils.convert import convert
+from apps.transactions.models import Transaction
+
+
+def get_year_by_year_data(group_by="categories"):
+    """
+    Aggregate transaction totals by year for categories, tags, or entities.
+
+    Args:
+        group_by: One of "categories", "tags", or "entities"
+
+    Returns:
+        {
+            "years": [2025, 2024, ...],  # Sorted descending
+            "items": {
+                item_id: {
+                    "name": "Item Name",
+                    "year_totals": {
+                        2025: {"currencies": {...}},
+                        ...
+                    },
+                    "total": {"currencies": {...}}  # Sum across all years
+                },
+                ...
+            },
+            "year_totals": {  # Sum across all items for each year
+                2025: {"currencies": {...}},
+                ...
+            },
+            "grand_total": {"currencies": {...}}  # Sum of everything
+        }
+    """
+    # Base queryset - all paid transactions, non-muted
+    transactions = Transaction.objects.filter(
+        is_paid=True,
+        account__is_archived=False,
+    ).exclude(account__currency__is_archived=True)
+
+    # Define grouping fields based on group_by parameter
+    if group_by == "tags":
+        group_field = "tags"
+        name_field = "tags__name"
+    elif group_by == "entities":
+        group_field = "entities"
+        name_field = "entities__name"
+    else:  # Default to categories
+        group_field = "category"
+        name_field = "category__name"
+
+    # Get all unique years with transactions
+    years = (
+        transactions.values_list("reference_date__year", flat=True)
+        .distinct()
+        .order_by("-reference_date__year")
+    )
+    years = list(years)
+
+    if not years:
+        return {
+            "years": [],
+            "items": {},
+            "year_totals": {},
+            "grand_total": {"currencies": {}},
+        }
+
+    # Aggregate by group, year, and currency
+    metrics = (
+        transactions.values(
+            group_field,
+            name_field,
+            "reference_date__year",
+            "account__currency",
+            "account__currency__code",
+            "account__currency__name",
+            "account__currency__decimal_places",
+            "account__currency__prefix",
+            "account__currency__suffix",
+            "account__currency__exchange_currency",
+        )
+        .annotate(
+            expense_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.EXPENSE, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.INCOME, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+        )
+        .order_by(name_field, "-reference_date__year")
+    )
+
+    # Build result structure
+    result = {
+        "years": years,
+        "items": OrderedDict(),
+        "year_totals": {},  # Totals per year across all items
+        "grand_total": {"currencies": {}},  # Grand total across everything
+    }
+
+    # Store currency info for later use in totals
+    currency_info = {}
+
+    for metric in metrics:
+        item_id = metric[group_field]
+        item_name = metric[name_field]
+        year = metric["reference_date__year"]
+        currency_id = metric["account__currency"]
+
+        # Use a consistent key for None (uncategorized/untagged/no entity)
+        item_key = item_id if item_id is not None else "__none__"
+
+        if item_key not in result["items"]:
+            result["items"][item_key] = {
+                "name": item_name,
+                "year_totals": {},
+                "total": {"currencies": {}},  # Total for this item across all years
+            }
+
+        if year not in result["items"][item_key]["year_totals"]:
+            result["items"][item_key]["year_totals"][year] = {"currencies": {}}
+
+        # Calculate final total (income - expense)
+        final_total = metric["income_total"] - metric["expense_total"]
+
+        # Store currency info for totals calculation
+        if currency_id not in currency_info:
+            currency_info[currency_id] = {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+                "exchange_currency_id": metric["account__currency__exchange_currency"],
+            }
+
+        currency_data = {
+            "currency": {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+            },
+            "final_total": final_total,
+            "income_total": metric["income_total"],
+            "expense_total": metric["expense_total"],
+        }
+
+        # Handle currency conversion if exchange currency is set
+        if metric["account__currency__exchange_currency"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=metric["account__currency__exchange_currency"]
+            )
+
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=final_total,
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+
+            if converted_amount is not None:
+                currency_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+        result["items"][item_key]["year_totals"][year]["currencies"][currency_id] = (
+            currency_data
+        )
+
+        # Accumulate item total (across all years for this item)
+        if currency_id not in result["items"][item_key]["total"]["currencies"]:
+            result["items"][item_key]["total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["items"][item_key]["total"]["currencies"][currency_id][
+            "final_total"
+        ] += final_total
+
+        # Accumulate year total (across all items for this year)
+        if year not in result["year_totals"]:
+            result["year_totals"][year] = {"currencies": {}}
+        if currency_id not in result["year_totals"][year]["currencies"]:
+            result["year_totals"][year]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["year_totals"][year]["currencies"][currency_id]["final_total"] += (
+            final_total
+        )
+
+        # Accumulate grand total
+        if currency_id not in result["grand_total"]["currencies"]:
+            result["grand_total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["grand_total"]["currencies"][currency_id]["final_total"] += final_total
+
+    # Add currency conversion for item totals
+    for item_key, item_data in result["items"].items():
+        for currency_id, total_data in item_data["total"]["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for year totals
+    for year, year_data in result["year_totals"].items():
+        for currency_id, total_data in year_data["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for grand total
+    for currency_id, total_data in result["grand_total"]["currencies"].items():
+        if currency_info[currency_id]["exchange_currency_id"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=currency_info[currency_id]["exchange_currency_id"]
+            )
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=total_data["final_total"],
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+            if converted_amount is not None:
+                total_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+    return result

app/apps/insights/views.py

@@ -26,6 +26,8 @@ from apps.insights.utils.sankey import (
     generate_sankey_data_by_currency,
 )
 from apps.insights.utils.transactions import get_transactions
+from apps.insights.utils.year_by_year import get_year_by_year_data
+from apps.insights.utils.month_by_month import get_month_by_month_data
 from apps.transactions.models import TransactionCategory, Transaction
 from apps.transactions.utils.calculations import calculate_currency_totals
 
@@ -74,7 +76,9 @@ def index(request):
 def sankey_by_account(request):
     # Get filtered transactions
 
-    transactions = get_transactions(request, include_untracked_accounts=True)
+    transactions = get_transactions(
+        request, include_untracked_accounts=True, include_silent=True
+    )
 
     # Generate Sankey data
     sankey_data = generate_sankey_data_by_account(transactions)
@@ -91,7 +95,9 @@ def sankey_by_account(request):
 @require_http_methods(["GET"])
 def sankey_by_currency(request):
     # Get filtered transactions
-    transactions = get_transactions(request)
+    transactions = get_transactions(
+        request, include_silent=True, include_untracked_accounts=True
+    )
 
     # Generate Sankey data
     sankey_data = generate_sankey_data_by_currency(transactions)
@@ -302,3 +308,71 @@ def emergency_fund(request):
         "insights/fragments/emergency_fund.html",
         {"data": currency_net_worth},
     )
+
+
+@only_htmx
+@login_required
+@require_http_methods(["GET"])
+def year_by_year(request):
+    if "group_by" in request.GET:
+        group_by = request.GET["group_by"]
+        request.session["insights_year_by_year_group_by"] = group_by
+    else:
+        group_by = request.session.get("insights_year_by_year_group_by", "categories")
+
+    # Validate group_by value
+    if group_by not in ("categories", "tags", "entities"):
+        group_by = "categories"
+
+    data = get_year_by_year_data(group_by=group_by)
+
+    return render(
+        request,
+        "insights/fragments/year_by_year.html",
+        {
+            "data": data,
+            "group_by": group_by,
+        },
+    )
+
+
+@only_htmx
+@login_required
+@require_http_methods(["GET"])
+def month_by_month(request):
+    # Handle year selection
+    if "year" in request.GET:
+        try:
+            year = int(request.GET["year"])
+            request.session["insights_month_by_month_year"] = year
+        except (ValueError, TypeError):
+            year = request.session.get(
+                "insights_month_by_month_year", timezone.localdate(timezone.now()).year
+            )
+    else:
+        year = request.session.get(
+            "insights_month_by_month_year", timezone.localdate(timezone.now()).year
+        )
+
+    # Handle group_by selection
+    if "group_by" in request.GET:
+        group_by = request.GET["group_by"]
+        request.session["insights_month_by_month_group_by"] = group_by
+    else:
+        group_by = request.session.get("insights_month_by_month_group_by", "categories")
+
+    # Validate group_by value
+    if group_by not in ("categories", "tags", "entities"):
+        group_by = "categories"
+
+    data = get_month_by_month_data(year=year, group_by=group_by)
+
+    return render(
+        request,
+        "insights/fragments/month_by_month.html",
+        {
+            "data": data,
+            "group_by": group_by,
+            "selected_year": year,
+        },
+    )

app/apps/monthly_overview/tests/test_summary.py

@@ -0,0 +1,331 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class MonthlySummaryFilterBehaviorTests(TestCase):
+    """Tests for monthly summary views filter behavior.
+
+    These tests verify that:
+    1. Views work correctly without any filters
+    2. Views work correctly with filters applied
+    3. The filter detection logic properly uses different querysets
+    4. Calculated values reflect the applied filters
+    """
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client.login(username="testuser@test.com", password="testpass123")
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account",
+            group=self.account_group,
+            currency=self.currency,
+            is_asset=False,
+        )
+        self.category = TransactionCategory.objects.create(
+            name="Test Category", owner=self.user
+        )
+        self.tag = TransactionTag.objects.create(name="TestTag", owner=self.user)
+
+        # Create test transactions for December 2025
+        # Income: 1000 (paid)
+        self.income_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            is_paid=True,
+            date=date(2025, 12, 10),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("1000.00"),
+            description="December Income",
+            owner=self.user,
+        )
+
+        # Expense: 200 (paid)
+        self.expense_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            is_paid=True,
+            date=date(2025, 12, 15),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("200.00"),
+            description="December Expense",
+            category=self.category,
+            owner=self.user,
+        )
+        self.expense_transaction.tags.add(self.tag)
+
+        # Expense: 150 (projected/unpaid)
+        self.projected_expense = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            is_paid=False,
+            date=date(2025, 12, 20),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("150.00"),
+            description="Projected Expense",
+            owner=self.user,
+        )
+
+    def _get_currency_data(self, context_dict):
+        """Helper to extract data for our test currency from context dict.
+
+        The context dict is keyed by currency ID, so we need to find
+        the entry for our currency.
+        """
+        if not context_dict:
+            return None
+        for currency_id, data in context_dict.items():
+            if data.get("currency", {}).get("code") == "USD":
+                return data
+        return None
+
+    # --- monthly_summary view tests ---
+
+    def test_monthly_summary_no_filter_returns_200(self):
+        """Test that monthly_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_summary_no_filter_includes_all_transactions(self):
+        """Without filters, summary should include all transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should have the income: 1000
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should have paid expense: 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have unpaid expense: 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_type_filter_only_income(self):
+        """With type=IN filter, summary should only include income"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?type=IN",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should still have 1000
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should be empty/zero (filtered out)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+        # expense_projected should be empty/zero (filtered out)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_projected", 0), Decimal("0"))
+
+    def test_monthly_summary_type_filter_only_expenses(self):
+        """With type=EX filter, summary should only include expenses"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?type=EX",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should be empty/zero (filtered out)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should have 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_is_paid_filter_only_paid(self):
+        """With is_paid=1 filter, summary should only include paid transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?is_paid=1",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should have 1000 (paid)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should have 200 (paid)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should be empty/zero (filtered out - unpaid)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_projected", 0), Decimal("0"))
+
+    def test_monthly_summary_is_paid_filter_only_unpaid(self):
+        """With is_paid=0 filter, summary should only include unpaid transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?is_paid=0",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should be empty/zero (filtered out - paid)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should be empty/zero (filtered out - paid)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+        # expense_projected should have 150 (unpaid)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_description_filter(self):
+        """With description filter, summary should only include matching transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?description=Income",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # Only income matches "Income" description
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # Expenses should be filtered out
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+    def test_monthly_summary_amount_filter(self):
+        """With amount filter, summary should only include transactions in range"""
+        # Filter to only get transactions between 100 and 250 (should get 200 and 150)
+        response = self.client.get(
+            "/monthly/12/2025/summary/?from_amount=100&to_amount=250",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # Income (1000) should be filtered out
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should have 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    # --- monthly_account_summary view tests ---
+
+    def test_monthly_account_summary_no_filter_returns_200(self):
+        """Test that monthly_account_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/accounts/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_account_summary_with_filter_returns_200(self):
+        """Test that monthly_account_summary returns 200 with filter"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/accounts/?type=IN",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    # --- monthly_currency_summary view tests ---
+
+    def test_monthly_currency_summary_no_filter_returns_200(self):
+        """Test that monthly_currency_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/currencies/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_currency_summary_with_filter_returns_200(self):
+        """Test that monthly_currency_summary returns 200 with filter"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/currencies/?type=EX",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)

app/apps/monthly_overview/views.py

@@ -2,7 +2,8 @@ from django.contrib.auth.decorators import login_required
 from django.db.models import (
     Q,
 )
-from django.http import HttpResponse
+from django.http import HttpResponse, Http404
+
 from django.shortcuts import render, redirect
 from django.utils import timezone
 from django.views.decorators.http import require_http_methods
@@ -36,8 +37,6 @@ def monthly_overview(request, month: int, year: int):
     summary_tab = request.session.get("monthly_summary_tab", "summary")
 
     if month < 1 or month > 12:
-        from django.http import Http404
-
         raise Http404("Month is out of range")
 
     next_month = 1 if month == 12 else month + 1
@@ -76,6 +75,8 @@ def transactions_list(request, month: int, year: int):
         if order != request.session.get("monthly_transactions_order", "default"):
             request.session["monthly_transactions_order"] = order
 
+    today = timezone.localdate(timezone.now())
+
     f = TransactionsFilter(request.GET)
     transactions_filtered = f.qs.filter(
         reference_date__year=year,
@@ -93,12 +94,28 @@ def transactions_list(request, month: int, year: int):
         "dca_income_entries",
     )
 
+    # Late transactions: date < today and is_paid = False (only shown for default ordering)
+    late_transactions = None
+    if order == "default":
+        late_transactions = transactions_filtered.filter(
+            date__lt=today,
+            is_paid=False,
+        ).order_by("date", "id")
+        # Exclude late transactions from the main list
+        transactions_filtered = transactions_filtered.exclude(
+            date__lt=today,
+            is_paid=False,
+        )
+
     transactions_filtered = default_order(transactions_filtered, order=order)
 
     return render(
         request,
         "monthly_overview/fragments/list.html",
-        context={"transactions": transactions_filtered},
+        context={
+            "transactions": transactions_filtered,
+            "late_transactions": late_transactions,
+        },
     )
 
 
@@ -107,17 +124,48 @@ def transactions_list(request, month: int, year: int):
 @require_http_methods(["GET"])
 def monthly_summary(request, month: int, year: int):
     # Base queryset with all required filters
-    base_queryset = (
-        Transaction.objects.filter(
-            reference_date__year=year,
-            reference_date__month=month,
-            account__is_asset=False,
-        )
-        .exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
-        .exclude(account__in=request.user.untracked_accounts.all())
+    base_queryset = Transaction.objects.filter(
+        reference_date__year=year,
+        reference_date__month=month,
     )
 
-    data = calculate_currency_totals(base_queryset, ignore_empty=True)
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    # Default values are: type=['IN', 'EX'], is_paid=['1', '0'], everything else empty
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            # Skip fields with default/empty values
+            if not value:
+                continue
+            # Skip type if it has both default values
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            # Skip is_paid if it has both default values (values are strings)
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            # Skip mute_status if it has both default values
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            # If we get here, there's an active filter
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    data = calculate_currency_totals(queryset, ignore_empty=True)
+
     percentages = calculate_percentage_distribution(data)
 
     context = {
@@ -132,6 +180,7 @@ def monthly_summary(request, month: int, year: int):
             currency_totals=data, month=month, year=year
         ),
         "percentages": percentages,
+        "has_active_filter": has_active_filter,
     }
 
     return render(
@@ -149,9 +198,38 @@ def monthly_account_summary(request, month: int, year: int):
     base_queryset = Transaction.objects.filter(
         reference_date__year=year,
         reference_date__month=month,
-    ).exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
+    )
 
-    account_data = calculate_account_totals(transactions_queryset=base_queryset.all())
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            if not value:
+                continue
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    account_data = calculate_account_totals(transactions_queryset=queryset.all())
     account_percentages = calculate_percentage_distribution(account_data)
 
     context = {
@@ -171,16 +249,41 @@ def monthly_account_summary(request, month: int, year: int):
 @require_http_methods(["GET"])
 def monthly_currency_summary(request, month: int, year: int):
     # Base queryset with all required filters
-    base_queryset = (
-        Transaction.objects.filter(
-            reference_date__year=year,
-            reference_date__month=month,
-        )
-        .exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
-        .exclude(account__in=request.user.untracked_accounts.all())
+    base_queryset = Transaction.objects.filter(
+        reference_date__year=year,
+        reference_date__month=month,
     )
 
