Merge pull request #497 from icovada/pagination_simplification

refactor(api): apply CustomNumberPagination to all API views

.dockerignore

@@ -0,0 +1 @@
+__pycache__/

.github/workflows/release.yml

@@ -12,7 +12,7 @@ on:
         required: true
         type: string
       ref:
-        description: 'Git ref to checkout (branch, tag, or SHA)'
+        description: 'Git ref to checkout'
         required: true
         default: 'main'
         type: string
@@ -29,73 +29,57 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
+      packages: write # Needed if you switch to GHCR, good practice
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          ref: ${{ github.event.inputs.ref }}
-        if: github.event_name == 'workflow_dispatch'
-
-      - name: Checkout code (non-manual)
-        uses: actions/checkout@v4
-        if: github.event_name != 'workflow_dispatch'
+          ref: ${{ inputs.ref || github.ref }}
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
+      # This action handles all the logic for tags (nightly vs release vs custom)
+      - name: Docker Metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
+          tags: |
+            # Logic for Push to Main -> nightly
+            type=raw,value=nightly,enable=${{ github.event_name == 'push' }}
+            # Logic for Release -> semver and latest
+            type=semver,pattern={{version}},enable=${{ github.event_name == 'release' }}
+            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+            # Logic for Manual Dispatch -> custom input
+            type=raw,value=${{ inputs.tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Build and push nightly image
-        if: github.event_name == 'push'
+      - name: Build and push
         uses: docker/build-push-action@v6
         with:
           context: .
           file: ./docker/prod/django/Dockerfile
           push: true
           provenance: false
+          # Pass the calculated tags from the meta step
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
           build-args: |
-            VERSION=nightly
-          tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:nightly
+            VERSION=${{ steps.meta.outputs.version }}
           platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
 
-      - name: Build and push release image
-        if: github.event_name == 'release'
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: ./docker/prod/django/Dockerfile
-          push: true
-          provenance: false
-          build-args: |
-            VERSION=${{ github.event.release.tag_name }}
-          tags: |
-            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
-            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }}
-          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-      - name: Build and push custom image
-        if: github.event_name == 'workflow_dispatch'
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: ./docker/prod/django/Dockerfile
-          push: true
-          provenance: false
-          build-args: |
-            VERSION=${{ github.event.inputs.tag }}
-          tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.tag }}
-          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          # --- CACHE CONFIGURATION ---
+          # We set a specific 'scope' key.
+          # This allows the Release tag to see the cache created by the Main branch.
+          cache-from: type=gha,scope=build-cache
+          cache-to: type=gha,mode=max,scope=build-cache

.github/workflows/translations.yml

@@ -32,15 +32,16 @@ jobs:
           token: ${{ secrets.PAT }}
           ref: ${{ github.head_ref }}
 
-      - name: Set up Python 3.11
-        uses: actions/setup-python@v4
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.11'
+          enable-cache: true
+
+      - name: Set up Python 3.11
+        run: uv python install 3.11
 
       - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install -r requirements.txt
+        run: uv sync --frozen --no-dev
 
       - name: Install gettext
         run: sudo apt-get install -y gettext
@@ -48,7 +49,7 @@ jobs:
       - name: Run makemessages
         run: |
           cd app
-          python manage.py makemessages -a
+          uv run python manage.py makemessages -a
 
       - name: Check for changes
         id: check_changes

.gitignore

@@ -123,6 +123,7 @@ celerybeat.pid
 
 # Environments
 .env
+.prod.env
 .venv
 env/
 venv/
@@ -160,3 +161,7 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 .idea/
+
+node_modules/
+postgres_data/
+.prod.env

.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+    "djlint.showInstallError": false,
+    "files.associations": {
+        "*.css": "tailwindcss"
+    },
+    "tailwindCSS.experimental.configFile": "frontend/src/styles/tailwind.css",
+    "djlint.profile": "django",
+}

README.md

@@ -13,6 +13,7 @@
   <a href="#key-features">Features</a> •
   <a href="#how-to-use">Usage</a> •
   <a href="#how-it-works">How</a> •
+  <a href="#mcp-server">MCP Server</a> •
   <a href="#help-us-translate-wygiwyh">Translate</a> •
   <a href="#caveats-and-warnings">Caveats and Warnings</a> •
   <a href="#built-with">Built with</a>
@@ -126,6 +127,7 @@ To create the first user, open the container's console using Unraid's UI, by cli
 
 | variable                      | type        | default                           | explanation                                                                                                                                                                                                                              |
 |-------------------------------|-------------|-----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| INTERNAL_PORT                 | int         | 8000                              | The port on which the app listens on. Defaults to 8000 if not set.                                                                                                                                                                       |
 | DJANGO_ALLOWED_HOSTS          | string      | localhost 127.0.0.1               | A list of space separated domains and IPs representing the host/domain names that WYGIWYH site can serve. [Click here](https://docs.djangoproject.com/en/5.1/ref/settings/#allowed-hosts) for more details                               |
 | HTTPS_ENABLED                 | true\|false | false                             | Whether to use secure cookies. If this is set to true, the cookie will be marked as “secure”, which means browsers may ensure that the cookie is only sent under an HTTPS connection                                                     |
 | URL                           | string      | http://localhost http://127.0.0.1 | A list of space separated domains and IPs (with the protocol) representing the trusted origins for unsafe requests (e.g. POST). [Click here](https://docs.djangoproject.com/en/5.1/ref/settings/#csrf-trusted-origins ) for more details |
@@ -143,7 +145,10 @@ To create the first user, open the container's console using Unraid's UI, by cli
 | DEMO                          | true\|false | false                             | If demo mode is enabled.                                                                                                                                                                                                                 |
 | ADMIN_EMAIL                   | string      | None                              | Automatically creates an admin account with this email. Must have `ADMIN_PASSWORD` also set.                                                                                                                                             |
 | ADMIN_PASSWORD                | string      | None                              | Automatically creates an admin account with this password. Must have `ADMIN_EMAIL` also set.                                                                                                                                             |
-| CHECK_FOR_UPDATES             | bool        | true                              | Check and notify users about new versions. The check is done by doing a single query to Github's API every 12 hours.                                                                                  |
+| CHECK_FOR_UPDATES             | true\|false | true                              | Check and notify users about new versions. The check is done by doing a single query to Github's API every 12 hours.                                                                                                                     |
+| DJANGO_VITE_DEV_MODE          | true\|false | false                             | Enables Vite dev server mode for frontend development. When true, assets are served from Vite's dev server instead of the build manifest. For development only!                                                                          |
+| DJANGO_VITE_DEV_SERVER_PORT   | int         | 5173                              | The port where Vite's dev server is running. Only used when DJANGO_VITE_DEV_MODE is true. For development only!                                                                                                                          |
+| DJANGO_VITE_DEV_SERVER_HOST   | string      | localhost                         | The host where Vite's dev server is running. Only used when DJANGO_VITE_DEV_MODE is true. For development only!                                                                                                                          |
 
 ## OIDC Configuration
 
@@ -182,6 +187,10 @@ Check out our [Wiki](https://github.com/eitchtee/WYGIWYH/wiki) for more informat
 > [!NOTE]
 > Login with your github account
 
+# MCP Server
+
+[IZIme07](https://github.com/IZIme07) has kindly created an MCP Server for WYGIWYH that you can self-host. [Check it out at MCP-WYGIWYH](https://github.com/ReNewator/MCP-WYGIWYH)!
+
 # Caveats and Warnings
 
 - I'm not an accountant, some terms and even calculations might be wrong. Make sure to open an issue if you see anything that could be improved.

app/WYGIWYH/settings.py

@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/5.1/ref/settings/
 """
 
 import os
+import re
 import sys
 from pathlib import Path
 
@@ -46,7 +47,7 @@ INSTALLED_APPS = [
     "django.contrib.sites",
     "whitenoise.runserver_nostatic",
     "django.contrib.staticfiles",
-    "webpack_boilerplate",
+    "django_vite",
     "django.contrib.humanize",
     "django.contrib.postgres",
     "django_browser_reload",
@@ -69,6 +70,7 @@ INSTALLED_APPS = [
     "apps.api.apps.ApiConfig",
     "cachalot",
     "rest_framework",
+    "rest_framework.authtoken",
     "drf_spectacular",
     "django_cotton",
     "apps.rules.apps.RulesConfig",
@@ -128,12 +130,23 @@ STORAGES = {
 
 WHITENOISE_MANIFEST_STRICT = False
 
+
+def immutable_file_test(path, url):
+    # Match vite (rollup)-generated hashes, à la, `some_file-CSliV9zW.js`
+    return re.match(r"^.+[.-][0-9a-zA-Z_-]{8,12}\..+$", url)
+
+
+WHITENOISE_IMMUTABLE_FILE_TEST = immutable_file_test
+
 WSGI_APPLICATION = "WYGIWYH.wsgi.application"
 
 
 # Database
 # https://docs.djangoproject.com/en/5.1/ref/settings/#databases
 
+THREADS = int(os.getenv("GUNICORN_THREADS", 1))
+MAX_POOL_SIZE = THREADS + 1
+
 DATABASES = {
     "default": {
         "ENGINE": "django.db.backends.postgresql",
@@ -142,6 +155,17 @@ DATABASES = {
         "PASSWORD": os.getenv("SQL_PASSWORD", "password"),
         "HOST": os.getenv("SQL_HOST", "localhost"),
         "PORT": os.getenv("SQL_PORT", "5432"),
+        "CONN_MAX_AGE": 0,
+        "CONN_HEALTH_CHECKS": True,
+        "OPTIONS": {
+            "pool": {
+                "min_size": 1,
+                "max_size": MAX_POOL_SIZE,
+                "timeout": 10,
+                "max_lifetime": 600,
+                "max_idle": 300,
+            },
+        },
     }
 }
 
@@ -289,7 +313,7 @@ STATIC_URL = "static/"
 STATIC_ROOT = BASE_DIR / "static_files"
 
 STATICFILES_DIRS = [
-    ROOT_DIR / "frontend/build",
+    ROOT_DIR / "frontend" / "build",
     BASE_DIR / "static",
 ]
 
@@ -305,9 +329,11 @@ CACHES = {
     }
 }
 
-WEBPACK_LOADER = {
-    "MANIFEST_FILE": ROOT_DIR / "frontend/build/manifest.json",
-}
+DJANGO_VITE_ASSETS_PATH = STATIC_ROOT
+DJANGO_VITE_MANIFEST_PATH = DJANGO_VITE_ASSETS_PATH / "manifest.json"
+DJANGO_VITE_DEV_MODE = os.getenv("DJANGO_VITE_DEV_MODE", "false").lower() == "true"
+DJANGO_VITE_DEV_SERVER_PORT = int(os.getenv("DJANGO_VITE_DEV_SERVER_PORT", "5173"))
+DJANGO_VITE_DEV_SERVER_HOST = os.getenv("DJANGO_VITE_DEV_SERVER_HOST", "localhost")
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.1/ref/settings/#default-auto-field
@@ -354,8 +380,11 @@ ACCOUNT_ADAPTER = "allauth.account.adapter.DefaultAccountAdapter"
 SOCIALACCOUNT_ADAPTER = "allauth.socialaccount.adapter.DefaultSocialAccountAdapter"
 
 # CRISPY FORMS
-CRISPY_ALLOWED_TEMPLATE_PACKS = ["bootstrap5", "crispy_forms/pure_text"]
-CRISPY_TEMPLATE_PACK = "bootstrap5"
+CRISPY_ALLOWED_TEMPLATE_PACKS = [
+    "crispy_forms/pure_text",
+    "crispy-daisyui",
+]
+CRISPY_TEMPLATE_PACK = "crispy-daisyui"
 
 SESSION_EXPIRE_AT_BROWSER_CLOSE = False
 SESSION_COOKIE_AGE = int(os.getenv("SESSION_EXPIRY_TIME", 2678400))  # 31 days
@@ -379,7 +408,7 @@ DEBUG_TOOLBAR_PANELS = [
     "debug_toolbar.panels.signals.SignalsPanel",
     "debug_toolbar.panels.redirects.RedirectsPanel",
     "debug_toolbar.panels.profiling.ProfilingPanel",
-    "cachalot.panels.CachalotPanel",
+    # "cachalot.panels.CachalotPanel",
 ]
 INTERNAL_IPS = [
     "127.0.0.1",
@@ -405,8 +434,16 @@ REST_FRAMEWORK = {
         "apps.api.permissions.NotInDemoMode",
         "rest_framework.permissions.DjangoModelPermissions",
     ],
-    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
-    "PAGE_SIZE": 10,
+    'DEFAULT_FILTER_BACKENDS': [
+        'django_filters.rest_framework.DjangoFilterBackend',
+        'rest_framework.filters.OrderingFilter',
+    ],
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.TokenAuthentication',
+    ],
+    "DEFAULT_PAGINATION_CLASS": "apps.api.custom.pagination.CustomPageNumberPagination",
     "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
 }
 

app/apps/accounts/forms.py

@@ -1,21 +1,21 @@
-from crispy_bootstrap5.bootstrap5 import Switch
+from apps.accounts.models import Account, AccountGroup
+from apps.common.fields.forms.dynamic_select import (
+    DynamicModelChoiceField,
+    DynamicModelMultipleChoiceField,
+)
+from apps.common.widgets.crispy.daisyui import Switch
+from apps.common.widgets.crispy.submit import NoClassSubmit
+from apps.common.widgets.decimal import ArbitraryDecimalDisplayNumberInput
+from apps.common.widgets.tom_select import TomSelect
+from apps.currencies.models import Currency
+from apps.transactions.models import TransactionCategory, TransactionTag
 from crispy_forms.bootstrap import FormActions
 from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Field, Column, Row
+from crispy_forms.layout import Column, Field, Layout, Row
 from django import forms
+from django.db.models import Q
 from django.utils.translation import gettext_lazy as _
 
-from apps.accounts.models import Account
-from apps.accounts.models import AccountGroup
-from apps.common.fields.forms.dynamic_select import (
-    DynamicModelMultipleChoiceField,
-    DynamicModelChoiceField,
-)
-from apps.common.widgets.crispy.submit import NoClassSubmit
-from apps.common.widgets.tom_select import TomSelect
-from apps.transactions.models import TransactionCategory, TransactionTag
-from apps.common.widgets.decimal import ArbitraryDecimalDisplayNumberInput
-
 
 class AccountGroupForm(forms.ModelForm):
     class Meta:
@@ -36,17 +36,13 @@ class AccountGroupForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -79,6 +75,18 @@ class AccountForm(forms.ModelForm):
 
         self.fields["group"].queryset = AccountGroup.objects.all()
 
+        if self.instance.id:
+            qs = Currency.objects.filter(
+                Q(is_archived=False) | Q(accounts=self.instance.id)
+            ).distinct()
+            self.fields["currency"].queryset = qs
+            self.fields["exchange_currency"].queryset = qs
+
+        else:
+            qs = Currency.objects.filter(Q(is_archived=False))
+            self.fields["currency"].queryset = qs
+            self.fields["exchange_currency"].queryset = qs
+
         self.helper = FormHelper()
         self.helper.form_tag = False
         self.helper.form_method = "post"
@@ -94,17 +102,13 @@ class AccountForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -142,9 +146,8 @@ class AccountBalanceForm(forms.Form):
         self.helper.layout = Layout(
             "new_balance",
             Row(
-                Column("category", css_class="form-group col-md-6 mb-0"),
-                Column("tags", css_class="form-group col-md-6 mb-0"),
-                css_class="form-row",
+                Column("category"),
+                Column("tags"),
             ),
             Field("account_id"),
         )

app/apps/accounts/migrations/0016_account_untracked_by.py

@@ -0,0 +1,20 @@
+# Generated by Django 5.2.4 on 2025-08-09 05:52
+
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0015_alter_account_owner_alter_account_shared_with_and_more'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='account',
+            name='untracked_by',
+            field=models.ManyToManyField(blank=True, related_name='untracked_accounts', to=settings.AUTH_USER_MODEL),
+        ),
+    ]

app/apps/accounts/models.py

@@ -1,11 +1,11 @@
 from django.conf import settings
 from django.core.exceptions import ValidationError
 from django.db import models
-from django.db.models import Q
 from django.utils.translation import gettext_lazy as _
 
-from apps.transactions.models import Transaction
+from apps.common.middleware.thread_local import get_current_user
 from apps.common.models import SharedObject, SharedObjectManager
+from apps.transactions.models import Transaction
 
 
 class AccountGroup(SharedObject):
@@ -62,6 +62,11 @@ class Account(SharedObject):
         verbose_name=_("Archived"),
         help_text=_("Archived accounts don't show up nor count towards your net worth"),
     )
+    untracked_by = models.ManyToManyField(
+        settings.AUTH_USER_MODEL,
+        blank=True,
+        related_name="untracked_accounts",
+    )
 
     objects = SharedObjectManager()
     all_objects = models.Manager()  # Unfiltered manager
@@ -75,6 +80,10 @@ class Account(SharedObject):
     def __str__(self):
         return self.name
 
+    def is_untracked_by(self):
+        user = get_current_user()
+        return self.untracked_by.filter(pk=user.pk).exists()
+
     def clean(self):
         super().clean()
         if self.exchange_currency == self.currency:

app/apps/accounts/services.py

@@ -0,0 +1,33 @@
+from decimal import Decimal
+
+from django.db import models
+
+from apps.accounts.models import Account
+from apps.transactions.models import Transaction
+
+
+def get_account_balance(account: Account, paid_only: bool = True) -> Decimal:
+    """
+    Calculate account balance (income - expense).
+
+    Args:
+        account: Account instance to calculate balance for.
+        paid_only: If True, only count paid transactions (current balance).
+                   If False, count all transactions (projected balance).
+
+    Returns:
+        Decimal: The calculated balance (income - expense).
+    """
+    filters = {"account": account}
+    if paid_only:
+        filters["is_paid"] = True
+
+    income = Transaction.objects.filter(
+        type=Transaction.Type.INCOME, **filters
+    ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
+
+    expense = Transaction.objects.filter(
+        type=Transaction.Type.EXPENSE, **filters
+    ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
+
+    return income - expense

app/apps/accounts/tests.py

@@ -1,3 +1,5 @@
+from datetime import date
+
 from django.test import TestCase
 
 from apps.accounts.models import Account, AccountGroup
@@ -39,3 +41,135 @@ class AccountTests(TestCase):
             exchange_currency=self.exchange_currency,
         )
         self.assertEqual(account.exchange_currency, self.exchange_currency)
+
+
+class GetAccountBalanceServiceTests(TestCase):
+    """Tests for the get_account_balance service function"""
+
+    def setUp(self):
+        """Set up test data"""
+        from apps.transactions.models import Transaction
+        self.Transaction = Transaction
+        
+        self.currency = Currency.objects.create(
+            code="BRL", name="Brazilian Real", decimal_places=2, prefix="R$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Service Test Group")
+        self.account = Account.objects.create(
+            name="Service Test Account", group=self.account_group, currency=self.currency
+        )
+
+    def test_balance_with_no_transactions(self):
+        """Test balance is 0 when no transactions exist"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        balance = get_account_balance(self.account, paid_only=True)
+        self.assertEqual(balance, Decimal("0"))
+
+    def test_current_balance_only_counts_paid(self):
+        """Test current balance only counts paid transactions"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        # Paid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        # Unpaid income (should not count)
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid income",
+        )
+        # Paid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("30.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid expense",
+        )
+
+        balance = get_account_balance(self.account, paid_only=True)
+        self.assertEqual(balance, Decimal("70.00"))  # 100 - 30
+
+    def test_projected_balance_counts_all(self):
+        """Test projected balance counts all transactions"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        # Paid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        # Unpaid income
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid income",
+        )
+        # Paid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("30.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid expense",
+        )
+        # Unpaid expense
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.EXPENSE,
+            amount=Decimal("20.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid expense",
+        )
+
+        balance = get_account_balance(self.account, paid_only=False)
+        self.assertEqual(balance, Decimal("100.00"))  # (100 + 50) - (30 + 20)
+
+    def test_balance_defaults_to_paid_only(self):
+        """Test that paid_only defaults to True"""
+        from apps.accounts.services import get_account_balance
+        from decimal import Decimal
+        
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid",
+        )
+        self.Transaction.objects.create(
+            account=self.account,
+            type=self.Transaction.Type.INCOME,
+            amount=Decimal("50.00"),
+            is_paid=False,
+            date=date(2025, 1, 1),
+            description="Unpaid",
+        )
+
+        balance = get_account_balance(self.account)  # defaults to paid_only=True
+        self.assertEqual(balance, Decimal("100.00"))
+

app/apps/accounts/urls.py

@@ -31,6 +31,11 @@ urlpatterns = [
         views.account_take_ownership,
         name="account_take_ownership",
     ),
+    path(
+        "account/<int:pk>/toggle-untracked/",
+        views.account_toggle_untracked,
+        name="account_toggle_untracked",
+    ),
     path("account-groups/", views.account_groups_index, name="account_groups_index"),
     path("account-groups/list/", views.account_groups_list, name="account_groups_list"),
     path("account-groups/add/", views.account_group_add, name="account_group_add"),

app/apps/accounts/views/account_groups.py

@@ -25,7 +25,7 @@ def account_groups_index(request):
 @login_required
 @require_http_methods(["GET"])
 def account_groups_list(request):
-    account_groups = AccountGroup.objects.all().order_by("id")
+    account_groups = AccountGroup.objects.all().order_by("name")
     return render(
         request,
         "account_groups/fragments/list.html",

app/apps/accounts/views/accounts.py

@@ -25,7 +25,7 @@ def accounts_index(request):
 @login_required
 @require_http_methods(["GET"])
 def accounts_list(request):
-    accounts = Account.objects.all().order_by("id")
+    accounts = Account.objects.all().order_by("name")
     return render(
         request,
         "accounts/fragments/list.html",
@@ -155,6 +155,26 @@ def account_delete(request, pk):
     )
 
 
+@only_htmx
+@login_required
+@require_http_methods(["GET"])
+def account_toggle_untracked(request, pk):
+    account = get_object_or_404(Account, id=pk)
+    if account.is_untracked_by():
+        account.untracked_by.remove(request.user)
+        messages.success(request, _("Account is now tracked"))
+    else:
+        account.untracked_by.add(request.user)
+        messages.success(request, _("Account is now untracked"))
+
+    return HttpResponse(
+        status=204,
+        headers={
+            "HX-Trigger": "updated",
+        },
+    )
+
+
 @only_htmx
 @login_required
 @require_http_methods(["GET"])

app/apps/accounts/views/balance.py

@@ -11,23 +11,13 @@ from django.utils.translation import gettext_lazy as _
 
 from apps.accounts.forms import AccountBalanceFormSet
 from apps.accounts.models import Account, Transaction
+from apps.accounts.services import get_account_balance
 from apps.common.decorators.htmx import only_htmx
 
 
 @only_htmx
 @login_required
 def account_reconciliation(request):
-    def get_account_balance(account):
-        income = Transaction.objects.filter(
-            account=account, type=Transaction.Type.INCOME, is_paid=True
-        ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
-
-        expense = Transaction.objects.filter(
-            account=account, type=Transaction.Type.EXPENSE, is_paid=True
-        ).aggregate(total=models.Sum("amount"))["total"] or Decimal("0")
-
-        return income - expense
-
     initial_data = [
         {
             "account_id": account.id,

app/apps/api/fields/transactions.py

@@ -10,15 +10,19 @@ from apps.transactions.models import (
 
 @extend_schema_field(
     {
-        "oneOf": [{"type": "string"}, {"type": "integer"}],
-        "description": "TransactionCategory ID or name. If the name doesn't exist, a new one will be created",
+        "oneOf": [{"type": "string"}, {"type": "integer"}, {"type": "null"}],
+        "description": "TransactionCategory ID or name. If the name doesn't exist, a new one will be created. Can be null if no category is assigned.",
     }
 )
 class TransactionCategoryField(serializers.Field):
     def to_representation(self, value):
+        if value is None:
+            return None
         return {"id": value.id, "name": value.name}
 
     def to_internal_value(self, data):
+        if data is None:
+            return None
         if isinstance(data, int):
             try:
                 return TransactionCategory.objects.get(pk=data)

app/apps/api/serializers/__init__.py

@@ -2,3 +2,5 @@ from .transactions import *
 from .accounts import *
 from .currencies import *
 from .dca import *
+from .imports import *
+

app/apps/api/serializers/accounts.py

@@ -67,3 +67,12 @@ class AccountSerializer(serializers.ModelSerializer):
             setattr(instance, attr, value)
         instance.save()
         return instance
+
+
+class AccountBalanceSerializer(serializers.Serializer):
+    """Serializer for account balance response."""
+
+    current_balance = serializers.DecimalField(max_digits=20, decimal_places=10)
+    projected_balance = serializers.DecimalField(max_digits=20, decimal_places=10)
+    currency = CurrencySerializer()
+

app/apps/api/serializers/imports.py

@@ -0,0 +1,41 @@
+from rest_framework import serializers
+
+from apps.import_app.models import ImportProfile, ImportRun
+
+
+class ImportProfileSerializer(serializers.ModelSerializer):
+    """Serializer for listing import profiles."""
+
+    class Meta:
+        model = ImportProfile
+        fields = ["id", "name", "version", "yaml_config"]
+
+
+class ImportRunSerializer(serializers.ModelSerializer):
+    """Serializer for listing import runs."""
+
+    class Meta:
+        model = ImportRun
+        fields = [
+            "id",
+            "status",
+            "profile",
+            "file_name",
+            "logs",
+            "processed_rows",
+            "total_rows",
+            "successful_rows",
+            "skipped_rows",
+            "failed_rows",
+            "started_at",
+            "finished_at",
+        ]
+
+
+class ImportFileSerializer(serializers.Serializer):
+    """Serializer for uploading a file to import using an existing profile."""
+
+    profile_id = serializers.PrimaryKeyRelatedField(
+        queryset=ImportProfile.objects.all(), source="profile"
+    )
+    file = serializers.FileField()

app/apps/api/serializers/transactions.py

@@ -138,6 +138,7 @@ class RecurringTransactionSerializer(serializers.ModelSerializer):
     def update(self, instance, validated_data):
         instance = super().update(instance, validated_data)
         instance.update_unpaid_transactions()
+        instance.generate_upcoming_transactions()
         return instance
 
 

app/apps/api/tests/__init__.py

@@ -0,0 +1,5 @@
+# Import all test classes for Django test discovery
+from .test_imports import *
+from .test_accounts import *
+from .test_data_isolation import *
+from .test_shared_access import *

app/apps/api/tests/test_accounts.py

@@ -0,0 +1,99 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.transactions.models import Transaction
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountBalanceAPITests(TestCase):
+    """Tests for the Account Balance API endpoint"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account", group=self.account_group, currency=self.currency
+        )
+
+        # Create some transactions
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("500.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Paid income",
+        )
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("200.00"),
+            is_paid=False,
+            date=date(2025, 1, 15),
+            description="Unpaid income",
+        )
+        Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 10),
+            description="Paid expense",
+        )
+
+    def test_get_balance_success(self):
+        """Test successful balance retrieval"""
+        response = self.client.get(f"/api/accounts/{self.account.id}/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn("current_balance", response.data)
+        self.assertIn("projected_balance", response.data)
+        self.assertIn("currency", response.data)
+
+        # Current: 500 - 100 = 400
+        self.assertEqual(Decimal(response.data["current_balance"]), Decimal("400.00"))
+        # Projected: (500 + 200) - 100 = 600
+        self.assertEqual(Decimal(response.data["projected_balance"]), Decimal("600.00"))
+
+        # Check currency data
+        self.assertEqual(response.data["currency"]["code"], "USD")
+
+    def test_get_balance_nonexistent_account(self):
+        """Test balance for non-existent account returns 404"""
+        response = self.client.get("/api/accounts/99999/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_get_balance_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get(
+            f"/api/accounts/{self.account.id}/balance/"
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

app/apps/api/tests/test_data_isolation.py

@@ -0,0 +1,719 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.dca.models import DCAStrategy, DCAEntry
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+    TransactionEntity,
+    InstallmentPlan,
+    RecurringTransaction,
+)
+
+
+ACCESS_DENIED_CODES = [status.HTTP_403_FORBIDDEN, status.HTTP_404_NOT_FOUND]
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' accounts."""
+
+    def setUp(self):
+        """Set up test data with two distinct users."""
+        User = get_user_model()
+
+        # User 1 - the requester
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        # User 2 - owner of data that user1 should NOT access
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        # Shared currency
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account
+        self.user1_account_group = AccountGroup.all_objects.create(
+            name="User1 Group", owner=self.user1
+        )
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account",
+            group=self.user1_account_group,
+            currency=self.currency,
+            owner=self.user1,
+        )
+
+        # User 2's account (private, should be invisible to user1)
+        self.user2_account_group = AccountGroup.all_objects.create(
+            name="User2 Group", owner=self.user2
+        )
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account",
+            group=self.user2_account_group,
+            currency=self.currency,
+            owner=self.user2,
+        )
+
+    def test_user_cannot_see_other_users_accounts_in_list(self):
+        """GET /api/accounts/ should only return user's own accounts."""
+        response = self.client1.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        # User1 should only see their own account
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.user1_account.id, account_ids)
+        self.assertNotIn(self.user2_account.id, account_ids)
+
+    def test_user_cannot_access_other_users_account_detail(self):
+        """GET /api/accounts/{id}/ should deny access to other user's account."""
+        response = self.client1.get(f"/api/accounts/{self.user2_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_account(self):
+        """PATCH on other user's account should deny access."""
+        response = self.client1.patch(
+            f"/api/accounts/{self.user2_account.id}/",
+            {"name": "Hacked Account"},
+        )
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        # Verify account name wasn't changed
+        self.user2_account.refresh_from_db()
+        self.assertEqual(self.user2_account.name, "User2 Account")
+
+    def test_user_cannot_delete_other_users_account(self):
+        """DELETE on other user's account should deny access."""
+        response = self.client1.delete(f"/api/accounts/{self.user2_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        # Verify account still exists
+        self.assertTrue(Account.all_objects.filter(id=self.user2_account.id).exists())
+
+    def test_user_cannot_get_balance_of_other_users_account(self):
+        """Balance action on other user's account should deny access."""
+        response = self.client1.get(f"/api/accounts/{self.user2_account.id}/balance/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_access_own_account(self):
+        """User can access their own account normally."""
+        response = self.client1.get(f"/api/accounts/{self.user1_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "User1 Account")
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class AccountGroupDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' account groups."""
+
+    def setUp(self):
+        """Set up test data with two distinct users."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        # User 1's account group
+        self.user1_group = AccountGroup.all_objects.create(
+            name="User1 Group", owner=self.user1
+        )
+
+        # User 2's account group
+        self.user2_group = AccountGroup.all_objects.create(
+            name="User2 Group", owner=self.user2
+        )
+
+    def test_user_cannot_see_other_users_account_groups(self):
+        """GET /api/account-groups/ should only return user's own groups."""
+        response = self.client1.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [grp["id"] for grp in response.data["results"]]
+        self.assertIn(self.user1_group.id, group_ids)
+        self.assertNotIn(self.user2_group.id, group_ids)
+
+    def test_user_cannot_access_other_users_account_group_detail(self):
+        """GET /api/account-groups/{id}/ should deny access to other user's group."""
+        response = self.client1.get(f"/api/account-groups/{self.user2_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_account_group(self):
+        """PATCH on other user's account group should deny access."""
+        response = self.client1.patch(
+            f"/api/account-groups/{self.user2_group.id}/",
+            {"name": "Hacked Group"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.user2_group.refresh_from_db()
+        self.assertEqual(self.user2_group.name, "User2 Group")
+
+    def test_user_cannot_delete_other_users_account_group(self):
+        """DELETE on other user's account group should deny access."""
+        response = self.client1.delete(f"/api/account-groups/{self.user2_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            AccountGroup.all_objects.filter(id=self.user2_group.id).exists()
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class TransactionDataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' transactions."""
+
+    def setUp(self):
+        """Set up test data with transactions for two distinct users."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account and transaction
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account", currency=self.currency, owner=self.user1
+        )
+        self.user1_transaction = Transaction.userless_all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="User1 Income",
+            owner=self.user1,
+        )
+
+        # User 2's account and transaction
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account", currency=self.currency, owner=self.user2
+        )
+        self.user2_transaction = Transaction.userless_all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="User2 Expense",
+            owner=self.user2,
+        )
+
+    def test_user_cannot_see_other_users_transactions_in_list(self):
+        """GET /api/transactions/ should only return user's own transactions."""
+        response = self.client1.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.user1_transaction.id, transaction_ids)
+        self.assertNotIn(self.user2_transaction.id, transaction_ids)
+
+    def test_user_cannot_access_other_users_transaction_detail(self):
+        """GET /api/transactions/{id}/ should deny access to other user's transaction."""
+        response = self.client1.get(f"/api/transactions/{self.user2_transaction.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_transaction(self):
+        """PATCH on other user's transaction should deny access."""
+        response = self.client1.patch(
+            f"/api/transactions/{self.user2_transaction.id}/",
+            {"description": "Hacked Transaction"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.user2_transaction.refresh_from_db()
+        self.assertEqual(self.user2_transaction.description, "User2 Expense")
+
+    def test_user_cannot_delete_other_users_transaction(self):
+        """DELETE on other user's transaction should deny access."""
+        response = self.client1.delete(
+            f"/api/transactions/{self.user2_transaction.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            Transaction.userless_all_objects.filter(
+                id=self.user2_transaction.id
+            ).exists()
+        )
+
+    def test_user_cannot_create_transaction_in_other_users_account(self):
+        """POST /api/transactions/ with other user's account should fail."""
+        response = self.client1.post(
+            "/api/transactions/",
+            {
+                "account": self.user2_account.id,
+                "type": "IN",
+                "amount": "100.00",
+                "date": "2025-01-15",
+                "description": "Sneaky transaction",
+            },
+            format="json",
+        )
+
+        # Should deny access - 400 (validation error), 403, or 404
+        self.assertIn(
+            response.status_code,
+            ACCESS_DENIED_CODES + [status.HTTP_400_BAD_REQUEST],
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class CategoryTagEntityIsolationTests(TestCase):
+    """Tests for isolation of categories, tags, and entities between users."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        # User 1's categories, tags, entities
+        self.user1_category = TransactionCategory.all_objects.create(
+            name="User1 Category", owner=self.user1
+        )
+        self.user1_tag = TransactionTag.all_objects.create(
+            name="User1 Tag", owner=self.user1
+        )
+        self.user1_entity = TransactionEntity.all_objects.create(
+            name="User1 Entity", owner=self.user1
+        )
+
+        # User 2's categories, tags, entities
+        self.user2_category = TransactionCategory.all_objects.create(
+            name="User2 Category", owner=self.user2
+        )
+        self.user2_tag = TransactionTag.all_objects.create(
+            name="User2 Tag", owner=self.user2
+        )
+        self.user2_entity = TransactionEntity.all_objects.create(
+            name="User2 Entity", owner=self.user2
+        )
+
+    def test_user_cannot_see_other_users_categories(self):
+        """GET /api/categories/ should only return user's own categories."""
+        response = self.client1.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.user1_category.id, category_ids)
+        self.assertNotIn(self.user2_category.id, category_ids)
+
+    def test_user_cannot_access_other_users_category_detail(self):
+        """GET /api/categories/{id}/ should deny access to other user's category."""
+        response = self.client1.get(f"/api/categories/{self.user2_category.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_tags(self):
+        """GET /api/tags/ should only return user's own tags."""
+        response = self.client1.get("/api/tags/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        tag_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.user1_tag.id, tag_ids)
+        self.assertNotIn(self.user2_tag.id, tag_ids)
+
+    def test_user_cannot_access_other_users_tag_detail(self):
+        """GET /api/tags/{id}/ should deny access to other user's tag."""
+        response = self.client1.get(f"/api/tags/{self.user2_tag.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_entities(self):
+        """GET /api/entities/ should only return user's own entities."""
+        response = self.client1.get("/api/entities/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        entity_ids = [e["id"] for e in response.data["results"]]
+        self.assertIn(self.user1_entity.id, entity_ids)
+        self.assertNotIn(self.user2_entity.id, entity_ids)
+
+    def test_user_cannot_access_other_users_entity_detail(self):
+        """GET /api/entities/{id}/ should deny access to other user's entity."""
+        response = self.client1.get(f"/api/entities/{self.user2_entity.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_category(self):
+        """PATCH on other user's category should deny access."""
+        response = self.client1.patch(
+            f"/api/categories/{self.user2_category.id}/",
+            {"name": "Hacked Category"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_tag(self):
+        """DELETE on other user's tag should deny access."""
+        response = self.client1.delete(f"/api/tags/{self.user2_tag.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            TransactionTag.all_objects.filter(id=self.user2_tag.id).exists()
+        )
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class DCADataIsolationTests(TestCase):
+    """Tests to ensure users cannot access other users' DCA strategies and entries."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency1 = Currency.objects.create(
+            code="BTC", name="Bitcoin", decimal_places=8, prefix=""
+        )
+        self.currency2 = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's DCA strategy and entry
+        self.user1_strategy = DCAStrategy.all_objects.create(
+            name="User1 BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+        self.user1_entry = DCAEntry.objects.create(
+            strategy=self.user1_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("100.00"),
+            amount_received=Decimal("0.001"),
+        )
+
+        # User 2's DCA strategy and entry
+        self.user2_strategy = DCAStrategy.all_objects.create(
+            name="User2 BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user2,
+        )
+        self.user2_entry = DCAEntry.objects.create(
+            strategy=self.user2_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("200.00"),
+            amount_received=Decimal("0.002"),
+        )
+
+    def test_user_cannot_see_other_users_dca_strategies(self):
+        """GET /api/dca/strategies/ should only return user's own strategies."""
+        response = self.client1.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertIn(self.user1_strategy.id, strategy_ids)
+        self.assertNotIn(self.user2_strategy.id, strategy_ids)
+
+    def test_user_cannot_access_other_users_dca_strategy_detail(self):
+        """GET /api/dca/strategies/{id}/ should deny access to other user's strategy."""
+        response = self.client1.get(f"/api/dca/strategies/{self.user2_strategy.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_dca_entries(self):
+        """GET /api/dca/entries/ filtered by other user's strategy should return empty."""
+        response = self.client1.get(
+            f"/api/dca/entries/?strategy={self.user2_strategy.id}"
+        )
+
+        # Either OK with empty results or error
+        if response.status_code == status.HTTP_200_OK:
+            entry_ids = [e["id"] for e in response.data["results"]]
+            self.assertNotIn(self.user2_entry.id, entry_ids)
+
+    def test_user_cannot_access_other_users_dca_entry_detail(self):
+        """GET /api/dca/entries/{id}/ should deny access to other user's entry."""
+        response = self.client1.get(f"/api/dca/entries/{self.user2_entry.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_investment_frequency(self):
+        """investment_frequency action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/investment_frequency/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_price_comparison(self):
+        """price_comparison action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/price_comparison/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_access_other_users_strategy_current_price(self):
+        """current_price action on other user's strategy should deny access."""
+        response = self.client1.get(
+            f"/api/dca/strategies/{self.user2_strategy.id}/current_price/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_dca_strategy(self):
+        """PATCH on other user's DCA strategy should deny access."""
+        response = self.client1.patch(
+            f"/api/dca/strategies/{self.user2_strategy.id}/",
+            {"name": "Hacked Strategy"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_dca_entry(self):
+        """DELETE on other user's DCA entry should deny access."""
+        response = self.client1.delete(f"/api/dca/entries/{self.user2_entry.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(DCAEntry.objects.filter(id=self.user2_entry.id).exists())
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class InstallmentRecurringIsolationTests(TestCase):
+    """Tests for isolation of installment plans and recurring transactions."""
+
+    def setUp(self):
+        """Set up test data."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account
+        self.user1_account = Account.all_objects.create(
+            name="User1 Account", currency=self.currency, owner=self.user1
+        )
+
+        # User 2's account
+        self.user2_account = Account.all_objects.create(
+            name="User2 Account", currency=self.currency, owner=self.user2
+        )
+
+        # User 1's installment plan
+        self.user1_installment = InstallmentPlan.all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.EXPENSE,
+            description="User1 Installment",
+            number_of_installments=12,
+            start_date=date(2025, 1, 1),
+            installment_amount=Decimal("100.00"),
+        )
+
+        # User 2's installment plan
+        self.user2_installment = InstallmentPlan.all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.EXPENSE,
+            description="User2 Installment",
+            number_of_installments=6,
+            start_date=date(2025, 1, 1),
+            installment_amount=Decimal("200.00"),
+        )
+
+        # User 1's recurring transaction
+        self.user1_recurring = RecurringTransaction.all_objects.create(
+            account=self.user1_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            description="User1 Recurring",
+            start_date=date(2025, 1, 1),
+            recurrence_type=RecurringTransaction.RecurrenceType.MONTH,
+            recurrence_interval=1,
+        )
+
+        # User 2's recurring transaction
+        self.user2_recurring = RecurringTransaction.all_objects.create(
+            account=self.user2_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("1000.00"),
+            description="User2 Recurring",
+            start_date=date(2025, 1, 1),
+            recurrence_type=RecurringTransaction.RecurrenceType.MONTH,
+            recurrence_interval=1,
+        )
+
+    def test_user_cannot_see_other_users_installment_plans(self):
+        """GET /api/installment-plans/ should only return user's own plans."""
+        response = self.client1.get("/api/installment-plans/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        plan_ids = [p["id"] for p in response.data["results"]]
+        self.assertIn(self.user1_installment.id, plan_ids)
+        self.assertNotIn(self.user2_installment.id, plan_ids)
+
+    def test_user_cannot_access_other_users_installment_plan_detail(self):
+        """GET /api/installment-plans/{id}/ should deny access to other user's plan."""
+        response = self.client1.get(
+            f"/api/installment-plans/{self.user2_installment.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_see_other_users_recurring_transactions(self):
+        """GET /api/recurring-transactions/ should only return user's own recurring."""
+        response = self.client1.get("/api/recurring-transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        recurring_ids = [r["id"] for r in response.data["results"]]
+        self.assertIn(self.user1_recurring.id, recurring_ids)
+        self.assertNotIn(self.user2_recurring.id, recurring_ids)
+
+    def test_user_cannot_access_other_users_recurring_transaction_detail(self):
+        """GET /api/recurring-transactions/{id}/ should deny access to other user's recurring."""
+        response = self.client1.get(
+            f"/api/recurring-transactions/{self.user2_recurring.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_modify_other_users_installment_plan(self):
+        """PATCH on other user's installment plan should deny access."""
+        response = self.client1.patch(
+            f"/api/installment-plans/{self.user2_installment.id}/",
+            {"description": "Hacked Installment"},
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_cannot_delete_other_users_recurring_transaction(self):
+        """DELETE on other user's recurring transaction should deny access."""
+        response = self.client1.delete(
+            f"/api/recurring-transactions/{self.user2_recurring.id}/"
+        )
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+        self.assertTrue(
+            RecurringTransaction.all_objects.filter(id=self.user2_recurring.id).exists()
+        )

app/apps/api/tests/test_imports.py

@@ -0,0 +1,404 @@
+from io import BytesIO
+from unittest.mock import patch
+
+from django.contrib.auth import get_user_model
+from django.core.files.uploadedfile import SimpleUploadedFile
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.import_app.models import ImportProfile, ImportRun
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportAPITests(TestCase):
+    """Tests for the Import API endpoint"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        # Create a basic import profile with minimal valid YAML config
+        self.profile = ImportProfile.objects.create(
+            name="Test Profile",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+    @patch("apps.import_app.tasks.process_import.defer")
+    @patch("django.core.files.storage.FileSystemStorage.save")
+    @patch("django.core.files.storage.FileSystemStorage.path")
+    def test_create_import_success(self, mock_path, mock_save, mock_defer):
+        """Test successful file upload creates ImportRun and queues task"""
+        mock_save.return_value = "test_file.csv"
+        mock_path.return_value = "/usr/src/app/temp/test_file.csv"
+
+        csv_content = b"date,description,amount,account\n2025-01-01,Test,100,Main"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
+        self.assertIn("import_run_id", response.data)
+        self.assertEqual(response.data["status"], "queued")
+
+        # Verify ImportRun was created
+        import_run = ImportRun.objects.get(id=response.data["import_run_id"])
+        self.assertEqual(import_run.profile, self.profile)
+        self.assertEqual(import_run.file_name, "test_file.csv")
+
+        # Verify task was deferred
+        mock_defer.assert_called_once_with(
+            import_run_id=import_run.id,
+            file_path="/usr/src/app/temp/test_file.csv",
+            user_id=self.user.id,
+        )
+
+    def test_create_import_missing_profile(self):
+        """Test request without profile_id returns 400"""
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("profile_id", response.data)
+
+    def test_create_import_missing_file(self):
+        """Test request without file returns 400"""
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("file", response.data)
+
+    def test_create_import_invalid_profile(self):
+        """Test request with non-existent profile returns 400"""
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": 99999, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("profile_id", response.data)
+
+    @patch("apps.import_app.tasks.process_import.defer")
+    @patch("django.core.files.storage.FileSystemStorage.save")
+    @patch("django.core.files.storage.FileSystemStorage.path")
+    def test_create_import_xlsx(self, mock_path, mock_save, mock_defer):
+        """Test successful XLSX file upload"""
+        mock_save.return_value = "test_file.xlsx"
+        mock_path.return_value = "/usr/src/app/temp/test_file.xlsx"
+
+        # Create a simple XLSX-like content (just for the upload test)
+        xlsx_content = BytesIO(b"PK\x03\x04")  # XLSX files start with PK header
+        file = SimpleUploadedFile(
+            "test_file.xlsx",
+            xlsx_content.getvalue(),
+            content_type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        )
+
+        response = self.client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_202_ACCEPTED)
+        self.assertIn("import_run_id", response.data)
+
+    def test_unauthenticated_request(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+
+        csv_content = b"date,description,amount\n2025-01-01,Test,100"
+        file = SimpleUploadedFile(
+            "test_file.csv", csv_content, content_type="text/csv"
+        )
+
+        response = unauthenticated_client.post(
+            "/api/import/import/",
+            {"profile_id": self.profile.id, "file": file},
+            format="multipart",
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportProfileAPITests(TestCase):
+    """Tests for the Import Profile API endpoints"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.profile1 = ImportProfile.objects.create(
+            name="Profile 1",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+        self.profile2 = ImportProfile.objects.create(
+            name="Profile 2",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_income
+  is_paid:
+    detection_method: always_unpaid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+    def test_list_profiles(self):
+        """Test listing all profiles"""
+        response = self.client.get("/api/import/profiles/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 2)
+        self.assertEqual(len(response.data["results"]), 2)
+
+    def test_retrieve_profile(self):
+        """Test retrieving a specific profile"""
+        response = self.client.get(f"/api/import/profiles/{self.profile1.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["id"], self.profile1.id)
+        self.assertEqual(response.data["name"], "Profile 1")
+        self.assertIn("yaml_config", response.data)
+
+    def test_retrieve_nonexistent_profile(self):
+        """Test retrieving a non-existent profile returns 404"""
+        response = self.client.get("/api/import/profiles/99999/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_profiles_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get("/api/import/profiles/")
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class ImportRunAPITests(TestCase):
+    """Tests for the Import Run API endpoints"""
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        self.profile1 = ImportProfile.objects.create(
+            name="Profile 1",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_expense
+  is_paid:
+    detection_method: always_paid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+        self.profile2 = ImportProfile.objects.create(
+            name="Profile 2",
+            version=ImportProfile.Versions.VERSION_1,
+            yaml_config="""
+file_type: csv
+date_format: "%Y-%m-%d"
+column_mapping:
+  date:
+    source: date
+  description:
+    source: description
+  amount:
+    source: amount
+  transaction_type:
+    detection_method: always_income
+  is_paid:
+    detection_method: always_unpaid
+  account:
+    source: account
+    match_field: name
+""",
+        )
+
+        # Create import runs
+        self.run1 = ImportRun.objects.create(
+            profile=self.profile1,
+            file_name="file1.csv",
+            status=ImportRun.Status.FINISHED,
+        )
+        self.run2 = ImportRun.objects.create(
+            profile=self.profile1,
+            file_name="file2.csv",
+            status=ImportRun.Status.QUEUED,
+        )
+        self.run3 = ImportRun.objects.create(
+            profile=self.profile2,
+            file_name="file3.csv",
+            status=ImportRun.Status.FINISHED,
+        )
+
+    def test_list_all_runs(self):
+        """Test listing all runs"""
+        response = self.client.get("/api/import/runs/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 3)
+        self.assertEqual(len(response.data["results"]), 3)
+
+    def test_list_runs_by_profile(self):
+        """Test filtering runs by profile_id"""
+        response = self.client.get(f"/api/import/runs/?profile_id={self.profile1.id}")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 2)
+        for run in response.data["results"]:
+            self.assertEqual(run["profile"], self.profile1.id)
+
+    def test_list_runs_by_other_profile(self):
+        """Test filtering runs by another profile_id"""
+        response = self.client.get(f"/api/import/runs/?profile_id={self.profile2.id}")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 1)
+        self.assertEqual(response.data["results"][0]["profile"], self.profile2.id)
+
+    def test_retrieve_run(self):
+        """Test retrieving a specific run"""
+        response = self.client.get(f"/api/import/runs/{self.run1.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["id"], self.run1.id)
+        self.assertEqual(response.data["file_name"], "file1.csv")
+        self.assertEqual(response.data["status"], "FINISHED")
+
+    def test_retrieve_nonexistent_run(self):
+        """Test retrieving a non-existent run returns 404"""
+        response = self.client.get("/api/import/runs/99999/")
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+    def test_runs_unauthenticated(self):
+        """Test unauthenticated request returns 403"""
+        unauthenticated_client = APIClient()
+        response = unauthenticated_client.get("/api/import/runs/")
+
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