-    currency_data = calculate_currency_totals(base_queryset.all(), ignore_empty=True)
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            if not value:
+                continue
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    currency_data = calculate_currency_totals(queryset.all(), ignore_empty=True)
     currency_percentages = calculate_percentage_distribution(currency_data)
 
     context = {

app/apps/rules/forms.py

@@ -1,3 +1,4 @@
+from crispy_forms.bootstrap import Alert
 from apps.common.fields.forms.dynamic_select import DynamicModelChoiceField
 from apps.common.widgets.crispy.daisyui import Switch
 from apps.common.widgets.crispy.submit import NoClassSubmit
@@ -36,7 +37,6 @@ class TransactionRuleForm(forms.ModelForm):
         self.helper = FormHelper()
         self.helper.form_tag = False
         self.helper.form_method = "post"
-        # TO-DO: Add helper with available commands
         self.helper.layout = Layout(
             Switch("active"),
             "name",
@@ -49,6 +49,9 @@ class TransactionRuleForm(forms.ModelForm):
             Switch("sequenced"),
             "description",
             "trigger",
+            Alert(
+                _("You can add actions to this rule in the next screen."), dismiss=False
+            ),
         )
 
         if self.instance and self.instance.pk:

app/apps/transactions/filters.py

@@ -23,6 +23,11 @@ SITUACAO_CHOICES = (
     ("0", _("Projected")),
 )
 
+MUTE_STATUS_CHOICES = (
+    ("active", _("Active")),
+    ("muted", _("Muted")),
+)
+
 
 def content_filter(queryset, name, value):
     queryset = queryset.filter(
@@ -78,6 +83,11 @@ class TransactionsFilter(django_filters.FilterSet):
         choices=SITUACAO_CHOICES,
         field_name="is_paid",
     )
+    mute_status = django_filters.MultipleChoiceFilter(
+        choices=MUTE_STATUS_CHOICES,
+        method="filter_mute_status",
+        label=_("Mute Status"),
+    )
     date_start = django_filters.DateFilter(
         field_name="date",
         lookup_expr="gte",
@@ -140,6 +150,9 @@ class TransactionsFilter(django_filters.FilterSet):
             if data.get("is_paid") is None:
                 data.setlist("is_paid", ["1", "0"])
 
+            if data.get("mute_status") is None:
+                data.setlist("mute_status", ["active", "muted"])
+
         super().__init__(data, *args, **kwargs)
 
         self.form.helper = FormHelper()
@@ -155,6 +168,10 @@ class TransactionsFilter(django_filters.FilterSet):
                 "is_paid",
                 template="transactions/widgets/transaction_type_filter_buttons.html",
             ),
+            Field(
+                "mute_status",
+                template="transactions/widgets/transaction_type_filter_buttons.html",
+            ),
             Field("description"),
             Row(Column("date_start"), Column("date_end")),
             Row(
@@ -268,3 +285,36 @@ class TransactionsFilter(django_filters.FilterSet):
             return queryset.filter(q).distinct()
 
         return queryset
+
+    @staticmethod
+    def filter_mute_status(queryset, name, value):
+        from apps.common.middleware.thread_local import get_current_user
+
+        if not value:
+            return queryset
+
+        value = list(value)
+
+        # If both are selected, return all
+        if "active" in value and "muted" in value:
+            return queryset
+
+        user = get_current_user()
+
+        # Only Active selected: exclude muted transactions
+        if "active" in value:
+            return (
+                queryset.exclude(account__untracked_by=user)
+                .filter(
+                    mute=False,
+                )
+                .filter(Q(category__mute=False) | Q(category__isnull=True))
+            )
+
+        # Only Muted selected: include only muted transactions
+        if "muted" in value:
+            return queryset.filter(
+                Q(account__untracked_by=user) | Q(category__mute=True) | Q(mute=True)
+            )
+
+        return queryset

app/apps/transactions/models.py

@@ -20,7 +20,6 @@ from django.core.validators import MinValueValidator
 from django.db import models, transaction
 from django.db.models import Q
 from django.dispatch import Signal
-from django.forms import ValidationError
 from django.template.defaultfilters import date
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -384,6 +383,10 @@ class Transaction(OwnedObject):
     def clean(self):
         super().clean()
 
+        # Convert empty internal_id to None to allow multiple "empty" values with unique constraint
+        if self.internal_id == "":
+            self.internal_id = None
+
         # Only process amount and reference_date if account exists
         # If account is missing, Django's required field validation will handle it
         try:
@@ -408,6 +411,10 @@ class Transaction(OwnedObject):
             self.reference_date = self.date.replace(day=1)
 
     def save(self, *args, **kwargs):
+        # This is here so Django validation doesn't trigger an error before clean() is ran
+        if not self.reference_date and self.date:
+            self.reference_date = self.date.replace(day=1)
+
         # This is not recommended as it will run twice on some cases like form and API saves.
         # We only do this here because we forgot to independently call it on multiple places.
         self.full_clean()
@@ -867,10 +874,8 @@ class RecurringTransaction(models.Model):
             notes=self.notes if self.add_notes_to_transaction else "",
             owner=self.account.owner,
         )
-        if self.tags.exists():
-            created_transaction.tags.set(self.tags.all())
-        if self.entities.exists():
-            created_transaction.entities.set(self.entities.all())
+        created_transaction.tags.set(self.tags.all())
+        created_transaction.entities.set(self.entities.all())
 
     def get_recurrence_delta(self):
         if self.recurrence_type == self.RecurrenceType.DAY:

app/apps/transactions/tasks.py

@@ -13,7 +13,9 @@ logger = logging.getLogger(__name__)
 
 
 @app.periodic(cron="0 0 * * *")
-@app.task(name="generate_recurring_transactions")
+@app.task(
+    lock="generate_recurring_transactions", name="generate_recurring_transactions"
+)
 def generate_recurring_transactions(timestamp=None):
     try:
         RecurringTransaction.generate_upcoming_transactions()
@@ -26,7 +28,7 @@ def generate_recurring_transactions(timestamp=None):
 
 
 @app.periodic(cron="10 1 * * *")
-@app.task(name="cleanup_deleted_transactions")
+@app.task(lock="cleanup_deleted_transactions", name="cleanup_deleted_transactions")
 def cleanup_deleted_transactions(timestamp=None):
     if settings.ENABLE_SOFT_DELETE and settings.KEEP_DELETED_TRANSACTIONS_FOR == 0:
         return "KEEP_DELETED_TRANSACTIONS_FOR is 0, no cleanup performed."

app/apps/transactions/tests/test_models.py

@@ -1,9 +1,7 @@
 import datetime
 from decimal import Decimal
-from datetime import date, timedelta
 
 from django.test import TestCase
-from django.core.exceptions import ValidationError
 from django.utils import timezone
 
 from apps.transactions.models import (
@@ -127,6 +125,70 @@ class TransactionTests(TestCase):
             datetime.datetime(day=1, month=2, year=2000).date(),
         )
 
+    def test_empty_internal_id_converts_to_none(self):
+        """Test that empty string internal_id is converted to None"""
+        transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction",
+            internal_id="",  # Empty string should become None
+        )
+        self.assertIsNone(transaction.internal_id)
+
+    def test_unique_internal_id_works(self):
+        """Test that unique non-empty internal_id values work correctly"""
+        transaction1 = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction 1",
+            internal_id="unique-id-123",
+        )
+        transaction2 = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction 2",
+            internal_id="unique-id-456",
+        )
+        self.assertEqual(transaction1.internal_id, "unique-id-123")
+        self.assertEqual(transaction2.internal_id, "unique-id-456")
+
+    def test_multiple_transactions_with_empty_internal_id(self):
+        """Test that multiple transactions can have empty/None internal_id"""
+        transaction1 = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction 1",
+            internal_id="",
+        )
+        transaction2 = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction 2",
+            internal_id="",
+        )
+        transaction3 = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=timezone.now().date(),
+            amount=Decimal("100.00"),
+            description="Test transaction 3",
+            internal_id=None,
+        )
+        # All should be saved successfully with None internal_id
+        self.assertIsNone(transaction1.internal_id)
+        self.assertIsNone(transaction2.internal_id)
+        self.assertIsNone(transaction3.internal_id)
+
 
 class InstallmentPlanTests(TestCase):
     def setUp(self):

app/apps/transactions/tests/test_views.py

@@ -0,0 +1,174 @@
+from datetime import date
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from django.utils import timezone
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {"BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"},
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class TransactionSimpleAddViewTests(TestCase):
+    """Tests for the transaction_simple_add view with query parameters"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client.login(username="testuser@test.com", password="testpass123")
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account", group=self.account_group, currency=self.currency
+        )
+        self.category = TransactionCategory.objects.create(name="Test Category")
+        self.tag = TransactionTag.objects.create(name="TestTag")
+
+    def test_get_returns_form_with_default_values(self):
+        """Test GET request returns 200 and form with defaults"""
+        response = self.client.get("/add/")
+        self.assertEqual(response.status_code, 200)
+        self.assertIn("form", response.context)
+
+    def test_get_with_type_param(self):
+        """Test type param sets form initial value"""
+        response = self.client.get("/add/?type=EX")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("type"), Transaction.Type.EXPENSE)
+
+    def test_get_with_account_param(self):
+        """Test account param sets form initial value"""
+        response = self.client.get(f"/add/?account={self.account.id}")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("account"), self.account.id)
+
+    def test_get_with_is_paid_param_true(self):
+        """Test is_paid param with true value"""
+        response = self.client.get("/add/?is_paid=true")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertTrue(form.initial.get("is_paid"))
+
+    def test_get_with_is_paid_param_false(self):
+        """Test is_paid param with false value"""
+        response = self.client.get("/add/?is_paid=false")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertFalse(form.initial.get("is_paid"))
+
+    def test_get_with_amount_param(self):
+        """Test amount param sets form initial value"""
+        response = self.client.get("/add/?amount=150.50")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("amount"), "150.50")
+
+    def test_get_with_description_param(self):
+        """Test description param sets form initial value"""
+        response = self.client.get("/add/?description=Test%20Transaction")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("description"), "Test Transaction")
+
+    def test_get_with_notes_param(self):
+        """Test notes param sets form initial value"""
+        response = self.client.get("/add/?notes=Some%20notes")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("notes"), "Some notes")
+
+    def test_get_with_category_param(self):
+        """Test category param sets form initial value"""
+        response = self.client.get(f"/add/?category={self.category.id}")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("category"), self.category.id)
+
+    def test_get_with_tags_param(self):
+        """Test tags param as comma-separated names"""
+        response = self.client.get("/add/?tags=TestTag,AnotherTag")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("tags"), ["TestTag", "AnotherTag"])
+
+    def test_get_with_all_params(self):
+        """Test all params together work correctly"""
+        url = (
+            f"/add/?type=EX&account={self.account.id}&is_paid=true"
+            f"&amount=200.00&description=Full%20Test&notes=Test%20notes"
+            f"&category={self.category.id}&tags=TestTag"
+        )
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("type"), Transaction.Type.EXPENSE)
+        self.assertEqual(form.initial.get("account"), self.account.id)
+        self.assertTrue(form.initial.get("is_paid"))
+        self.assertEqual(form.initial.get("amount"), "200.00")
+        self.assertEqual(form.initial.get("description"), "Full Test")
+        self.assertEqual(form.initial.get("notes"), "Test notes")
+        self.assertEqual(form.initial.get("category"), self.category.id)
+        self.assertEqual(form.initial.get("tags"), ["TestTag"])
+
+    def test_post_creates_transaction(self):
+        """Test form submission creates transaction"""
+        data = {
+            "account": self.account.id,
+            "type": "EX",
+            "is_paid": True,
+            "date": timezone.now().date().isoformat(),
+            "amount": "100.00",
+            "description": "Test Transaction",
+        }
+        response = self.client.post("/add/", data)
+        self.assertEqual(response.status_code, 200)
+        self.assertTrue(
+            Transaction.objects.filter(description="Test Transaction").exists()
+        )
+
+    def test_get_with_date_param(self):
+        """Test date param overrides expected date"""
+        response = self.client.get("/add/?date=2025-06-15")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("date"), date(2025, 6, 15))
+
+    def test_get_with_reference_date_param(self):
+        """Test reference_date param sets form initial value"""
+        response = self.client.get("/add/?reference_date=2025-07-01")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("reference_date"), date(2025, 7, 1))
+
+    def test_get_with_account_name_param(self):
+        """Test account param by name (case-insensitive)"""
+        response = self.client.get("/add/?account=Test%20Account")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("account"), self.account.id)
+
+    def test_get_with_category_name_param(self):
+        """Test category param by name (case-insensitive)"""
+        response = self.client.get("/add/?category=Test%20Category")
+        self.assertEqual(response.status_code, 200)
+        form = response.context["form"]
+        self.assertEqual(form.initial.get("category"), self.category.id)

app/apps/transactions/views/categories.py

@@ -35,7 +35,7 @@ def categories_list(request):
 @login_required
 @require_http_methods(["GET"])
 def categories_table_active(request):
-    categories = TransactionCategory.objects.filter(active=True).order_by("id")
+    categories = TransactionCategory.objects.filter(active=True).order_by("name")
     return render(
         request,
         "categories/fragments/table.html",
@@ -47,7 +47,7 @@ def categories_table_active(request):
 @login_required
 @require_http_methods(["GET"])
 def categories_table_archived(request):
-    categories = TransactionCategory.objects.filter(active=False).order_by("id")
+    categories = TransactionCategory.objects.filter(active=False).order_by("name")
     return render(
         request,
         "categories/fragments/table.html",

app/apps/transactions/views/entities.py

@@ -35,7 +35,7 @@ def entities_list(request):
 @login_required
 @require_http_methods(["GET"])
 def entities_table_active(request):
-    entities = TransactionEntity.objects.filter(active=True).order_by("id")
+    entities = TransactionEntity.objects.filter(active=True).order_by("name")
     return render(
         request,
         "entities/fragments/table.html",
@@ -47,7 +47,7 @@ def entities_table_active(request):
 @login_required
 @require_http_methods(["GET"])
 def entities_table_archived(request):
-    entities = TransactionEntity.objects.filter(active=False).order_by("id")
+    entities = TransactionEntity.objects.filter(active=False).order_by("name")
     return render(
         request,
         "entities/fragments/table.html",

app/apps/transactions/views/tags.py

@@ -35,7 +35,7 @@ def tags_list(request):
 @login_required
 @require_http_methods(["GET"])
 def tags_table_active(request):
-    tags = TransactionTag.objects.filter(active=True).order_by("id")
+    tags = TransactionTag.objects.filter(active=True).order_by("name")
     return render(
         request,
         "tags/fragments/table.html",
@@ -47,7 +47,7 @@ def tags_table_active(request):
 @login_required
 @require_http_methods(["GET"])
 def tags_table_archived(request):
-    tags = TransactionTag.objects.filter(active=False).order_by("id")
+    tags = TransactionTag.objects.filter(active=False).order_by("name")
     return render(
         request,
         "tags/fragments/table.html",

app/apps/transactions/views/transactions.py

@@ -142,26 +142,105 @@ def transaction_simple_add(request):
         year=year,
     ).date()
 
+    # Build initial data from query parameters
+    initial_data = {
+        "date": expected_date,
+        "type": transaction_type,
+    }
+
+    # Handle date param (ISO format: YYYY-MM-DD) - overrides expected_date
+    date_param = request.GET.get("date")
+    if date_param:
+        try:
+            initial_data["date"] = datetime.datetime.strptime(
+                date_param, "%Y-%m-%d"
+            ).date()
+        except ValueError:
+            pass
+
+    # Handle reference_date param (ISO format: YYYY-MM-DD)
+    reference_date_param = request.GET.get("reference_date")
+    if reference_date_param:
+        try:
+            initial_data["reference_date"] = datetime.datetime.strptime(
+                reference_date_param, "%Y-%m-%d"
+            ).date()
+        except ValueError:
+            pass
+
+    # Handle account param (by ID or name)
+    account_param = request.GET.get("account")
+    if account_param:
+        try:
+            initial_data["account"] = int(account_param)
+        except (ValueError, TypeError):
+            # Try to find by name
+            from apps.accounts.models import Account
+
+            account = Account.objects.filter(
+                name__iexact=account_param, is_archived=False
+            ).first()
+            if account:
+                initial_data["account"] = account.pk
+
+    # Handle is_paid param (boolean)
+    is_paid = request.GET.get("is_paid")
+    if is_paid is not None:
+        initial_data["is_paid"] = is_paid.lower() in ("true", "1", "yes")
+
+    # Handle amount param (decimal)
+    amount = request.GET.get("amount")
+    if amount:
+        try:
+            initial_data["amount"] = amount
+        except (ValueError, TypeError):
+            pass
+
+    # Handle description param (string)
+    description = request.GET.get("description")
+    if description:
+        initial_data["description"] = description
+
+    # Handle notes param (string)
+    notes = request.GET.get("notes")
+    if notes:
+        initial_data["notes"] = notes
+
+    # Handle category param (by ID or name)
+    category_param = request.GET.get("category")
+    if category_param:
+        try:
+            initial_data["category"] = int(category_param)
+        except (ValueError, TypeError):
+            # Try to find by name
+            from apps.transactions.models import TransactionCategory
+
+            category = TransactionCategory.objects.filter(
+                name__iexact=category_param, active=True
+            ).first()
+            if category:
+                initial_data["category"] = category.pk
+
+    # Handle tags param (comma-separated names)
+    tags = request.GET.get("tags")
+    if tags:
+        initial_data["tags"] = [t.strip() for t in tags.split(",") if t.strip()]
+
+    # Handle entities param (comma-separated names)
+    entities = request.GET.get("entities")
+    if entities:
+        initial_data["entities"] = [e.strip() for e in entities.split(",") if e.strip()]
+
     if request.method == "POST":
         form = TransactionForm(request.POST)
         if form.is_valid():
             form.save()
             messages.success(request, _("Transaction added successfully"))
-
-        form = TransactionForm(
-            initial={
-                "date": expected_date,
-                "type": transaction_type,
-            },
-        )
+            # Only reset form after successful save
+            form = TransactionForm(initial=initial_data)
 
     else:
-        form = TransactionForm(
-            initial={
-                "date": expected_date,
-                "type": transaction_type,
-            },
-        )
+        form = TransactionForm(initial=initial_data)
 
     return render(
         request,
@@ -388,7 +467,7 @@ def transaction_pay(request, transaction_id):
         context={"transaction": transaction, **request.GET},
     )
     response.headers["HX-Trigger"] = (
-        f'{"paid" if new_is_paid else "unpaid"}, selective_update'
+        f"{'paid' if new_is_paid else 'unpaid'}, selective_update"
     )
     return response
 
@@ -483,6 +562,8 @@ def transaction_all_list(request):
         if order != request.session.get("all_transactions_order", "default"):
             request.session["all_transactions_order"] = order
 
+    today = timezone.localdate(timezone.now())
+
     transactions = Transaction.objects.prefetch_related(
         "account",
         "account__group",
@@ -496,12 +577,27 @@ def transaction_all_list(request):
         "dca_income_entries",
     ).all()
 
-    transactions = default_order(transactions, order=order)
-
     f = TransactionsFilter(request.GET, queryset=transactions)
 
+    # Late transactions: date < today and is_paid = False (only shown for default ordering on first page)
+    late_transactions = None
     page_number = request.GET.get("page", 1)
-    paginator = Paginator(f.qs, 100)
+    if order == "default" and str(page_number) == "1":
+        late_transactions = f.qs.filter(
+            date__lt=today,
+            is_paid=False,
+        ).order_by("date", "id")
+        # Exclude late transactions from the main paginated list
+        main_transactions = f.qs.exclude(
+            date__lt=today,
+            is_paid=False,
+        )
+    else:
+        main_transactions = f.qs
+
+    main_transactions = default_order(main_transactions, order=order)
+
+    paginator = Paginator(main_transactions, 100)
     page_obj = paginator.get_page(page_number)
 
     return render(
@@ -510,6 +606,7 @@ def transaction_all_list(request):
         {
             "page_obj": page_obj,
             "paginator": paginator,
+            "late_transactions": late_transactions,
         },
     )
 

app/apps/users/forms.py

@@ -137,13 +137,13 @@ class UserSettingsForm(forms.ModelForm):
         self.helper.layout = Layout(
             "language",
             "timezone",
-            HTML("<hr />"),
+            HTML('<hr class="hr my-3" />'),
             "date_format",
             "datetime_format",
             "number_format",
-            HTML("<hr />"),
+            HTML('<hr class="hr my-3" />'),
             "start_page",
-            HTML("<hr />"),
+            HTML('<hr class="hr my-3" />'),
             "volume",
             FormActions(
                 NoClassSubmit("submit", _("Save"), css_class="btn btn-primary"),

app/templates/cotton/components/sidebar_collapsible_panel.html

@@ -0,0 +1,39 @@
+{% load active_link %}
+{% load i18n %}
+<c-vars id="collapsible-panel" />
+
+<li>
+  <div role="button"
+       _="on click toggle .hidden on #{{ id }} then toggle .slide-in-left on #{{ id }}"
+       class="text-xs flex items-center no-underline ps-3 p-2 rounded-box sidebar-item cursor-pointer {% active_link views=active css_class='sidebar-active' %}">
+    <i class="{{ icon }} fa-fw"></i>
+    <span class="ml-3 font-medium lg:group-hover:truncate lg:group-focus:truncate lg:group-hover:text-ellipsis lg:group-focus:text-ellipsis">
+      {{ title }}
+    </span>
+    <i class="fa-solid fa-chevron-right fa-fw ml-auto pe-2"></i>
+  </div>
+</li>
+
+<div id="{{ id }}"
+     class="p-0 absolute bottom-0 left-0 w-full z-30 max-h-dvh {% active_link views=active css_class='slide-in-left' inactive_class='hidden' %}">
+  <div class="h-dvh bg-base-300 flex flex-col">
+    <div class="items-center p-4 border-b border-base-content/10 sidebar-submenu-header text-base-content">
+      <div class="flex items-center sidebar-submenu-title">
+        <i class="{{ icon }} fa-fw lg:group-hover:me-2 me-2 lg:me-0"></i>
+        <h5 class="text-lg font-semibold text-base-content m-0">
+          {{ title }}
+        </h5>
+      </div>
+
+      <button type="button" class="btn btn-ghost btn-sm btn-circle" aria-label="{% trans 'Close' %}"
+              _="on click remove .slide-in-left from #{{ id }} then add .slide-out-left to #{{ id }} then wait 150ms then add .hidden to #{{ id }} then remove .slide-out-left from #{{ id }}">
+        <i class="fa-solid fa-xmark"></i>
+      </button>
+    </div>
+
+    <ul class="sidebar-item-list list-none p-3 flex flex-col gap-1 whitespace-nowrap lg:group-hover:animate-[disable-pointer-events] overflow-y-auto lg:overflow-y-hidden lg:hover:overflow-y-auto overflow-x-hidden"
+        style="animation-duration: 100ms">
+      {{ slot }}
+    </ul>
+  </div>
+</div>

app/templates/cotton/components/sidebar_menu_collapsible_header.html

@@ -1,12 +1,14 @@
-<li class="lg:hidden lg:group-hover:block">
-  <div class="flex items-center" data-bs-toggle="collapse" href="#{{ title|slugify }}" role="button"
-       aria-expanded="false" aria-controls="{{ title|slugify }}">
+<li class="lg:hidden lg:group-hover:block" x-data="{ open: false }">
+  <div class="flex items-center" @click="open = !open" role="button"
+       :aria-expanded="open">
     <span
         class="text-base-content/60 text-sm font-bold uppercase lg:hidden lg:group-hover:inline me-2">{{ title }}</span>
     <hr class="flex-grow"/>
-    <i class="fas fa-chevron-down text-base-content/60 lg:before:hidden lg:group-hover:before:inline ml-2 lg:ml-0 lg:group-hover:ml-2"></i>
+    <i class="fas fa-chevron-down text-base-content/60 lg:before:hidden lg:group-hover:before:inline ml-2 lg:ml-0 lg:group-hover:ml-2"
+       :class="{ 'rotate-180': open }"
+       style="transition: transform 0.2s ease"></i>
+  </div>
+  <div x-show="open" x-collapse>
+    {{ slot }}
   </div>
 </li>
-<div class="collapse lg:hidden lg:group-hover:block" id="{{ title|slugify }}">
-  {{ slot }}
-</div>

app/templates/cotton/transaction/small_item.html

@@ -1,94 +0,0 @@
-<div class="card bg-base-100 shadow-xl mb-2 transaction-item">
-    <div class="card-body p-2 flex items-center gap-3" data-bs-toggle="collapse" data-bs-target="#{{ transaction.id }}" role="button" aria-expanded="false" aria-controls="{{ transaction.id }}">
-        <!-- Main visible content -->
-        <div class="flex flex-col lg:flex-row lg:items-center w-full gap-3">
-            <!-- Type indicator -->
-            <div class="w-8">
-                {% if transaction.type == 'IN' %}
-                    <span class="badge badge-success">↑</span>
-                {% else %}
-                    <span class="badge badge-error">↓</span>
-                {% endif %}
-            </div>
-
-            <!-- Payment status -->
-            <div class="w-8">
-                {% if transaction.is_paid %}
-                    <span class="badge badge-success">✓</span>
-                {% else %}
-                    <span class="badge badge-warning">○</span>
-                {% endif %}
-            </div>
-
-            <!-- Description -->
-            <div class="flex-grow">
-                <span class="font-medium">{{ transaction.description }}</span>
-            </div>
-
-            <!-- Amount -->
-            <div class="text-right whitespace-nowrap">
-                <span class="{% if transaction.type == 'IN' %}text-green-400{% else %}text-red-400{% endif %}">
-                    {{ transaction.amount }}
-                </span>
-                {% if transaction.exchanged_amount %}
-                    <br>
-                    <small class="text-base-content/60">
-                        {{ transaction.exchanged_amount.prefix }}{{ transaction.exchanged_amount.amount }}{{ transaction.exchanged_amount.suffix }}
-                    </small>
-                {% endif %}
-            </div>
-        </div>
-    </div>
-
-    <!-- Expandable details -->
-    <div class="collapse" id="{{ transaction.id }}">
-      <div class="card-body p-3 transaction-details">
-        <div class="grid grid-cols-1 md:grid-cols-2">
-            <div>
-                <dl class="grid grid-cols-3">
-                    <dt class="col-span-1">Date</dt>
-                    <dd class="col-span-2">{{ transaction.date|date:"Y-m-d" }}</dd>
-
-                    <dt class="col-span-1">Reference Date</dt>
-                    <dd class="col-span-2">{{ transaction.reference_date|date:"Y-m" }}</dd>
-
-                    <dt class="col-span-1">Account</dt>
-                    <dd class="col-span-2">{{ transaction.account.name }}</dd>
-
-                    <dt class="col-span-1">Category</dt>
-                    <dd class="col-span-2">{{ transaction.category|default:"-" }}</dd>
-                </dl>
-            </div>
-            <div>
-                <dl class="grid grid-cols-3">
-                    {% if transaction.tags.exists %}
-                        <dt class="col-span-1">Tags</dt>
-                        <dd class="col-span-2">
-                            {% for tag in transaction.tags.all %}
-                                <span class="badge badge-secondary">{{ tag.name }}</span>
-                            {% endfor %}
-                        </dd>
-                    {% endif %}
-
-                    {% if transaction.installment_plan %}
-                        <dt class="col-span-1">Installment</dt>
-                        <dd class="col-span-2">
-                            {{ transaction.installment_id }} of {{ transaction.installment_plan.total_installments }}
-                        </dd>
-                    {% endif %}
-
-                    {% if transaction.recurring_transaction %}
-                        <dt class="col-span-1">Recurring</dt>
-                        <dd class="col-span-2">Yes</dd>
-                    {% endif %}
-
-                    {% if transaction.notes %}
-                        <dt class="col-span-1">Notes</dt>
-                        <dd class="col-span-2">{{ transaction.notes }}</dd>
-                    {% endif %}
-                </dl>
-            </div>
-        </div>
-    </div>
-    </div>
-</div>

app/templates/cotton/ui/deleted_transactions_action_bar.html

@@ -1,12 +1,11 @@
 {% load i18n %}
-<div class="sticky bottom-4 left-0 right-0 z-1000 hidden mx-auto w-fit" id="actions-bar"
-     _="on change from #transactions-list or htmx:afterSettle from window
+<div class="sticky bottom-4 left-0 right-0 z-1000 hidden mx-auto w-fit" id="actions-bar" _="on change from #transactions-list or htmx:afterSettle from window
         if #actions-bar then
             if no <input[type='checkbox']:checked/> in #transactions-list
               if #actions-bar
-                add .slide-in-bottom-reverse then settle
+                add .slide-in-bottom-short-reverse then settle
                 then add .hidden to #actions-bar
-                then remove .slide-in-bottom-reverse
+                then remove .slide-in-bottom-short-reverse
               end
             else
               if #actions-bar
@@ -17,54 +16,51 @@
             end
           end
         end">
-  <div class="card bg-base-300 shadow slide-in-bottom max-w-[90vw] card-border">
+  <div class="card bg-base-300 shadow slide-in-bottom-short max-w-[90vw] card-border mt-5">
     <div class="card-body flex-row p-2 flex justify-between items-center gap-3 overflow-x-auto">
       {% spaceless %}
-        <div class="font-bold text-md ms-2" id="selected-count">0</div>
-        <div class="divider divider-horizontal m-0"></div>
-        <div>
-          <button role="button" class="btn btn-secondary btn-sm" type="button"
-                  data-bs-toggle="dropdown" aria-expanded="false">
-            <i class="fa-regular fa-square-check fa-fw"></i>
-            <i class="fa-solid fa-chevron-down fa-xs"></i>
-          </button>
-          <ul class="dropdown-menu menu">
-            <li>
-              <a class="cursor-pointer"
-                   _="on click set <#transactions-list .transaction:not([style*='display: none']) input[type='checkbox']/>'s checked to true then call me.blur() then trigger change">
-                <i class="fa-regular fa-square-check text-success me-3"></i>{% translate 'Select All' %}
-              </a>
-            </li>
-            <li>
-              <a class="cursor-pointer"
-                   _="on click set <#transactions-list input[type='checkbox']/>'s checked to false then call me.blur() then trigger change">
-                <i class="fa-regular fa-square text-error me-3"></i>{% translate 'Unselect All' %}
-              </a>
-            </li>
-          </ul>
-        </div>
-        <div class="divider divider-horizontal m-0"></div>
-        <button class="btn btn-secondary btn-sm"
-                hx-get="{% url 'transactions_bulk_undelete' %}"
-                hx-include=".transaction"
-                data-tippy-content="{% translate 'Restore' %}">
-          <i class="fa-solid fa-trash-arrow-up fa-fw"></i>
+      <div class="font-bold text-md ms-2" id="selected-count">0</div>
+      <div class="divider divider-horizontal m-0"></div>
+      <div>
+        <button role="button" class="btn btn-secondary btn-sm" type="button" data-bs-toggle="dropdown"
+          aria-expanded="false">
+          <i class="fa-regular fa-square-check fa-fw"></i>
+          <i class="fa-solid fa-chevron-down fa-xs"></i>
         </button>
-        <button class="btn btn-secondary btn-sm"
-                hx-get="{% url 'transactions_bulk_delete' %}"
-                hx-include=".transaction"
-                hx-trigger="confirmed"
-                data-tippy-content="{% translate 'Delete' %}"
-                data-bypass-on-ctrl="true"
-                data-title="{% translate "Are you sure?" %}"
-                data-text="{% translate "You won't be able to revert this!" %}"
-                data-confirm-text="{% translate "Yes, delete them!" %}"
-                _="install prompt_swal">
-          <i class="fa-solid fa-trash text-error"></i>
-        </button>
-        <div class="divider divider-horizontal m-0"></div>
-        <div class="join"
-             _="on selected_transactions_updated from #actions-bar
+        <ul class="dropdown-menu menu">
+          <li>
+            <a class="cursor-pointer"
+              _="on click set <#transactions-list .transaction:not([style*='display: none']) input[type='checkbox']/>'s checked to true then call me.blur() then trigger change">
+              <i class="fa-regular fa-square-check text-success me-3"></i>{% translate 'Select All' %}
+            </a>
+          </li>
+          <li>
+            <a class="cursor-pointer"
+              _="on click set <#transactions-list input[type='checkbox']/>'s checked to false then call me.blur() then trigger change">
+              <i class="fa-regular fa-square text-error me-3"></i>{% translate 'Unselect All' %}
+            </a>
+          </li>
+          <li>
+            <a class="cursor-pointer"
+              _="on click for checkbox in <#transactions-list input[type='checkbox']/> set checkbox.checked to (not checkbox.checked) end then call me.blur() then trigger change">
+              <i class="fa-solid fa-arrow-right-arrow-left text-info me-3"></i>{% translate 'Invert election' %}
+            </a>
+          </li>
+        </ul>
+      </div>
+      <div class="divider divider-horizontal m-0"></div>
+      <button class="btn btn-secondary btn-sm" hx-get="{% url 'transactions_bulk_undelete' %}" hx-include=".transaction"
+        data-tippy-content="{% translate 'Restore' %}">
+        <i class="fa-solid fa-trash-arrow-up fa-fw"></i>
+      </button>
+      <button class="btn btn-secondary btn-sm" hx-get="{% url 'transactions_bulk_delete' %}" hx-include=".transaction"
+        hx-trigger="confirmed" data-tippy-content="{% translate 'Delete' %}" data-bypass-on-ctrl="true"
+        data-title="{% translate "Are you sure?" %}" data-text="{% translate "You won't be able to revert this!" %}"
+        data-confirm-text="{% translate "Yes, delete them!" %}" _="install prompt_swal">
+        <i class="fa-solid fa-trash text-error"></i>
+      </button>
+      <div class="divider divider-horizontal m-0"></div>
+      <div class="join" _="on selected_transactions_updated from #actions-bar
                   set realTotal to math.bignumber(0)
                   set flatTotal to math.bignumber(0)
                   set transactions to <.transaction:has(input[name='transactions']:checked)/>
@@ -101,145 +97,121 @@
                   put mean.toLocaleString(undefined, {minimumFractionDigits: 0, maximumFractionDigits: 40}) into #calc-menu-mean's innerText
                   put flatAmountValues.length.toLocaleString(undefined, {minimumFractionDigits: 0, maximumFractionDigits: 40}) into #calc-menu-count's innerText
                 end">
-          <button class="btn btn-secondary btn-sm join-item"
-                    _="on click
+        <button class="btn btn-secondary btn-sm join-item" _="on click
                       set original_value to #real-total-front's innerText
                       writeText(original_value) on navigator.clipboard
-                      put '{% translate "copied!" %}' into #real-total-front's innerText
-                      wait 1s
-                      put original_value into #real-total-front's innerText
-                    end">
-            <i class="fa-solid fa-plus fa-fw me-md-2"></i>
-            <span class="hidden md:inline-block" id="real-total-front">0</span>
+                      put '{% translate "copied!" %}' into #real-total-front's innerText wait 1s put original_value
+          into #real-total-front's innerText end">
+          <i class="fa-solid fa-plus fa-fw me-md-2"></i>
+          <span class="hidden md:inline-block" id="real-total-front">0</span>
+        </button>
+        <div>
+          <button class="join-item btn btn-sm btn-secondary" type="button" data-bs-toggle="dropdown"
+            data-bs-auto-close="outside" aria-expanded="false">
+            <i class="fa-solid fa-chevron-down fa-xs"></i>
           </button>
-          <div>
-            <button class="join-item btn btn-sm btn-secondary"
-                    type="button"
-                    data-bs-toggle="dropdown"
-                    data-bs-auto-close="outside"
-                    aria-expanded="false">
-              <i class="fa-solid fa-chevron-down fa-xs"></i>
-            </button>
 