app/apps/api/tests/test_shared_access.py

@@ -0,0 +1,587 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+from rest_framework import status
+from rest_framework.test import APIClient
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.dca.models import DCAStrategy, DCAEntry
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+    TransactionEntity,
+)
+
+
+ACCESS_DENIED_CODES = [status.HTTP_403_FORBIDDEN, status.HTTP_404_NOT_FOUND]
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedAccountAccessTests(TestCase):
+    """Tests for shared account access via shared_with field."""
+
+    def setUp(self):
+        """Set up test data with shared accounts."""
+        User = get_user_model()
+
+        # User 1 - owner
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        # User 2 - will have shared access
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        # User 3 - no shared access
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's account shared with user 2
+        self.shared_account = Account.all_objects.create(
+            name="Shared Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+        self.shared_account.shared_with.add(self.user2)
+
+        # User 1's private account (not shared)
+        self.private_account = Account.all_objects.create(
+            name="Private Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+
+        # Transaction in shared account
+        self.shared_transaction = Transaction.userless_all_objects.create(
+            account=self.shared_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Shared Transaction",
+            owner=self.user1,
+        )
+
+        # Transaction in private account
+        self.private_transaction = Transaction.userless_all_objects.create(
+            account=self.private_account,
+            type=Transaction.Type.EXPENSE,
+            amount=Decimal("50.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Private Transaction",
+            owner=self.user1,
+        )
+
+    def test_user_can_see_accounts_shared_with_them(self):
+        """User2 should see the account shared with them."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.shared_account.id, account_ids)
+
+    def test_user_cannot_see_accounts_not_shared_with_them(self):
+        """User2 should NOT see user1's private (non-shared) account."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertNotIn(self.private_account.id, account_ids)
+
+    def test_user_can_access_shared_account_detail(self):
+        """User2 should be able to access shared account details."""
+        response = self.client2.get(f"/api/accounts/{self.shared_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Account")
+
+    def test_user_without_share_cannot_access_shared_account(self):
+        """User3 should NOT be able to access the shared account."""
+        response = self.client3.get(f"/api/accounts/{self.shared_account.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_see_transactions_in_shared_account(self):
+        """User2 should see transactions in the shared account."""
+        response = self.client2.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.shared_transaction.id, transaction_ids)
+        self.assertNotIn(self.private_transaction.id, transaction_ids)
+
+    def test_user_can_access_transaction_in_shared_account(self):
+        """User2 should be able to access transaction details in shared account."""
+        response = self.client2.get(f"/api/transactions/{self.shared_transaction.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["description"], "Shared Transaction")
+
+    def test_user_cannot_access_transaction_in_non_shared_account(self):
+        """User2 should NOT access transactions in user1's private account."""
+        response = self.client2.get(f"/api/transactions/{self.private_transaction.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)
+
+    def test_user_can_get_balance_of_shared_account(self):
+        """User2 should be able to get balance of shared account."""
+        response = self.client2.get(f"/api/accounts/{self.shared_account.id}/balance/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn("current_balance", response.data)
+
+    def test_sharing_works_with_multiple_users(self):
+        """Account shared with multiple users should be accessible by all."""
+        # Add user3 to shared_with
+        self.shared_account.shared_with.add(self.user3)
+
+        # User2 still has access
+        response2 = self.client2.get(f"/api/accounts/{self.shared_account.id}/")
+        self.assertEqual(response2.status_code, status.HTTP_200_OK)
+
+        # User3 now has access
+        response3 = self.client3.get(f"/api/accounts/{self.shared_account.id}/")
+        self.assertEqual(response3.status_code, status.HTTP_200_OK)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class PublicVisibilityTests(TestCase):
+    """Tests for public visibility access."""
+
+    def setUp(self):
+        """Set up test data with public accounts."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's public account
+        self.public_account = Account.all_objects.create(
+            name="Public Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="public",
+        )
+
+        # User 1's private account
+        self.private_account = Account.all_objects.create(
+            name="Private Account",
+            currency=self.currency,
+            owner=self.user1,
+            visibility="private",
+        )
+
+        # Transaction in public account
+        self.public_transaction = Transaction.userless_all_objects.create(
+            account=self.public_account,
+            type=Transaction.Type.INCOME,
+            amount=Decimal("100.00"),
+            is_paid=True,
+            date=date(2025, 1, 1),
+            description="Public Transaction",
+            owner=self.user1,
+        )
+
+    def test_user_can_see_public_accounts(self):
+        """User2 should see user1's public account."""
+        response = self.client2.get("/api/accounts/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        account_ids = [acc["id"] for acc in response.data["results"]]
+        self.assertIn(self.public_account.id, account_ids)
+        self.assertNotIn(self.private_account.id, account_ids)
+
+    def test_user_can_access_public_account_detail(self):
+        """User2 should be able to access public account details."""
+        response = self.client2.get(f"/api/accounts/{self.public_account.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Public Account")
+
+    def test_user_can_see_transactions_in_public_accounts(self):
+        """User2 should see transactions in public accounts."""
+        response = self.client2.get("/api/transactions/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        transaction_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.public_transaction.id, transaction_ids)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedCategoryTagEntityTests(TestCase):
+    """Tests for shared categories, tags, and entities."""
+
+    def setUp(self):
+        """Set up test data with shared categories/tags/entities."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        # User 1's category shared with user 2
+        self.shared_category = TransactionCategory.all_objects.create(
+            name="Shared Category", owner=self.user1
+        )
+        self.shared_category.shared_with.add(self.user2)
+
+        # User 1's private category
+        self.private_category = TransactionCategory.all_objects.create(
+            name="Private Category", owner=self.user1
+        )
+
+        # User 1's public category
+        self.public_category = TransactionCategory.all_objects.create(
+            name="Public Category", owner=self.user1, visibility="public"
+        )
+
+        # User 1's tag shared with user 2
+        self.shared_tag = TransactionTag.all_objects.create(
+            name="Shared Tag", owner=self.user1
+        )
+        self.shared_tag.shared_with.add(self.user2)
+
+        # User 1's entity shared with user 2
+        self.shared_entity = TransactionEntity.all_objects.create(
+            name="Shared Entity", owner=self.user1
+        )
+        self.shared_entity.shared_with.add(self.user2)
+
+    def test_user_can_see_shared_categories(self):
+        """User2 should see categories shared with them."""
+        response = self.client2.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.shared_category.id, category_ids)
+        self.assertNotIn(self.private_category.id, category_ids)
+
+    def test_user_can_access_shared_category_detail(self):
+        """User2 should be able to access shared category details."""
+        response = self.client2.get(f"/api/categories/{self.shared_category.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Category")
+
+    def test_user_can_see_public_categories(self):
+        """User3 should see public categories."""
+        response = self.client3.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertIn(self.public_category.id, category_ids)
+
+    def test_user_without_share_cannot_see_shared_category(self):
+        """User3 should NOT see category shared only with user2."""
+        response = self.client3.get("/api/categories/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        category_ids = [c["id"] for c in response.data["results"]]
+        self.assertNotIn(self.shared_category.id, category_ids)
+
+    def test_user_can_see_shared_tags(self):
+        """User2 should see tags shared with them."""
+        response = self.client2.get("/api/tags/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        tag_ids = [t["id"] for t in response.data["results"]]
+        self.assertIn(self.shared_tag.id, tag_ids)
+
+    def test_user_can_access_shared_tag_detail(self):
+        """User2 should be able to access shared tag details."""
+        response = self.client2.get(f"/api/tags/{self.shared_tag.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Tag")
+
+    def test_user_can_see_shared_entities(self):
+        """User2 should see entities shared with them."""
+        response = self.client2.get("/api/entities/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        entity_ids = [e["id"] for e in response.data["results"]]
+        self.assertIn(self.shared_entity.id, entity_ids)
+
+    def test_user_can_access_shared_entity_detail(self):
+        """User2 should be able to access shared entity details."""
+        response = self.client2.get(f"/api/entities/{self.shared_entity.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Entity")
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedDCAAccessTests(TestCase):
+    """Tests for shared DCA strategy access."""
+
+    def setUp(self):
+        """Set up test data with shared DCA strategies."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        self.currency1 = Currency.objects.create(
+            code="BTC", name="Bitcoin", decimal_places=8, prefix=""
+        )
+        self.currency2 = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+
+        # User 1's DCA strategy shared with user 2
+        self.shared_strategy = DCAStrategy.all_objects.create(
+            name="Shared BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+        self.shared_strategy.shared_with.add(self.user2)
+
+        # Entry in shared strategy
+        self.shared_entry = DCAEntry.objects.create(
+            strategy=self.shared_strategy,
+            date=date(2025, 1, 1),
+            amount_paid=Decimal("100.00"),
+            amount_received=Decimal("0.001"),
+        )
+
+        # User 1's private strategy
+        self.private_strategy = DCAStrategy.all_objects.create(
+            name="Private BTC Strategy",
+            target_currency=self.currency1,
+            payment_currency=self.currency2,
+            owner=self.user1,
+        )
+
+    def test_user_can_see_shared_dca_strategies(self):
+        """User2 should see DCA strategies shared with them."""
+        response = self.client2.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertIn(self.shared_strategy.id, strategy_ids)
+        self.assertNotIn(self.private_strategy.id, strategy_ids)
+
+    def test_user_can_access_shared_dca_strategy_detail(self):
+        """User2 should be able to access shared strategy details."""
+        response = self.client2.get(f"/api/dca/strategies/{self.shared_strategy.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared BTC Strategy")
+
+    def test_user_without_share_cannot_see_shared_strategy(self):
+        """User3 should NOT see strategy shared only with user2."""
+        response = self.client3.get("/api/dca/strategies/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        strategy_ids = [s["id"] for s in response.data["results"]]
+        self.assertNotIn(self.shared_strategy.id, strategy_ids)
+
+    def test_user_can_access_shared_strategy_actions(self):
+        """User2 should be able to access actions on shared strategy."""
+        # investment_frequency
+        response1 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/investment_frequency/"
+        )
+        self.assertEqual(response1.status_code, status.HTTP_200_OK)
+
+        # price_comparison
+        response2 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/price_comparison/"
+        )
+        self.assertEqual(response2.status_code, status.HTTP_200_OK)
+
+        # current_price
+        response3 = self.client2.get(
+            f"/api/dca/strategies/{self.shared_strategy.id}/current_price/"
+        )
+        self.assertEqual(response3.status_code, status.HTTP_200_OK)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class SharedAccountGroupTests(TestCase):
+    """Tests for shared account group access."""
+
+    def setUp(self):
+        """Set up test data with shared account groups."""
+        User = get_user_model()
+
+        self.user1 = User.objects.create_user(
+            email="user1@test.com", password="testpass123"
+        )
+        self.client1 = APIClient()
+        self.client1.force_authenticate(user=self.user1)
+
+        self.user2 = User.objects.create_user(
+            email="user2@test.com", password="testpass123"
+        )
+        self.client2 = APIClient()
+        self.client2.force_authenticate(user=self.user2)
+
+        self.user3 = User.objects.create_user(
+            email="user3@test.com", password="testpass123"
+        )
+        self.client3 = APIClient()
+        self.client3.force_authenticate(user=self.user3)
+
+        # User 1's account group shared with user 2
+        self.shared_group = AccountGroup.all_objects.create(
+            name="Shared Group", owner=self.user1
+        )
+        self.shared_group.shared_with.add(self.user2)
+
+        # User 1's private account group
+        self.private_group = AccountGroup.all_objects.create(
+            name="Private Group", owner=self.user1
+        )
+
+        # User 1's public account group
+        self.public_group = AccountGroup.all_objects.create(
+            name="Public Group", owner=self.user1, visibility="public"
+        )
+
+    def test_user_can_see_shared_account_groups(self):
+        """User2 should see account groups shared with them."""
+        response = self.client2.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [g["id"] for g in response.data["results"]]
+        self.assertIn(self.shared_group.id, group_ids)
+        self.assertNotIn(self.private_group.id, group_ids)
+
+    def test_user_can_access_shared_account_group_detail(self):
+        """User2 should be able to access shared account group details."""
+        response = self.client2.get(f"/api/account-groups/{self.shared_group.id}/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["name"], "Shared Group")
+
+    def test_user_can_see_public_account_groups(self):
+        """User3 should see public account groups."""
+        response = self.client3.get("/api/account-groups/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        group_ids = [g["id"] for g in response.data["results"]]
+        self.assertIn(self.public_group.id, group_ids)
+
+    def test_user_without_share_cannot_access_shared_group(self):
+        """User3 should NOT be able to access shared account group."""
+        response = self.client3.get(f"/api/account-groups/{self.shared_group.id}/")
+
+        self.assertIn(response.status_code, ACCESS_DENIED_CODES)

app/apps/api/urls.py

@@ -16,7 +16,11 @@ router.register(r"currencies", views.CurrencyViewSet)
 router.register(r"exchange-rates", views.ExchangeRateViewSet)
 router.register(r"dca/strategies", views.DCAStrategyViewSet)
 router.register(r"dca/entries", views.DCAEntryViewSet)
+router.register(r"import/profiles", views.ImportProfileViewSet, basename="import-profiles")
+router.register(r"import/runs", views.ImportRunViewSet, basename="import-runs")
+router.register(r"import/import", views.ImportViewSet, basename="import-import")
 
 urlpatterns = [
     path("", include(router.urls)),
 ]
+

app/apps/api/views/__init__.py

@@ -2,3 +2,5 @@ from .transactions import *
 from .accounts import *
 from .currencies import *
 from .dca import *
+from .imports import *
+

app/apps/api/views/accounts.py

@@ -1,27 +1,79 @@
+from drf_spectacular.utils import extend_schema, extend_schema_view
 from rest_framework import viewsets
+from rest_framework.decorators import action
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
 
-from apps.api.custom.pagination import CustomPageNumberPagination
 from apps.accounts.models import AccountGroup, Account
-from apps.api.serializers import AccountGroupSerializer, AccountSerializer
+from apps.accounts.services import get_account_balance
+from apps.api.serializers import (
+    AccountGroupSerializer,
+    AccountSerializer,
+    AccountBalanceSerializer,
+)
 
 
 class AccountGroupViewSet(viewsets.ModelViewSet):
+    """ViewSet for managing account groups."""
+
     queryset = AccountGroup.objects.all()
     serializer_class = AccountGroupSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return AccountGroup.objects.all().order_by("id")
+        return AccountGroup.objects.all()
 
 
+@extend_schema_view(
+    balance=extend_schema(
+        summary="Get account balance",
+        description="Returns the current and projected balance for the account, along with currency data.",
+        responses={200: AccountBalanceSerializer},
+    ),
+)
 class AccountViewSet(viewsets.ModelViewSet):
+    """ViewSet for managing accounts."""
+
     queryset = Account.objects.all()
     serializer_class = AccountSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "group": ["exact", "isnull"],
+        "currency": ["exact"],
+        "exchange_currency": ["exact", "isnull"],
+        "is_asset": ["exact"],
+        "is_archived": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return (
-            Account.objects.all()
-            .order_by("id")
-            .select_related("group", "currency", "exchange_currency")
+        return Account.objects.all().select_related(
+            "group", "currency", "exchange_currency"
         )
+
+    @action(detail=True, methods=["get"], permission_classes=[IsAuthenticated])
+    def balance(self, request, pk=None):
+        """Get current and projected balance for an account."""
+        account = self.get_object()
+
+        current_balance = get_account_balance(account, paid_only=True)
+        projected_balance = get_account_balance(account, paid_only=False)
+
+        serializer = AccountBalanceSerializer(
+            {
+                "current_balance": current_balance,
+                "projected_balance": projected_balance,
+                "currency": account.currency,
+            }
+        )
+
+        return Response(serializer.data)

app/apps/api/views/currencies.py

@@ -9,8 +9,28 @@ from apps.currencies.models import ExchangeRate
 class CurrencyViewSet(viewsets.ModelViewSet):
     queryset = Currency.objects.all()
     serializer_class = CurrencySerializer
+    filterset_fields = {
+        'name': ['exact', 'icontains'],
+        'code': ['exact', 'icontains'],
+        'decimal_places': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'prefix': ['exact', 'icontains'],
+        'suffix': ['exact', 'icontains'],
+        'exchange_currency': ['exact'],
+        'is_archived': ['exact'],
+    }
+    search_fields = '__all__'
+    ordering_fields = '__all__'
 
 
 class ExchangeRateViewSet(viewsets.ModelViewSet):
     queryset = ExchangeRate.objects.all()
     serializer_class = ExchangeRateSerializer
+    filterset_fields = {
+        'from_currency': ['exact'],
+        'to_currency': ['exact'],
+        'rate': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'date': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'automatic': ['exact'],
+    }
+    search_fields = '__all__'
+    ordering_fields = '__all__'

app/apps/api/views/dca.py

@@ -8,6 +8,19 @@ from apps.api.serializers import DCAStrategySerializer, DCAEntrySerializer
 class DCAStrategyViewSet(viewsets.ModelViewSet):
     queryset = DCAStrategy.objects.all()
     serializer_class = DCAStrategySerializer
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "target_currency": ["exact"],
+        "payment_currency": ["exact"],
+        "notes": ["exact", "icontains"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+    }
+    search_fields = ["name", "notes"]
+    ordering_fields = "__all__"
+
+    def get_queryset(self):
+        return DCAStrategy.objects.all()
 
     @action(detail=True, methods=["get"])
     def investment_frequency(self, request, pk=None):
@@ -32,10 +45,22 @@ class DCAStrategyViewSet(viewsets.ModelViewSet):
 class DCAEntryViewSet(viewsets.ModelViewSet):
     queryset = DCAEntry.objects.all()
     serializer_class = DCAEntrySerializer
+    filterset_fields = {
+        "strategy": ["exact"],
+        "date": ["exact", "gte", "lte", "gt", "lt"],
+        "amount_paid": ["exact", "gte", "lte", "gt", "lt"],
+        "amount_received": ["exact", "gte", "lte", "gt", "lt"],
+        "expense_transaction": ["exact", "isnull"],
+        "income_transaction": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+    }
+    search_fields = ["notes"]
+    ordering_fields = "__all__"
+    ordering = ["-date"]
 
     def get_queryset(self):
-        queryset = DCAEntry.objects.all()
-        strategy_id = self.request.query_params.get("strategy", None)
-        if strategy_id is not None:
-            queryset = queryset.filter(strategy_id=strategy_id)
-        return queryset
+        # Filter entries by strategies the user has access to
+        accessible_strategies = DCAStrategy.objects.all()
+        return DCAEntry.objects.filter(strategy__in=accessible_strategies)

app/apps/api/views/imports.py

@@ -0,0 +1,147 @@
+from django.core.files.storage import FileSystemStorage
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiParameter, extend_schema, extend_schema_view, inline_serializer
+from rest_framework import serializers as drf_serializers
+from rest_framework import status, viewsets
+from rest_framework.parsers import MultiPartParser
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+
+from apps.api.serializers import ImportFileSerializer, ImportProfileSerializer, ImportRunSerializer
+from apps.import_app.models import ImportProfile, ImportRun
+from apps.import_app.tasks import process_import
+
+
+@extend_schema_view(
+    list=extend_schema(
+        summary="List import profiles",
+        description="Returns a paginated list of all available import profiles.",
+    ),
+    retrieve=extend_schema(
+        summary="Get import profile",
+        description="Returns the details of a specific import profile by ID.",
+    ),
+)
+class ImportProfileViewSet(viewsets.ReadOnlyModelViewSet):
+    """ViewSet for listing and retrieving import profiles."""
+
+    queryset = ImportProfile.objects.all()
+    serializer_class = ImportProfileSerializer
+    permission_classes = [IsAuthenticated]
+    filterset_fields = {
+        'name': ['exact', 'icontains'],
+        'yaml_config': ['exact', 'icontains'],
+        'version': ['exact'],
+    }
+    search_fields = ['name', 'yaml_config']
+    ordering_fields = '__all__'
+    ordering = ['name']
+
+
+@extend_schema_view(
+    list=extend_schema(
+        summary="List import runs",
+        description="Returns a paginated list of import runs. Optionally filter by profile_id.",
+        parameters=[
+            OpenApiParameter(
+                name="profile_id",
+                type=int,
+                location=OpenApiParameter.QUERY,
+                description="Filter runs by profile ID",
+                required=False,
+            ),
+        ],
+    ),
+    retrieve=extend_schema(
+        summary="Get import run",
+        description="Returns the details of a specific import run by ID, including status and logs.",
+    ),
+)
+class ImportRunViewSet(viewsets.ReadOnlyModelViewSet):
+    """ViewSet for listing and retrieving import runs."""
+
+    queryset = ImportRun.objects.all().order_by("-id")
+    serializer_class = ImportRunSerializer
+    permission_classes = [IsAuthenticated]
+    filterset_fields = {
+        'status': ['exact'],
+        'profile': ['exact'],
+        'file_name': ['exact', 'icontains'],
+        'logs': ['exact', 'icontains'],
+        'processed_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'total_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'successful_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'skipped_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'failed_rows': ['exact', 'gte', 'lte', 'gt', 'lt'],
+        'started_at': ['exact', 'gte', 'lte', 'gt', 'lt', 'isnull'],
+        'finished_at': ['exact', 'gte', 'lte', 'gt', 'lt', 'isnull'],
+    }
+    search_fields = ['file_name', 'logs']
+    ordering_fields = '__all__'
+    ordering = ['-id']
+
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        profile_id = self.request.query_params.get("profile_id")
+        if profile_id:
+            queryset = queryset.filter(profile_id=profile_id)
+        return queryset
+
+
+@extend_schema_view(
+    create=extend_schema(
+        summary="Import file",
+        description="Upload a CSV or XLSX file to import using an existing import profile. The import is queued and processed asynchronously.",
+        request={
+            "multipart/form-data": {
+                "type": "object",
+                "properties": {
+                    "profile_id": {"type": "integer", "description": "ID of the ImportProfile to use"},
+                    "file": {"type": "string", "format": "binary", "description": "CSV or XLSX file to import"},
+                },
+                "required": ["profile_id", "file"],
+            },
+        },
+        responses={
+            202: inline_serializer(
+                name="ImportResponse",
+                fields={
+                    "import_run_id": drf_serializers.IntegerField(),
+                    "status": drf_serializers.CharField(),
+                },
+            ),
+        },
+    ),
+)
+class ImportViewSet(viewsets.ViewSet):
+    """ViewSet for importing data via file upload."""
+
+    permission_classes = [IsAuthenticated]
+    parser_classes = [MultiPartParser]
+
+    def create(self, request):
+        serializer = ImportFileSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        profile = serializer.validated_data["profile"]
+        uploaded_file = serializer.validated_data["file"]
+
+        # Save file to temp location
+        fs = FileSystemStorage(location="/usr/src/app/temp")
+        filename = fs.save(uploaded_file.name, uploaded_file)
+        file_path = fs.path(filename)
+
+        # Create ImportRun record
+        import_run = ImportRun.objects.create(profile=profile, file_name=filename)
+
+        # Queue import task
+        process_import.defer(
+            import_run_id=import_run.id,
+            file_path=file_path,
+            user_id=request.user.id,
+        )
+
+        return Response(
+            {"import_run_id": import_run.id, "status": "queued"},
+            status=status.HTTP_202_ACCEPTED,
+        )

app/apps/api/views/transactions.py

@@ -1,6 +1,7 @@
+from copy import deepcopy
+
 from rest_framework import viewsets
 
-from apps.api.custom.pagination import CustomPageNumberPagination
 from apps.api.serializers import (
     TransactionSerializer,
     TransactionCategorySerializer,
@@ -23,64 +24,151 @@ from apps.rules.signals import transaction_updated, transaction_created
 class TransactionViewSet(viewsets.ModelViewSet):
     queryset = Transaction.objects.all()
     serializer_class = TransactionSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "account": ["exact"],
+        "type": ["exact"],
+        "is_paid": ["exact"],
+        "date": ["exact", "gte", "lte", "gt", "lt"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt"],
+        "mute": ["exact"],
+        "amount": ["exact", "gte", "lte", "gt", "lt"],
+        "description": ["exact", "icontains"],
+        "notes": ["exact", "icontains"],
+        "category": ["exact", "isnull"],
+        "installment_plan": ["exact", "isnull"],
+        "installment_id": ["exact", "gte", "lte"],
+        "recurring_transaction": ["exact", "isnull"],
+        "internal_note": ["exact", "icontains"],
+        "internal_id": ["exact"],
+        "deleted": ["exact"],
+        "created_at": ["exact", "gte", "lte", "gt", "lt"],
+        "updated_at": ["exact", "gte", "lte", "gt", "lt"],
+        "deleted_at": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "owner": ["exact"],
+    }
+    search_fields = ["description", "notes", "internal_note"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
+
+    def get_queryset(self):
+        return Transaction.objects.all()
 
     def perform_create(self, serializer):
         instance = serializer.save()
         transaction_created.send(sender=instance)
 
     def perform_update(self, serializer):
+        old_data = deepcopy(self.get_object())
         instance = serializer.save()
-        transaction_updated.send(sender=instance)
+        transaction_updated.send(sender=instance, old_data=old_data)
 
     def partial_update(self, request, *args, **kwargs):
         kwargs["partial"] = True
         return self.update(request, *args, **kwargs)
 
-    def get_queryset(self):
-        return Transaction.objects.all().order_by("-id")
-
 
 class TransactionCategoryViewSet(viewsets.ModelViewSet):
     queryset = TransactionCategory.objects.all()
     serializer_class = TransactionCategorySerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "mute": ["exact"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionCategory.objects.all().order_by("id")
+        return TransactionCategory.objects.all()
 
 
 class TransactionTagViewSet(viewsets.ModelViewSet):
     queryset = TransactionTag.objects.all()
     serializer_class = TransactionTagSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionTag.objects.all().order_by("id")
+        return TransactionTag.objects.all()
 
 
 class TransactionEntityViewSet(viewsets.ModelViewSet):
     queryset = TransactionEntity.objects.all()
     serializer_class = TransactionEntitySerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "name": ["exact", "icontains"],
+        "active": ["exact"],
+        "owner": ["exact"],
+    }
+    search_fields = ["name"]
+    ordering_fields = "__all__"
+    ordering = ["id"]
 
     def get_queryset(self):
-        return TransactionEntity.objects.all().order_by("id")
+        return TransactionEntity.objects.all()
 
 
 class InstallmentPlanViewSet(viewsets.ModelViewSet):
     queryset = InstallmentPlan.objects.all()
     serializer_class = InstallmentPlanSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "account": ["exact"],
+        "type": ["exact"],
+        "description": ["exact", "icontains"],
+        "number_of_installments": ["exact", "gte", "lte", "gt", "lt"],
+        "installment_start": ["exact", "gte", "lte", "gt", "lt"],
+        "installment_total_number": ["exact", "gte", "lte", "gt", "lt"],
+        "start_date": ["exact", "gte", "lte", "gt", "lt"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "end_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "recurrence": ["exact"],
+        "installment_amount": ["exact", "gte", "lte", "gt", "lt"],
+        "category": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "add_description_to_transaction": ["exact"],
+        "add_notes_to_transaction": ["exact"],
+    }
+    search_fields = ["description", "notes"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
 
     def get_queryset(self):
-        return InstallmentPlan.objects.all().order_by("-id")
+        return InstallmentPlan.objects.all()
 
 
 class RecurringTransactionViewSet(viewsets.ModelViewSet):
     queryset = RecurringTransaction.objects.all()
     serializer_class = RecurringTransactionSerializer
-    pagination_class = CustomPageNumberPagination
+    filterset_fields = {
+        "is_paused": ["exact"],
+        "account": ["exact"],
+        "type": ["exact"],
+        "amount": ["exact", "gte", "lte", "gt", "lt"],
+        "description": ["exact", "icontains"],
+        "category": ["exact", "isnull"],
+        "notes": ["exact", "icontains"],
+        "reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "start_date": ["exact", "gte", "lte", "gt", "lt"],
+        "end_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "recurrence_type": ["exact"],
+        "recurrence_interval": ["exact", "gte", "lte", "gt", "lt"],
+        "keep_at_most": ["exact", "gte", "lte", "gt", "lt"],
+        "last_generated_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "last_generated_reference_date": ["exact", "gte", "lte", "gt", "lt", "isnull"],
+        "add_description_to_transaction": ["exact"],
+        "add_notes_to_transaction": ["exact"],
+    }
+    search_fields = ["description", "notes"]
+    ordering_fields = "__all__"
+    ordering = ["-id"]
 
     def get_queryset(self):
-        return RecurringTransaction.objects.all().order_by("-id")
+        return RecurringTransaction.objects.all()

app/apps/common/apps.py

@@ -23,3 +23,6 @@ class CommonConfig(AppConfig):
         # Delete the cache for update checks to prevent false-positives when the app is restarted
         # this will be recreated by the check_for_updates task
         cache.delete("update_check")
+
+        # Register system checks for required environment variables
+        from apps.common import checks  # noqa: F401

app/apps/common/checks.py

@@ -0,0 +1,103 @@
+"""
+Django System Checks for required environment variables.
+
+This module validates that required environment variables (those without defaults)
+are present before the application starts.
+"""
+
+import os
+
+from django.core.checks import Error, register
+
+
+# List of environment variables that are required (no default values)
+# Based on the README.md documentation
+REQUIRED_ENV_VARS = [
+    ("SECRET_KEY", "This is used to provide cryptographic signing."),
+    ("SQL_DATABASE", "The name of your postgres database."),
+]
+
+# List of environment variables that must be valid integers if set
+INT_ENV_VARS = [
+    ("TASK_WORKERS", "How many workers to have for async tasks."),
+    ("SESSION_EXPIRY_TIME", "The age of session cookies, in seconds."),
+    ("INTERNAL_PORT", "The port on which the app listens on."),
+    ("DJANGO_VITE_DEV_SERVER_PORT", "The port where Vite's dev server is running"),
+]
+
+
+@register()
+def check_required_env_vars(app_configs, **kwargs):
+    """
+    Check that all required environment variables are set.
+
+    Returns a list of Error objects for any missing required variables.
+    """
+    errors = []
+
+    for var_name, description in REQUIRED_ENV_VARS:
+        value = os.getenv(var_name)
+        if not value:
+            errors.append(
+                Error(
+                    f"Required environment variable '{var_name}' is not set.",
+                    hint=f"{description} Please set this variable in your .env file or environment.",
+                    id="wygiwyh.E001",
+                )
+            )
+
+    return errors
+
+
+@register()
+def check_int_env_vars(app_configs, **kwargs):
+    """
+    Check that environment variables that should be integers are valid.
+
+    Returns a list of Error objects for any invalid integer variables.
+    """
+    errors = []
+
+    for var_name, description in INT_ENV_VARS:
+        value = os.getenv(var_name)
+        if value is not None:
+            try:
+                int(value)
+            except ValueError:
+                errors.append(
+                    Error(
+                        f"Environment variable '{var_name}' must be a valid integer, got '{value}'.",
+                        hint=f"{description}",
+                        id="wygiwyh.E002",
+                    )
+                )
+
+    return errors
+
+
+@register()
+def check_soft_delete_config(app_configs, **kwargs):
+    """
+    Check that KEEP_DELETED_TRANSACTIONS_FOR is a valid integer when ENABLE_SOFT_DELETE is enabled.
+
+    Returns a list of Error objects if the configuration is invalid.
+    """
+    errors = []
+
+    enable_soft_delete = os.getenv("ENABLE_SOFT_DELETE", "false").lower() == "true"
+
+    if enable_soft_delete:
+        keep_deleted_for = os.getenv("KEEP_DELETED_TRANSACTIONS_FOR")
+        if keep_deleted_for is not None:
+            try:
+                int(keep_deleted_for)
+            except ValueError:
+                errors.append(
+                    Error(
+                        f"Environment variable 'KEEP_DELETED_TRANSACTIONS_FOR' must be a valid integer when ENABLE_SOFT_DELETE is enabled, got '{keep_deleted_for}'.",
+                        hint="Time in days to keep soft deleted transactions for. Set to 0 to keep all transactions indefinitely.",
+                        id="wygiwyh.E003",
+                    )
+                )
+
+    return errors

app/apps/common/fields/forms/dynamic_select.py

@@ -139,7 +139,6 @@ class DynamicModelMultipleChoiceField(forms.ModelMultipleChoiceField):
                     instance.save()
                     return instance
         except Exception as e:
-            print(e)
             raise ValidationError(_("Error creating new instance"))
 
     def clean(self, value):

app/apps/common/forms.py

@@ -1,14 +1,13 @@
-from crispy_forms.bootstrap import FormActions
-from django import forms
-from django.contrib.auth import get_user_model
-from django.utils.translation import gettext_lazy as _
-from django.core.exceptions import ValidationError
-from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Field, Submit, Div, HTML
-
-from apps.common.widgets.tom_select import TomSelect, TomSelectMultiple
 from apps.common.models import SharedObject
 from apps.common.widgets.crispy.submit import NoClassSubmit
+from apps.common.widgets.tom_select import TomSelect, TomSelectMultiple
+from crispy_forms.bootstrap import FormActions
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import HTML, Div, Field, Layout, Submit
+from django import forms
+from django.contrib.auth import get_user_model
+from django.core.exceptions import ValidationError
+from django.utils.translation import gettext_lazy as _
 