-            <ul class="dropdown-menu dropdown-menu-end menu">
-              <li class="cursor-pointer"
-                  _="on click
+          <ul class="dropdown-menu dropdown-menu-end menu">
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-flat-total's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-flat-total
-                        wait 1s
-                        put original_value into #calc-menu-flat-total
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Flat Total" %}
-                    </div>
-                    <div id="calc-menu-flat-total">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-flat-total wait 1s put original_value into
+              #calc-menu-flat-total end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Flat Total" %}
+                  </div>
+                  <div id="calc-menu-flat-total">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-real-total's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-real-total
-                        wait 1s
-                        put original_value into #calc-menu-real-total
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Real Total" %}
-                    </div>
-                    <div id="calc-menu-real-total">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-real-total wait 1s put original_value into
+              #calc-menu-real-total end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Real Total" %}
+                  </div>
+                  <div id="calc-menu-real-total">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-mean's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-mean
-                        wait 1s
-                        put original_value into #calc-menu-mean
-                      end">
-                <div class="p-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Mean" %}
-                    </div>
-                    <div id="calc-menu-mean">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-mean wait 1s put original_value into
+              #calc-menu-mean end">
+              <div class="p-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Mean" %}
+                  </div>
+                  <div id="calc-menu-mean">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-max's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-max
-                        wait 1s
-                        put original_value into #calc-menu-max
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Max" %}
-                    </div>
-                    <div id="calc-menu-max">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-max wait 1s put original_value into
+              #calc-menu-max end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Max" %}
+                  </div>
+                  <div id="calc-menu-max">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-min's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-min
-                        wait 1s
-                        put original_value into #calc-menu-min
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Min" %}
-                    </div>
-                    <div id="calc-menu-min">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-min wait 1s put original_value into
+              #calc-menu-min end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Min" %}
+                  </div>
+                  <div id="calc-menu-min">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-count's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-count
-                        wait 1s
-                        put original_value into #calc-menu-count
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Count" %}
-                    </div>
-                    <div id="calc-menu-count">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-count wait 1s put original_value into
+              #calc-menu-count end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Count" %}
+                  </div>
+                  <div id="calc-menu-count">
+                    0
                   </div>
                 </div>
-              </li>
-            </ul>
-          </div>
+              </div>
+            </li>
+          </ul>
         </div>
+      </div>
       {% endspaceless %}
     </div>
   </div>
-</div>
+</div>

app/templates/cotton/ui/transactions_action_bar.html

@@ -1,12 +1,11 @@
 {% load i18n %}
-<div class="sticky bottom-4 left-0 right-0 z-1000 hidden mx-auto w-fit" id="actions-bar"
-     _="on change from #transactions-list or htmx:afterSettle from window
+<div class="sticky bottom-4 left-0 right-0 z-1000 hidden mx-auto w-fit" id="actions-bar" _="on change from #transactions-list or htmx:afterSettle from window
         if #actions-bar then
             if no <input[type='checkbox']:checked/> in #transactions-list
               if #actions-bar
-                add .slide-in-bottom-reverse then settle
+                add .slide-in-bottom-short-reverse then settle
                 then add .hidden to #actions-bar
-                then remove .slide-in-bottom-reverse
+                then remove .slide-in-bottom-short-reverse
               end
             else
               if #actions-bar
@@ -17,86 +16,76 @@
             end
           end
         end">
-  <div class="card bg-base-300 shadow slide-in-bottom max-w-[90vw] card-border">
+  <div class="card bg-base-300 shadow slide-in-bottom-short max-w-[90vw] card-border mt-5">
     <div class="card-body flex-row p-2 flex justify-between items-center gap-3 overflow-x-auto">
       {% spaceless %}
-        <div class="font-bold text-md ms-2" id="selected-count">0</div>
-        <div class="divider divider-horizontal m-0"></div>
+      <div class="font-bold text-md ms-2" id="selected-count">0</div>
+      <div class="divider divider-horizontal m-0"></div>
+      <div>
+        <button role="button" class="btn btn-secondary btn-sm" type="button" data-bs-toggle="dropdown"
+          aria-expanded="false">
+          <i class="fa-regular fa-square-check fa-fw"></i>
+          <i class="fa-solid fa-chevron-down fa-xs"></i>
+        </button>
+        <ul class="dropdown-menu menu">
+          <li>
+            <a class="cursor-pointer"
+              _="on click set <#transactions-list .transaction:not([style*='display: none']) input[type='checkbox']/>'s checked to true then call me.blur() then trigger change">
+              <i class="fa-regular fa-square-check text-success me-3"></i>{% translate 'Select All' %}
+            </a>
+          </li>
+          <li>
+            <a class="cursor-pointer"
+              _="on click set <#transactions-list input[type='checkbox']/>'s checked to false then call me.blur() then trigger change">
+              <i class="fa-regular fa-square text-error me-3"></i>{% translate 'Unselect All' %}
+            </a>
+          </li>
+          <li>
+            <a class="cursor-pointer"
+              _="on click for checkbox in <#transactions-list input[type='checkbox']/> set checkbox.checked to (not checkbox.checked) end then call me.blur() then trigger change">
+              <i class="fa-solid fa-arrow-right-arrow-left text-info me-3"></i>{% translate 'Invert selection' %}
+            </a>
+          </li>
+        </ul>
+      </div>
+      <div class="divider divider-horizontal m-0"></div>
+      <div class="join">
+        <button class="btn btn-secondary join-item btn-sm" hx-get="{% url 'transactions_bulk_edit' %}"
+          hx-target="#generic-offcanvas" hx-include=".transaction" data-tippy-content="{% translate 'Edit' %}">
+          <i class="fa-solid fa-pencil"></i>
+        </button>
         <div>
-          <button role="button" class="btn btn-secondary btn-sm" type="button"
-                  data-bs-toggle="dropdown" aria-expanded="false">
-            <i class="fa-regular fa-square-check fa-fw"></i>
+          <button type="button" role="button" class="join-item btn btn-sm btn-secondary" data-bs-toggle="dropdown"
+            aria-expanded="false">
             <i class="fa-solid fa-chevron-down fa-xs"></i>
           </button>
+
           <ul class="dropdown-menu menu">
             <li>
-              <a class="cursor-pointer"
-                   _="on click set <#transactions-list .transaction:not([style*='display: none']) input[type='checkbox']/>'s checked to true then call me.blur() then trigger change">
-                <i class="fa-regular fa-square-check text-success me-3"></i>{% translate 'Select All' %}
+              <a class="cursor-pointer" hx-get="{% url 'transactions_bulk_unpay' %}" hx-include=".transaction">
+                <i class="fa-regular fa-circle text-red-400 fa-fw me-3"></i>{% translate 'Mark as unpaid' %}
               </a>
             </li>
             <li>
-              <a class="cursor-pointer"
-                   _="on click set <#transactions-list input[type='checkbox']/>'s checked to false then call me.blur() then trigger change">
-                <i class="fa-regular fa-square text-error me-3"></i>{% translate 'Unselect All' %}
+              <a class="cursor-pointer" hx-get="{% url 'transactions_bulk_pay' %}" hx-include=".transaction">
+                <i class="fa-regular fa-circle-check text-green-400 fa-fw me-3"></i>{% translate 'Mark as paid' %}
               </a>
             </li>
           </ul>
         </div>
-        <div class="divider divider-horizontal m-0"></div>
-        <div class="join">
-          <button class="btn btn-secondary join-item btn-sm"
-                  hx-get="{% url 'transactions_bulk_edit' %}"
-                  hx-target="#generic-offcanvas"
-                  hx-include=".transaction"
-                  data-tippy-content="{% translate 'Edit' %}">
-            <i class="fa-solid fa-pencil"></i>
-          </button>
-          <div>
-            <button type="button" role="button" class="join-item btn btn-sm btn-secondary"
-                    data-bs-toggle="dropdown" aria-expanded="false">
-              <i class="fa-solid fa-chevron-down fa-xs"></i>
-            </button>
-
-            <ul class="dropdown-menu menu">
-              <li>
-                <a class="cursor-pointer"
-                    hx-get="{% url 'transactions_bulk_unpay' %}"
-                    hx-include=".transaction">
-                  <i class="fa-regular fa-circle text-red-400 fa-fw me-3"></i>{% translate 'Mark as unpaid' %}
-                </a>
-              </li>
-              <li>
-                <a class="cursor-pointer"
-                    hx-get="{% url 'transactions_bulk_pay' %}"
-                    hx-include=".transaction">
-                  <i class="fa-regular fa-circle-check text-green-400 fa-fw me-3"></i>{% translate 'Mark as paid' %}
-                </a>
-              </li>
-            </ul>
-          </div>
-        </div>
-        <button class="btn btn-secondary btn-sm"
-                hx-get="{% url 'transactions_bulk_clone' %}"
-                hx-include=".transaction"
-                data-tippy-content="{% translate 'Duplicate' %}">
-          <i class="fa-solid fa-clone fa-fw"></i>
-        </button>
-        <button class="btn btn-error btn-sm"
-                hx-get="{% url 'transactions_bulk_delete' %}"
-                hx-include=".transaction"
-                hx-trigger="confirmed"
-                data-tippy-content="{% translate 'Delete' %}"
-                data-bypass-on-ctrl="true"
-                data-title="{% translate "Are you sure?" %}"
-                data-text="{% translate "You won't be able to revert this!" %}"
-                data-confirm-text="{% translate "Yes, delete them!" %}"
-                _="install prompt_swal">
-          <i class="fa-solid fa-trash"></i>
-        </button>
-        <div class="divider divider-horizontal m-0"></div>
-        <div class="join"
-             _="on selected_transactions_updated from #actions-bar
+      </div>
+      <button class="btn btn-secondary btn-sm" hx-get="{% url 'transactions_bulk_clone' %}" hx-include=".transaction"
+        data-tippy-content="{% translate 'Duplicate' %}">
+        <i class="fa-solid fa-clone fa-fw"></i>
+      </button>
+      <button class="btn btn-error btn-sm" hx-get="{% url 'transactions_bulk_delete' %}" hx-include=".transaction"
+        hx-trigger="confirmed" data-tippy-content="{% translate 'Delete' %}" data-bypass-on-ctrl="true"
+        data-title="{% translate "Are you sure?" %}" data-text="{% translate "You won't be able to revert this!" %}"
+        data-confirm-text="{% translate "Yes, delete them!" %}" _="install prompt_swal">
+        <i class="fa-solid fa-trash"></i>
+      </button>
+      <div class="divider divider-horizontal m-0"></div>
+      <div class="join" _="on selected_transactions_updated from #actions-bar
                   set realTotal to math.bignumber(0)
                   set flatTotal to math.bignumber(0)
                   set transactions to <.transaction:has(input[name='transactions']:checked)/>
@@ -133,145 +122,121 @@
                   put mean.toLocaleString(undefined, {minimumFractionDigits: 0, maximumFractionDigits: 40}) into #calc-menu-mean's innerText
                   put flatAmountValues.length.toLocaleString(undefined, {minimumFractionDigits: 0, maximumFractionDigits: 40}) into #calc-menu-count's innerText
                 end">
-          <button class="btn btn-secondary btn-sm join-item" 
-                    _="on click
+        <button class="btn btn-secondary btn-sm join-item" _="on click
                       set original_value to #real-total-front's innerText
                       writeText(original_value) on navigator.clipboard
-                      put '{% translate "copied!" %}' into #real-total-front's innerText
-                      wait 1s
-                      put original_value into #real-total-front's innerText
-                    end">
-            <i class="fa-solid fa-plus fa-fw me-md-2"></i>
-            <span class="hidden md:inline-block" id="real-total-front">0</span>
+                      put '{% translate "copied!" %}' into #real-total-front's innerText wait 1s put original_value
+          into #real-total-front's innerText end">
+          <i class="fa-solid fa-plus fa-fw me-md-2"></i>
+          <span class="hidden md:inline-block" id="real-total-front">0</span>
+        </button>
+        <div>
+          <button class="join-item btn btn-sm btn-secondary" type="button" data-bs-toggle="dropdown"
+            data-bs-auto-close="outside" aria-expanded="false">
+            <i class="fa-solid fa-chevron-down fa-xs"></i>
           </button>
-          <div>
-            <button class="join-item btn btn-sm btn-secondary"
-                    type="button"
-                    data-bs-toggle="dropdown"
-                    data-bs-auto-close="outside"
-                    aria-expanded="false">
-              <i class="fa-solid fa-chevron-down fa-xs"></i>
-            </button>
 
-            <ul class="dropdown-menu dropdown-menu-end menu">
-              <li class="cursor-pointer"
-                  _="on click
+          <ul class="dropdown-menu dropdown-menu-end menu">
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-flat-total's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-flat-total
-                        wait 1s
-                        put original_value into #calc-menu-flat-total
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Flat Total" %}
-                    </div>
-                    <div id="calc-menu-flat-total">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-flat-total wait 1s put original_value into
+              #calc-menu-flat-total end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Flat Total" %}
+                  </div>
+                  <div id="calc-menu-flat-total">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-real-total's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-real-total
-                        wait 1s
-                        put original_value into #calc-menu-real-total
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Real Total" %}
-                    </div>
-                    <div id="calc-menu-real-total">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-real-total wait 1s put original_value into
+              #calc-menu-real-total end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Real Total" %}
+                  </div>
+                  <div id="calc-menu-real-total">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-mean's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-mean
-                        wait 1s
-                        put original_value into #calc-menu-mean
-                      end">
-                <div class="p-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Mean" %}
-                    </div>
-                    <div id="calc-menu-mean">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-mean wait 1s put original_value into
+              #calc-menu-mean end">
+              <div class="p-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Mean" %}
+                  </div>
+                  <div id="calc-menu-mean">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-max's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-max
-                        wait 1s
-                        put original_value into #calc-menu-max
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Max" %}
-                    </div>
-                    <div id="calc-menu-max">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-max wait 1s put original_value into
+              #calc-menu-max end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Max" %}
+                  </div>
+                  <div id="calc-menu-max">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-min's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-min
-                        wait 1s
-                        put original_value into #calc-menu-min
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Min" %}
-                    </div>
-                    <div id="calc-menu-min">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-min wait 1s put original_value into
+              #calc-menu-min end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Min" %}
+                  </div>
+                  <div id="calc-menu-min">
+                    0
                   </div>
                 </div>
-              </li>
-              <li class="cursor-pointer"
-                  _="on click
+              </div>
+            </li>
+            <li class="cursor-pointer" _="on click
                         set original_value to #calc-menu-count's innerText
                         writeText(original_value) on navigator.clipboard
-                        put '{% translate "copied!" %}' into #calc-menu-count
-                        wait 1s
-                        put original_value into #calc-menu-count
-                      end">
-                <div class="py-1 px-3">
-                  <div>
-                    <div class="text-base-content/60 text-xs font-medium">
-                      {% trans "Count" %}
-                    </div>
-                    <div id="calc-menu-count">
-                      0
-                    </div>
+                        put '{% translate "copied!" %}' into #calc-menu-count wait 1s put original_value into
+              #calc-menu-count end">
+              <div class="py-1 px-3">
+                <div>
+                  <div class="text-base-content/60 text-xs font-medium">
+                    {% trans "Count" %}
+                  </div>
+                  <div id="calc-menu-count">
+                    0
                   </div>
                 </div>
-              </li>
-            </ul>
-          </div>
+              </div>
+            </li>
+          </ul>
         </div>
+      </div>
       {% endspaceless %}
     </div>
   </div>
-</div>
+</div>

app/templates/crispy-daisyui/layout/alert.html

@@ -1,4 +1,4 @@
 <div class="alert {{ alert.css_class }}" role="alert"{% if alert.css_id %} id="{{ alert.css_id }}"{% endif %}>
-    {{ content|safe }}
-    {% if dismiss %}<button type="button" class="btn btn-sm btn-circle btn-ghost" data-bs-dismiss="alert" aria-label="Close">✕</button>{% endif %}
+    <span>{{ content|safe }}</span>
+    {% if dismiss %}<button type="button" class="btn btn-sm btn-circle btn-ghost ml-auto" aria-label="Close" _="on click remove closest .alert">✕</button>{% endif %}
 </div>

app/templates/crispy-daisyui/layout/help_text.html

@@ -1,7 +1,7 @@
 {% if field.help_text %}
     {% if help_text_inline %}
-        <span id="{{ field.auto_id }}_helptext" class="label text-wrap">{{ field.help_text|safe}}</span>
+        <span id="{{ field.auto_id }}_helptext" class="label text-wrap block">{{ field.help_text|safe}}</span>
     {% else %}
-        <p {% if field.auto_id %}id="{{ field.auto_id }}_helptext" {% endif %}class="label text-wrap">{{ field.help_text|safe }}</p>
+        <p {% if field.auto_id %}id="{{ field.auto_id }}_helptext" {% endif %}class="label text-wrap block">{{ field.help_text|safe }}</p>
     {% endif %}
 {% endif %}

app/templates/crispy-daisyui/layout/prepended_appended_text.html

@@ -1,4 +1,5 @@
 {% load crispy_forms_field %}
+{% load crispy_extra %}
 
 {% if field.is_hidden %}
     {{ field }}
@@ -7,33 +8,43 @@
 
         <fieldset class="fieldset{% if field_class %} {{ field_class }}{% endif %}">
             {% if field.label and form_show_labels %}
-                <legend class="fieldset-legend{{ label_class }}{% if field.field.required %} requiredField{% endif %}">
+                <label for="{{ field.id_for_label }}" class="fieldset-legend{% if label_class %} {{ label_class }}{% endif %}{% if field.field.required %} requiredField{% endif %}">
                     {{ field.label }}{% if field.field.required %}<span class="asteriskField">*</span>{% endif %}
-                </legend>
+                </label>
             {% endif %}
 
-            <label class="{% if input_size %} {{ input_size }}{% endif %}{% if field.errors %} input-error{% endif %}">
+            <div class="join w-full{% if input_size %} {{ input_size }}{% endif %}">
                 {# prepend #}
                 {% if crispy_prepended_text %}
-                    {{ crispy_prepended_text }}
+                    <span class="join-item flex items-center px-3 bg-base-200 border border-base-300">{{ crispy_prepended_text }}</span>
                 {% endif %}
 
                 {# input #}
                 {% if field|is_select %}
                     {% if field.errors %}
-                        {% crispy_field field 'class' 'select-error grow' %}
+                        {% crispy_field field 'class' 'select select-error join-item grow' %}
                     {% else %}
-                        {% crispy_field field 'class' 'grow' %}
+                        {% crispy_field field 'class' 'select join-item grow' %}
+                    {% endif %}
+                {% elif field|is_input %}
+                    {% if field.errors %}
+                        {% crispy_field field 'class' 'input input-error join-item grow' %}
+                    {% else %}
+                        {% crispy_field field 'class' 'input join-item grow' %}
                     {% endif %}
                 {% else %}
-                    {% crispy_field field 'class' 'grow' %}
+                    {% if field.errors %}
+                        {% crispy_field field 'class' 'input input-error join-item grow' %}
+                    {% else %}
+                        {% crispy_field field 'class' 'input join-item grow' %}
+                    {% endif %}
                 {% endif %}
-                
+
                 {# append #}
                 {% if crispy_appended_text %}
-                    {{ crispy_appended_text }}
+                    <span class="join-item flex items-center px-3 bg-base-200 border border-base-300">{{ crispy_appended_text }}</span>
                 {% endif %}
-            </label>
+            </div>
 
             {# help text as label paragraph #}
             {% if not help_text_inline %}

app/templates/exchange_rates_services/fragments/list.html

@@ -56,7 +56,15 @@
                 </td>
                 <td class="table-col-auto">{% if service.is_active %}<i class="fa-solid fa-circle text-success"></i>{% else %}
                   <i class="fa-solid fa-circle text-error"></i>{% endif %}</td>
-                <td class="table-col-auto">{{ service.name }}</td>
+                <td>
+                  {{ service.name }}
+                  {% if service.failure_count > 0 %}
+                    <span class="badge badge-error gap-1" data-tippy-content="{% blocktrans count counter=service.failure_count %}{{ counter }} consecutive failure{% plural %}{{ counter }} consecutive failures{% endblocktrans %}">
+                      <i class="fa-solid fa-triangle-exclamation fa-fw"></i>
+                      {{ service.failure_count }}
+                    </span>
+                  {% endif %}
+                </td>
                 <td>{{ service.get_service_type_display }}</td>
                 <td>{{ service.target_currencies.count }} {% trans 'currencies' %}, {{ service.target_accounts.count }} {% trans 'accounts' %}</td>
                 <td>{{ service.last_fetch|date:"SHORT_DATETIME_FORMAT" }}</td>

app/templates/includes/navbar.html

@@ -1,183 +0,0 @@
-{% load cache_access %}
-{% load settings %}
-{% load static %}
-{% load i18n %}
-{% load active_link %}
-<nav class="navbar navbar-expand-lg border-bottom bg-body-tertiary" hx-boost="true">
-  <div class="container-fluid">
-    <a class="navbar-brand fw-bold text-primary font-base" href="{% url 'index' %}">
-      <img src="{% static 'img/logo-icon.svg' %}" alt="WYGIWYH Logo" height="40" width="40" title="WYGIWYH"/>
-    </a>
-    <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarContent"
-            aria-controls="navbarContent" aria-expanded="false" aria-label={% translate "Toggle navigation" %}>
-      <span class="navbar-toggler-icon"></span>
-    </button>
-    <div class="collapse navbar-collapse" id="navbarContent">
-      <ul class="navbar-nav me-auto mb-3 mb-lg-0 nav-underline" hx-push-url="true">
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle {% active_link views='monthly_overview||yearly_overview_currency||yearly_overview_account||calendar' %}"
-             href="#"
-             role="button"
-             data-bs-toggle="dropdown"
-             aria-expanded="false">
-            {% translate 'Overview' %}
-          </a>
-          <ul class="dropdown-menu">
-            <li><a class="dropdown-item {% active_link views='monthly_overview' %}"
-                   href="{% url 'monthly_index' %}">{% translate 'Monthly' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='yearly_overview_currency' %}"
-                   href="{% url 'yearly_index_currency' %}">{% translate 'Yearly by currency' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='yearly_overview_account' %}"
-                   href="{% url 'yearly_index_account' %}">{% translate 'Yearly by account' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='calendar' %}"
-                   href="{% url 'calendar_index' %}">{% translate 'Calendar' %}</a></li>
-          </ul>
-        </li>
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle {% active_link views='net_worth_current||net_worth_projected' %}"
-             href="#" role="button"
-             data-bs-toggle="dropdown"
-             aria-expanded="false">
-            {% translate 'Net Worth' %}
-          </a>
-          <ul class="dropdown-menu">
-            <li><a class="dropdown-item {% active_link views='net_worth_current' %}"
-                   href="{% url 'net_worth_current' %}">{% translate 'Current' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='net_worth_projected' %}"
-                   href="{% url 'net_worth_projected' %}">{% translate 'Projected' %}</a></li>
-          </ul>
-        </li>
-        <li class="nav-item">
-          <a class="nav-link {% active_link views='insights_index' %}" href="{% url 'insights_index' %}">{% trans 'Insights' %}</a>
-        </li>
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle {% active_link views='installment_plans_index||quick_transactions_index||recurring_trasanctions_index||transactions_all_index||transactions_trash_index' %}"
-             href="#" role="button"
-             data-bs-toggle="dropdown"
-             aria-expanded="false">
-            {% translate 'Transactions' %}
-          </a>
-          <ul class="dropdown-menu">
-            <li><a class="dropdown-item {% active_link views='transactions_all_index' %}"
-                   href="{% url 'transactions_all_index' %}">{% translate 'All' %}</a></li>
-            <li>
-            {% settings "ENABLE_SOFT_DELETE" as enable_soft_delete %}
-            {% if enable_soft_delete %}
-            <li><a class="dropdown-item {% active_link views='transactions_trash_index' %}"
-                   href="{% url 'transactions_trash_index' %}">{% translate 'Trash Can' %}</a></li>
-            <li>
-            {% endif %}
-            <hr class="dropdown-divider">
-            </li>
-            <li><a class="dropdown-item {% active_link views='quick_transactions_index' %}"
-                   href="{% url 'quick_transactions_index' %}">{% translate 'Quick Transactions' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='installment_plans_index' %}"
-                   href="{% url 'installment_plans_index' %}">{% translate 'Installment Plans' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='recurring_trasanctions_index' %}"
-                   href="{% url 'recurring_trasanctions_index' %}">{% translate 'Recurring Transactions' %}</a></li>
-          </ul>
-        </li>
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle {% active_link views='dca_strategy_index||dca_strategy_detail_index||unit_price_calculator||currency_converter' %}"
-             href="#" role="button"
-             data-bs-toggle="dropdown"
-             aria-expanded="false">
-            {% translate 'Tools' %}
-          </a>
-          <ul class="dropdown-menu">
-            <li><a class="dropdown-item {% active_link views='dca_strategy_index||dca_strategy_detail_index' %}"
-                   href="{% url 'dca_strategy_index' %}">{% translate 'Dollar Cost Average Tracker' %}</a></li>
-            <li>
-            <li><a class="dropdown-item {% active_link views='unit_price_calculator' %}"
-                 href="{% url 'unit_price_calculator' %}">{% translate 'Unit Price Calculator' %}</a></li>
-            <li>
-            <li><a class="dropdown-item {% active_link views='currency_converter' %}"
-                 href="{% url 'currency_converter' %}">{% translate 'Currency Converter' %}</a></li>
-            <li>
-          </ul>
-        </li>
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle {% active_link views='tags_index||entities_index||categories_index||accounts_index||account_groups_index||currencies_index||exchange_rates_index||rules_index||import_profiles_index||automatic_exchange_rates_index||export_index||users_index' %}"
-             href="#" role="button"
-             data-bs-toggle="dropdown"
-             aria-expanded="false">
-            {% translate 'Management' %}
-          </a>
-          <ul class="dropdown-menu">
-            <li><h6 class="dropdown-header">{% trans 'Transactions' %}</h6></li>
-            <li><a class="dropdown-item {% active_link views='categories_index' %}"
-                   href="{% url 'categories_index' %}">{% translate 'Categories' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='tags_index' %}"
-                   href="{% url 'tags_index' %}">{% translate 'Tags' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='entities_index' %}"
-                   href="{% url 'entities_index' %}">{% translate 'Entities' %}</a></li>
-            <li>
-              <hr class="dropdown-divider">
-            </li>
-            <li><h6 class="dropdown-header">{% trans 'Accounts' %}</h6></li>
-            <li><a class="dropdown-item {% active_link views='accounts_index' %}"
-                   href="{% url 'accounts_index' %}">{% translate 'Accounts' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='account_groups_index' %}"
-                   href="{% url 'account_groups_index' %}">{% translate 'Account Groups' %}</a></li>
-            <li>
-              <hr class="dropdown-divider">
-            </li>
-            <li><h6 class="dropdown-header">{% trans 'Currencies' %}</h6></li>
-            <li><a class="dropdown-item {% active_link views='currencies_index' %}" 
-                   href="{% url 'currencies_index' %}">{% translate 'Currencies' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='exchange_rates_index' %}" 
-                   href="{% url 'exchange_rates_index' %}">{% translate 'Exchange Rates' %}</a></li>
-            <li>
-              <hr class="dropdown-divider">
-            </li>
-            <li><h6 class="dropdown-header">{% trans 'Automation' %}</h6></li>
-            <li><a class="dropdown-item {% active_link views='rules_index' %}"
-                   href="{% url 'rules_index' %}">{% translate 'Rules' %}</a></li>
-            <li><a class="dropdown-item {% active_link views='import_profiles_index' %}"
-                   href="{% url 'import_profiles_index' %}">{% translate 'Import' %} <span class="badge text-bg-primary">beta</span></a></li>
-            {% if user.is_superuser %}
-            <li><a class="dropdown-item {% active_link views='export_index' %}"
-                   href="{% url 'export_index' %}">{% translate 'Export and Restore' %}</a></li>
-            {% endif %}
-            <li><a class="dropdown-item {% active_link views='automatic_exchange_rates_index' %}"
-                   href="{% url 'automatic_exchange_rates_index' %}">{% translate 'Automatic Exchange Rates' %}</a></li>
-            {% if user.is_superuser %}
-            <li>
-              <hr class="dropdown-divider">
-            </li>
-            <li><h6 class="dropdown-header">{% trans 'Admin' %}</h6></li>
-            <li><a class="dropdown-item {% active_link views='users_index' %}"
-                    href="{% url 'users_index' %}">{% translate 'Users' %}</a></li>
-            <li>
-              <a class="dropdown-item"
-                 href="{% url 'admin:index' %}"
-                 hx-boost="false"
-                 data-tippy-placement="right"
-                 data-tippy-content="{% translate "Only use this if you know what you're doing" %}">
-                {% translate 'Django Admin' %}
-              </a>
-            </li>
-            {% endif %}
-          </ul>
-        </li>
-      </ul>
-      <ul class="navbar-nav mb-2 mb-lg-0 gap-3">
-        {% get_update_check as update_check %}
-        {% if update_check.update_available %}
-        <li class="nav-item my-auto">
-          <a class="badge text-bg-secondary text-decoration-none cursor-pointer" href="https://github.com/eitchtee/WYGIWYH/releases/latest" target="_blank"><i class="fa-solid fa-circle-info fa-fw me-2"></i>v.{{ update_check.latest_version }} {% translate 'is available' %}!</a>
-        </li>
-        {% endif %}
-        <li class="nav-item">
-          <div class="nav-link lg:text-2xl! cursor-pointer"
-             data-tippy-placement="left" data-tippy-content="{% trans "Calculator" %}"
-             _="on click trigger show on #calculator">
-            <i class="fa-solid fa-calculator"></i>
-            <span class="d-lg-none d-inline">{% trans "Calculator" %}</span>
-          </div>
-        </li>
-        <li class="w-100">{% include 'includes/navbar/user_menu.html' %}</li>
-      </ul>
-    </div>
-  </div>
-</nav>

app/templates/includes/scripts/hyperscript/htmx_error_handler.html

@@ -10,9 +10,9 @@ behavior htmx_error_handler
         icon: 'warning',
         timer: 60000,
         customClass: {
-          confirmButton: 'btn btn-warning' -- Optional: different button style
+          confirmButton: 'btn btn-warning'
         },
-        buttonsStyling: true
+        buttonsStyling: false
       })
     else
       call Swal.fire({
@@ -23,7 +23,7 @@ behavior htmx_error_handler
         customClass: {
           confirmButton: 'btn btn-primary'
         },
-        buttonsStyling: true
+        buttonsStyling: false
       })
     end
     then log event