 User = get_user_model()
 
@@ -39,6 +38,7 @@ class SharedObjectForm(forms.Form):
         choices=SharedObject.Visibility.choices,
         required=True,
         label=_("Visibility"),
+        widget=TomSelect(clear_button=False),
         help_text=_(
             "Private: Only shown for the owner and shared users. Only editable by the owner."
             "<br/>"
@@ -48,9 +48,6 @@ class SharedObjectForm(forms.Form):
 
     class Meta:
         fields = ["visibility", "shared_with_users"]
-        widgets = {
-            "visibility": TomSelect(clear_button=False),
-        }
 
     def __init__(self, *args, **kwargs):
         # Get the current user to filter available sharing options
@@ -73,12 +70,10 @@ class SharedObjectForm(forms.Form):
         self.helper.layout = Layout(
             Field("owner"),
             Field("visibility"),
-            HTML("<hr>"),
+            HTML('<hr class="hr my-3">'),
             Field("shared_with_users"),
             FormActions(
-                NoClassSubmit(
-                    "submit", _("Save"), css_class="btn btn-outline-primary w-100"
-                ),
+                NoClassSubmit("submit", _("Save"), css_class="btn btn-primary"),
             ),
         )
 

app/apps/common/functions/decimals.py

@@ -9,5 +9,8 @@ def truncate_decimal(value, decimal_places):
     :param decimal_places: The number of decimal places to keep
     :return: Truncated Decimal value
     """
+    if isinstance(value, (int, float)):
+        value = Decimal(str(value))
+
     multiplier = Decimal(10**decimal_places)
     return (value * multiplier).to_integral_value(rounding=ROUND_DOWN) / multiplier

app/apps/common/functions/format.py

@@ -5,7 +5,12 @@ from django.utils.formats import get_format as original_get_format
 def get_format(format_type=None, lang=None, use_l10n=None):
     user = get_current_user()
 
-    if user and user.is_authenticated and hasattr(user, "settings") and use_l10n:
+    if (
+        user
+        and user.is_authenticated
+        and hasattr(user, "settings")
+        and use_l10n is not False
+    ):
         user_settings = user.settings
         if format_type == "THOUSAND_SEPARATOR":
             number_format = getattr(user_settings, "number_format", None)
@@ -13,11 +18,13 @@ def get_format(format_type=None, lang=None, use_l10n=None):
                 return "."
             elif number_format == "CD":
                 return ","
+            elif number_format == "SD" or number_format == "SC":
+                return " "
         elif format_type == "DECIMAL_SEPARATOR":
             number_format = getattr(user_settings, "number_format", None)
-            if number_format == "DC":
+            if number_format == "DC" or number_format == "SC":
                 return ","
-            elif number_format == "CD":
+            elif number_format == "CD" or number_format == "SD":
                 return "."
         elif format_type == "SHORT_DATE_FORMAT":
             date_format = getattr(user_settings, "date_format", None)

app/apps/common/tasks.py

@@ -17,13 +17,18 @@ logger = logging.getLogger(__name__)
 
 
 @app.periodic(cron="0 4 * * *")
-@app.task(queueing_lock="remove_old_jobs", pass_context=True, name="remove_old_jobs")
+@app.task(
+    lock="remove_old_jobs",
+    queueing_lock="remove_old_jobs",
+    pass_context=True,
+    name="remove_old_jobs",
+)
 async def remove_old_jobs(context, timestamp):
     try:
         return await builtin_tasks.remove_old_jobs(
             context,
             max_hours=744,
-            remove_error=True,
+            remove_failed=True,
             remove_cancelled=True,
             remove_aborted=True,
         )
@@ -36,7 +41,11 @@ async def remove_old_jobs(context, timestamp):
 
 
 @app.periodic(cron="0 6 1 * *")
-@app.task(queueing_lock="remove_expired_sessions", name="remove_expired_sessions")
+@app.task(
+    lock="remove_expired_sessions",
+    queueing_lock="remove_expired_sessions",
+    name="remove_expired_sessions",
+)
 async def remove_expired_sessions(timestamp=None):
     """Cleanup expired sessions by using Django management command."""
     try:
@@ -49,7 +58,7 @@ async def remove_expired_sessions(timestamp=None):
 
 
 @app.periodic(cron="0 8 * * *")
-@app.task(name="reset_demo_data")
+@app.task(lock="reset_demo_data", name="reset_demo_data")
 def reset_demo_data(timestamp=None):
     """
     Wipes the database and loads fresh demo data if DEMO mode is active.
@@ -86,9 +95,7 @@ def reset_demo_data(timestamp=None):
 
 
 @app.periodic(cron="0 */12 * * *")  # Every 12 hours
-@app.task(
-    name="check_for_updates",
-)
+@app.task(lock="check_for_updates", name="check_for_updates")
 def check_for_updates(timestamp=None):
     if not settings.CHECK_FOR_UPDATES:
         return "CHECK_FOR_UPDATES is disabled"

app/apps/common/templatetags/crispy_extra.py

@@ -0,0 +1,13 @@
+from django import forms, template
+
+register = template.Library()
+
+
+@register.filter
+def is_input(field):
+    return isinstance(field.field.widget, forms.TextInput)
+
+
+@register.filter
+def is_textarea(field):
+    return isinstance(field.field.widget, forms.Textarea)

app/apps/common/templatetags/toast_bg.py

@@ -11,7 +11,7 @@ def toast_bg(tags):
     elif "warning" in tags:
         return "warning"
     elif "error" in tags:
-        return "danger"
+        return "error"
     elif "info" in tags:
         return "info"
 

app/apps/common/views.py

@@ -91,6 +91,12 @@ def month_year_picker(request):
         for date in all_months
     ]
 
+    today_url = (
+        reverse(url, kwargs={"month": current_date.month, "year": current_date.year})
+        if url
+        else ""
+    )
+
     return render(
         request,
         "common/fragments/month_year_picker.html",
@@ -98,6 +104,7 @@ def month_year_picker(request):
             "month_year_data": result,
             "current_month": current_month,
             "current_year": current_year,
+            "today_url": today_url,
         },
     )
 

app/apps/common/widgets/crispy/daisyui.py

@@ -0,0 +1,5 @@
+from crispy_forms.layout import Field
+
+
+class Switch(Field):
+    template = "crispy-daisyui/layout/switch.html"

app/apps/common/widgets/datepicker.py

@@ -1,15 +1,14 @@
 import datetime
 
-from django.forms import widgets
-from django.utils import formats, translation, dates
-from django.utils.translation import gettext_lazy as _
-
+from apps.common.functions.format import get_format
 from apps.common.utils.django import (
-    django_to_python_datetime,
     django_to_airdatepicker_datetime,
     django_to_airdatepicker_datetime_separated,
+    django_to_python_datetime,
 )
-from apps.common.functions.format import get_format
+from django.forms import widgets
+from django.utils import dates, formats, translation
+from django.utils.translation import gettext_lazy as _
 
 
 class AirDatePickerInput(widgets.DateInput):
@@ -52,6 +51,8 @@ class AirDatePickerInput(widgets.DateInput):
     def build_attrs(self, base_attrs, extra_attrs=None):
         attrs = super().build_attrs(base_attrs, extra_attrs)
 
+        attrs["class"] = attrs.get("class", "") + " input"
+
         attrs["data-now-button-txt"] = _("Today")
         attrs["data-auto-close"] = str(self.auto_close).lower()
         attrs["data-clear-button"] = str(self.clear_button).lower()

app/apps/common/widgets/decimal.py

@@ -35,9 +35,8 @@ class ArbitraryDecimalDisplayNumberInput(forms.TextInput):
         self.attrs.update(
             {
                 "x-data": "",
-                "x-mask:dynamic": f"$money($input, '{get_format('DECIMAL_SEPARATOR')}', "
-                f"'{get_format('THOUSAND_SEPARATOR')}', '30')",
-                "x-on:keyup": "$el.dispatchEvent(new Event('input'))",
+                "x-mask:dynamic": f"$money($input, '{get_format('DECIMAL_SEPARATOR')}', '{get_format('THOUSAND_SEPARATOR')}', '30')",
+                "x-on:keyup": "if (!['Control', 'Shift', 'Alt', 'Meta'].includes($event.key) && !(($event.ctrlKey || $event.metaKey) && $event.key.toLowerCase() === 'a')) $el.dispatchEvent(new Event('input'))",
             }
         )
 

app/apps/common/widgets/tom_select.py

@@ -1,4 +1,4 @@
-from django.forms import widgets, SelectMultiple
+from django.forms import SelectMultiple, widgets
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
 
@@ -17,7 +17,7 @@ class TomSelect(widgets.Select):
         checkboxes=False,
         group_by=None,
         *args,
-        **kwargs
+        **kwargs,
     ):
         super().__init__(attrs, *args, **kwargs)
         self.remove_button = remove_button

app/apps/currencies/exchange_rates/fetcher.py

@@ -1,16 +1,9 @@
 import logging
-from datetime import timedelta
 
 from django.db.models import QuerySet
 from django.utils import timezone
 
-from apps.currencies.exchange_rates.providers import (
-    SynthFinanceProvider,
-    SynthFinanceStockProvider,
-    CoinGeckoFreeProvider,
-    CoinGeckoProProvider,
-    TransitiveRateProvider,
-)
+import apps.currencies.exchange_rates.providers as providers
 from apps.currencies.models import ExchangeRateService, ExchangeRate, Currency
 
 logger = logging.getLogger(__name__)
@@ -18,11 +11,12 @@ logger = logging.getLogger(__name__)
 
 # Map service types to provider classes
 PROVIDER_MAPPING = {
-    "synth_finance": SynthFinanceProvider,
-    "synth_finance_stock": SynthFinanceStockProvider,
-    "coingecko_free": CoinGeckoFreeProvider,
-    "coingecko_pro": CoinGeckoProProvider,
-    "transitive": TransitiveRateProvider,
+    "coingecko_free": providers.CoinGeckoFreeProvider,
+    "coingecko_pro": providers.CoinGeckoProProvider,
+    "transitive": providers.TransitiveRateProvider,
+    "frankfurter": providers.FrankfurterProvider,
+    "twelvedata": providers.TwelveDataProvider,
+    "twelvedatamarkets": providers.TwelveDataMarketsProvider,
 }
 
 
@@ -203,25 +197,70 @@ class ExchangeRateFetcher:
 
                 if provider.rates_inverted:
                     # If rates are inverted, we need to swap currencies
-                    ExchangeRate.objects.create(
-                        from_currency=to_currency,
-                        to_currency=from_currency,
-                        rate=rate,
-                        date=timezone.now(),
-                    )
+                    if service.singleton:
+                        # Try to get the last automatically created exchange rate
+                        exchange_rate = (
+                            ExchangeRate.objects.filter(
+                                automatic=True,
+                                from_currency=to_currency,
+                                to_currency=from_currency,
+                            )
+                            .order_by("-date")
+                            .first()
+                        )
+                    else:
+                        exchange_rate = None
+
+                    if not exchange_rate:
+                        ExchangeRate.objects.create(
+                            automatic=True,
+                            from_currency=to_currency,
+                            to_currency=from_currency,
+                            rate=rate,
+                            date=timezone.now(),
+                        )
+                    else:
+                        exchange_rate.rate = rate
+                        exchange_rate.date = timezone.now()
+                        exchange_rate.save()
+
                     processed_pairs.add((to_currency.id, from_currency.id))
                 else:
                     # If rates are not inverted, we can use them as is
-                    ExchangeRate.objects.create(
-                        from_currency=from_currency,
-                        to_currency=to_currency,
-                        rate=rate,
-                        date=timezone.now(),
-                    )
+                    if service.singleton:
+                        # Try to get the last automatically created exchange rate
+                        exchange_rate = (
+                            ExchangeRate.objects.filter(
+                                automatic=True,
+                                from_currency=from_currency,
+                                to_currency=to_currency,
+                            )
+                            .order_by("-date")
+                            .first()
+                        )
+                    else:
+                        exchange_rate = None
+
+                    if not exchange_rate:
+                        ExchangeRate.objects.create(
+                            automatic=True,
+                            from_currency=from_currency,
+                            to_currency=to_currency,
+                            rate=rate,
+                            date=timezone.now(),
+                        )
+                    else:
+                        exchange_rate.rate = rate
+                        exchange_rate.date = timezone.now()
+                        exchange_rate.save()
+
                     processed_pairs.add((from_currency.id, to_currency.id))
 
             service.last_fetch = timezone.now()
+            service.failure_count = 0
             service.save()
 
         except Exception as e:
             logger.error(f"Error fetching rates for {service.name}: {e}")
+            service.failure_count += 1
+            service.save()

app/apps/currencies/exchange_rates/providers.py

@@ -13,70 +13,6 @@ from apps.currencies.exchange_rates.base import ExchangeRateProvider
 logger = logging.getLogger(__name__)
 
 
-class SynthFinanceProvider(ExchangeRateProvider):
-    """Implementation for Synth Finance API (synthfinance.com)"""
-
-    BASE_URL = "https://api.synthfinance.com/rates/live"
-    rates_inverted = False  # SynthFinance returns non-inverted rates
-
-    def __init__(self, api_key: str = None):
-        super().__init__(api_key)
-        self.session = requests.Session()
-        self.session.headers.update({"Authorization": f"Bearer {self.api_key}"})
-
-    def get_rates(
-        self, target_currencies: QuerySet, exchange_currencies: set
-    ) -> List[Tuple[Currency, Currency, Decimal]]:
-        results = []
-        currency_groups = {}
-        for currency in target_currencies:
-            if currency.exchange_currency in exchange_currencies:
-                group = currency_groups.setdefault(currency.exchange_currency.code, [])
-                group.append(currency)
-
-        for base_currency, currencies in currency_groups.items():
-            try:
-                to_currencies = ",".join(
-                    currency.code
-                    for currency in currencies
-                    if currency.code != base_currency
-                )
-                response = self.session.get(
-                    f"{self.BASE_URL}",
-                    params={"from": base_currency, "to": to_currencies},
-                )
-                response.raise_for_status()
-                data = response.json()
-                rates = data["data"]["rates"]
-
-                for currency in currencies:
-                    if currency.code == base_currency:
-                        rate = Decimal("1")
-                    else:
-                        rate = Decimal(str(rates[currency.code]))
-                    # Return the rate as is, without inversion
-                    results.append((currency.exchange_currency, currency, rate))
-
-                credits_used = data["meta"]["credits_used"]
-                credits_remaining = data["meta"]["credits_remaining"]
-                logger.info(
-                    f"Synth Finance API call: {credits_used} credits used, {credits_remaining} remaining"
-                )
-            except requests.RequestException as e:
-                logger.error(
-                    f"Error fetching rates from Synth Finance API for base {base_currency}: {e}"
-                )
-            except KeyError as e:
-                logger.error(
-                    f"Unexpected response structure from Synth Finance API for base {base_currency}: {e}"
-                )
-            except Exception as e:
-                logger.error(
-                    f"Unexpected error processing Synth Finance data for base {base_currency}: {e}"
-                )
-        return results
-
-
 class CoinGeckoFreeProvider(ExchangeRateProvider):
     """Implementation for CoinGecko Free API"""
 
@@ -152,71 +88,6 @@ class CoinGeckoProProvider(CoinGeckoFreeProvider):
         self.session.headers.update({"x-cg-pro-api-key": api_key})
 
 
-class SynthFinanceStockProvider(ExchangeRateProvider):
-    """Implementation for Synth Finance API Real-Time Prices endpoint (synthfinance.com)"""
-
-    BASE_URL = "https://api.synthfinance.com/tickers"
-    rates_inverted = True
-
-    def __init__(self, api_key: str = None):
-        super().__init__(api_key)
-        self.session = requests.Session()
-        self.session.headers.update(
-            {"Authorization": f"Bearer {self.api_key}", "accept": "application/json"}
-        )
-
-    def get_rates(
-        self, target_currencies: QuerySet, exchange_currencies: set
-    ) -> List[Tuple[Currency, Currency, Decimal]]:
-        results = []
-
-        for currency in target_currencies:
-            if currency.exchange_currency not in exchange_currencies:
-                continue
-
-            try:
-                # Same currency has rate of 1
-                if currency.code == currency.exchange_currency.code:
-                    rate = Decimal("1")
-                    results.append((currency.exchange_currency, currency, rate))
-                    continue
-
-                # Fetch real-time price for this ticker
-                response = self.session.get(
-                    f"{self.BASE_URL}/{currency.code}/real-time"
-                )
-                response.raise_for_status()
-                data = response.json()
-
-                # Use fair market value as the rate
-                rate = Decimal(data["data"]["fair_market_value"])
-                results.append((currency.exchange_currency, currency, rate))
-
-                # Log API usage
-                credits_used = data["meta"]["credits_used"]
-                credits_remaining = data["meta"]["credits_remaining"]
-                logger.info(
-                    f"Synth Finance API call for {currency.code}: {credits_used} credits used, {credits_remaining} remaining"
-                )
-            except requests.RequestException as e:
-                logger.error(
-                    f"Error fetching rate from Synth Finance API for ticker {currency.code}: {e}",
-                    exc_info=True,
-                )
-            except KeyError as e:
-                logger.error(
-                    f"Unexpected response structure from Synth Finance API for ticker {currency.code}: {e}",
-                    exc_info=True,
-                )
-            except Exception as e:
-                logger.error(
-                    f"Unexpected error processing Synth Finance data for ticker {currency.code}: {e}",
-                    exc_info=True,
-                )
-
-        return results
-
-
 class TransitiveRateProvider(ExchangeRateProvider):
     """Calculates exchange rates through paths of existing rates"""
 
@@ -306,3 +177,329 @@ class TransitiveRateProvider(ExchangeRateProvider):
                     queue.append((neighbor, path + [neighbor], current_rate * rate))
 
         return None, None
+
+
+class FrankfurterProvider(ExchangeRateProvider):
+    """Implementation for the Frankfurter API (frankfurter.dev)"""
+
+    BASE_URL = "https://api.frankfurter.dev/v1/latest"
+    rates_inverted = (
+        False  # Frankfurter returns non-inverted rates (e.g., 1 EUR = 1.1 USD)
+    )
+
+    def __init__(self, api_key: str = None):
+        """
+        Initializes the provider. The Frankfurter API does not require an API key,
+        so the api_key parameter is ignored.
+        """
+        super().__init__(api_key)
+        self.session = requests.Session()
+
+    @classmethod
+    def requires_api_key(cls) -> bool:
+        return False
+
+    def get_rates(
+        self, target_currencies: QuerySet, exchange_currencies: set
+    ) -> List[Tuple[Currency, Currency, Decimal]]:
+        results = []
+        currency_groups = {}
+        # Group target currencies by their exchange (base) currency to minimize API calls
+        for currency in target_currencies:
+            if currency.exchange_currency in exchange_currencies:
+                group = currency_groups.setdefault(currency.exchange_currency.code, [])
+                group.append(currency)
+
+        # Make one API call for each base currency
+        for base_currency, currencies in currency_groups.items():
+            try:
+                # Create a comma-separated list of target currency codes
+                to_currencies = ",".join(
+                    currency.code
+                    for currency in currencies
+                    if currency.code != base_currency
+                )
+
+                # If there are no target currencies other than the base, skip the API call
+                if not to_currencies:
+                    # Handle the case where the only request is for the base rate (e.g., USD to USD)
+                    for currency in currencies:
+                        if currency.code == base_currency:
+                            results.append(
+                                (currency.exchange_currency, currency, Decimal("1"))
+                            )
+                    continue
+
+                response = self.session.get(
+                    self.BASE_URL,
+                    params={"base": base_currency, "symbols": to_currencies},
+                )
+                response.raise_for_status()
+                data = response.json()
+                rates = data["rates"]
+
+                # Process the returned rates
+                for currency in currencies:
+                    if currency.code == base_currency:
+                        # The rate for the base currency to itself is always 1
+                        rate = Decimal("1")
+                    else:
+                        rate = Decimal(str(rates[currency.code]))
+
+                    results.append((currency.exchange_currency, currency, rate))
+
+            except requests.RequestException as e:
+                logger.error(
+                    f"Error fetching rates from Frankfurter API for base {base_currency}: {e}"
+                )
+            except KeyError as e:
+                logger.error(
+                    f"Unexpected response structure from Frankfurter API for base {base_currency}: {e}"
+                )
+            except Exception as e:
+                logger.error(
+                    f"Unexpected error processing Frankfurter data for base {base_currency}: {e}"
+                )
+        return results
+
+
+class TwelveDataProvider(ExchangeRateProvider):
+    """Implementation for the Twelve Data API (twelvedata.com)"""
+
+    BASE_URL = "https://api.twelvedata.com/exchange_rate"
+    rates_inverted = (
+        False  # The API returns direct rates, e.g., for EUR/USD it's 1 EUR = X USD
+    )
+
+    def __init__(self, api_key: str):
+        """
+        Initializes the provider with an API key and a requests session.
+        """
+        super().__init__(api_key)
+        self.session = requests.Session()
+
+    @classmethod
+    def requires_api_key(cls) -> bool:
+        """This provider requires an API key."""
+        return True
+
+    def get_rates(
+        self, target_currencies: QuerySet, exchange_currencies: set
+    ) -> List[Tuple[Currency, Currency, Decimal]]:
+        """
+        Fetches exchange rates from the Twelve Data API for the given currency pairs.
+
+        This provider makes one API call for each requested currency pair.
+        """
+        results = []
+
+        for target_currency in target_currencies:
+            # Ensure the target currency's exchange currency is one we're interested in
+            if target_currency.exchange_currency not in exchange_currencies:
+                continue
+
+            base_currency = target_currency.exchange_currency
+
+            # The exchange rate for the same currency is always 1
+            if base_currency.code == target_currency.code:
+                rate = Decimal("1")
+                results.append((base_currency, target_currency, rate))
+                continue
+
+            # Construct the symbol in the format "BASE/TARGET", e.g., "EUR/USD"
+            symbol = f"{base_currency.code}/{target_currency.code}"
+
+            try:
+                params = {
+                    "symbol": symbol,
+                    "apikey": self.api_key,
+                }
+
+                response = self.session.get(self.BASE_URL, params=params)
+                response.raise_for_status()  # Raise an HTTPError for bad responses (4xx or 5xx)
+
+                data = response.json()
+
+                # The API may return an error message in a JSON object
+                if "rate" not in data:
+                    error_message = data.get("message", "Rate not found in response.")
+                    logger.error(
+                        f"Could not fetch rate for {symbol} from Twelve Data: {error_message}"
+                    )
+                    continue
+
+                # Convert the rate to a Decimal for precision
+                rate = Decimal(str(data["rate"]))
+                results.append((base_currency, target_currency, rate))
+
+                logger.info(f"Successfully fetched rate for {symbol} from Twelve Data.")
+
+                time.sleep(
+                    60
+                )  # We sleep every pair as to not step over TwelveData's minute limit
+
+            except requests.RequestException as e:
+                logger.error(
+                    f"Error fetching rate from Twelve Data API for symbol {symbol}: {e}"
+                )
+            except KeyError as e:
+                logger.error(
+                    f"Unexpected response structure from Twelve Data API for symbol {symbol}: Missing key {e}"
+                )
+            except Exception as e:
+                logger.error(
+                    f"An unexpected error occurred while processing Twelve Data for {symbol}: {e}"
+                )
+
+        return results
+
+
+class TwelveDataMarketsProvider(ExchangeRateProvider):
+    """
+    Provides prices for market instruments (stocks, ETFs, etc.) using the Twelve Data API.
+
+    This provider performs a multi-step process:
+    1. Parses instrument codes which can be symbols, FIGI, CUSIP, or ISIN.
+    2. For CUSIPs, it defaults the currency to USD. For all others, it searches
+       for the instrument to determine its native trading currency.
+    3. Fetches the latest price for the instrument in its native currency.
+    4. Converts the price to the requested target exchange currency.
+    """
+
+    SYMBOL_SEARCH_URL = "https://api.twelvedata.com/symbol_search"
+    PRICE_URL = "https://api.twelvedata.com/price"
+    EXCHANGE_RATE_URL = "https://api.twelvedata.com/exchange_rate"
+
+    rates_inverted = True
+
+    def __init__(self, api_key: str):
+        super().__init__(api_key)
+        self.session = requests.Session()
+
+    @classmethod
+    def requires_api_key(cls) -> bool:
+        return True
+
+    def _parse_code(self, raw_code: str) -> Tuple[str, str]:
+        """Parses the raw code to determine its type and value."""
+        if raw_code.startswith("figi:"):
+            return "figi", raw_code.removeprefix("figi:")
+        if raw_code.startswith("cusip:"):
+            return "cusip", raw_code.removeprefix("cusip:")
+        if raw_code.startswith("isin:"):
+            return "isin", raw_code.removeprefix("isin:")
+        return "symbol", raw_code
+
+    def get_rates(
+        self, target_currencies: QuerySet, exchange_currencies: set
+    ) -> List[Tuple[Currency, Currency, Decimal]]:
+        results = []
+
+        for asset in target_currencies:
+            if asset.exchange_currency not in exchange_currencies:
+                continue
+
+            code_type, code_value = self._parse_code(asset.code)
+            original_currency_code = None
+
+            try:
+                # Determine the instrument's native currency
+                if code_type == "cusip":
+                    # CUSIP codes always default to USD
+                    original_currency_code = "USD"
+                    logger.info(f"Defaulting CUSIP {code_value} to USD currency.")
+                else:
+                    # For all other types, find currency via symbol search
+                    search_params = {"symbol": code_value, "apikey": "demo"}
+                    search_res = self.session.get(
+                        self.SYMBOL_SEARCH_URL, params=search_params
+                    )
+                    search_res.raise_for_status()
+                    search_data = search_res.json()
+
+                    if not search_data.get("data"):
+                        logger.warning(
+                            f"TwelveDataMarkets: Symbol search for '{code_value}' returned no results."
+                        )
+                        continue
+
+                    instrument_data = search_data["data"][0]
+                    original_currency_code = instrument_data.get("currency")
+
+                if not original_currency_code:
+                    logger.error(
+                        f"TwelveDataMarkets: Could not determine original currency for '{code_value}'."
+                    )
+                    continue
+
+                # Get the instrument's price in its native currency
+                price_params = {code_type: code_value, "apikey": self.api_key}
+                price_res = self.session.get(self.PRICE_URL, params=price_params)
+                price_res.raise_for_status()
+                price_data = price_res.json()
+
+                if "price" not in price_data:
+                    error_message = price_data.get(
+                        "message", "Price key not found in response"
+                    )
+                    logger.error(
+                        f"TwelveDataMarkets: Could not get price for {code_type} '{code_value}': {error_message}"
+                    )
+                    continue
+
+                price_in_original_currency = Decimal(price_data["price"])
+
+                # Convert price to the target exchange currency
+                target_exchange_currency = asset.exchange_currency
+
+                if (
+                    original_currency_code.upper()
+                    == target_exchange_currency.code.upper()
+                ):
+                    final_price = price_in_original_currency
+                else:
+                    rate_symbol = (
+                        f"{original_currency_code}/{target_exchange_currency.code}"
+                    )
+                    rate_params = {"symbol": rate_symbol, "apikey": self.api_key}
+                    rate_res = self.session.get(
+                        self.EXCHANGE_RATE_URL, params=rate_params
+                    )
+                    rate_res.raise_for_status()
+                    rate_data = rate_res.json()
+
+                    if "rate" not in rate_data:
+                        error_message = rate_data.get(
+                            "message", "Rate key not found in response"
+                        )
+                        logger.error(
+                            f"TwelveDataMarkets: Could not get conversion rate for '{rate_symbol}': {error_message}"
+                        )
+                        continue
+
+                    conversion_rate = Decimal(str(rate_data["rate"]))
+                    final_price = price_in_original_currency * conversion_rate
+
+                results.append((target_exchange_currency, asset, final_price))
+                logger.info(
+                    f"Successfully processed price for {asset.code} as {final_price} {target_exchange_currency.code}"
+                )
+
+                time.sleep(
+                    60
+                )  # We sleep every pair as to not step over TwelveData's minute limit
+
+            except requests.RequestException as e:
+                logger.error(
+                    f"TwelveDataMarkets: API request failed for {code_value}: {e}"
+                )
+            except (KeyError, IndexError) as e:
+                logger.error(
+                    f"TwelveDataMarkets: Error processing API response for {code_value}: {e}"
+                )
+            except Exception as e:
+                logger.error(
+                    f"TwelveDataMarkets: An unexpected error occurred for {code_value}: {e}"
+                )
+
+        return results

app/apps/currencies/forms.py

@@ -1,16 +1,15 @@
-from crispy_bootstrap5.bootstrap5 import Switch
-from crispy_forms.bootstrap import FormActions
-from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Row, Column
-from django import forms
-from django.forms import CharField
-from django.utils.translation import gettext_lazy as _
-
+from apps.common.widgets.crispy.daisyui import Switch
 from apps.common.widgets.crispy.submit import NoClassSubmit
 from apps.common.widgets.datepicker import AirDateTimePickerInput
 from apps.common.widgets.decimal import ArbitraryDecimalDisplayNumberInput
 from apps.common.widgets.tom_select import TomSelect
 from apps.currencies.models import Currency, ExchangeRate, ExchangeRateService
+from crispy_forms.bootstrap import FormActions
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import Column, Layout, Row
+from django import forms
+from django.forms import CharField
+from django.utils.translation import gettext_lazy as _
 
 
 class CurrencyForm(forms.ModelForm):
@@ -26,6 +25,7 @@ class CurrencyForm(forms.ModelForm):
             "suffix",
             "code",
             "exchange_currency",
+            "is_archived",
         ]
         widgets = {
             "exchange_currency": TomSelect(),
@@ -40,6 +40,7 @@ class CurrencyForm(forms.ModelForm):
         self.helper.layout = Layout(
             "code",
             "name",
+            Switch("is_archived"),
             "decimal_places",
             "prefix",
             "suffix",
@@ -49,17 +50,13 @@ class CurrencyForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -87,17 +84,13 @@ class ExchangeRateForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -114,6 +107,7 @@ class ExchangeRateServiceForm(forms.ModelForm):
             "fetch_interval",
             "target_currencies",
             "target_accounts",
+            "singleton",
         ]
 
     def __init__(self, *args, **kwargs):
@@ -126,10 +120,11 @@ class ExchangeRateServiceForm(forms.ModelForm):
             "name",
             "service_type",
             Switch("is_active"),
+            Switch("singleton"),
             "api_key",
             Row(
-                Column("interval_type", css_class="form-group col-md-6"),
-                Column("fetch_interval", css_class="form-group col-md-6"),
+                Column("interval_type"),
+                Column("fetch_interval"),
             ),
             "target_currencies",
             "target_accounts",
@@ -138,16 +133,12 @@ class ExchangeRateServiceForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )

app/apps/currencies/migrations/0015_exchangerate_automatic_exchangerateservice_singleton.py