app/templates/includes/sidebar.html

@@ -135,138 +135,105 @@
 
       <c-components.sidebar-menu-header title=""></c-components.sidebar-menu-header>
 
-      <div role="button"
-           data-bs-toggle="collapse"
-           data-bs-target="#collapsible-panel"
-           aria-expanded="false"
-           aria-controls="collapsible-panel"
-           class="text-xs flex items-center no-underline ps-3 p-2 rounded-box sidebar-item cursor-pointer {% active_link views='tags_index||entities_index||categories_index||accounts_index||account_groups_index||currencies_index||exchange_rates_index||rules_index||import_profiles_index||automatic_exchange_rates_index||export_index||users_index' css_class="sidebar-active" %}">
-        <i class="fa-solid fa-toolbox fa-fw"></i>
-        <span class="ml-3 font-medium lg:group-hover:truncate lg:group-focus:truncate lg:group-hover:text-ellipsis lg:group-focus:text-ellipsis">
-          {% translate 'Management' %}
-        </span>
-        <i class="fa-solid fa-chevron-right fa-fw ml-auto pe-2"></i>
-      </div>
+      <c-components.sidebar-collapsible-panel
+          title="{% translate 'Management' %}"
+          icon="fa-solid fa-toolbox"
+          active="tags_index||entities_index||categories_index||accounts_index||account_groups_index||currencies_index||exchange_rates_index||rules_index||import_profiles_index||automatic_exchange_rates_index||export_index||users_index">
+        <c-components.sidebar-menu-header title="{% translate 'Transactions' %}"></c-components.sidebar-menu-header>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Categories' %}"
+            url='categories_index'
+            active="categories_index"
+            icon="fa-solid fa-icons">
+        </c-components.sidebar-menu-item>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Tags' %}"
+            url='tags_index'
+            active="tags_index"
+            icon="fa-solid fa-hashtag">
+        </c-components.sidebar-menu-item>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Entities' %}"
+            url='entities_index'
+            active="entities_index"
+            icon="fa-solid fa-user-group">
+        </c-components.sidebar-menu-item>
+
+        <c-components.sidebar-menu-header title="{% translate 'Accounts' %}"></c-components.sidebar-menu-header>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Accounts' %}"
+            url='accounts_index'
+            active="accounts_index"
+            icon="fa-solid fa-wallet">
+        </c-components.sidebar-menu-item>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Account Groups' %}"
+            url='account_groups_index'
+            active="account_groups_index"
+            icon="fa-solid fa-wallet">
+        </c-components.sidebar-menu-item>
+
+        <c-components.sidebar-menu-header title="{% translate 'Currencies' %}"></c-components.sidebar-menu-header>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Currencies' %}"
+            url='currencies_index'
+            active="currencies_index"
+            icon="fa-solid fa-coins">
+        </c-components.sidebar-menu-item>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Exchange Rates' %}"
+            url='exchange_rates_index'
+            active="exchange_rates_index"
+            icon="fa-solid fa-right-left">
+        </c-components.sidebar-menu-item>
+
+        <c-components.sidebar-menu-header title="{% translate 'Automation' %}"></c-components.sidebar-menu-header>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Rules' %}"
+            url='rules_index'
+            active="rules_index"
+            icon="fa-solid fa-pen-ruler">
+        </c-components.sidebar-menu-item>
+        <c-components.sidebar-menu-item
+            title="{% translate 'Import' %}"
+            url='import_profiles_index'
+            active="import_profiles_index"
+            icon="fa-solid fa-file-import">
+        </c-components.sidebar-menu-item>
+        {% if user.is_superuser %}
+          <c-components.sidebar-menu-item
+              title="{% translate 'Export and Restore' %}"
+              url='export_index'
+              active="export_index"
+              icon="fa-solid fa-file-export">
+          </c-components.sidebar-menu-item>
+        {% endif %}
+        <c-components.sidebar-menu-item
+            title="{% translate 'Automatic Exchange Rates' %}"
+            url='automatic_exchange_rates_index'
+            active="automatic_exchange_rates_index"
+            icon="fa-solid fa-right-left">
+        </c-components.sidebar-menu-item>
+
+        {% if user.is_superuser %}
+          <c-components.sidebar-menu-header title="{% translate 'Admin' %}"></c-components.sidebar-menu-header>
+          <c-components.sidebar-menu-item
+              title="{% translate 'Users' %}"
+              url='users_index'
+              active="users_index"
+              icon="fa-solid fa-users">
+          </c-components.sidebar-menu-item>
+          <c-components.sidebar-menu-url-item
+              title="{% translate 'Django Admin' %}"
+              tooltip="{% translate "Only use this if you know what you're doing" %}"
+              url='/admin/'
+              icon="fa-solid fa-screwdriver-wrench">
+          </c-components.sidebar-menu-url-item>
+        {% endif %}
+      </c-components.sidebar-collapsible-panel>
     </ul>
 
     <div class="mt-auto p-2 w-full">
-      <div id="collapsible-panel"
-           class="bs collapse p-0 absolute bottom-0 left-0 w-full z-30 max-h-dvh {% active_link views='tags_index||entities_index||categories_index||accounts_index||account_groups_index||currencies_index||exchange_rates_index||rules_index||import_profiles_index||automatic_exchange_rates_index||export_index||users_index' css_class="show" %}">
-        <div class="h-dvh bg-base-300 flex flex-col">
-          <div
-              class="items-center p-4 border-b border-base-content/10 sidebar-submenu-header text-base-content">
-            <div class="flex items-center sidebar-submenu-title">
-              <i class="fa-solid fa-toolbox fa-fw lg:group-hover:me-2 me-2 lg:me-0"></i>
-              <h5 class="text-lg font-semibold text-base-content m-0">
-                {% trans 'Management' %}
-              </h5>
-            </div>
-
-            <button type="button" class="btn btn-ghost btn-sm btn-circle" aria-label="{% trans 'Close' %}"
-                    data-bs-toggle="collapse"
-                    data-bs-target="#collapsible-panel"
-                    aria-expanded="true"
-                    aria-controls="collapsible-panel">
-              <i class="fa-solid fa-xmark"></i>
-            </button>
-          </div>
-
-          <ul class="sidebar-item-list list-none p-3 flex flex-col gap-1 whitespace-nowrap lg:group-hover:animate-[disable-pointer-events] overflow-y-auto lg:overflow-y-hidden lg:hover:overflow-y-auto overflow-x-hidden"
-              style="animation-duration: 100ms">
-            <c-components.sidebar-menu-header title="{% translate 'Transactions' %}"></c-components.sidebar-menu-header>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Categories' %}"
-                url='categories_index'
-                active="categories_index"
-                icon="fa-solid fa-icons">
-            </c-components.sidebar-menu-item>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Tags' %}"
-                url='tags_index'
-                active="tags_index"
-                icon="fa-solid fa-hashtag">
-            </c-components.sidebar-menu-item>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Entities' %}"
-                url='entities_index'
-                active="entities_index"
-                icon="fa-solid fa-user-group">
-            </c-components.sidebar-menu-item>
-
-            <c-components.sidebar-menu-header title="{% translate 'Accounts' %}"></c-components.sidebar-menu-header>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Accounts' %}"
-                url='accounts_index'
-                active="accounts_index"
-                icon="fa-solid fa-wallet">
-            </c-components.sidebar-menu-item>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Account Groups' %}"
-                url='account_groups_index'
-                active="account_groups_index"
-                icon="fa-solid fa-wallet">
-            </c-components.sidebar-menu-item>
-
-            <c-components.sidebar-menu-header title="{% translate 'Currencies' %}"></c-components.sidebar-menu-header>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Currencies' %}"
-                url='currencies_index'
-                active="currencies_index"
-                icon="fa-solid fa-coins">
-            </c-components.sidebar-menu-item>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Exchange Rates' %}"
-                url='exchange_rates_index'
-                active="exchange_rates_index"
-                icon="fa-solid fa-right-left">
-            </c-components.sidebar-menu-item>
-
-            <c-components.sidebar-menu-header title="{% translate 'Automation' %}"></c-components.sidebar-menu-header>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Rules' %}"
-                url='rules_index'
-                active="rules_index"
-                icon="fa-solid fa-pen-ruler">
-            </c-components.sidebar-menu-item>
-            <c-components.sidebar-menu-item
-                title="{% translate 'Import' %}"
-                url='import_profiles_index'
-                active="import_profiles_index"
-                icon="fa-solid fa-file-import">
-            </c-components.sidebar-menu-item>
-            {% if user.is_superuser %}
-              <c-components.sidebar-menu-item
-                  title="{% translate 'Export and Restore' %}"
-                  url='export_index'
-                  active="export_index"
-                  icon="fa-solid fa-file-export">
-              </c-components.sidebar-menu-item>
-            {% endif %}
-            <c-components.sidebar-menu-item
-                title="{% translate 'Automatic Exchange Rates' %}"
-                url='automatic_exchange_rates_index'
-                active="automatic_exchange_rates_index"
-                icon="fa-solid fa-right-left">
-            </c-components.sidebar-menu-item>
-
-            {% if user.is_superuser %}
-              <c-components.sidebar-menu-header title="{% translate 'Admin' %}"></c-components.sidebar-menu-header>
-              <c-components.sidebar-menu-item
-                  title="{% translate 'Users' %}"
-                  url='users_index'
-                  active="users_index"
-                  icon="fa-solid fa-users">
-              </c-components.sidebar-menu-item>
-              <c-components.sidebar-menu-url-item
-                  title="{% translate 'Django Admin' %}"
-                  tooltip="{% translate "Only use this if you know what you're doing" %}"
-                  url='/admin/'
-                  icon="fa-solid fa-screwdriver-wrench">
-              </c-components.sidebar-menu-url-item>
-            {% endif %}
-          </ul>
-        </div>
-      </div>
       {% get_update_check as update_check %}
       {% if update_check.update_available %}
         <div class="my-3 sidebar-item">

app/templates/insights/fragments/month_by_month.html

@@ -0,0 +1,250 @@
+{% load i18n %}
+
+<div hx-get="{% url 'insights_month_by_month' %}" hx-trigger="updated from:window" class="show-loading"
+     hx-swap="outerHTML" hx-include="#year-selector, #group-by-selector-month">
+  
+  {# Hidden input to hold the year value #}
+  <input type="hidden" name="year" id="year-selector" value="{{ selected_year }}" _="on change trigger updated">
+
+  {# Tabs for Categories/Tags/Entities #}
+  <div class="h-full text-center mb-4">
+    <div class="tabs tabs-box mx-auto w-fit" role="group" id="group-by-selector-month" _="on change trigger updated">
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="categories-view-month"
+               autocomplete="off"
+               value="categories"
+               aria-label="{% trans 'Categories' %}"
+               {% if group_by == "categories" %}checked{% endif %}>
+        <i class="fa-solid fa-icons fa-fw me-2"></i>
+        {% trans 'Categories' %}
+      </label>
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="tags-view-month"
+               autocomplete="off"
+               value="tags"
+               aria-label="{% trans 'Tags' %}"
+               {% if group_by == "tags" %}checked{% endif %}>
+        <i class="fa-solid fa-hashtag fa-fw me-2"></i>
+        {% trans 'Tags' %}
+      </label>
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="entities-view-month"
+               autocomplete="off"
+               value="entities"
+               aria-label="{% trans 'Entities' %}"
+               {% if group_by == "entities" %}checked{% endif %}>
+        <i class="fa-solid fa-user-group fa-fw me-2"></i>
+        {% trans 'Entities' %}
+      </label>
+    </div>
+  </div>
+
+  {% if data.items %}
+    <div class="card bg-base-100 card-border">
+      <div class="card-body">
+        {# Year dropdown - left aligned #}
+        {% if data.available_years %}
+          <div class="mb-4">
+            <div>
+              <button class="btn btn-ghost" type="button"
+                      data-bs-toggle="dropdown" aria-expanded="false">
+                <i class="fa-solid fa-calendar fa-fw me-1"></i>
+                {{ selected_year }}
+                <i class="fa-solid fa-chevron-down fa-fw ms-1"></i>
+              </button>
+              <ul class="dropdown-menu menu">
+                {% for year in data.available_years %}
+                  <li>
+                    <button class="{% if year == selected_year %}menu-active{% endif %}" type="button"
+                            _="on click remove .menu-active from <li > button/> in the closest <ul/>
+                              then add .menu-active to me
+                              then set the value of #year-selector to '{{ year }}'
+                              then trigger change on #year-selector">
+                      {{ year }}
+                    </button>
+                  </li>
+                {% endfor %}
+              </ul>
+            </div>
+          </div>
+        {% endif %}
+        <div class="overflow-x-auto">
+
+          <table class="table">
+            <thead>
+              <tr>
+                <th scope="col" class="sticky left-0 bg-base-100 z-10">
+                  {% if group_by == "categories" %}
+                    {% trans 'Category' %}
+                  {% elif group_by == "tags" %}
+                    {% trans 'Tag' %}
+                  {% else %}
+                    {% trans 'Entity' %}
+                  {% endif %}
+                </th>
+                <th scope="col" class="font-bold">{% trans 'Total' %}</th>
+                {% for month in data.months %}
+                  <th scope="col">
+                    {% if month == 1 %}{% trans 'Jan' %}
+                    {% elif month == 2 %}{% trans 'Feb' %}
+                    {% elif month == 3 %}{% trans 'Mar' %}
+                    {% elif month == 4 %}{% trans 'Apr' %}
+                    {% elif month == 5 %}{% trans 'May' %}
+                    {% elif month == 6 %}{% trans 'Jun' %}
+                    {% elif month == 7 %}{% trans 'Jul' %}
+                    {% elif month == 8 %}{% trans 'Aug' %}
+                    {% elif month == 9 %}{% trans 'Sep' %}
+                    {% elif month == 10 %}{% trans 'Oct' %}
+                    {% elif month == 11 %}{% trans 'Nov' %}
+                    {% elif month == 12 %}{% trans 'Dec' %}
+                    {% endif %}
+                  </th>
+                {% endfor %}
+              </tr>
+            </thead>
+            <tbody>
+              {% for item_id, item in data.items.items %}
+                <tr>
+                  <th class="text-nowrap sticky left-0 bg-base-100 z-10">
+                    {% if item.name %}
+                      {{ item.name }}
+                    {% else %}
+                      {% if group_by == "categories" %}
+                        {% trans 'Uncategorized' %}
+                      {% elif group_by == "tags" %}
+                        {% trans 'Untagged' %}
+                      {% else %}
+                        {% trans 'No entity' %}
+                      {% endif %}
+                    {% endif %}
+                  </th>
+                  {# Total column for this item #}
+                  <td class="text-nowrap font-semibold bg-base-200">
+                    {% for currency_id, currency_data in item.total.currencies.items %}
+                      <c-amount.display
+                          :amount="currency_data.final_total"
+                          :prefix="currency_data.currency.prefix"
+                          :suffix="currency_data.currency.suffix"
+                          :decimal_places="currency_data.currency.decimal_places"
+                          color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                      {% if currency_data.exchanged %}
+                        <div class="text-xs text-base-content/60">
+                          <c-amount.display
+                              :amount="currency_data.exchanged.final_total"
+                              :prefix="currency_data.exchanged.currency.prefix"
+                              :suffix="currency_data.exchanged.currency.suffix"
+                              :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                        </div>
+                      {% endif %}
+                    {% empty %}
+                      -
+                    {% endfor %}
+                  </td>
+                  {# Month columns #}
+                  {% for month in data.months %}
+                    <td class="text-nowrap">
+                      {% with month_data=item.month_totals %}
+                        {% for m, m_data in month_data.items %}
+                          {% if m == month %}
+                            {% for currency_id, currency_data in m_data.currencies.items %}
+                              <c-amount.display
+                                  :amount="currency_data.final_total"
+                                  :prefix="currency_data.currency.prefix"
+                                  :suffix="currency_data.currency.suffix"
+                                  :decimal_places="currency_data.currency.decimal_places"
+                                  color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                              {% if currency_data.exchanged %}
+                                <div class="text-xs text-base-content/60">
+                                  <c-amount.display
+                                      :amount="currency_data.exchanged.final_total"
+                                      :prefix="currency_data.exchanged.currency.prefix"
+                                      :suffix="currency_data.exchanged.currency.suffix"
+                                      :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                                </div>
+                              {% endif %}
+                            {% empty %}
+                              -
+                            {% endfor %}
+                          {% endif %}
+                        {% empty %}
+                          -
+                        {% endfor %}
+                      {% endwith %}
+                    </td>
+                  {% endfor %}
+                </tr>
+              {% endfor %}
+            </tbody>
+            <tfoot>
+              <tr class="font-bold bg-base-200">
+                <th class="sticky left-0 bg-base-200 z-10">{% trans 'Total' %}</th>
+                {# Grand total #}
+                <td class="text-nowrap bg-base-300">
+                  {% for currency_id, currency_data in data.grand_total.currencies.items %}
+                    <c-amount.display
+                        :amount="currency_data.final_total"
+                        :prefix="currency_data.currency.prefix"
+                        :suffix="currency_data.currency.suffix"
+                        :decimal_places="currency_data.currency.decimal_places"
+                        color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                    {% if currency_data.exchanged %}
+                      <div class="text-xs text-base-content/60">
+                        <c-amount.display
+                            :amount="currency_data.exchanged.final_total"
+                            :prefix="currency_data.exchanged.currency.prefix"
+                            :suffix="currency_data.exchanged.currency.suffix"
+                            :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                      </div>
+                    {% endif %}
+                  {% empty %}
+                    -
+                  {% endfor %}
+                </td>
+                {# Month totals #}
+                {% for month in data.months %}
+                  <td class="text-nowrap">
+                    {% with month_total=data.month_totals %}
+                      {% for m, m_data in month_total.items %}
+                        {% if m == month %}
+                          {% for currency_id, currency_data in m_data.currencies.items %}
+                            <c-amount.display
+                                :amount="currency_data.final_total"
+                                :prefix="currency_data.currency.prefix"
+                                :suffix="currency_data.currency.suffix"
+                                :decimal_places="currency_data.currency.decimal_places"
+                                color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                            {% if currency_data.exchanged %}
+                              <div class="text-xs text-base-content/60">
+                                <c-amount.display
+                                    :amount="currency_data.exchanged.final_total"
+                                    :prefix="currency_data.exchanged.currency.prefix"
+                                    :suffix="currency_data.exchanged.currency.suffix"
+                                    :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                              </div>
+                            {% endif %}
+                          {% empty %}
+                            -
+                          {% endfor %}
+                        {% endif %}
+                      {% empty %}
+                        -
+                      {% endfor %}
+                    {% endwith %}
+                  </td>
+                {% endfor %}
+              </tr>
+            </tfoot>
+          </table>
+        </div>
+      </div>
+    </div>
+  {% else %}
+    <c-msg.empty title="{% translate 'No transactions for this year' %}"></c-msg.empty>
+  {% endif %}
+</div>

app/templates/insights/fragments/year_by_year.html

@@ -0,0 +1,204 @@
+{% load i18n %}
+
+<div hx-get="{% url 'insights_year_by_year' %}" hx-trigger="updated from:window" class="show-loading"
+     hx-swap="outerHTML" hx-include="#group-by-selector">
+  <div class="h-full text-center mb-4">
+    <div class="tabs tabs-box mx-auto w-fit" role="group" id="group-by-selector" _="on change trigger updated">
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="categories-view"
+               autocomplete="off"
+               value="categories"
+               aria-label="{% trans 'Categories' %}"
+               {% if group_by == "categories" %}checked{% endif %}>
+        <i class="fa-solid fa-icons fa-fw me-2"></i>
+        {% trans 'Categories' %}
+      </label>
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="tags-view"
+               autocomplete="off"
+               value="tags"
+               aria-label="{% trans 'Tags' %}"
+               {% if group_by == "tags" %}checked{% endif %}>
+        <i class="fa-solid fa-hashtag fa-fw me-2"></i>
+        {% trans 'Tags' %}
+      </label>
+      <label class="tab">
+        <input type="radio"
+               name="group_by"
+               id="entities-view"
+               autocomplete="off"
+               value="entities"
+               aria-label="{% trans 'Entities' %}"
+               {% if group_by == "entities" %}checked{% endif %}>
+        <i class="fa-solid fa-user-group fa-fw me-2"></i>
+        {% trans 'Entities' %}
+      </label>
+    </div>
+  </div>
+
+  {% if data.years %}
+    <div class="card bg-base-100 card-border">
+      <div class="card-body">
+        <div class="overflow-x-auto">
+          <table class="table">
+            <thead>
+              <tr>
+                <th scope="col" class="sticky left-0 bg-base-100 z-10">
+                  {% if group_by == "categories" %}
+                    {% trans 'Category' %}
+                  {% elif group_by == "tags" %}
+                    {% trans 'Tag' %}
+                  {% else %}
+                    {% trans 'Entity' %}
+                  {% endif %}
+                </th>
+                <th scope="col" class="font-bold">{% trans 'Total' %}</th>
+                {% for year in data.years %}
+                  <th scope="col">{{ year }}</th>
+                {% endfor %}
+              </tr>
+            </thead>
+            <tbody>
+              {% for item_id, item in data.items.items %}
+                <tr>
+                  <th class="text-nowrap sticky left-0 bg-base-100 z-10">
+                    {% if item.name %}
+                      {{ item.name }}
+                    {% else %}
+                      {% if group_by == "categories" %}
+                        {% trans 'Uncategorized' %}
+                      {% elif group_by == "tags" %}
+                        {% trans 'Untagged' %}
+                      {% else %}
+                        {% trans 'No entity' %}
+                      {% endif %}
+                    {% endif %}
+                  </th>
+                  {# Total column for this item #}
+                  <td class="text-nowrap font-semibold bg-base-200">
+                    {% for currency_id, currency_data in item.total.currencies.items %}
+                      <c-amount.display
+                          :amount="currency_data.final_total"
+                          :prefix="currency_data.currency.prefix"
+                          :suffix="currency_data.currency.suffix"
+                          :decimal_places="currency_data.currency.decimal_places"
+                          color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                      {% if currency_data.exchanged %}
+                        <div class="text-xs text-base-content/60">
+                          <c-amount.display
+                              :amount="currency_data.exchanged.final_total"
+                              :prefix="currency_data.exchanged.currency.prefix"
+                              :suffix="currency_data.exchanged.currency.suffix"
+                              :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                        </div>
+                      {% endif %}
+                    {% empty %}
+                      -
+                    {% endfor %}
+                  </td>
+                  {# Year columns #}
+                  {% for year in data.years %}
+                    <td class="text-nowrap">
+                      {% with year_data=item.year_totals %}
+                        {% for y, y_data in year_data.items %}
+                          {% if y == year %}
+                            {% for currency_id, currency_data in y_data.currencies.items %}
+                              <c-amount.display
+                                  :amount="currency_data.final_total"
+                                  :prefix="currency_data.currency.prefix"
+                                  :suffix="currency_data.currency.suffix"
+                                  :decimal_places="currency_data.currency.decimal_places"
+                                  color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                              {% if currency_data.exchanged %}
+                                <div class="text-xs text-base-content/60">
+                                  <c-amount.display
+                                      :amount="currency_data.exchanged.final_total"
+                                      :prefix="currency_data.exchanged.currency.prefix"
+                                      :suffix="currency_data.exchanged.currency.suffix"
+                                      :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                                </div>
+                              {% endif %}
+                            {% empty %}
+                              -
+                            {% endfor %}
+                          {% endif %}
+                        {% empty %}
+                          -
+                        {% endfor %}
+                      {% endwith %}
+                    </td>
+                  {% endfor %}
+                </tr>
+              {% endfor %}
+            </tbody>
+            <tfoot>
+              <tr class="font-bold bg-base-200">
+                <th class="sticky left-0 bg-base-200 z-10">{% trans 'Total' %}</th>
+                {# Grand total #}
+                <td class="text-nowrap bg-base-300">
+                  {% for currency_id, currency_data in data.grand_total.currencies.items %}
+                    <c-amount.display
+                        :amount="currency_data.final_total"
+                        :prefix="currency_data.currency.prefix"
+                        :suffix="currency_data.currency.suffix"
+                        :decimal_places="currency_data.currency.decimal_places"
+                        color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                    {% if currency_data.exchanged %}
+                      <div class="text-xs text-base-content/60">
+                        <c-amount.display
+                            :amount="currency_data.exchanged.final_total"
+                            :prefix="currency_data.exchanged.currency.prefix"
+                            :suffix="currency_data.exchanged.currency.suffix"
+                            :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                      </div>
+                    {% endif %}
+                  {% empty %}
+                    -
+                  {% endfor %}
+                </td>
+                {# Year totals #}
+                {% for year in data.years %}
+                  <td class="text-nowrap">
+                    {% with year_total=data.year_totals %}
+                      {% for y, y_data in year_total.items %}
+                        {% if y == year %}
+                          {% for currency_id, currency_data in y_data.currencies.items %}
+                            <c-amount.display
+                                :amount="currency_data.final_total"
+                                :prefix="currency_data.currency.prefix"
+                                :suffix="currency_data.currency.suffix"
+                                :decimal_places="currency_data.currency.decimal_places"
+                                color="{% if currency_data.final_total < 0 %}red{% elif currency_data.final_total > 0 %}green{% endif %}"></c-amount.display>
+                            {% if currency_data.exchanged %}
+                              <div class="text-xs text-base-content/60">
+                                <c-amount.display
+                                    :amount="currency_data.exchanged.final_total"
+                                    :prefix="currency_data.exchanged.currency.prefix"
+                                    :suffix="currency_data.exchanged.currency.suffix"
+                                    :decimal_places="currency_data.exchanged.currency.decimal_places"></c-amount.display>
+                              </div>
+                            {% endif %}
+                          {% empty %}
+                            -
+                          {% endfor %}
+                        {% endif %}
+                      {% empty %}
+                        -
+                      {% endfor %}
+                    {% endwith %}
+                  </td>
+                {% endfor %}
+              </tr>
+            </tfoot>
+          </table>
+        </div>
+      </div>
+    </div>
+  {% else %}
+    <c-msg.empty title="{% translate 'No transactions' %}"></c-msg.empty>
+  {% endif %}
+</div>

app/templates/insights/pages/index.html

@@ -121,6 +121,16 @@
                             hx-get="{% url 'insights_emergency_fund' %}">
                             {% trans 'Emergency Fund' %}
                     </button>
+                    <button class="btn btn-ghost btn-free justify-start text-start"  data-bs-target="#v-pills-content"
+                            type="button" role="tab" aria-controls="v-pills-content" aria-selected="false"
+                            hx-get="{% url 'insights_year_by_year' %}">
+                            {% trans 'Year by Year' %}
+                    </button>
+                    <button class="btn btn-ghost btn-free justify-start text-start"  data-bs-target="#v-pills-content"
+                            type="button" role="tab" aria-controls="v-pills-content" aria-selected="false"
+                            hx-get="{% url 'insights_month_by_month' %}">
+                            {% trans 'Month by Month' %}
+                    </button>
                   </div>
             </div>
           </div>

app/templates/layouts/base.html

@@ -5,52 +5,53 @@
 {% load title %}
 <!DOCTYPE html>
 <html lang="en"
-      data-theme="{% if request.session.theme == 'wygiwyh_light' %}wygiwyh_light{% else %}wygiwyh_dark{% endif %}">
-  <head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1" />
-    <title>
-      {% filter site_title %}
-        {% block title %}
-        {% endblock title %}
-      {% endfilter %}
-    </title>
-    {% include 'includes/head/favicons.html' %}
-    {% progressive_web_app_meta %}
-    {#  {% include 'includes/styles.html' %}#}
-    {% block extra_styles %}{% endblock %}
-    {% include 'includes/scripts.html' %}
-    {% block extra_js_head %}{% endblock %}
-  </head>
-  <body class="font-mono">
-    <div _="install htmx_error_handler
-            {% block body_hyperscript %}{% endblock %}"
-         hx-headers='{"X-CSRFToken": "{{ csrf_token }}"}'>
-      {% include 'includes/mobile_navbar.html' %}
-      {% include 'includes/sidebar.html' %}
-      <main class="my-8 px-3">
-        {% settings "DEMO" as demo_mode %}
-        {% if demo_mode %}
-          <div class="px-3 m-0" id="demo-mode-alert" hx-preserve>
-            <div class="alert alert-warning my-3" role="alert">
-              <strong>{% trans "This is a demo!" %}</strong> {% trans "Any data you add here will be wiped in 24hrs or less" %}
-              <button type="button"
-                      class="btn btn-sm btn-ghost absolute right-2 top-2"
-                      onclick="this.parentElement.style.display='none'"
-                      aria-label="Close">✕</button>
-            </div>
-          </div>
-        {% endif %}
-        <div id="content">
-          {% block content %}
-          {% endblock content %}
+  data-theme="{% if request.session.theme == 'wygiwyh_light' %}wygiwyh_light{% else %}wygiwyh_dark{% endif %}">
+
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>
+    {% filter site_title %}
+    {% block title %}
+    {% endblock title %}
+    {% endfilter %}
+  </title>
+  {% include 'includes/head/favicons.html' %}
+  {% progressive_web_app_meta %}
+  {# {% include 'includes/styles.html' %}#}
+  {% block extra_styles %}{% endblock %}
+  {% include 'includes/scripts.html' %}
+  {% block extra_js_head %}{% endblock %}
+</head>
+
+<body class="font-mono">
+  <div _="install htmx_error_handler
+            {% block body_hyperscript %}{% endblock %}" hx-headers='{"X-CSRFToken": "{{ csrf_token }}"}'>
+    {% include 'includes/mobile_navbar.html' %}
+    {% include 'includes/sidebar.html' %}
+    <main class="my-8 px-3">
+      {% settings "DEMO" as demo_mode %}
+      {% if demo_mode %}
+      <div class="px-3 m-0" id="demo-mode-alert" hx-preserve>
+        <div class="alert alert-warning my-3 relative" role="alert">
+          <strong>{% trans "This is a demo!" %}</strong> {% trans "Any data you add here will be wiped in 24hrs or less"
+          %}
+          <button type="button" class="btn btn-sm btn-ghost absolute right-2 top-1/2 -translate-y-1/2"
+            onclick="this.parentElement.style.display='none'" aria-label="Close">✕</button>
         </div>
-        {% include "includes/offcanvas.html" %}
-        {% include "includes/toasts.html" %}
-      </main>
-    </div>
-    {% include "includes/tools/calculator.html" %}
-    {% block extra_js_body %}
-    {% endblock extra_js_body %}
-  </body>
-</html>
+      </div>
+      {% endif %}
+      <div id="content">
+        {% block content %}
+        {% endblock content %}
+      </div>
+      {% include "includes/offcanvas.html" %}
+      {% include "includes/toasts.html" %}
+    </main>
+  </div>
+  {% include "includes/tools/calculator.html" %}
+  {% block extra_js_body %}
+  {% endblock extra_js_body %}
+</body>
+
+</html>

app/templates/monthly_overview/fragments/list.html

@@ -3,35 +3,46 @@
 {% regroup transactions by date|customnaturaldate as transactions_by_date %}
 
 <div id="transactions-list">
+  {% if late_transactions %}
+  <div id="late-transactions" class="transactions-divider"
+       x-data="{ open: sessionStorage.getItem('late-transactions') !== 'false' }"
+       x-init="if (sessionStorage.getItem('late-transactions') === null) sessionStorage.setItem('late-transactions', 'true')">
+      <div class="mt-3 mb-1 w-full border-b border-b-error/50 transactions-divider-title cursor-pointer">
+        <a class="no-underline inline-block w-full text-error font-semibold"
+           role="button"
+           @click="open = !open; sessionStorage.setItem('late-transactions', open)"
+           :aria-expanded="open">
+        <i class="fa-solid fa-circle-exclamation me-1"></i>{% translate "late" %}
+        </a>
+      </div>
+      <div class="transactions-divider-collapse overflow-visible isolation-auto"
+           x-show="open"
+           x-collapse>
+        <div class="flex flex-col">
+        {% for transaction in late_transactions %}
+          <c-transaction.item
+            :transaction="transaction"></c-transaction.item>
+        {% endfor %}
+        </div>
+      </div>
+    </div>
+  {% endif %}
+
   {% for x in transactions_by_date %}
     <div id="{{ x.grouper|slugify }}" class="transactions-divider"
-         _="on htmx:afterSwap from #transactions if sessionStorage.getItem(my id) is null then sessionStorage.setItem(my id, 'true')">
+         x-data="{ open: sessionStorage.getItem('{{ x.grouper|slugify }}') !== 'false' }"
+         x-init="if (sessionStorage.getItem('{{ x.grouper|slugify }}') === null) sessionStorage.setItem('{{ x.grouper|slugify }}', 'true')">
       <div class="mt-3 mb-1 w-full border-b border-b-base-content/30 transactions-divider-title cursor-pointer">
         <a class="no-underline inline-block w-full"
            role="button"
-           data-bs-toggle="collapse"
-           data-bs-target="#c-{{ x.grouper|slugify }}-collapse"
-           id="c-{{ x.grouper|slugify }}-collapsible"
-           aria-expanded="false"
-           aria-controls="c-{{ x.grouper|slugify }}-collapse">
+           @click="open = !open; sessionStorage.setItem('{{ x.grouper|slugify }}', open)"
+           :aria-expanded="open">
         {{ x.grouper }}
         </a>
       </div>
-      <div class="bs collapse transactions-divider-collapse overflow-visible isolation-auto" id="c-{{ x.grouper|slugify }}-collapse"
-           _="on shown.bs.collapse sessionStorage.setItem(the closest parent @id, 'true')
-              on hidden.bs.collapse sessionStorage.setItem(the closest parent @id, 'false')
-              on htmx:afterSettle from #transactions or toggle
-                set state to sessionStorage.getItem(the closest parent @id)
-                if state is 'true' or state is null
-                  add .show to me
-                  set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to true
-                else
-                  remove .show from me
-                  set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to false
-                end
-              on show
-                add .show to me
-                set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to true">
+      <div class="transactions-divider-collapse overflow-visible isolation-auto"
+           x-show="open"
+           x-collapse>
         <div class="flex flex-col">
         {% for transaction in x.list %}
           <c-transaction.item
@@ -42,10 +53,13 @@
     </div>
 
   {% empty %}
+    {% if not late_transactions %}
     <c-msg.empty
       title="{% translate 'No transactions this month' %}"
       subtitle="{% translate "Try adding one" %}"></c-msg.empty>
+    {% endif %}
   {% endfor %}
 {# Floating bar #}
   <c-ui.transactions-action-bar></c-ui.transactions-action-bar>
 </div>
+

app/templates/monthly_overview/fragments/monthly_summary.html

@@ -1,6 +1,7 @@
 {% load i18n %}
 {% load currency_display %}
 <div class="grid grid-cols-1 gap-4 mt-1 mb-3">
+  {% if not has_active_filter %}
   {#  Daily Spending#}
   <div>
     <c-ui.info-card color="yellow" icon="fa-solid fa-calendar-day" title="{% trans 'Daily Spending Allowance' %}" help_text={% trans "This is the final total divided by the remaining days in the month" %}>
@@ -34,6 +35,7 @@
         </div>
     </c-ui.info-card>
   </div>
+  {% endif %}
 {#  Income#}
   <div>
       <c-ui.info-card color="green" icon="fa-solid fa-arrow-right-to-bracket" title="{% trans 'Income' %}">

app/templates/monthly_overview/pages/overview.html

@@ -50,12 +50,13 @@
                  role="tab"
                  {% if summary_tab == 'summary' or not summary_tab %}checked="checked"{% endif %}
                  _="on click fetch {% url 'monthly_summary_select' selected='summary' %}"
-                 aria-controls="summary-tab-pane" />
+                 aria-controls="summary-tab-pane"/>
           <div class="tab-content" id="summary-tab-pane" role="tabpanel">
             <div id="summary"
                  hx-get="{% url 'monthly_summary' month=month year=year %}"
                  class="show-loading"
-                 hx-trigger="load, updated from:window, selective_update from:window, every 10m">
+                 hx-trigger="load, updated from:window, selective_update from:window, every 10m"
+                 hx-include="#filter">
             </div>
           </div>
 