@@ -0,0 +1,23 @@
+# Generated by Django 5.2.4 on 2025-08-08 02:18
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0014_alter_currency_options'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='exchangerate',
+            name='automatic',
+            field=models.BooleanField(default=False, verbose_name='Automatic'),
+        ),
+        migrations.AddField(
+            model_name='exchangerateservice',
+            name='singleton',
+            field=models.BooleanField(default=False, help_text='Create one exchange rate and keep updating it. Avoids database clutter.', verbose_name='Single exchange rate'),
+        ),
+    ]

app/apps/currencies/migrations/0016_alter_exchangerate_automatic.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.4 on 2025-08-08 02:38
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0015_exchangerate_automatic_exchangerateservice_singleton'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='exchangerate',
+            name='automatic',
+            field=models.BooleanField(default=False, verbose_name='Auto'),
+        ),
+    ]

app/apps/currencies/migrations/0017_alter_exchangerateservice_service_type.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-16 22:18
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0016_alter_exchangerate_automatic'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='exchangerateservice',
+            name='service_type',
+            field=models.CharField(choices=[('synth_finance', 'Synth Finance'), ('synth_finance_stock', 'Synth Finance Stock'), ('coingecko_free', 'CoinGecko (Demo/Free)'), ('coingecko_pro', 'CoinGecko (Pro)'), ('transitive', 'Transitive (Calculated from Existing Rates)'), ('frankfurter', 'Frankfurter')], max_length=255, verbose_name='Service Type'),
+        ),
+    ]

app/apps/currencies/migrations/0018_alter_exchangerateservice_service_type.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-17 03:54
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0017_alter_exchangerateservice_service_type'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='exchangerateservice',
+            name='service_type',
+            field=models.CharField(choices=[('synth_finance', 'Synth Finance'), ('synth_finance_stock', 'Synth Finance Stock'), ('coingecko_free', 'CoinGecko (Demo/Free)'), ('coingecko_pro', 'CoinGecko (Pro)'), ('transitive', 'Transitive (Calculated from Existing Rates)'), ('frankfurter', 'Frankfurter'), ('twelvedata', 'TwelveData')], max_length=255, verbose_name='Service Type'),
+        ),
+    ]

app/apps/currencies/migrations/0019_alter_exchangerateservice_service_type.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-17 06:01
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0018_alter_exchangerateservice_service_type'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='exchangerateservice',
+            name='service_type',
+            field=models.CharField(choices=[('synth_finance', 'Synth Finance'), ('synth_finance_stock', 'Synth Finance Stock'), ('coingecko_free', 'CoinGecko (Demo/Free)'), ('coingecko_pro', 'CoinGecko (Pro)'), ('transitive', 'Transitive (Calculated from Existing Rates)'), ('frankfurter', 'Frankfurter'), ('twelvedata', 'TwelveData'), ('twelvedatamarkets', 'TwelveData Markets')], max_length=255, verbose_name='Service Type'),
+        ),
+    ]

app/apps/currencies/migrations/0020_migrate_synth_finance_services.py

@@ -0,0 +1,51 @@
+# Generated by Django 5.2.5 on 2025-08-17 06:25
+
+from django.db import migrations
+
+# The new value we are migrating to
+NEW_SERVICE_TYPE = "frankfurter"
+# The old values we are deprecating
+OLD_SERVICE_TYPE_TO_UPDATE = "synth_finance"
+OLD_SERVICE_TYPE_TO_DELETE = "synth_finance_stock"
+
+
+def forwards_func(apps, schema_editor):
+    """
+    Forward migration:
+    - Deletes all ExchangeRateService instances with service_type 'synth_finance_stock'.
+    - Updates all ExchangeRateService instances with service_type 'synth_finance' to 'frankfurter'.
+    """
+    ExchangeRateService = apps.get_model("currencies", "ExchangeRateService")
+    db_alias = schema_editor.connection.alias
+
+    # 1. Delete the SYNTH_FINANCE_STOCK entries
+    ExchangeRateService.objects.using(db_alias).filter(
+        service_type=OLD_SERVICE_TYPE_TO_DELETE
+    ).delete()
+
+    # 2. Update the SYNTH_FINANCE entries to FRANKFURTER
+    ExchangeRateService.objects.using(db_alias).filter(
+        service_type=OLD_SERVICE_TYPE_TO_UPDATE
+    ).update(service_type=NEW_SERVICE_TYPE, api_key=None)
+
+
+def backwards_func(apps, schema_editor):
+    """
+    Backward migration: This operation is not safely reversible.
+    - We cannot know which 'frankfurter' services were originally 'synth_finance'.
+    - The deleted 'synth_finance_stock' services cannot be recovered.
+    We will leave this function empty to allow migrating backwards without doing anything.
+    """
+    pass
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        # Add the previous migration file here
+        ("currencies", "0019_alter_exchangerateservice_service_type"),
+    ]
+
+    operations = [
+        migrations.RunPython(forwards_func, reverse_code=backwards_func),
+    ]

app/apps/currencies/migrations/0021_alter_exchangerateservice_service_type.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-17 06:29
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0020_migrate_synth_finance_services'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='exchangerateservice',
+            name='service_type',
+            field=models.CharField(choices=[('coingecko_free', 'CoinGecko (Demo/Free)'), ('coingecko_pro', 'CoinGecko (Pro)'), ('transitive', 'Transitive (Calculated from Existing Rates)'), ('frankfurter', 'Frankfurter'), ('twelvedata', 'TwelveData'), ('twelvedatamarkets', 'TwelveData Markets')], max_length=255, verbose_name='Service Type'),
+        ),
+    ]

app/apps/currencies/migrations/0022_currency_is_archived.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-30 00:47
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0021_alter_exchangerateservice_service_type'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='currency',
+            name='is_archived',
+            field=models.BooleanField(default=False, verbose_name='Archived'),
+        ),
+    ]

app/apps/currencies/migrations/0023_add_failure_count.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.10 on 2026-01-10 06:08
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('currencies', '0022_currency_is_archived'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='exchangerateservice',
+            name='failure_count',
+            field=models.PositiveIntegerField(default=0),
+        ),
+    ]

app/apps/currencies/models.py

@@ -32,6 +32,11 @@ class Currency(models.Model):
         help_text=_("Default currency for exchange calculations"),
     )
 
+    is_archived = models.BooleanField(
+        default=False,
+        verbose_name=_("Archived"),
+    )
+
     def __str__(self):
         return self.name
 
@@ -70,6 +75,8 @@ class ExchangeRate(models.Model):
     )
     date = models.DateTimeField(verbose_name=_("Date and Time"))
 
+    automatic = models.BooleanField(verbose_name=_("Auto"), default=False)
+
     class Meta:
         verbose_name = _("Exchange Rate")
         verbose_name_plural = _("Exchange Rates")
@@ -92,11 +99,12 @@ class ExchangeRateService(models.Model):
     """Configuration for exchange rate services"""
 
     class ServiceType(models.TextChoices):
-        SYNTH_FINANCE = "synth_finance", "Synth Finance"
-        SYNTH_FINANCE_STOCK = "synth_finance_stock", "Synth Finance Stock"
         COINGECKO_FREE = "coingecko_free", "CoinGecko (Demo/Free)"
         COINGECKO_PRO = "coingecko_pro", "CoinGecko (Pro)"
         TRANSITIVE = "transitive", "Transitive (Calculated from Existing Rates)"
+        FRANKFURTER = "frankfurter", "Frankfurter"
+        TWELVEDATA = "twelvedata", "TwelveData"
+        TWELVEDATA_MARKETS = "twelvedatamarkets", "TwelveData Markets"
 
     class IntervalType(models.TextChoices):
         ON = "on", _("On")
@@ -128,6 +136,8 @@ class ExchangeRateService(models.Model):
         null=True, blank=True, verbose_name=_("Last Successful Fetch")
     )
 
+    failure_count = models.PositiveIntegerField(default=0)
+
     target_currencies = models.ManyToManyField(
         Currency,
         verbose_name=_("Target Currencies"),
@@ -148,6 +158,14 @@ class ExchangeRateService(models.Model):
         blank=True,
     )
 
+    singleton = models.BooleanField(
+        verbose_name=_("Single exchange rate"),
+        default=False,
+        help_text=_(
+            "Create one exchange rate and keep updating it. Avoids database clutter."
+        ),
+    )
+
     class Meta:
         verbose_name = _("Exchange Rate Service")
         verbose_name_plural = _("Exchange Rate Services")
@@ -221,7 +239,7 @@ class ExchangeRateService(models.Model):
                     hours = self._parse_hour_ranges(self.fetch_interval)
                     # Store in normalized format (optional)
                     self.fetch_interval = ",".join(str(h) for h in sorted(hours))
-                except ValueError as e:
+                except ValueError:
                     raise ValidationError(
                         {
                             "fetch_interval": _(
@@ -232,7 +250,7 @@ class ExchangeRateService(models.Model):
                     )
         except ValidationError:
             raise
-        except Exception as e:
+        except Exception:
             raise ValidationError(
                 {
                     "fetch_interval": _(

app/apps/currencies/tasks.py

@@ -8,7 +8,7 @@ logger = logging.getLogger(__name__)
 
 
 @app.periodic(cron="0 * * * *")  # Run every hour
-@app.task(name="automatic_fetch_exchange_rates")
+@app.task(lock="automatic_fetch_exchange_rates", name="automatic_fetch_exchange_rates")
 def automatic_fetch_exchange_rates(timestamp=None):
     """Fetch exchange rates for all due services"""
     fetcher = ExchangeRateFetcher()
@@ -19,7 +19,7 @@ def automatic_fetch_exchange_rates(timestamp=None):
         logger.error(e, exc_info=True)
 
 
-@app.task(name="manual_fetch_exchange_rates")
+@app.task(lock="manual_fetch_exchange_rates", name="manual_fetch_exchange_rates")
 def manual_fetch_exchange_rates(timestamp=None):
     """Fetch exchange rates for all due services"""
     fetcher = ExchangeRateFetcher()

app/apps/currencies/tests.py

@@ -40,12 +40,6 @@ class CurrencyTests(TestCase):
         with self.assertRaises(ValidationError):
             currency.full_clean()
 
-    def test_currency_unique_code(self):
-        """Test that currency codes must be unique"""
-        Currency.objects.create(code="USD", name="US Dollar", decimal_places=2)
-        with self.assertRaises(IntegrityError):
-            Currency.objects.create(code="USD", name="Another Dollar", decimal_places=2)
-
     def test_currency_unique_name(self):
         """Test that currency names must be unique"""
         Currency.objects.create(code="USD", name="US Dollar", decimal_places=2)

app/apps/currencies/tests/__init__.py

@@ -0,0 +1 @@
+# Tests package for currencies app

app/apps/currencies/tests/test_automatic_exchange_rates.py

@@ -0,0 +1,109 @@
+from decimal import Decimal
+from unittest.mock import patch, MagicMock
+
+from django.test import TestCase
+from django.utils import timezone
+
+from apps.currencies.models import Currency, ExchangeRateService
+from apps.currencies.exchange_rates.fetcher import ExchangeRateFetcher
+
+
+class ExchangeRateServiceFailureTrackingTests(TestCase):
+    """Tests for the failure count tracking functionality."""
+
+    def setUp(self):
+        """Set up test data."""
+        self.usd = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.eur = Currency.objects.create(
+            code="EUR", name="Euro", decimal_places=2, prefix="€ "
+        )
+        self.eur.exchange_currency = self.usd
+        self.eur.save()
+
+        self.service = ExchangeRateService.objects.create(
+            name="Test Service",
+            service_type=ExchangeRateService.ServiceType.FRANKFURTER,
+            is_active=True,
+        )
+        self.service.target_currencies.add(self.eur)
+
+    def test_failure_count_increments_on_provider_error(self):
+        """Test that failure_count increments when provider raises an exception."""
+        self.assertEqual(self.service.failure_count, 0)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertEqual(self.service.failure_count, 1)
+
+    def test_failure_count_resets_on_success(self):
+        """Test that failure_count resets to 0 on successful fetch."""
+        # Set initial failure count
+        self.service.failure_count = 5
+        self.service.save()
+
+        # Mock a successful provider
+        mock_provider = MagicMock()
+        mock_provider.requires_api_key.return_value = False
+        mock_provider.get_rates.return_value = [(self.usd, self.eur, Decimal("0.85"))]
+        mock_provider.rates_inverted = False
+
+        with patch.object(self.service, "get_provider", return_value=mock_provider):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertEqual(self.service.failure_count, 0)
+
+    def test_failure_count_accumulates_across_fetches(self):
+        """Test that failure_count accumulates with consecutive failures."""
+        self.assertEqual(self.service.failure_count, 0)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 1)
+
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 2)
+
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+            self.service.refresh_from_db()
+            self.assertEqual(self.service.failure_count, 3)
+
+    def test_last_fetch_not_updated_on_failure(self):
+        """Test that last_fetch is NOT updated when a failure occurs."""
+        original_last_fetch = self.service.last_fetch
+        self.assertIsNone(original_last_fetch)
+
+        with patch.object(
+            self.service, "get_provider", side_effect=Exception("API Error")
+        ):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertIsNone(self.service.last_fetch)
+        self.assertEqual(self.service.failure_count, 1)
+
+    def test_last_fetch_updated_on_success(self):
+        """Test that last_fetch IS updated when fetch succeeds."""
+        self.assertIsNone(self.service.last_fetch)
+
+        mock_provider = MagicMock()
+        mock_provider.requires_api_key.return_value = False
+        mock_provider.get_rates.return_value = [(self.usd, self.eur, Decimal("0.85"))]
+        mock_provider.rates_inverted = False
+
+        with patch.object(self.service, "get_provider", return_value=mock_provider):
+            ExchangeRateFetcher._fetch_service_rates(self.service)
+
+        self.service.refresh_from_db()
+        self.assertIsNotNone(self.service.last_fetch)
+        self.assertEqual(self.service.failure_count, 0)

app/apps/currencies/views/currencies.py

@@ -23,7 +23,7 @@ def currencies_index(request):
 @login_required
 @require_http_methods(["GET"])
 def currencies_list(request):
-    currencies = Currency.objects.all().order_by("id")
+    currencies = Currency.objects.all().order_by("name")
     return render(
         request,
         "currencies/fragments/list.html",

app/apps/dca/forms.py

@@ -1,22 +1,20 @@
-from crispy_bootstrap5.bootstrap5 import Switch, BS5Accordion
-from crispy_forms.bootstrap import FormActions, AccordionGroup
-from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Row, Column, HTML
-from django import forms
-from django.utils.translation import gettext_lazy as _
-
 from apps.accounts.models import Account
-from apps.common.widgets.crispy.submit import NoClassSubmit
-from apps.common.widgets.datepicker import AirDatePickerInput
-from apps.common.widgets.decimal import ArbitraryDecimalDisplayNumberInput
-from apps.common.widgets.tom_select import TomSelect
-from apps.dca.models import DCAStrategy, DCAEntry
-from apps.common.widgets.tom_select import TransactionSelect
-from apps.transactions.models import Transaction, TransactionTag, TransactionCategory
 from apps.common.fields.forms.dynamic_select import (
     DynamicModelChoiceField,
     DynamicModelMultipleChoiceField,
 )
+from apps.common.widgets.crispy.daisyui import Switch
+from apps.common.widgets.crispy.submit import NoClassSubmit
+from apps.common.widgets.datepicker import AirDatePickerInput
+from apps.common.widgets.decimal import ArbitraryDecimalDisplayNumberInput
+from apps.common.widgets.tom_select import TomSelect, TransactionSelect
+from apps.dca.models import DCAEntry, DCAStrategy
+from apps.transactions.models import Transaction, TransactionCategory, TransactionTag
+from crispy_forms.bootstrap import AccordionGroup, FormActions, Accordion
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import HTML, Column, Layout, Row
+from django import forms
+from django.utils.translation import gettext_lazy as _
 
 
 class DCAStrategyForm(forms.ModelForm):
@@ -36,8 +34,8 @@ class DCAStrategyForm(forms.ModelForm):
         self.helper.layout = Layout(
             "name",
             Row(
-                Column("payment_currency", css_class="form-group col-md-6"),
-                Column("target_currency", css_class="form-group col-md-6"),
+                Column("payment_currency"),
+                Column("target_currency"),
             ),
             "notes",
         )
@@ -45,17 +43,13 @@ class DCAStrategyForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -155,11 +149,11 @@ class DCAEntryForm(forms.ModelForm):
         self.helper.layout = Layout(
             "date",
             Row(
-                Column("amount_paid", css_class="form-group col-md-6"),
-                Column("amount_received", css_class="form-group col-md-6"),
+                Column("amount_paid"),
+                Column("amount_received"),
             ),
             "notes",
-            BS5Accordion(
+            Accordion(
                 AccordionGroup(
                     _("Create transaction"),
                     Switch("create_transaction"),
@@ -168,19 +162,11 @@ class DCAEntryForm(forms.ModelForm):
                             Row(
                                 Column(
                                     "from_account",
-                                    css_class="form-group",
                                 ),
-                                css_class="form-row",
                             ),
                             Row(
-                                Column(
-                                    "from_category",
-                                    css_class="form-group col-md-6 mb-0",
-                                ),
-                                Column(
-                                    "from_tags", css_class="form-group col-md-6 mb-0"
-                                ),
-                                css_class="form-row",
+                                Column("from_category"),
+                                Column("from_tags"),
                             ),
                         ),
                         css_class="p-1 mx-1 my-3 border rounded-3",
@@ -192,14 +178,10 @@ class DCAEntryForm(forms.ModelForm):
                                     "to_account",
                                     css_class="form-group",
                                 ),
-                                css_class="form-row",
                             ),
                             Row(
-                                Column(
-                                    "to_category", css_class="form-group col-md-6 mb-0"
-                                ),
-                                Column("to_tags", css_class="form-group col-md-6 mb-0"),
-                                css_class="form-row",
+                                Column("to_category"),
+                                Column("to_tags"),
                             ),
                         ),
                         css_class="p-1 mx-1 my-3 border rounded-3",
@@ -220,17 +202,13 @@ class DCAEntryForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 

app/apps/dca/views.py

@@ -1,4 +1,3 @@
-# apps/dca_tracker/views.py
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
 from django.db.models import Sum, Avg
@@ -23,7 +22,7 @@ def strategy_index(request):
 @only_htmx
 @login_required
 def strategy_list(request):
-    strategies = DCAStrategy.objects.all().order_by("created_at")
+    strategies = DCAStrategy.objects.all().order_by("name")
     return render(
         request, "dca/fragments/strategy/list.html", {"strategies": strategies}
     )
@@ -234,7 +233,7 @@ def strategy_entry_add(request, strategy_id):
     if request.method == "POST":
         form = DCAEntryForm(request.POST, strategy=strategy)
         if form.is_valid():
-            entry = form.save()
+            form.save()
             messages.success(request, _("Entry added successfully"))
 
             return HttpResponse(

app/apps/export_app/forms.py

@@ -1,11 +1,10 @@
+from apps.common.widgets.crispy.submit import NoClassSubmit
 from crispy_forms.bootstrap import FormActions
 from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, HTML
+from crispy_forms.layout import HTML, Layout
 from django import forms
 from django.utils.translation import gettext_lazy as _
 
-from apps.common.widgets.crispy.submit import NoClassSubmit
-
 
 class ExportForm(forms.Form):
     users = forms.BooleanField(
@@ -115,9 +114,7 @@ class ExportForm(forms.Form):
             "dca",
             "import_profiles",
             FormActions(
-                NoClassSubmit(
-                    "submit", _("Export"), css_class="btn btn-outline-primary w-100"
-                ),
+                NoClassSubmit("submit", _("Export"), css_class="btn btn-primary"),
             ),
         )
 
@@ -162,7 +159,7 @@ class RestoreForm(forms.Form):
         self.helper.form_method = "post"
         self.helper.layout = Layout(
             "zip_file",
-            HTML("<hr />"),
+            HTML('<hr class="hr my-3"/>'),
             "users",
             "accounts",
             "currencies",
@@ -181,9 +178,7 @@ class RestoreForm(forms.Form):
             "dca_entries",
             "import_profiles",
             FormActions(
-                NoClassSubmit(
-                    "submit", _("Restore"), css_class="btn btn-outline-primary w-100"
-                ),
+                NoClassSubmit("submit", _("Restore"), css_class="btn btn-primary"),
             ),
         )
 

app/apps/export_app/resources/transactions.py

@@ -1,8 +1,10 @@
 from import_export import fields, resources
-from import_export.widgets import ForeignKeyWidget
 
 from apps.accounts.models import Account
-from apps.export_app.widgets.foreign_key import AutoCreateForeignKeyWidget
+from apps.export_app.widgets.foreign_key import (
+    AllObjectsForeignKeyWidget,
+    AutoCreateForeignKeyWidget,
+)
 from apps.export_app.widgets.many_to_many import AutoCreateManyToManyWidget
 from apps.export_app.widgets.string import EmptyStringToNoneField
 from apps.transactions.models import (
@@ -20,7 +22,7 @@ class TransactionResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -86,7 +88,7 @@ class RecurringTransactionResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -119,12 +121,16 @@ class RecurringTransactionResource(resources.ModelResource):
     def get_queryset(self):
         return RecurringTransaction.all_objects.all()
 
+    def dehydrate_account_owner(self, obj):
+        """Export the account's owner ID for proper import matching."""
+        return obj.account.owner_id if obj.account else None
+
 
 class InstallmentPlanResource(resources.ModelResource):
     account = fields.Field(
         attribute="account",
         column_name="account",
-        widget=ForeignKeyWidget(Account, "name"),
+        widget=AllObjectsForeignKeyWidget(Account, "name"),
     )
 
     category = fields.Field(
@@ -156,3 +162,7 @@ class InstallmentPlanResource(resources.ModelResource):
 
     def get_queryset(self):
         return InstallmentPlan.all_objects.all()
+
+    def dehydrate_account_owner(self, obj):
+        """Export the account's owner ID for proper import matching."""
+        return obj.account.owner_id if obj.account else None

app/apps/export_app/widgets/foreign_key.py

@@ -1,6 +1,60 @@
 from import_export.widgets import ForeignKeyWidget
 
 
+class AllObjectsForeignKeyWidget(ForeignKeyWidget):
+    """
+    ForeignKeyWidget that uses 'all_objects' manager for lookups,
+    bypassing user-filtered managers like SharedObjectManager.
+    Also filters by owner if available in the row data.
+    """
+
+    def get_queryset(self, value, row, *args, **kwargs):
+        # Use all_objects manager if available, otherwise fall back to default
+        if hasattr(self.model, "all_objects"):
+            qs = self.model.all_objects.all()
+            # Filter by owner if the row has an owner field and the model has owner
+            if row:
+                # Check for direct owner field first
+                owner_id = row.get("owner") if "owner" in row else None
+                # Fall back to account_owner for models like InstallmentPlan
+                if not owner_id and "account_owner" in row:
+                    owner_id = row.get("account_owner")
+                # If still no owner, try to get it from the existing record's account
+                # This handles backward compatibility with older exports
+                if not owner_id and "id" in row and row.get("id"):
+                    try:
+                        # Try to find the existing record and get owner from its account
+                        from apps.transactions.models import (
+                            InstallmentPlan,
+                            RecurringTransaction,
+                        )
+
+                        record_id = row.get("id")
+                        # Try to find the existing InstallmentPlan or RecurringTransaction
+                        for model_class in [InstallmentPlan, RecurringTransaction]:
+                            try:
+                                existing = model_class.all_objects.get(id=record_id)
+                                if existing.account:
+                                    owner_id = existing.account.owner_id
+                                    break
+                            except model_class.DoesNotExist:
+                                continue
+                    except Exception:
+                        pass
+                # Final fallback: use the current logged-in user
+                # This handles restoring to a fresh database with older exports
+                if not owner_id:
+                    from apps.common.middleware.thread_local import get_current_user
+
+                    user = get_current_user()
+                    if user and user.is_authenticated:
+                        owner_id = user.id
+                if owner_id:
+                    qs = qs.filter(owner_id=owner_id)
+            return qs
+        return super().get_queryset(value, row, *args, **kwargs)
+
+
 class AutoCreateForeignKeyWidget(ForeignKeyWidget):
     def clean(self, value, row=None, *args, **kwargs):
         if value:

app/apps/import_app/forms.py

@@ -1,3 +1,5 @@
+from apps.common.widgets.crispy.submit import NoClassSubmit
+from apps.import_app.models import ImportProfile
 from crispy_forms.bootstrap import FormActions
 from crispy_forms.helper import FormHelper
 from crispy_forms.layout import (
@@ -6,9 +8,6 @@ from crispy_forms.layout import (
 from django import forms
 from django.utils.translation import gettext_lazy as _
 
-from apps.import_app.models import ImportProfile
-from apps.common.widgets.crispy.submit import NoClassSubmit
-
 
 class ImportProfileForm(forms.ModelForm):
     class Meta:
@@ -30,17 +29,13 @@ class ImportProfileForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -57,8 +52,6 @@ class ImportRunFileUploadForm(forms.Form):
         self.helper.layout = Layout(
             "file",
             FormActions(
-                NoClassSubmit(
-                    "submit", _("Import"), css_class="btn btn-outline-primary w-100"
-                ),
+                NoClassSubmit("submit", _("Import"), css_class="btn btn-primary"),
             ),
         )

app/apps/import_app/services/v1.py

@@ -459,12 +459,13 @@ class ImportService:
                 # Build query conditions for each field in the rule
                 for field in rule.fields:
                     if field in transaction_data:
-                        if rule.match_type == "strict":
-                            query = query.filter(**{field: transaction_data[field]})
-                        else:  # lax matching
-                            query = query.filter(
-                                **{f"{field}__iexact": transaction_data[field]}
-                            )
+                        value = transaction_data[field]
+                        # Use __iexact only for string fields; non-string types
+                        # (date, Decimal, bool, int, etc.) don't support UPPER()
+                        if rule.match_type == "strict" or not isinstance(value, str):
+                            query = query.filter(**{field: value})
+                        else:  # lax matching for strings only
+                            query = query.filter(**{f"{field}__iexact": value})
 
                 # If we found any matching transaction, it's a duplicate
                 if query.exists():
@@ -475,11 +476,27 @@ class ImportService:
     def _coerce_type(
         self, value: str, mapping: version_1.ColumnMapping
     ) -> Union[str, int, bool, Decimal, datetime, list, None]:
+        coerce_to = mapping.coerce_to
+
+        # Handle detection methods that don't require a source value
+        if coerce_to == "transaction_type" and isinstance(
+            mapping, version_1.TransactionTypeMapping
+        ):
+            if mapping.detection_method == "always_income":
+                return Transaction.Type.INCOME
+            elif mapping.detection_method == "always_expense":
+                return Transaction.Type.EXPENSE
+        elif coerce_to == "is_paid" and isinstance(
+            mapping, version_1.TransactionIsPaidMapping
+        ):
+            if mapping.detection_method == "always_paid":
+                return True
+            elif mapping.detection_method == "always_unpaid":
+                return False
+
         if not value:
             return None
 
-        coerce_to = mapping.coerce_to
-
         return self._coerce_single_type(value, coerce_to, mapping)
 
     @staticmethod

app/apps/import_app/tests.py

@@ -1,3 +0,0 @@
-from django.test import TestCase
-
-# Create your tests here.

app/apps/import_app/tests/test_import_service_v1.py

@@ -0,0 +1,275 @@
+"""
+Tests for ImportService v1, specifically for deduplication logic.
+
+These tests verify that the _check_duplicate_transaction method handles
+different field types correctly, particularly ensuring that __iexact
+is only used for string fields (not dates, decimals, etc.).
+"""
+
+from datetime import date
+from decimal import Decimal
+
+from django.test import TestCase
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.import_app.models import ImportProfile, ImportRun
+from apps.import_app.services.v1 import ImportService
+from apps.transactions.models import Transaction
+
+
+class DeduplicationTests(TestCase):
+    """Tests for transaction deduplication during import."""
+
+    def setUp(self):
+        """Set up test data."""
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account", group=self.account_group, currency=self.currency
+        )
+
+        # Create an existing transaction for deduplication tests
+        self.existing_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            date=date(2024, 1, 15),
+            amount=Decimal("100.00"),
+            description="Existing Transaction",
+            internal_id="ABC123",
+        )
+
+    def _create_import_service_with_deduplication(
+        self, fields: list[str], match_type: str = "lax"
+    ) -> ImportService:
+        """Helper to create an ImportService with specific deduplication rules."""
+        yaml_config = f"""
+settings:
+  file_type: csv
+  importing: transactions
+  trigger_transaction_rules: false
+mapping:
+  date_field:
+    source: date
+    target: date
+    format: "%Y-%m-%d"
+  amount_field:
+    source: amount
+    target: amount
+  description_field:
+    source: description
+    target: description
+  account_field:
+    source: account
+    target: account
+    type: id
+deduplication:
+  - type: compare
+    fields: {fields}
+    match_type: {match_type}
+"""
+        profile = ImportProfile.objects.create(
+            name=f"Test Profile {match_type} {'_'.join(fields)}",
+            yaml_config=yaml_config,
+            version=ImportProfile.Versions.VERSION_1,
+        )
+        import_run = ImportRun.objects.create(
+            profile=profile,
+            file_name="test.csv",
+        )
+        return ImportService(import_run)
+
+    def test_deduplication_with_date_field_strict_match(self):
+        """Test that date fields work with strict matching."""
+        service = self._create_import_service_with_deduplication(
+            fields=["date"], match_type="strict"
+        )
+
+        # Should find duplicate when date matches
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 1, 15)})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 2, 20)})
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_date_field_lax_match(self):
+        """
+        Test that date fields use strict matching even when match_type is 'lax'.
+
+        This is the fix for the UPPER(date) PostgreSQL error. Date fields
+        cannot use __iexact, so they should fall back to strict matching.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["date"], match_type="lax"
+        )
+
+        # Should find duplicate when date matches (using strict comparison)
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 1, 15)})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction({"date": date(2024, 2, 20)})
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_amount_field_lax_match(self):
+        """
+        Test that Decimal fields use strict matching even when match_type is 'lax'.
+
+        Decimal fields cannot use __iexact, so they should fall back to strict matching.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["amount"], match_type="lax"
+        )
+
+        # Should find duplicate when amount matches
+        is_duplicate = service._check_duplicate_transaction(
+            {"amount": Decimal("100.00")}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when amount differs
+        is_duplicate = service._check_duplicate_transaction(
+            {"amount": Decimal("200.00")}
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_string_field_lax_match(self):
+        """
+        Test that string fields use case-insensitive matching with match_type 'lax'.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["description"], match_type="lax"
+        )
+
+        # Should find duplicate with case-insensitive match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "EXISTING TRANSACTION"}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should find duplicate with exact case match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Existing Transaction"}
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when description differs
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Different Transaction"}
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_string_field_strict_match(self):
+        """
+        Test that string fields use case-sensitive matching with match_type 'strict'.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["description"], match_type="strict"
+        )
+
+        # Should NOT find duplicate with different case (strict matching)
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "EXISTING TRANSACTION"}
+        )
+        self.assertFalse(is_duplicate)
+
+        # Should find duplicate with exact case match
+        is_duplicate = service._check_duplicate_transaction(
+            {"description": "Existing Transaction"}
+        )
+        self.assertTrue(is_duplicate)
+
+    def test_deduplication_with_multiple_fields_mixed_types(self):
+        """
+        Test deduplication with multiple fields of different types.
+
+        Verifies that string fields use __iexact while non-string fields
+        use strict matching, all in the same deduplication rule.
+        """
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "amount", "description"], match_type="lax"
+        )
+
+        # Should find duplicate when all fields match (with case-insensitive description)
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("100.00"),
+                "description": "existing transaction",  # lowercase should match
+            }
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should NOT find duplicate when date differs
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 2, 20),
+                "amount": Decimal("100.00"),
+                "description": "existing transaction",
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+        # Should NOT find duplicate when amount differs
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("999.99"),
+                "description": "existing transaction",
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_internal_id_lax_match(self):
+        """Test deduplication with internal_id field using lax matching."""
+        service = self._create_import_service_with_deduplication(
+            fields=["internal_id"], match_type="lax"
+        )
+
+        # Should find duplicate with case-insensitive match
+        is_duplicate = service._check_duplicate_transaction(
+            {"internal_id": "abc123"}  # lowercase should match ABC123
+        )
+        self.assertTrue(is_duplicate)
+
+        # Should find duplicate with exact match
+        is_duplicate = service._check_duplicate_transaction({"internal_id": "ABC123"})
+        self.assertTrue(is_duplicate)
+
+        # Should not find duplicate when internal_id differs
+        is_duplicate = service._check_duplicate_transaction({"internal_id": "XYZ789"})
+        self.assertFalse(is_duplicate)
+
+    def test_no_duplicate_when_no_transactions_exist(self):
+        """Test that no duplicate is found when there are no matching transactions."""
+        # Hard delete to bypass signals that require user context
+        self.existing_transaction.hard_delete()
+
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "amount"], match_type="lax"
+        )
+
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+                "amount": Decimal("100.00"),
+            }
+        )
+        self.assertFalse(is_duplicate)
+
+    def test_deduplication_with_missing_field_in_data(self):
+        """Test that missing fields in transaction_data are handled gracefully."""
+        service = self._create_import_service_with_deduplication(
+            fields=["date", "nonexistent_field"], match_type="lax"
+        )
+
+        # Should still work, only checking the fields that exist
+        is_duplicate = service._check_duplicate_transaction(
+            {
+                "date": date(2024, 1, 15),
+            }
+        )
+        self.assertTrue(is_duplicate)

app/apps/insights/forms.py

@@ -1,15 +1,14 @@
-from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Field, Row, Column
-from django import forms
-from django.utils.translation import gettext_lazy as _
-
 from apps.common.widgets.datepicker import (
+    AirDatePickerInput,
     AirMonthYearPickerInput,
     AirYearPickerInput,
-    AirDatePickerInput,
 )
-from apps.transactions.models import TransactionCategory
 from apps.common.widgets.tom_select import TomSelect
+from apps.transactions.models import TransactionCategory
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import Column, Field, Layout, Row
+from django import forms
+from django.utils.translation import gettext_lazy as _
 
 
 class SingleMonthForm(forms.Form):
@@ -59,8 +58,8 @@ class MonthRangeForm(forms.Form):
 
         self.helper.layout = Layout(
             Row(
-                Column("month_from", css_class="form-group col-md-6"),
-                Column("month_to", css_class="form-group col-md-6"),
+                Column("month_from"),
+                Column("month_to"),
             ),
         )
 
@@ -82,8 +81,8 @@ class YearRangeForm(forms.Form):
 
         self.helper.layout = Layout(
             Row(
-                Column("year_from", css_class="form-group col-md-6"),
-                Column("year_to", css_class="form-group col-md-6"),
+                Column("year_from"),
+                Column("year_to"),
             ),
         )
 
@@ -105,8 +104,8 @@ class DateRangeForm(forms.Form):
 
         self.helper.layout = Layout(
             Row(
-                Column("date_from", css_class="form-group col-md-6"),
-                Column("date_to", css_class="form-group col-md-6"),
+                Column("date_from"),
+                Column("date_to"),
                 css_class="mb-0",
             ),
         )

app/apps/insights/urls.py

@@ -49,4 +49,14 @@ urlpatterns = [
         views.emergency_fund,
         name="insights_emergency_fund",
     ),
+    path(
+        "insights/year-by-year/",
+        views.year_by_year,
+        name="insights_year_by_year",
+    ),
+    path(
+        "insights/month-by-month/",
+        views.month_by_month,
+        name="insights_month_by_month",
+    ),
 ]

app/apps/insights/utils/category_overview.py

@@ -9,8 +9,13 @@ from apps.currencies.models import Currency
 from apps.currencies.utils.convert import convert
 
 
-def get_categories_totals(transactions_queryset, ignore_empty=False):
-    # First get the category totals as before
+def get_categories_totals(
+    transactions_queryset, ignore_empty=False, show_entities=False
+):
+    # Step 1: Aggregate transaction data by category and currency.
+    # This query calculates the total current and projected income/expense for each
+    # category by grouping transactions and summing up their amounts based on their
+    # type (income/expense) and payment status (paid/unpaid).
     category_currency_metrics = (
         transactions_queryset.values(
             "category",
@@ -74,7 +79,10 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
         .order_by("category__name")
     )
 
-    # Get tag totals within each category with currency details
+    # Step 2: Aggregate transaction data by tag, category, and currency.
+    # This is similar to the category metrics but adds tags to the grouping,
+    # allowing for a breakdown of totals by tag within each category. It also
+    # handles untagged transactions, where the 'tags' field is None.
     tag_metrics = transactions_queryset.values(
         "category",
         "tags",
@@ -129,10 +137,12 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
         ),
     )
 
-    # Process the results to structure by category
+    # Step 3: Initialize the main dictionary to structure the final results.
+    # The data will be organized hierarchically: category -> currency -> tags -> entities.
     result = {}
 
-    # Process category totals first
+    # Step 4: Process the aggregated category metrics to build the initial result structure.
+    # This loop iterates through each category's metrics and populates the `result` dict.
     for metric in category_currency_metrics:
         # Skip empty categories if ignore_empty is True
         if ignore_empty and all(
@@ -183,7 +193,7 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
             "total_final": total_final,
         }
 
-        # Add exchanged values if exchange_currency exists
+        # Step 4a: Handle currency conversion for category totals if an exchange currency is defined.
         if metric["account__currency__exchange_currency"]:
             from_currency = Currency.objects.get(id=currency_id)
             exchange_currency = Currency.objects.get(
@@ -222,7 +232,7 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
 
         result[category_id]["currencies"][currency_id] = currency_data
 
-    # Process tag totals and add them to the result, including untagged
+    # Step 5: Process the aggregated tag metrics and integrate them into the result structure.
     for tag_metric in tag_metrics:
         category_id = tag_metric["category"]
         tag_id = tag_metric["tags"]  # Will be None for untagged transactions
@@ -240,6 +250,7 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
                 result[category_id]["tags"][tag_key] = {
                     "name": tag_name,
                     "currencies": {},
+                    "entities": {},
                 }
 
             currency_id = tag_metric["account__currency"]
@@ -278,7 +289,7 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
                 "total_final": tag_total_final,
             }
 
-            # Add exchange currency support for tags
+            # Step 5a: Handle currency conversion for tag totals.
             if tag_metric["account__currency__exchange_currency"]:
                 from_currency = Currency.objects.get(id=currency_id)
                 exchange_currency = Currency.objects.get(
@@ -319,4 +330,175 @@ def get_categories_totals(transactions_queryset, ignore_empty=False):
                 currency_id
             ] = tag_currency_data
 
+    # Step 6: If requested, aggregate and process entity-level data.
+    if show_entities:
+        entity_metrics = transactions_queryset.values(
+            "category",
+            "tags",
+            "entities",
+            "entities__name",
+            "account__currency",
+            "account__currency__code",
+            "account__currency__name",
+            "account__currency__decimal_places",
+            "account__currency__prefix",
+            "account__currency__suffix",
+            "account__currency__exchange_currency",
+        ).annotate(
+            expense_current=Coalesce(
+                Sum(
+                    Case(
+                        When(
+                            type=Transaction.Type.EXPENSE, is_paid=True, then="amount"
+                        ),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            expense_projected=Coalesce(
+                Sum(
+                    Case(
+                        When(
+                            type=Transaction.Type.EXPENSE, is_paid=False, then="amount"
+                        ),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_current=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.INCOME, is_paid=True, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_projected=Coalesce(
+                Sum(
+                    Case(
+                        When(
+                            type=Transaction.Type.INCOME, is_paid=False, then="amount"
+                        ),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+        )
+
+        for entity_metric in entity_metrics:
+            category_id = entity_metric["category"]
+            tag_id = entity_metric["tags"]
+            entity_id = entity_metric["entities"]
+
+            if category_id in result:
+                tag_key = tag_id if tag_id is not None else "untagged"
+                if tag_key in result[category_id]["tags"]:
+                    entity_key = entity_id if entity_id is not None else "no_entity"
+                    entity_name = (
+                        entity_metric["entities__name"]
+                        if entity_id is not None
+                        else None
+                    )
+
+                    if "entities" not in result[category_id]["tags"][tag_key]:
+                        result[category_id]["tags"][tag_key]["entities"] = {}
+
+                    if (
+                        entity_key
+                        not in result[category_id]["tags"][tag_key]["entities"]
+                    ):
+                        result[category_id]["tags"][tag_key]["entities"][entity_key] = {
+                            "name": entity_name,
+                            "currencies": {},
+                        }
+
+                    currency_id = entity_metric["account__currency"]
+
+                    entity_total_current = (
+                        entity_metric["income_current"]
+                        - entity_metric["expense_current"]
+                    )
+                    entity_total_projected = (
+                        entity_metric["income_projected"]
+                        - entity_metric["expense_projected"]
+                    )
+                    entity_total_income = (
+                        entity_metric["income_current"]
+                        + entity_metric["income_projected"]
+                    )
+                    entity_total_expense = (
+                        entity_metric["expense_current"]
+                        + entity_metric["expense_projected"]
+                    )
+                    entity_total_final = entity_total_current + entity_total_projected
+
+                    entity_currency_data = {
+                        "currency": {
+                            "code": entity_metric["account__currency__code"],
+                            "name": entity_metric["account__currency__name"],
+                            "decimal_places": entity_metric[
+                                "account__currency__decimal_places"
+                            ],
+                            "prefix": entity_metric["account__currency__prefix"],
+                            "suffix": entity_metric["account__currency__suffix"],
+                        },
+                        "expense_current": entity_metric["expense_current"],
+                        "expense_projected": entity_metric["expense_projected"],
+                        "total_expense": entity_total_expense,
+                        "income_current": entity_metric["income_current"],
+                        "income_projected": entity_metric["income_projected"],
+                        "total_income": entity_total_income,
+                        "total_current": entity_total_current,
+                        "total_projected": entity_total_projected,
+                        "total_final": entity_total_final,
+                    }
+
+                    if entity_metric["account__currency__exchange_currency"]:
+                        from_currency = Currency.objects.get(id=currency_id)
+                        exchange_currency = Currency.objects.get(
+                            id=entity_metric["account__currency__exchange_currency"]
+                        )
+
+                        exchanged = {}
+                        for field in [
+                            "expense_current",
+                            "expense_projected",
+                            "income_current",
+                            "income_projected",
+                            "total_income",
+                            "total_expense",
+                            "total_current",
+                            "total_projected",
+                            "total_final",
+                        ]:
+                            amount, prefix, suffix, decimal_places = convert(
+                                amount=entity_currency_data[field],
+                                from_currency=from_currency,
+                                to_currency=exchange_currency,
+                            )
+                            if amount is not None:
+                                exchanged[field] = amount
+                                if "currency" not in exchanged:
+                                    exchanged["currency"] = {
+                                        "prefix": prefix,
+                                        "suffix": suffix,
+                                        "decimal_places": decimal_places,
+                                        "code": exchange_currency.code,
+                                        "name": exchange_currency.name,
+                                    }
+                        if exchanged:
+                            entity_currency_data["exchanged"] = exchanged
+
+                    result[category_id]["tags"][tag_key]["entities"][entity_key][
+                        "currencies"
+                    ][currency_id] = entity_currency_data
+
     return result

app/apps/insights/utils/month_by_month.py

@@ -0,0 +1,316 @@
+from collections import OrderedDict
+from decimal import Decimal
+
+from django.db import models
+from django.db.models import Sum, Case, When, Value
+from django.db.models.functions import Coalesce
+from django.utils import timezone
+
+from apps.currencies.models import Currency
+from apps.currencies.utils.convert import convert
+from apps.transactions.models import Transaction
+
+
+def get_month_by_month_data(year=None, group_by="categories"):
+    """
+    Aggregate transaction totals by month for a specific year, grouped by categories, tags, or entities.
+
+    Args:
+        year: The year to filter transactions (defaults to current year)
+        group_by: One of "categories", "tags", or "entities"
+
+    Returns:
+        {
+            "year": 2025,
+            "available_years": [2025, 2024, ...],
+            "months": [1, 2, 3, ..., 12],
+            "items": {
+                item_id: {
+                    "name": "Item Name",
+                    "month_totals": {
+                        1: {"currencies": {...}},
+                        ...
+                    },
+                    "total": {"currencies": {...}}
+                },
+                ...
+            },
+            "month_totals": {...},
+            "grand_total": {"currencies": {...}}
+        }
+    """
+    if year is None:
+        year = timezone.localdate(timezone.now()).year
+
+    # Base queryset - all paid transactions, non-muted
+    transactions = Transaction.objects.filter(
+        is_paid=True,
+        account__is_archived=False,
+    ).exclude(account__currency__is_archived=True)
+
+    # Get available years for the selector
+    available_years = list(
+        transactions.values_list("reference_date__year", flat=True)
+        .distinct()
+        .order_by("-reference_date__year")
+    )
+
+    # Filter by the selected year
+    transactions = transactions.filter(reference_date__year=year)
+
+    # Define grouping fields based on group_by parameter
+    if group_by == "tags":
+        group_field = "tags"
+        name_field = "tags__name"
+    elif group_by == "entities":
+        group_field = "entities"
+        name_field = "entities__name"
+    else:  # Default to categories
+        group_field = "category"
+        name_field = "category__name"
+
+    # Months 1-12
+    months = list(range(1, 13))
+
+    if not available_years:
+        return {
+            "year": year,
+            "available_years": [],
+            "months": months,
+            "items": {},
+            "month_totals": {},
+            "grand_total": {"currencies": {}},
+        }
+
+    # Aggregate by group, month, and currency
+    metrics = (
+        transactions.values(
+            group_field,
+            name_field,
+            "reference_date__month",
+            "account__currency",
+            "account__currency__code",
+            "account__currency__name",
+            "account__currency__decimal_places",
+            "account__currency__prefix",
+            "account__currency__suffix",
+            "account__currency__exchange_currency",
+        )
+        .annotate(
+            expense_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.EXPENSE, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.INCOME, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+        )
+        .order_by(name_field, "reference_date__month")
+    )
+
+    # Build result structure
+    result = {
+        "year": year,
+        "available_years": available_years,
+        "months": months,
+        "items": OrderedDict(),
+        "month_totals": {},
+        "grand_total": {"currencies": {}},
+    }
+
+    # Store currency info for later use in totals
+    currency_info = {}
+
+    for metric in metrics:
+        item_id = metric[group_field]
+        item_name = metric[name_field]
+        month = metric["reference_date__month"]
+        currency_id = metric["account__currency"]
+
+        # Use a consistent key for None (uncategorized/untagged/no entity)
+        item_key = item_id if item_id is not None else "__none__"
+
+        if item_key not in result["items"]:
+            result["items"][item_key] = {
+                "name": item_name,
+                "month_totals": {},
+                "total": {"currencies": {}},
+            }
+
+        if month not in result["items"][item_key]["month_totals"]:
+            result["items"][item_key]["month_totals"][month] = {"currencies": {}}
+
+        # Calculate final total (income - expense)
+        final_total = metric["income_total"] - metric["expense_total"]
+
+        # Store currency info for totals calculation
+        if currency_id not in currency_info:
+            currency_info[currency_id] = {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+                "exchange_currency_id": metric["account__currency__exchange_currency"],
+            }
+
+        currency_data = {
+            "currency": {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+            },
+            "final_total": final_total,
+            "income_total": metric["income_total"],
+            "expense_total": metric["expense_total"],
+        }
+
+        # Handle currency conversion if exchange currency is set
+        if metric["account__currency__exchange_currency"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=metric["account__currency__exchange_currency"]
+            )
+
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=final_total,
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+
+            if converted_amount is not None:
+                currency_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+        result["items"][item_key]["month_totals"][month]["currencies"][currency_id] = (
+            currency_data
+        )
+
+        # Accumulate item total (across all months for this item)
+        if currency_id not in result["items"][item_key]["total"]["currencies"]:
+            result["items"][item_key]["total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["items"][item_key]["total"]["currencies"][currency_id][
+            "final_total"
+        ] += final_total
+
+        # Accumulate month total (across all items for this month)
+        if month not in result["month_totals"]:
+            result["month_totals"][month] = {"currencies": {}}
+        if currency_id not in result["month_totals"][month]["currencies"]:
+            result["month_totals"][month]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["month_totals"][month]["currencies"][currency_id]["final_total"] += (
+            final_total
+        )
+
+        # Accumulate grand total
+        if currency_id not in result["grand_total"]["currencies"]:
+            result["grand_total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["grand_total"]["currencies"][currency_id]["final_total"] += final_total
+
+    # Add currency conversion for item totals
+    for item_key, item_data in result["items"].items():
+        for currency_id, total_data in item_data["total"]["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for month totals
+    for month, month_data in result["month_totals"].items():
+        for currency_id, total_data in month_data["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for grand total
+    for currency_id, total_data in result["grand_total"]["currencies"].items():
+        if currency_info[currency_id]["exchange_currency_id"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=currency_info[currency_id]["exchange_currency_id"]
+            )
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=total_data["final_total"],
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+            if converted_amount is not None:
+                total_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+    return result

app/apps/insights/utils/transactions.py

@@ -13,7 +13,9 @@ from apps.insights.forms import (
 )
 
 
-def get_transactions(request, include_unpaid=True, include_silent=False):
+def get_transactions(
+    request, include_unpaid=True, include_silent=False, include_untracked_accounts=False
+):
     transactions = Transaction.objects.all()
 
     filter_type = request.GET.get("type", None)
@@ -95,4 +97,11 @@ def get_transactions(request, include_unpaid=True, include_silent=False):
             Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
         )
 