@@ -68,7 +69,8 @@
             <div id="currency-summary"
                  hx-get="{% url 'monthly_currency_summary' month=month year=year %}"
                  class="show-loading"
-                 hx-trigger="load, updated from:window, selective_update from:window, every 10m">
+                 hx-trigger="load, updated from:window, selective_update from:window, every 10m"
+                 hx-include="#filter">
             </div>
           </div>
 
@@ -81,7 +83,8 @@
             <div id="account-summary"
                  hx-get="{% url 'monthly_account_summary' month=month year=year %}"
                  class="show-loading"
-                 hx-trigger="load, updated from:window, selective_update from:window, every 10m">
+                 hx-trigger="load, updated from:window, selective_update from:window, every 10m"
+                 hx-include="#filter">
             </div>
           </div>
         </div>
@@ -89,7 +92,7 @@
       </div>
       <div class="col-12 lg:col-8 lg:order-first! order-last!">
 
-        <div class="my-3">
+        <div class="my-3" x-data="{ filterOpen: false }" hx-preserve id="filter-container">
           {# Hidden select to hold the order value and preserve the original update trigger #}
           <select name="order" id="order" class="d-none" _="on change trigger updated on window">
             <option value="default" {% if order == 'default' %}selected{% endif %}>{% translate 'Default' %}</option>
@@ -100,11 +103,112 @@
           {# Main control bar with filter, search, and ordering #}
           <div class="join w-full">
 
-            <button class="btn btn-secondary join-item relative" type="button"
-                    data-bs-toggle="collapse" data-bs-target="#collapse-filter"
-                    aria-expanded="false" aria-controls="collapse-filter" id="filter-button" hx-preserve
-                    title="{% translate 'Filter transactions' %}">
+            <button class="btn btn-secondary join-item relative z-1" type="button"
+                    @click="filterOpen = !filterOpen"
+                    :aria-expanded="filterOpen" id="filter-button"
+                    title="{% translate 'Filter transactions' %}"
+                    _="on load or change from #filter
+                         -- Check if any filter has a non-default value
+                         set hasActiveFilter to false
+
+                         -- Check type (default is both IN and EX checked)
+                         set typeInputs to <input[name='type']:checked/> in #filter
+                         if typeInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check is_paid (default is both 1 and 0 checked)
+                         set isPaidInputs to <input[name='is_paid']:checked/> in #filter
+                         if isPaidInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check mute_status (default is both active and muted checked)
+                         set muteStatusInputs to <input[name='mute_status']:checked/> in #filter
+                         if muteStatusInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check description
+                         set descInput to #id_description
+                         if descInput exists and descInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check date_start
+                         set dateStartInput to #id_date_start
+                         if dateStartInput exists and dateStartInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check date_end
+                         set dateEndInput to #id_date_end
+                         if dateEndInput exists and dateEndInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check reference_date_start
+                         set refDateStartInput to #id_reference_date_start
+                         if refDateStartInput exists and refDateStartInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check reference_date_end
+                         set refDateEndInput to #id_reference_date_end
+                         if refDateEndInput exists and refDateEndInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check from_amount
+                         set fromAmountInput to #id_from_amount
+                         if fromAmountInput exists and fromAmountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check to_amount
+                         set toAmountInput to #id_to_amount
+                         if toAmountInput exists and toAmountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check account (TomSelect stores values differently)
+                         set accountInput to #id_account
+                         if accountInput exists and accountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check currency
+                         set currencyInput to #id_currency
+                         if currencyInput exists and currencyInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check category
+                         set categoryInput to #id_category
+                         if categoryInput exists and categoryInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check tags
+                         set tagsInput to #id_tags
+                         if tagsInput exists and tagsInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check entities
+                         set entitiesInput to #id_entities
+                         if entitiesInput exists and entitiesInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Show or hide the indicator
+                         if hasActiveFilter
+                           remove .hidden from #filter-active-indicator
+                         else
+                           add .hidden to #filter-active-indicator
+                         end">
               <i class="fa-solid fa-filter fa-fw"></i>
+              <span id="filter-active-indicator" class="absolute -top-1 -right-1 w-3 h-3 bg-error rounded-full hidden z-10"></span>
             </button>
 
             {# Search box #}
@@ -113,7 +217,6 @@
             <input type="search"
                    class="input input-bordered join-item flex-1"
                    placeholder="{% translate 'Search' %}"
-                   hx-preserve
                    id="quick-search"
                    _="on input or search or htmx:afterSwap from window
                          if my value is empty
@@ -165,7 +268,7 @@
           </div>
 
           {# Filter transactions form #}
-          <div class="bs collapse z-1" id="collapse-filter" hx-preserve>
+          <div class="z-1" x-show="filterOpen" x-collapse>
             <div class="card card-body bg-base-200 mt-2">
               <div class="text-right">
                 <button class="btn btn-outline btn-error btn-sm w-fit"

app/templates/rules/fragments/list.html

@@ -64,13 +64,13 @@
                   </div>
                 </td>
                 <td class="table-col-auto">
-                  <a class="no-underline"
+                  <a class="no-underline cursor-pointer"
                      role="button"
                      data-tippy-content="
                        {% if rule.active %}{% translate "Deactivate" %}{% else %}{% translate "Activate" %}{% endif %}"
                      hx-get="{% url 'transaction_rule_toggle_activity' transaction_rule_id=rule.id %}">
-                    {% if rule.active %}<i class="fa-solid fa-toggle-on text-green-400"></i>{% else %}
-                      <i class="fa-solid fa-toggle-off text-red-400"></i>{% endif %}
+                    {% if rule.active %}<i class="fa-solid fa-toggle-on text-success"></i>{% else %}
+                      <i class="fa-solid fa-toggle-off text-error"></i>{% endif %}
                   </a>
                 </td>
                 <td class="table-col-auto text-center">

app/templates/rules/fragments/transaction_rule/view.html

@@ -110,8 +110,7 @@
         </div>
       {% endfor %}
       </div>
-      <hr class="hr my-5">
-      <div class="grid grid-cols-1 lg:grid-cols-2 gap-2">
+      <div class="grid grid-cols-1 lg:grid-cols-2 gap-2 mt-5">
         <div class="dropdown">
           <button class="btn btn-secondary w-full" type="button" data-bs-toggle="dropdown"
                   aria-expanded="false">
@@ -138,7 +137,7 @@
         <div class="dropdown">
           <button class="btn btn-primary w-full" type="button" data-bs-toggle="dropdown"
                   aria-expanded="false">
-            <i class="fa-solid fa-circle-plus me-2"></i>{% translate 'Add new' %}
+            <i class="fa-solid fa-circle-plus me-2"></i>{% translate 'Add new action' %}
           </button>
           <ul class="dropdown-menu menu">
             <li><a role="link" href="#"

app/templates/transactions/fragments/list_all.html

@@ -3,35 +3,46 @@
 {% regroup page_obj by date|customnaturaldate as transactions_by_date %}
 
 <div id="transactions-list" class="show-loading">
+  {% if late_transactions %}
+  <div id="late-transactions" class="transactions-divider"
+       x-data="{ open: sessionStorage.getItem('late-transactions') !== 'false' }"
+       x-init="if (sessionStorage.getItem('late-transactions') === null) sessionStorage.setItem('late-transactions', 'true')">
+      <div class="mt-3 mb-1 w-full border-b border-b-error/50 transactions-divider-title cursor-pointer">
+        <a class="no-underline inline-block w-full text-error font-semibold"
+           role="button"
+           @click="open = !open; sessionStorage.setItem('late-transactions', open)"
+           :aria-expanded="open">
+        <i class="fa-solid fa-circle-exclamation me-1"></i>{% translate "late" %}
+        </a>
+      </div>
+      <div class="transactions-divider-collapse overflow-visible isolation-auto"
+           x-show="open"
+           x-collapse>
+        <div class="flex flex-col">
+        {% for transaction in late_transactions %}
+          <c-transaction.item
+            :transaction="transaction"></c-transaction.item>
+        {% endfor %}
+        </div>
+      </div>
+    </div>
+  {% endif %}
+
   {% for x in transactions_by_date %}
     <div id="{{ x.grouper|slugify }}" class="transactions-divider"
-         _="on htmx:afterSwap from #transactions if sessionStorage.getItem(my id) is null then sessionStorage.setItem(my id, 'true')">
+         x-data="{ open: sessionStorage.getItem('{{ x.grouper|slugify }}') !== 'false' }"
+         x-init="if (sessionStorage.getItem('{{ x.grouper|slugify }}') === null) sessionStorage.setItem('{{ x.grouper|slugify }}', 'true')">
       <div class="mt-3 mb-1 w-full border-b border-b-base-content/30 transactions-divider-title cursor-pointer">
         <a class="no-underline inline-block w-full"
            role="button"
-           data-bs-toggle="collapse"
-           data-bs-target="#c-{{ x.grouper|slugify }}-collapse"
-           id="c-{{ x.grouper|slugify }}-collapsible"
-           aria-expanded="false"
-           aria-controls="c-{{ x.grouper|slugify }}-collapse">
+           @click="open = !open; sessionStorage.setItem('{{ x.grouper|slugify }}', open)"
+           :aria-expanded="open">
         {{ x.grouper }}
         </a>
       </div>
-      <div class="bs collapse transactions-divider-collapse overflow-visible isolation-auto" id="c-{{ x.grouper|slugify }}-collapse"
-           _="on shown.bs.collapse sessionStorage.setItem(the closest parent @id, 'true')
-              on hidden.bs.collapse sessionStorage.setItem(the closest parent @id, 'false')
-              on htmx:afterSettle from #transactions or toggle
-                set state to sessionStorage.getItem(the closest parent @id)
-                if state is 'true' or state is null
-                  add .show to me
-                  set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to true
-                else
-                  remove .show from me
-                  set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to false
-                end
-              on show
-                add .show to me
-                set @aria-expanded of #c-{{ x.grouper|slugify }}-collapsible to true">
+      <div class="transactions-divider-collapse overflow-visible isolation-auto"
+           x-show="open"
+           x-collapse>
         <div class="flex flex-col">
         {% for transaction in x.list %}
           <c-transaction.item
@@ -42,9 +53,11 @@
     </div>
 
   {% empty %}
+    {% if not late_transactions %}
     <c-msg.empty
         title="{% translate "No transactions found" %}"
         subtitle="{% translate "Try adding one" %}"></c-msg.empty>
+    {% endif %}
   {% endfor %}
 
   {# Floating bar #}

app/templates/transactions/pages/transactions.html

@@ -41,7 +41,7 @@
       </div>
       <div class="col-12 lg:col-8 lg:order-first! order-last!">
 
-        <div>
+        <div x-data="{ filterOpen: false }" hx-preserve id="filter-container">
           {# Hidden select to hold the order value and preserve the original update trigger #}
           <select name="order" id="order" class="d-none" _="on change trigger updated on window">
             <option value="default" {% if order == 'default' %}selected{% endif %}>{% translate 'Default' %}</option>
@@ -52,11 +52,112 @@
           {# Main control bar with filter, search, and ordering #}
           <div class="join w-full">
 
-            <button class="btn btn-secondary join-item relative" type="button"
-                    data-bs-toggle="collapse" data-bs-target="#collapse-filter"
-                    aria-expanded="false" aria-controls="collapse-filter" id="filter-button" hx-preserve
-                    title="{% translate 'Filter transactions' %}">
+            <button class="btn btn-secondary join-item relative z-1" type="button"
+                    @click="filterOpen = !filterOpen"
+                    :aria-expanded="filterOpen" id="filter-button"
+                    title="{% translate 'Filter transactions' %}"
+                    _="on load or change from #filter
+                         -- Check if any filter has a non-default value
+                         set hasActiveFilter to false
+
+                         -- Check type (default is both IN and EX checked)
+                         set typeInputs to <input[name='type']:checked/> in #filter
+                         if typeInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check is_paid (default is both 1 and 0 checked)
+                         set isPaidInputs to <input[name='is_paid']:checked/> in #filter
+                         if isPaidInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check mute_status (default is both active and muted checked)
+                         set muteStatusInputs to <input[name='mute_status']:checked/> in #filter
+                         if muteStatusInputs.length is not 2
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check description
+                         set descInput to #id_description
+                         if descInput exists and descInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check date_start
+                         set dateStartInput to #id_date_start
+                         if dateStartInput exists and dateStartInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check date_end
+                         set dateEndInput to #id_date_end
+                         if dateEndInput exists and dateEndInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check reference_date_start
+                         set refDateStartInput to #id_reference_date_start
+                         if refDateStartInput exists and refDateStartInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check reference_date_end
+                         set refDateEndInput to #id_reference_date_end
+                         if refDateEndInput exists and refDateEndInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check from_amount
+                         set fromAmountInput to #id_from_amount
+                         if fromAmountInput exists and fromAmountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check to_amount
+                         set toAmountInput to #id_to_amount
+                         if toAmountInput exists and toAmountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check account (TomSelect stores values differently)
+                         set accountInput to #id_account
+                         if accountInput exists and accountInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check currency
+                         set currencyInput to #id_currency
+                         if currencyInput exists and currencyInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check category
+                         set categoryInput to #id_category
+                         if categoryInput exists and categoryInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check tags
+                         set tagsInput to #id_tags
+                         if tagsInput exists and tagsInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Check entities
+                         set entitiesInput to #id_entities
+                         if entitiesInput exists and entitiesInput.value is not ''
+                           set hasActiveFilter to true
+                         end
+
+                         -- Show or hide the indicator
+                         if hasActiveFilter
+                           remove .hidden from #filter-active-indicator
+                         else
+                           add .hidden to #filter-active-indicator
+                         end">
               <i class="fa-solid fa-filter fa-fw"></i>
+              <span id="filter-active-indicator" class="absolute -top-1 -right-1 w-3 h-3 bg-error rounded-full hidden z-10"></span>
             </button>
 
             {# Search box #}
@@ -65,7 +166,6 @@
             <input type="search"
                    class="input input-bordered join-item flex-1"
                    placeholder="{% translate 'Search' %}"
-                   hx-preserve
                    id="quick-search"
                    _="on input or search or htmx:afterSwap from window
                          if my value is empty
@@ -118,7 +218,7 @@
           </div>
 
           {# Filter transactions form #}
-          <div class="bs collapse z-1" id="collapse-filter" hx-preserve>
+          <div class="z-1" x-show="filterOpen" x-collapse>
             <div class="card card-body bg-base-200 mt-2">
               <div class="text-right">
                 <button class="btn btn-outline btn-error btn-sm w-fit"

docker-compose.dev.yml

@@ -2,6 +2,7 @@ volumes:
   wygiwyh_dev_postgres_data: {}
   wygiwyh_temp:
 
+
 services:
   web:
     build:

docker-compose.prod.yml

@@ -11,7 +11,7 @@ services:
     restart: unless-stopped
 
   db:
-    image: postgres:15
+    image: postgres:15-bookworm
     container_name: ${DB_NAME}
     restart: unless-stopped
     volumes:

docker/dev/django/Dockerfile

@@ -1,14 +1,4 @@
-FROM python:3.11-slim-bookworm AS python-build-stage
-
-RUN apt-get update && apt-get install --no-install-recommends -y \
-    build-essential \
-    libpq-dev \
-    && rm -rf /var/lib/apt/lists/*
-
-COPY ../requirements.txt .
-RUN pip wheel --wheel-dir /usr/src/app/wheels -r requirements.txt
-
-FROM python:3.11-slim-bookworm AS python-run-stage
+FROM ghcr.io/astral-sh/uv:python3.11-bookworm-slim
 
 ARG VERSION=dev
 ENV APP_VERSION=$VERSION
@@ -16,16 +6,17 @@ ENV APP_VERSION=$VERSION
 WORKDIR /usr/src/app
 
 ENV PYTHONDONTWRITEBYTECODE=1 \
-    PYTHONUNBUFFERED=1
-
-COPY --from=python-build-stage /usr/src/app/wheels /wheels/
+    PYTHONUNBUFFERED=1 \
+    UV_COMPILE_BYTECODE=1 \
+    UV_LINK_MODE=copy \
+    UV_PROJECT_ENVIRONMENT=/opt/venv
 
 RUN apt-get update && \
     apt-get install --no-install-recommends -y gettext supervisor && \
-    rm -rf /var/lib/apt/lists/* && \
-    pip install --upgrade pip && \
-    pip install --no-cache-dir --no-index --find-links=/wheels/ /wheels/* && \
-    rm -rf /wheels/ ~/.cache/pip/*
+    rm -rf /var/lib/apt/lists/*
+
+COPY pyproject.toml uv.lock ./
+RUN uv sync --frozen --no-install-project --no-dev
 
 COPY ./docker/dev/django/start /start
 COPY ./docker/dev/procrastinate/start /start-procrastinate
@@ -40,6 +31,8 @@ RUN sed -i 's/\r$//g' /start && \
     sed -i 's/\r$//g' /start-supervisor && \
     chmod +x /start-supervisor
 
+ENV PATH="/opt/venv/bin:$PATH"
+
 COPY ./app .
 
 CMD ["/start-supervisor"]