+    if not include_untracked_accounts:
+        transactions = transactions.exclude(
+            account__in=request.user.untracked_accounts.all()
+        )
+
+    transactions = transactions.exclude(account__currency__is_archived=True)
+
     return transactions

app/apps/insights/utils/year_by_year.py

@@ -0,0 +1,303 @@
+from collections import OrderedDict
+from decimal import Decimal
+
+from django.db import models
+from django.db.models import Sum, Case, When, Value
+from django.db.models.functions import Coalesce
+
+from apps.currencies.models import Currency
+from apps.currencies.utils.convert import convert
+from apps.transactions.models import Transaction
+
+
+def get_year_by_year_data(group_by="categories"):
+    """
+    Aggregate transaction totals by year for categories, tags, or entities.
+
+    Args:
+        group_by: One of "categories", "tags", or "entities"
+
+    Returns:
+        {
+            "years": [2025, 2024, ...],  # Sorted descending
+            "items": {
+                item_id: {
+                    "name": "Item Name",
+                    "year_totals": {
+                        2025: {"currencies": {...}},
+                        ...
+                    },
+                    "total": {"currencies": {...}}  # Sum across all years
+                },
+                ...
+            },
+            "year_totals": {  # Sum across all items for each year
+                2025: {"currencies": {...}},
+                ...
+            },
+            "grand_total": {"currencies": {...}}  # Sum of everything
+        }
+    """
+    # Base queryset - all paid transactions, non-muted
+    transactions = Transaction.objects.filter(
+        is_paid=True,
+        account__is_archived=False,
+    ).exclude(account__currency__is_archived=True)
+
+    # Define grouping fields based on group_by parameter
+    if group_by == "tags":
+        group_field = "tags"
+        name_field = "tags__name"
+    elif group_by == "entities":
+        group_field = "entities"
+        name_field = "entities__name"
+    else:  # Default to categories
+        group_field = "category"
+        name_field = "category__name"
+
+    # Get all unique years with transactions
+    years = (
+        transactions.values_list("reference_date__year", flat=True)
+        .distinct()
+        .order_by("-reference_date__year")
+    )
+    years = list(years)
+
+    if not years:
+        return {
+            "years": [],
+            "items": {},
+            "year_totals": {},
+            "grand_total": {"currencies": {}},
+        }
+
+    # Aggregate by group, year, and currency
+    metrics = (
+        transactions.values(
+            group_field,
+            name_field,
+            "reference_date__year",
+            "account__currency",
+            "account__currency__code",
+            "account__currency__name",
+            "account__currency__decimal_places",
+            "account__currency__prefix",
+            "account__currency__suffix",
+            "account__currency__exchange_currency",
+        )
+        .annotate(
+            expense_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.EXPENSE, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+            income_total=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.INCOME, then="amount"),
+                        default=Value(0),
+                        output_field=models.DecimalField(),
+                    )
+                ),
+                Decimal("0"),
+            ),
+        )
+        .order_by(name_field, "-reference_date__year")
+    )
+
+    # Build result structure
+    result = {
+        "years": years,
+        "items": OrderedDict(),
+        "year_totals": {},  # Totals per year across all items
+        "grand_total": {"currencies": {}},  # Grand total across everything
+    }
+
+    # Store currency info for later use in totals
+    currency_info = {}
+
+    for metric in metrics:
+        item_id = metric[group_field]
+        item_name = metric[name_field]
+        year = metric["reference_date__year"]
+        currency_id = metric["account__currency"]
+
+        # Use a consistent key for None (uncategorized/untagged/no entity)
+        item_key = item_id if item_id is not None else "__none__"
+
+        if item_key not in result["items"]:
+            result["items"][item_key] = {
+                "name": item_name,
+                "year_totals": {},
+                "total": {"currencies": {}},  # Total for this item across all years
+            }
+
+        if year not in result["items"][item_key]["year_totals"]:
+            result["items"][item_key]["year_totals"][year] = {"currencies": {}}
+
+        # Calculate final total (income - expense)
+        final_total = metric["income_total"] - metric["expense_total"]
+
+        # Store currency info for totals calculation
+        if currency_id not in currency_info:
+            currency_info[currency_id] = {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+                "exchange_currency_id": metric["account__currency__exchange_currency"],
+            }
+
+        currency_data = {
+            "currency": {
+                "code": metric["account__currency__code"],
+                "name": metric["account__currency__name"],
+                "decimal_places": metric["account__currency__decimal_places"],
+                "prefix": metric["account__currency__prefix"],
+                "suffix": metric["account__currency__suffix"],
+            },
+            "final_total": final_total,
+            "income_total": metric["income_total"],
+            "expense_total": metric["expense_total"],
+        }
+
+        # Handle currency conversion if exchange currency is set
+        if metric["account__currency__exchange_currency"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=metric["account__currency__exchange_currency"]
+            )
+
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=final_total,
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+
+            if converted_amount is not None:
+                currency_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+        result["items"][item_key]["year_totals"][year]["currencies"][currency_id] = (
+            currency_data
+        )
+
+        # Accumulate item total (across all years for this item)
+        if currency_id not in result["items"][item_key]["total"]["currencies"]:
+            result["items"][item_key]["total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["items"][item_key]["total"]["currencies"][currency_id][
+            "final_total"
+        ] += final_total
+
+        # Accumulate year total (across all items for this year)
+        if year not in result["year_totals"]:
+            result["year_totals"][year] = {"currencies": {}}
+        if currency_id not in result["year_totals"][year]["currencies"]:
+            result["year_totals"][year]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["year_totals"][year]["currencies"][currency_id]["final_total"] += (
+            final_total
+        )
+
+        # Accumulate grand total
+        if currency_id not in result["grand_total"]["currencies"]:
+            result["grand_total"]["currencies"][currency_id] = {
+                "currency": currency_data["currency"].copy(),
+                "final_total": Decimal("0"),
+            }
+        result["grand_total"]["currencies"][currency_id]["final_total"] += final_total
+
+    # Add currency conversion for item totals
+    for item_key, item_data in result["items"].items():
+        for currency_id, total_data in item_data["total"]["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for year totals
+    for year, year_data in result["year_totals"].items():
+        for currency_id, total_data in year_data["currencies"].items():
+            if currency_info[currency_id]["exchange_currency_id"]:
+                from_currency = Currency.objects.get(id=currency_id)
+                exchange_currency = Currency.objects.get(
+                    id=currency_info[currency_id]["exchange_currency_id"]
+                )
+                converted_amount, prefix, suffix, decimal_places = convert(
+                    amount=total_data["final_total"],
+                    from_currency=from_currency,
+                    to_currency=exchange_currency,
+                )
+                if converted_amount is not None:
+                    total_data["exchanged"] = {
+                        "final_total": converted_amount,
+                        "currency": {
+                            "prefix": prefix,
+                            "suffix": suffix,
+                            "decimal_places": decimal_places,
+                            "code": exchange_currency.code,
+                            "name": exchange_currency.name,
+                        },
+                    }
+
+    # Add currency conversion for grand total
+    for currency_id, total_data in result["grand_total"]["currencies"].items():
+        if currency_info[currency_id]["exchange_currency_id"]:
+            from_currency = Currency.objects.get(id=currency_id)
+            exchange_currency = Currency.objects.get(
+                id=currency_info[currency_id]["exchange_currency_id"]
+            )
+            converted_amount, prefix, suffix, decimal_places = convert(
+                amount=total_data["final_total"],
+                from_currency=from_currency,
+                to_currency=exchange_currency,
+            )
+            if converted_amount is not None:
+                total_data["exchanged"] = {
+                    "final_total": converted_amount,
+                    "currency": {
+                        "prefix": prefix,
+                        "suffix": suffix,
+                        "decimal_places": decimal_places,
+                        "code": exchange_currency.code,
+                        "name": exchange_currency.name,
+                    },
+                }
+
+    return result

app/apps/insights/views.py

@@ -26,6 +26,8 @@ from apps.insights.utils.sankey import (
     generate_sankey_data_by_currency,
 )
 from apps.insights.utils.transactions import get_transactions
+from apps.insights.utils.year_by_year import get_year_by_year_data
+from apps.insights.utils.month_by_month import get_month_by_month_data
 from apps.transactions.models import TransactionCategory, Transaction
 from apps.transactions.utils.calculations import calculate_currency_totals
 
@@ -74,7 +76,9 @@ def index(request):
 def sankey_by_account(request):
     # Get filtered transactions
 
-    transactions = get_transactions(request)
+    transactions = get_transactions(
+        request, include_untracked_accounts=True, include_silent=True
+    )
 
     # Generate Sankey data
     sankey_data = generate_sankey_data_by_account(transactions)
@@ -91,7 +95,9 @@ def sankey_by_account(request):
 @require_http_methods(["GET"])
 def sankey_by_currency(request):
     # Get filtered transactions
-    transactions = get_transactions(request)
+    transactions = get_transactions(
+        request, include_silent=True, include_untracked_accounts=True
+    )
 
     # Generate Sankey data
     sankey_data = generate_sankey_data_by_currency(transactions)
@@ -180,6 +186,14 @@ def category_overview(request):
     else:
         show_tags = request.session.get("insights_category_explorer_show_tags", True)
 
+    if "show_entities" in request.GET:
+        show_entities = request.GET["show_entities"] == "on"
+        request.session["insights_category_explorer_show_entities"] = show_entities
+    else:
+        show_entities = request.session.get(
+            "insights_category_explorer_show_entities", False
+        )
+
     if "showing" in request.GET:
         showing = request.GET["showing"]
         request.session["insights_category_explorer_showing"] = showing
@@ -190,7 +204,9 @@ def category_overview(request):
     transactions = get_transactions(request, include_silent=True)
 
     total_table = get_categories_totals(
-        transactions_queryset=transactions, ignore_empty=False
+        transactions_queryset=transactions,
+        ignore_empty=False,
+        show_entities=show_entities,
     )
 
     return render(
@@ -200,6 +216,7 @@ def category_overview(request):
             "total_table": total_table,
             "view_type": view_type,
             "show_tags": show_tags,
+            "show_entities": show_entities,
             "showing": showing,
         },
     )
@@ -239,10 +256,14 @@ def late_transactions(request):
 @login_required
 @require_http_methods(["GET"])
 def emergency_fund(request):
-    transactions_currency_queryset = Transaction.objects.filter(
-        is_paid=True, account__is_archived=False, account__is_asset=False
-    ).order_by(
-        "account__currency__name",
+    transactions_currency_queryset = (
+        Transaction.objects.filter(
+            is_paid=True, account__is_archived=False, account__is_asset=False
+        )
+        .exclude(account__in=request.user.untracked_accounts.all())
+        .order_by(
+            "account__currency__name",
+        )
     )
     currency_net_worth = calculate_currency_totals(
         transactions_queryset=transactions_currency_queryset, ignore_empty=False
@@ -262,6 +283,7 @@ def emergency_fund(request):
             category__mute=False,
             mute=False,
         )
+        .exclude(account__in=request.user.untracked_accounts.all())
         .values("reference_date", "account__currency")
         .annotate(monthly_total=Sum("amount"))
     )
@@ -286,3 +308,71 @@ def emergency_fund(request):
         "insights/fragments/emergency_fund.html",
         {"data": currency_net_worth},
     )
+
+
+@only_htmx
+@login_required
+@require_http_methods(["GET"])
+def year_by_year(request):
+    if "group_by" in request.GET:
+        group_by = request.GET["group_by"]
+        request.session["insights_year_by_year_group_by"] = group_by
+    else:
+        group_by = request.session.get("insights_year_by_year_group_by", "categories")
+
+    # Validate group_by value
+    if group_by not in ("categories", "tags", "entities"):
+        group_by = "categories"
+
+    data = get_year_by_year_data(group_by=group_by)
+
+    return render(
+        request,
+        "insights/fragments/year_by_year.html",
+        {
+            "data": data,
+            "group_by": group_by,
+        },
+    )
+
+
+@only_htmx
+@login_required
+@require_http_methods(["GET"])
+def month_by_month(request):
+    # Handle year selection
+    if "year" in request.GET:
+        try:
+            year = int(request.GET["year"])
+            request.session["insights_month_by_month_year"] = year
+        except (ValueError, TypeError):
+            year = request.session.get(
+                "insights_month_by_month_year", timezone.localdate(timezone.now()).year
+            )
+    else:
+        year = request.session.get(
+            "insights_month_by_month_year", timezone.localdate(timezone.now()).year
+        )
+
+    # Handle group_by selection
+    if "group_by" in request.GET:
+        group_by = request.GET["group_by"]
+        request.session["insights_month_by_month_group_by"] = group_by
+    else:
+        group_by = request.session.get("insights_month_by_month_group_by", "categories")
+
+    # Validate group_by value
+    if group_by not in ("categories", "tags", "entities"):
+        group_by = "categories"
+
+    data = get_month_by_month_data(year=year, group_by=group_by)
+
+    return render(
+        request,
+        "insights/fragments/month_by_month.html",
+        {
+            "data": data,
+            "group_by": group_by,
+            "selected_year": year,
+        },
+    )

app/apps/monthly_overview/tests/test_summary.py

@@ -0,0 +1,331 @@
+from datetime import date
+from decimal import Decimal
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, override_settings
+
+from apps.accounts.models import Account, AccountGroup
+from apps.currencies.models import Currency
+from apps.transactions.models import (
+    Transaction,
+    TransactionCategory,
+    TransactionTag,
+)
+
+
+@override_settings(
+    STORAGES={
+        "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage"
+        },
+    },
+    WHITENOISE_AUTOREFRESH=True,
+)
+class MonthlySummaryFilterBehaviorTests(TestCase):
+    """Tests for monthly summary views filter behavior.
+
+    These tests verify that:
+    1. Views work correctly without any filters
+    2. Views work correctly with filters applied
+    3. The filter detection logic properly uses different querysets
+    4. Calculated values reflect the applied filters
+    """
+
+    def setUp(self):
+        """Set up test data"""
+        User = get_user_model()
+        self.user = User.objects.create_user(
+            email="testuser@test.com", password="testpass123"
+        )
+        self.client.login(username="testuser@test.com", password="testpass123")
+
+        self.currency = Currency.objects.create(
+            code="USD", name="US Dollar", decimal_places=2, prefix="$ "
+        )
+        self.account_group = AccountGroup.objects.create(name="Test Group")
+        self.account = Account.objects.create(
+            name="Test Account",
+            group=self.account_group,
+            currency=self.currency,
+            is_asset=False,
+        )
+        self.category = TransactionCategory.objects.create(
+            name="Test Category", owner=self.user
+        )
+        self.tag = TransactionTag.objects.create(name="TestTag", owner=self.user)
+
+        # Create test transactions for December 2025
+        # Income: 1000 (paid)
+        self.income_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.INCOME,
+            is_paid=True,
+            date=date(2025, 12, 10),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("1000.00"),
+            description="December Income",
+            owner=self.user,
+        )
+
+        # Expense: 200 (paid)
+        self.expense_transaction = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            is_paid=True,
+            date=date(2025, 12, 15),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("200.00"),
+            description="December Expense",
+            category=self.category,
+            owner=self.user,
+        )
+        self.expense_transaction.tags.add(self.tag)
+
+        # Expense: 150 (projected/unpaid)
+        self.projected_expense = Transaction.objects.create(
+            account=self.account,
+            type=Transaction.Type.EXPENSE,
+            is_paid=False,
+            date=date(2025, 12, 20),
+            reference_date=date(2025, 12, 1),
+            amount=Decimal("150.00"),
+            description="Projected Expense",
+            owner=self.user,
+        )
+
+    def _get_currency_data(self, context_dict):
+        """Helper to extract data for our test currency from context dict.
+
+        The context dict is keyed by currency ID, so we need to find
+        the entry for our currency.
+        """
+        if not context_dict:
+            return None
+        for currency_id, data in context_dict.items():
+            if data.get("currency", {}).get("code") == "USD":
+                return data
+        return None
+
+    # --- monthly_summary view tests ---
+
+    def test_monthly_summary_no_filter_returns_200(self):
+        """Test that monthly_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_summary_no_filter_includes_all_transactions(self):
+        """Without filters, summary should include all transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should have the income: 1000
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should have paid expense: 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have unpaid expense: 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_type_filter_only_income(self):
+        """With type=IN filter, summary should only include income"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?type=IN",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should still have 1000
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should be empty/zero (filtered out)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+        # expense_projected should be empty/zero (filtered out)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_projected", 0), Decimal("0"))
+
+    def test_monthly_summary_type_filter_only_expenses(self):
+        """With type=EX filter, summary should only include expenses"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?type=EX",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should be empty/zero (filtered out)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should have 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_is_paid_filter_only_paid(self):
+        """With is_paid=1 filter, summary should only include paid transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?is_paid=1",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should have 1000 (paid)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # expense_current should have 200 (paid)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should be empty/zero (filtered out - unpaid)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_projected", 0), Decimal("0"))
+
+    def test_monthly_summary_is_paid_filter_only_unpaid(self):
+        """With is_paid=0 filter, summary should only include unpaid transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?is_paid=0",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # income_current should be empty/zero (filtered out - paid)
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should be empty/zero (filtered out - paid)
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+        # expense_projected should have 150 (unpaid)
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    def test_monthly_summary_description_filter(self):
+        """With description filter, summary should only include matching transactions"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/?description=Income",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # Only income matches "Income" description
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["income_current"], Decimal("1000.00"))
+
+        # Expenses should be filtered out
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("expense_current", 0), Decimal("0"))
+
+    def test_monthly_summary_amount_filter(self):
+        """With amount filter, summary should only include transactions in range"""
+        # Filter to only get transactions between 100 and 250 (should get 200 and 150)
+        response = self.client.get(
+            "/monthly/12/2025/summary/?from_amount=100&to_amount=250",
+            HTTP_HX_REQUEST="true",
+        )
+        context = response.context
+
+        # Income (1000) should be filtered out
+        income_current = context.get("income_current", {})
+        usd_data = self._get_currency_data(income_current)
+        if usd_data:
+            self.assertEqual(usd_data.get("income_current", 0), Decimal("0"))
+
+        # expense_current should have 200
+        expense_current = context.get("expense_current", {})
+        usd_data = self._get_currency_data(expense_current)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_current"], Decimal("200.00"))
+
+        # expense_projected should have 150
+        expense_projected = context.get("expense_projected", {})
+        usd_data = self._get_currency_data(expense_projected)
+        self.assertIsNotNone(usd_data)
+        self.assertEqual(usd_data["expense_projected"], Decimal("150.00"))
+
+    # --- monthly_account_summary view tests ---
+
+    def test_monthly_account_summary_no_filter_returns_200(self):
+        """Test that monthly_account_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/accounts/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_account_summary_with_filter_returns_200(self):
+        """Test that monthly_account_summary returns 200 with filter"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/accounts/?type=IN",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    # --- monthly_currency_summary view tests ---
+
+    def test_monthly_currency_summary_no_filter_returns_200(self):
+        """Test that monthly_currency_summary returns 200 without filters"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/currencies/",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)
+
+    def test_monthly_currency_summary_with_filter_returns_200(self):
+        """Test that monthly_currency_summary returns 200 with filter"""
+        response = self.client.get(
+            "/monthly/12/2025/summary/currencies/?type=EX",
+            HTTP_HX_REQUEST="true",
+        )
+        self.assertEqual(response.status_code, 200)

app/apps/monthly_overview/views.py

@@ -2,7 +2,8 @@ from django.contrib.auth.decorators import login_required
 from django.db.models import (
     Q,
 )
-from django.http import HttpResponse
+from django.http import HttpResponse, Http404
+
 from django.shortcuts import render, redirect
 from django.utils import timezone
 from django.views.decorators.http import require_http_methods
@@ -36,8 +37,6 @@ def monthly_overview(request, month: int, year: int):
     summary_tab = request.session.get("monthly_summary_tab", "summary")
 
     if month < 1 or month > 12:
-        from django.http import Http404
-
         raise Http404("Month is out of range")
 
     next_month = 1 if month == 12 else month + 1
@@ -76,6 +75,8 @@ def transactions_list(request, month: int, year: int):
         if order != request.session.get("monthly_transactions_order", "default"):
             request.session["monthly_transactions_order"] = order
 
+    today = timezone.localdate(timezone.now())
+
     f = TransactionsFilter(request.GET)
     transactions_filtered = f.qs.filter(
         reference_date__year=year,
@@ -93,12 +94,28 @@ def transactions_list(request, month: int, year: int):
         "dca_income_entries",
     )
 
+    # Late transactions: date < today and is_paid = False (only shown for default ordering)
+    late_transactions = None
+    if order == "default":
+        late_transactions = transactions_filtered.filter(
+            date__lt=today,
+            is_paid=False,
+        ).order_by("date", "id")
+        # Exclude late transactions from the main list
+        transactions_filtered = transactions_filtered.exclude(
+            date__lt=today,
+            is_paid=False,
+        )
+
     transactions_filtered = default_order(transactions_filtered, order=order)
 
     return render(
         request,
         "monthly_overview/fragments/list.html",
-        context={"transactions": transactions_filtered},
+        context={
+            "transactions": transactions_filtered,
+            "late_transactions": late_transactions,
+        },
     )
 
 
@@ -108,10 +125,47 @@ def transactions_list(request, month: int, year: int):
 def monthly_summary(request, month: int, year: int):
     # Base queryset with all required filters
     base_queryset = Transaction.objects.filter(
-        reference_date__year=year, reference_date__month=month, account__is_asset=False
-    ).exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
+        reference_date__year=year,
+        reference_date__month=month,
+    )
+
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    # Default values are: type=['IN', 'EX'], is_paid=['1', '0'], everything else empty
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            # Skip fields with default/empty values
+            if not value:
+                continue
+            # Skip type if it has both default values
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            # Skip is_paid if it has both default values (values are strings)
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            # Skip mute_status if it has both default values
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            # If we get here, there's an active filter
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    data = calculate_currency_totals(queryset, ignore_empty=True)
 
-    data = calculate_currency_totals(base_queryset, ignore_empty=True)
     percentages = calculate_percentage_distribution(data)
 
     context = {
@@ -126,6 +180,7 @@ def monthly_summary(request, month: int, year: int):
             currency_totals=data, month=month, year=year
         ),
         "percentages": percentages,
+        "has_active_filter": has_active_filter,
     }
 
     return render(
@@ -143,9 +198,38 @@ def monthly_account_summary(request, month: int, year: int):
     base_queryset = Transaction.objects.filter(
         reference_date__year=year,
         reference_date__month=month,
-    ).exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
+    )
 
-    account_data = calculate_account_totals(transactions_queryset=base_queryset.all())
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            if not value:
+                continue
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    account_data = calculate_account_totals(transactions_queryset=queryset.all())
     account_percentages = calculate_percentage_distribution(account_data)
 
     context = {
@@ -168,9 +252,38 @@ def monthly_currency_summary(request, month: int, year: int):
     base_queryset = Transaction.objects.filter(
         reference_date__year=year,
         reference_date__month=month,
-    ).exclude(Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True))
+    )
 
-    currency_data = calculate_currency_totals(base_queryset.all(), ignore_empty=True)
+    # Apply filters and check if any are active
+    f = TransactionsFilter(request.GET, queryset=base_queryset)
+
+    # Check if any filter has a non-default value
+    has_active_filter = False
+    if f.form.is_valid():
+        for name, value in f.form.cleaned_data.items():
+            if not value:
+                continue
+            if name == "type" and set(value) == {"IN", "EX"}:
+                continue
+            if name == "is_paid" and set(value) == {"1", "0"}:
+                continue
+            if name == "mute_status" and set(value) == {"active", "muted"}:
+                continue
+            has_active_filter = True
+            break
+
+    if has_active_filter:
+        queryset = f.qs
+    else:
+        queryset = (
+            base_queryset.exclude(
+                Q(Q(category__mute=True) & ~Q(category=None)) | Q(mute=True)
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
+            .exclude(account__is_asset=True)
+        )
+
+    currency_data = calculate_currency_totals(queryset.all(), ignore_empty=True)
     currency_percentages = calculate_percentage_distribution(currency_data)
 
     context = {

app/apps/net_worth/utils/calculate_net_worth.py

@@ -30,6 +30,7 @@ def calculate_historical_currency_net_worth(queryset):
             | Q(accounts__visibility="private", accounts__owner=None),
             accounts__is_archived=False,
             accounts__isnull=False,
+            is_archived=False,
         )
         .values_list("name", flat=True)
         .distinct()
@@ -181,3 +182,29 @@ def calculate_historical_account_balance(queryset):
         historical_account_balance[date_filter(end_date, "b Y")] = month_data
 
     return historical_account_balance
+
+
+def calculate_monthly_net_worth_difference(historical_net_worth):
+    diff_dict = OrderedDict()
+    if not historical_net_worth:
+        return diff_dict
+
+    # Get all currencies
+    currencies = set()
+    for data in historical_net_worth.values():
+        currencies.update(data.keys())
+
+    # Initialize prev_values for all currencies
+    prev_values = {currency: Decimal("0.00") for currency in currencies}
+
+    for month, values in historical_net_worth.items():
+        diff_values = {}
+        for currency in sorted(list(currencies)):
+            current_val = values.get(currency, Decimal("0.00"))
+            prev_val = prev_values.get(currency, Decimal("0.00"))
+            diff_values[currency] = current_val - prev_val
+
+        diff_dict[month] = diff_values
+        prev_values = values.copy()
+
+    return diff_dict

app/apps/net_worth/views.py

@@ -8,6 +8,7 @@ from django.views.decorators.http import require_http_methods
 from apps.net_worth.utils.calculate_net_worth import (
     calculate_historical_currency_net_worth,
     calculate_historical_account_balance,
+    calculate_monthly_net_worth_difference,
 )
 from apps.transactions.models import Transaction
 from apps.transactions.utils.calculations import (
@@ -20,17 +21,18 @@ from apps.transactions.utils.calculations import (
 @require_http_methods(["GET"])
 def net_worth(request):
     if "view_type" in request.GET:
-        print(request.GET["view_type"])
         view_type = request.GET["view_type"]
         request.session["networth_view_type"] = view_type
     else:
         view_type = request.session.get("networth_view_type", "current")
 
     if view_type == "current":
-        transactions_currency_queryset = Transaction.objects.filter(
-            is_paid=True, account__is_archived=False
-        ).order_by(
-            "account__currency__name",
+        transactions_currency_queryset = (
+            Transaction.objects.filter(is_paid=True, account__is_archived=False)
+            .order_by(
+                "account__currency__name",
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
         )
         transactions_account_queryset = Transaction.objects.filter(
             is_paid=True, account__is_archived=False
@@ -39,10 +41,12 @@ def net_worth(request):
             "account__name",
         )
     else:
-        transactions_currency_queryset = Transaction.objects.filter(
-            account__is_archived=False
-        ).order_by(
-            "account__currency__name",
+        transactions_currency_queryset = (
+            Transaction.objects.filter(account__is_archived=False)
+            .order_by(
+                "account__currency__name",
+            )
+            .exclude(account__in=request.user.untracked_accounts.all())
         )
         transactions_account_queryset = Transaction.objects.filter(
             account__is_archived=False
@@ -93,6 +97,38 @@ def net_worth(request):
 
     chart_data_currency_json = json.dumps(chart_data_currency, cls=DjangoJSONEncoder)
 
+    monthly_difference_data = calculate_monthly_net_worth_difference(
+        historical_net_worth=historical_currency_net_worth
+    )
+
+    diff_labels = (
+        list(monthly_difference_data.keys()) if monthly_difference_data else []
+    )
+    diff_currencies = (
+        list(monthly_difference_data[diff_labels[0]].keys())
+        if monthly_difference_data and diff_labels
+        else []
+    )
+
+    diff_datasets = []
+    for i, currency in enumerate(diff_currencies):
+        data = [
+            float(month_data.get(currency, 0))
+            for month_data in monthly_difference_data.values()
+        ]
+        diff_datasets.append(
+            {
+                "label": currency,
+                "data": data,
+                "borderWidth": 3,
+            }
+        )
+
+    chart_data_monthly_difference = {"labels": diff_labels, "datasets": diff_datasets}
+    chart_data_monthly_difference_json = json.dumps(
+        chart_data_monthly_difference, cls=DjangoJSONEncoder
+    )
+
     historical_account_balance = calculate_historical_account_balance(
         queryset=transactions_account_queryset
     )
@@ -137,6 +173,7 @@ def net_worth(request):
             "chart_data_accounts_json": chart_data_accounts_json,
             "accounts": accounts,
             "type": view_type,
+            "chart_data_monthly_difference_json": chart_data_monthly_difference_json,
         },
     )
 

app/apps/rules/forms.py

@@ -1,16 +1,22 @@
-from crispy_bootstrap5.bootstrap5 import Switch, BS5Accordion
-from crispy_forms.bootstrap import FormActions, AccordionGroup
+from crispy_forms.bootstrap import Alert
+from apps.common.fields.forms.dynamic_select import DynamicModelChoiceField
+from apps.common.widgets.crispy.daisyui import Switch
+from apps.common.widgets.crispy.submit import NoClassSubmit
+from apps.common.widgets.tom_select import TomSelect, TransactionSelect
+from apps.rules.models import (
+    TransactionRule,
+    TransactionRuleAction,
+    UpdateOrCreateTransactionRuleAction,
+)
+from apps.transactions.forms import BulkEditTransactionForm
+from apps.transactions.models import Transaction
+from crispy_forms.bootstrap import AccordionGroup, FormActions, Accordion
 from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Field, Row, Column
+from crispy_forms.layout import HTML, Column, Field, Layout, Row
 from django import forms
 from django.core.exceptions import ValidationError
 from django.utils.translation import gettext_lazy as _
 
-from apps.common.widgets.crispy.submit import NoClassSubmit
-from apps.common.widgets.tom_select import TomSelect
-from apps.rules.models import TransactionRule, UpdateOrCreateTransactionRuleAction
-from apps.rules.models import TransactionRuleAction
-
 
 class TransactionRuleForm(forms.ModelForm):
     class Meta:
@@ -31,7 +37,6 @@ class TransactionRuleForm(forms.ModelForm):
         self.helper = FormHelper()
         self.helper.form_tag = False
         self.helper.form_method = "post"
-        # TO-DO: Add helper with available commands
         self.helper.layout = Layout(
             Switch("active"),
             "name",
@@ -40,24 +45,25 @@ class TransactionRuleForm(forms.ModelForm):
                 Column(Switch("on_create")),
                 Column(Switch("on_delete")),
             ),
+            "order",
+            Switch("sequenced"),
             "description",
             "trigger",
+            Alert(
+                _("You can add actions to this rule in the next screen."), dismiss=False
+            ),
         )
 
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -65,10 +71,11 @@ class TransactionRuleForm(forms.ModelForm):
 class TransactionRuleActionForm(forms.ModelForm):
     class Meta:
         model = TransactionRuleAction
-        fields = ("value", "field")
+        fields = ("value", "field", "order")
         labels = {
             "field": _("Set field"),
             "value": _("To"),
+            "order": _("Order"),
         }
         widgets = {"field": TomSelect(clear_button=False)}
 
@@ -82,6 +89,7 @@ class TransactionRuleActionForm(forms.ModelForm):
         self.helper.form_method = "post"
         # TO-DO: Add helper with available commands
         self.helper.layout = Layout(
+            "order",
             "field",
             "value",
         )
@@ -89,17 +97,13 @@ class TransactionRuleActionForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -147,9 +151,11 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
             "search_category_operator": TomSelect(clear_button=False),
             "search_internal_note_operator": TomSelect(clear_button=False),
             "search_internal_id_operator": TomSelect(clear_button=False),
+            "search_mute_operator": TomSelect(clear_button=False),
         }
 
         labels = {
+            "order": _("Order"),
             "search_account_operator": _("Operator"),
             "search_type_operator": _("Operator"),
             "search_is_paid_operator": _("Operator"),
@@ -163,6 +169,7 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
             "search_internal_id_operator": _("Operator"),
             "search_tags_operator": _("Operator"),
             "search_entities_operator": _("Operator"),
+            "search_mute_operator": _("Operator"),
             "search_account": _("Account"),
             "search_type": _("Type"),
             "search_is_paid": _("Paid"),
@@ -176,6 +183,7 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
             "search_internal_id": _("Internal ID"),
             "search_tags": _("Tags"),
             "search_entities": _("Entities"),
+            "search_mute": _("Mute"),
             "set_account": _("Account"),
             "set_type": _("Type"),
             "set_is_paid": _("Paid"),
@@ -189,6 +197,7 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
             "set_category": _("Category"),
             "set_internal_note": _("Internal Note"),
             "set_internal_id": _("Internal ID"),
+            "set_mute": _("Mute"),
         }
 
     def __init__(self, *args, **kwargs):
@@ -200,138 +209,149 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
         self.helper.form_method = "post"
 
         self.helper.layout = Layout(
-            BS5Accordion(
+            "order",
+            Accordion(
                 AccordionGroup(
                     _("Search Criteria"),
                     Field("filter", rows=1),
                     Row(
                         Column(
                             Field("search_type_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_type", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_is_paid_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_is_paid", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
+                        ),
+                    ),
+                    Row(
+                        Column(
+                            Field("search_mute_operator"),
+                            css_class="col-span-12 md:col-span-4",
+                        ),
+                        Column(
+                            Field("search_mute", rows=1),
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_account_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_account", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_entities_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_entities", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_date_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_date", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_reference_date_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_reference_date", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_description_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_description", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_amount_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_amount", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_category_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_category", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_tags_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_tags", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_notes_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_notes", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_internal_note_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_internal_note", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     Row(
                         Column(
                             Field("search_internal_id_operator"),
-                            css_class="form-group col-md-4",
+                            css_class="col-span-12 md:col-span-4",
                         ),
                         Column(
                             Field("search_internal_id", rows=1),
-                            css_class="form-group col-md-8",
+                            css_class="col-span-12 md:col-span-8",
                         ),
                     ),
                     active=True,
@@ -340,6 +360,7 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
                     _("Set Values"),
                     Field("set_type", rows=1),
                     Field("set_is_paid", rows=1),
+                    Field("set_mute", rows=1),
                     Field("set_account", rows=1),
                     Field("set_entities", rows=1),
                     Field("set_date", rows=1),
@@ -361,17 +382,13 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
         if self.instance and self.instance.pk:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Update"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Update"), css_class="btn btn-primary"),
                 ),
             )
         else:
             self.helper.layout.append(
                 FormActions(
-                    NoClassSubmit(
-                        "submit", _("Add"), css_class="btn btn-outline-primary w-100"
-                    ),
+                    NoClassSubmit("submit", _("Add"), css_class="btn btn-primary"),
                 ),
             )
 
@@ -381,3 +398,106 @@ class UpdateOrCreateTransactionRuleActionForm(forms.ModelForm):
         if commit:
             instance.save()
         return instance
+
+
+class DryRunCreatedTransacion(forms.Form):
+    transaction = DynamicModelChoiceField(
+        model=Transaction,
+        to_field_name="id",
+        label=_("Transaction"),
+        required=True,
+        queryset=Transaction.objects.none(),
+        widget=TransactionSelect(clear_button=False, income=True, expense=True),
+        help_text=_("Type to search for a transaction"),
+    )
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+        self.helper = FormHelper()
+        self.helper.form_tag = False
+        self.helper.layout = Layout(
+            "transaction",
+            FormActions(
+                NoClassSubmit("submit", _("Test"), css_class="btn btn-primary"),
+            ),
+        )
+
+        if self.data.get("transaction"):
+            try:
+                transaction = Transaction.objects.get(id=self.data.get("transaction"))
+            except Transaction.DoesNotExist:
+                transaction = None
+
+            if transaction:
+                self.fields["transaction"].queryset = Transaction.objects.filter(
+                    id=transaction.id
+                )
+
+
+class DryRunDeletedTransacion(forms.Form):
+    transaction = DynamicModelChoiceField(
+        model=Transaction,
+        to_field_name="id",
+        label=_("Transaction"),
+        required=True,
+        queryset=Transaction.objects.none(),
+        widget=TransactionSelect(clear_button=False, income=True, expense=True),
+        help_text=_("Type to search for a transaction"),
+    )
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+        self.helper = FormHelper()
+        self.helper.form_tag = False
+        self.helper.layout = Layout(
+            "transaction",
+            FormActions(
+                NoClassSubmit("submit", _("Test"), css_class="btn btn-primary"),
+            ),
+        )
+
+        if self.data.get("transaction"):
+            try:
+                transaction = Transaction.objects.get(id=self.data.get("transaction"))
+            except Transaction.DoesNotExist:
+                transaction = None
+
+            if transaction:
+                self.fields["transaction"].queryset = Transaction.objects.filter(
+                    id=transaction.id
+                )
+
+
+class DryRunUpdatedTransactionForm(BulkEditTransactionForm):
+    transaction = DynamicModelChoiceField(
+        model=Transaction,
+        to_field_name="id",
+        label=_("Transaction"),
+        required=True,
+        queryset=Transaction.objects.none(),
+        widget=TransactionSelect(clear_button=False, income=True, expense=True),
+        help_text=_("Type to search for a transaction"),
+    )
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.helper.layout.insert(0, "transaction")
+        self.helper.layout.insert(1, HTML('<hr class="hr my-3" />'))
+
+        # Change submit button
+        self.helper.layout[-1] = FormActions(
+            NoClassSubmit("submit", _("Test"), css_class="btn btn-primary")
+        )
+
+        if self.data.get("transaction"):
+            try:
+                transaction = Transaction.objects.get(id=self.data.get("transaction"))
+            except Transaction.DoesNotExist:
+                transaction = None
+
+            if transaction:
+                self.fields["transaction"].queryset = Transaction.objects.filter(
+                    id=transaction.id
+                )

app/apps/rules/migrations/0015_alter_transactionruleaction_options_and_more.py

@@ -0,0 +1,39 @@
+# Generated by Django 5.2 on 2025-08-30 18:48
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("rules", "0014_alter_transactionrule_owner_and_more"),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name="transactionruleaction",
+            options={
+                "ordering": ["order"],
+                "verbose_name": "Edit transaction action",
+                "verbose_name_plural": "Edit transaction actions",
+            },
+        ),
+        migrations.AlterModelOptions(
+            name="updateorcreatetransactionruleaction",
+            options={
+                "ordering": ["order"],
+                "verbose_name": "Update or create transaction action",
+                "verbose_name_plural": "Update or create transaction actions",
+            },
+        ),
+        migrations.AddField(
+            model_name="transactionruleaction",
+            name="order",
+            field=models.PositiveIntegerField(default=0, verbose_name="Order"),
+        ),
+        migrations.AddField(
+            model_name="updateorcreatetransactionruleaction",
+            name="order",
+            field=models.PositiveIntegerField(default=0, verbose_name="Order"),
+        ),
+    ]

app/apps/rules/migrations/0016_transactionrule_sequenced.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-08-31 18:42
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('rules', '0015_alter_transactionruleaction_options_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='transactionrule',
+            name='sequenced',
+            field=models.BooleanField(default=False, verbose_name='Sequenced'),
+        ),
+    ]

app/apps/rules/migrations/0017_updateorcreatetransactionruleaction_search_mute_and_more.py

@@ -0,0 +1,33 @@
+# Generated by Django 5.2.5 on 2025-08-31 19:09
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('rules', '0016_transactionrule_sequenced'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='updateorcreatetransactionruleaction',
+            name='search_mute',
+            field=models.TextField(blank=True, verbose_name='Search Mute'),
+        ),
+        migrations.AddField(
+            model_name='updateorcreatetransactionruleaction',
+            name='search_mute_operator',
+            field=models.CharField(choices=[('exact', 'is exactly'), ('contains', 'contains'), ('startswith', 'starts with'), ('endswith', 'ends with'), ('eq', 'equals'), ('gt', 'greater than'), ('lt', 'less than'), ('gte', 'greater than or equal'), ('lte', 'less than or equal')], default='exact', max_length=10, verbose_name='Mute Operator'),
+        ),
+        migrations.AddField(
+            model_name='updateorcreatetransactionruleaction',
+            name='set_mute',
+            field=models.TextField(blank=True, verbose_name='Mute'),
+        ),
+        migrations.AlterField(
+            model_name='transactionruleaction',
+            name='field',
+            field=models.CharField(choices=[('account', 'Account'), ('type', 'Type'), ('is_paid', 'Paid'), ('date', 'Date'), ('reference_date', 'Reference Date'), ('mute', 'Mute'), ('amount', 'Amount'), ('description', 'Description'), ('notes', 'Notes'), ('category', 'Category'), ('tags', 'Tags'), ('entities', 'Entities'), ('internal_nome', 'Internal Note'), ('internal_id', 'Internal ID')], max_length=50, verbose_name='Field'),
+        ),
+    ]

app/apps/rules/migrations/0018_transactionrule_order.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.5 on 2025-09-02 14:52
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('rules', '0017_updateorcreatetransactionruleaction_search_mute_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='transactionrule',
+            name='order',
+            field=models.PositiveIntegerField(default=0, verbose_name='Order'),
+        ),
+    ]

app/apps/rules/models.py

@@ -13,6 +13,11 @@ class TransactionRule(SharedObject):
     name = models.CharField(max_length=100, verbose_name=_("Name"))
     description = models.TextField(blank=True, null=True, verbose_name=_("Description"))
     trigger = models.TextField(verbose_name=_("Trigger"))
+    sequenced = models.BooleanField(
+        verbose_name=_("Sequenced"),
+        default=False,
+    )
+    order = models.PositiveIntegerField(default=0, verbose_name=_("Order"))
 
     objects = SharedObjectManager()
     all_objects = models.Manager()  # Unfiltered manager
@@ -32,12 +37,15 @@ class TransactionRuleAction(models.Model):
         is_paid = "is_paid", _("Paid")
         date = "date", _("Date")
         reference_date = "reference_date", _("Reference Date")
+        mute = "mute", _("Mute")
         amount = "amount", _("Amount")
         description = "description", _("Description")
         notes = "notes", _("Notes")
         category = "category", _("Category")
         tags = "tags", _("Tags")
         entities = "entities", _("Entities")
+        internal_note = "internal_nome", _("Internal Note")
+        internal_id = "internal_id", _("Internal ID")
 
     rule = models.ForeignKey(
         TransactionRule,
@@ -51,6 +59,7 @@ class TransactionRuleAction(models.Model):
         verbose_name=_("Field"),
     )
     value = models.TextField(verbose_name=_("Value"))
+    order = models.PositiveIntegerField(default=0, verbose_name=_("Order"))
 
     def __str__(self):
         return f"{self.rule} - {self.field} - {self.value}"
@@ -59,6 +68,11 @@ class TransactionRuleAction(models.Model):
         verbose_name = _("Edit transaction action")
         verbose_name_plural = _("Edit transaction actions")
         unique_together = (("rule", "field"),)
+        ordering = ["order"]
+
+    @property
+    def action_type(self):
+        return "edit_transaction"
 
 
 class UpdateOrCreateTransactionRuleAction(models.Model):
@@ -237,6 +251,17 @@ class UpdateOrCreateTransactionRuleAction(models.Model):
         verbose_name="Internal ID Operator",
     )
 
+    search_mute = models.TextField(
+        verbose_name="Search Mute",
+        blank=True,
+    )
+    search_mute_operator = models.CharField(
+        max_length=10,
+        choices=SearchOperator.choices,
+        default=SearchOperator.EXACT,
+        verbose_name="Mute Operator",
+    )
+
     # Set fields
     set_account = models.TextField(
         verbose_name=_("Account"),
@@ -290,10 +315,21 @@ class UpdateOrCreateTransactionRuleAction(models.Model):
         verbose_name=_("Tags"),
         blank=True,
     )
+    set_mute = models.TextField(
+        verbose_name=_("Mute"),
+        blank=True,
+    )
+
+    order = models.PositiveIntegerField(default=0, verbose_name=_("Order"))
 
     class Meta:
         verbose_name = _("Update or create transaction action")
         verbose_name_plural = _("Update or create transaction actions")
+        ordering = ["order"]
+
+    @property
+    def action_type(self):
+        return "update_or_create_transaction"
 
     def __str__(self):
         return f"Update or create transaction action for {self.rule}"
@@ -325,6 +361,10 @@ class UpdateOrCreateTransactionRuleAction(models.Model):
             value = simple.eval(self.search_is_paid)
             search_query &= add_to_query("is_paid", value, self.search_is_paid_operator)
 
+        if self.search_mute:
+            value = simple.eval(self.search_mute)
+            search_query &= add_to_query("mute", value, self.search_mute_operator)
+
         if self.search_date:
             value = simple.eval(self.search_date)
             search_query &= add_to_query("date", value, self.search_date_operator)

app/apps/rules/signals.py

@@ -9,40 +9,17 @@ from apps.transactions.models import (
 )
 from apps.rules.tasks import check_for_transaction_rules
 from apps.common.middleware.thread_local import get_current_user
+from apps.rules.utils.transactions import serialize_transaction
 
 
 @receiver(transaction_created)
 @receiver(transaction_updated)
 @receiver(transaction_deleted)
 def transaction_changed_receiver(sender: Transaction, signal, **kwargs):
+    old_data = kwargs.get("old_data")
     if signal is transaction_deleted:
         # Serialize transaction data for processing
-        transaction_data = {
-            "id": sender.id,
-            "account": (sender.account.id, sender.account.name),
-            "account_group": (
-                sender.account.group.id if sender.account.group else None,
-                sender.account.group.name if sender.account.group else None,
-            ),
-            "type": str(sender.type),
-            "is_paid": sender.is_paid,
-            "is_asset": sender.account.is_asset,
-            "is_archived": sender.account.is_archived,
-            "category": (
-                sender.category.id if sender.category else None,
-                sender.category.name if sender.category else None,
-            ),
-            "date": sender.date.isoformat(),
-            "reference_date": sender.reference_date.isoformat(),
-            "amount": str(sender.amount),
-            "description": sender.description,
-            "notes": sender.notes,
-            "tags": list(sender.tags.values_list("id", "name")),
-            "entities": list(sender.entities.values_list("id", "name")),
-            "deleted": True,
-            "internal_note": sender.internal_note,
-            "internal_id": sender.internal_id,
-        }
+        transaction_data = serialize_transaction(sender, deleted=True)
 
         check_for_transaction_rules.defer(
             transaction_data=transaction_data,
@@ -59,6 +36,9 @@ def transaction_changed_receiver(sender: Transaction, signal, **kwargs):
         dca_entry.amount_received = sender.amount
         dca_entry.save()
 
+    if signal is transaction_updated and old_data:
+        old_data = serialize_transaction(old_data, deleted=False)
+
     check_for_transaction_rules.defer(
         instance_id=sender.id,
         user_id=get_current_user().id,
@@ -67,4 +47,5 @@ def transaction_changed_receiver(sender: Transaction, signal, **kwargs):
             if signal is transaction_created
             else "transaction_updated"
         ),
+        old_data=old_data,
     )

app/apps/rules/urls.py

@@ -42,6 +42,21 @@ urlpatterns = [
         views.transaction_rule_take_ownership,
         name="transaction_rule_take_ownership",
     ),
+    path(
+        "rules/transaction/<int:pk>/dry-run/created/",
+        views.dry_run_rule_created,
+        name="transaction_rule_dry_run_created",
+    ),
+    path(
+        "rules/transaction/<int:pk>/dry-run/deleted/",
+        views.dry_run_rule_deleted,
+        name="transaction_rule_dry_run_deleted",
+    ),
+    path(
+        "rules/transaction/<int:pk>/dry-run/updated/",
+        views.dry_run_rule_updated,
+        name="transaction_rule_dry_run_updated",
+    ),
     path(
         "rules/transaction/<int:pk>/share/",
         views.transaction_rule_share,

app/apps/rules/utils/transactions.py

@@ -0,0 +1,101 @@
+import logging
+from decimal import Decimal
+
+from django.db.models import Sum, Value, DecimalField, Case, When, F
+from django.db.models.functions import Coalesce
+
+from apps.transactions.models import (
+    Transaction,
+)
+
+logger = logging.getLogger(__name__)
+
+
+class TransactionsGetter:
+    def __init__(self, **filters):
+        self.__queryset = Transaction.objects.filter(**filters)
+
+    def exclude(self, **exclude_filters):
+        self.__queryset = self.__queryset.exclude(**exclude_filters)
+
+        return self
+
+    @property
+    def sum(self):
+        return self.__queryset.aggregate(
+            total=Coalesce(
+                Sum("amount"), Value(Decimal("0")), output_field=DecimalField()
+            )
+        )["total"]
+
+    @property
+    def balance(self):
+        return abs(
+            self.__queryset.aggregate(
+                balance=Coalesce(
+                    Sum(
+                        Case(
+                            When(type=Transaction.Type.EXPENSE, then=-F("amount")),
+                            default=F("amount"),
+                            output_field=DecimalField(),
+                        )
+                    ),
+                    Value(Decimal("0")),
+                    output_field=DecimalField(),
+                )
+            )["balance"]
+        )
+
+    @property
+    def raw_balance(self):
+        return self.__queryset.aggregate(
+            balance=Coalesce(
+                Sum(
+                    Case(
+                        When(type=Transaction.Type.EXPENSE, then=-F("amount")),
+                        default=F("amount"),
+                        output_field=DecimalField(),
+                    )
+                ),
+                Value(Decimal("0")),
+                output_field=DecimalField(),
+            )
+        )["balance"]
+
+
+def serialize_transaction(sender: Transaction, deleted: bool):
+    return {
+        "id": sender.id,
+        "account": (sender.account.id, sender.account.name),
+        "account_group": (
+            sender.account.group.id if sender.account.group else None,
+            sender.account.group.name if sender.account.group else None,
+        ),
+        "type": str(sender.type),
+        "is_paid": sender.is_paid,
+        "is_asset": sender.account.is_asset,
+        "is_archived": sender.account.is_archived,
+        "category": (
+            sender.category.id if sender.category else None,
+            sender.category.name if sender.category else None,
+        ),
+        "date": sender.date.isoformat(),
+        "reference_date": sender.reference_date.isoformat(),
+        "amount": str(sender.amount),
+        "description": sender.description,
+        "notes": sender.notes,
+        "tags": list(sender.tags.values_list("id", "name")),
+        "entities": list(sender.entities.values_list("id", "name")),
+        "deleted": deleted,
+        "internal_note": sender.internal_note,
+        "internal_id": sender.internal_id,
+        "mute": sender.mute,
+        "installment_id": sender.installment_id if sender.installment_plan else None,
+        "installment_total": (
+            sender.installment_plan.number_of_installments
+            if sender.installment_plan is not None
+            else None
+        ),
+        "installment": sender.installment_plan is not None,
+        "recurring_transaction": sender.recurring_transaction is not None,
+    }

app/apps/rules/views.py

@@ -1,5 +1,10 @@
+from itertools import chain
+
+from copy import deepcopy
+
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
+from django.db import transaction
 from django.http import HttpResponse
 from django.shortcuts import render, get_object_or_404, redirect
 from django.utils.translation import gettext_lazy as _
@@ -10,6 +15,9 @@ from apps.rules.forms import (
     TransactionRuleForm,
     TransactionRuleActionForm,
     UpdateOrCreateTransactionRuleActionForm,
+    DryRunCreatedTransacion,
+    DryRunDeletedTransacion,
+    DryRunUpdatedTransactionForm,
 )
 from apps.rules.models import (
     TransactionRule,
@@ -19,6 +27,11 @@ from apps.rules.models import (
 from apps.common.models import SharedObject
 from apps.common.forms import SharedObjectForm
 from apps.common.decorators.demo import disabled_on_demo
+from apps.rules.tasks import check_for_transaction_rules
+from apps.common.middleware.thread_local import get_current_user
+from apps.rules.signals import transaction_created, transaction_updated
+from apps.rules.utils.transactions import serialize_transaction
+from apps.transactions.models import Transaction
 
 
 @login_required
@@ -36,7 +49,7 @@ def rules_index(request):
 @disabled_on_demo
 @require_http_methods(["GET"])
 def rules_list(request):
-    transaction_rules = TransactionRule.objects.all().order_by("id")
+    transaction_rules = TransactionRule.objects.all().order_by("order", "id")
     return render(
         request,
         "rules/fragments/list.html",
@@ -140,10 +153,20 @@ def transaction_rule_edit(request, transaction_rule_id):
 def transaction_rule_view(request, transaction_rule_id):
     transaction_rule = get_object_or_404(TransactionRule, id=transaction_rule_id)
 
+    edit_actions = transaction_rule.transaction_actions.all()
+    update_or_create_actions = (
+        transaction_rule.update_or_create_transaction_actions.all()
+    )
+
+    all_actions = sorted(
+        chain(edit_actions, update_or_create_actions),
+        key=lambda a: a.order,
+    )
+
     return render(
         request,
         "rules/fragments/transaction_rule/view.html",
-        {"transaction_rule": transaction_rule},
+        {"transaction_rule": transaction_rule, "all_actions": all_actions},
     )
 
 
@@ -406,3 +429,156 @@ def update_or_create_transaction_rule_action_delete(request, pk):
             "HX-Trigger": "updated, hide_offcanvas",
         },
     )
+
+
+@only_htmx
+@login_required
+@disabled_on_demo
+@require_http_methods(["GET", "POST"])
+def dry_run_rule_created(request, pk):
+    rule = get_object_or_404(TransactionRule, id=pk)
+    logs = None
+    results = None
+
+    if request.method == "POST":
+        form = DryRunCreatedTransacion(request.POST)
+        if form.is_valid():
+            try:
+                with transaction.atomic():
+                    logs, results = check_for_transaction_rules(
+                        instance_id=form.cleaned_data["transaction"].id,
+                        signal="transaction_created",
+                        dry_run=True,
+                        rule_id=rule.id,
+                        user_id=get_current_user().id,
+                    )
+                    logs = "\n".join(logs)
+
+                    response = render(
+                        request,
+                        "rules/fragments/transaction_rule/dry_run/created.html",
+                        {"form": form, "rule": rule, "logs": logs, "results": results},
+                    )
+
+                    raise Exception("ROLLBACK")
+            except Exception:
+                pass
+
+            return response
+
+    else:
+        form = DryRunCreatedTransacion()
+
+    return render(
+        request,
+        "rules/fragments/transaction_rule/dry_run/created.html",
+        {"form": form, "rule": rule, "logs": logs, "results": results},
+    )
+
+
+@only_htmx
+@login_required
+@disabled_on_demo
+@require_http_methods(["GET", "POST"])
+def dry_run_rule_deleted(request, pk):
+    rule = get_object_or_404(TransactionRule, id=pk)
+    logs = None
+    results = None
+
+    if request.method == "POST":
+        form = DryRunDeletedTransacion(request.POST)
+        if form.is_valid():
+            try:
+                with transaction.atomic():
+                    logs, results = check_for_transaction_rules(
+                        instance_id=form.cleaned_data["transaction"].id,
+                        signal="transaction_deleted",
+                        dry_run=True,
+                        rule_id=rule.id,
+                        user_id=get_current_user().id,
+                    )
+                    logs = "\n".join(logs)
+
+                    response = render(
+                        request,
+                        "rules/fragments/transaction_rule/dry_run/created.html",
+                        {"form": form, "rule": rule, "logs": logs, "results": results},
+                    )
+
+                    raise Exception("ROLLBACK")
+            except Exception:
+                pass
+
+        return response
+
+    else:
+        form = DryRunDeletedTransacion()
+
+    return render(
+        request,
+        "rules/fragments/transaction_rule/dry_run/deleted.html",
+        {"form": form, "rule": rule, "logs": logs, "results": results},
+    )
+
+
+@only_htmx
+@login_required
+@disabled_on_demo
+@require_http_methods(["GET", "POST"])
+def dry_run_rule_updated(request, pk):
+    rule = get_object_or_404(TransactionRule, id=pk)
+    logs = None
+    results = None
+
+    if request.method == "POST":
+        form = DryRunUpdatedTransactionForm(request.POST)
+        if form.is_valid():
+            base_transaction = Transaction.objects.get(
+                id=request.POST.get("transaction")
+            )
+            old_data = deepcopy(base_transaction)
+            try:
+                with transaction.atomic():
+                    for field_name, value in form.cleaned_data.items():
+                        if value or isinstance(
+                            value, bool
+                        ):  # Only update fields that have been filled in the form
+                            if field_name == "tags":
+                                base_transaction.tags.set(value)
+                            elif field_name == "entities":
+                                base_transaction.entities.set(value)
+                            else:
+                                setattr(base_transaction, field_name, value)
+
+                    base_transaction.save()
+
+                    logs, results = check_for_transaction_rules(
+                        instance_id=base_transaction.id,
+                        signal="transaction_updated",
+                        dry_run=True,
+                        rule_id=rule.id,
+                        user_id=get_current_user().id,
+                        old_data=old_data,
+                    )
+                    logs = "\n".join(logs) if logs else ""
+
+                    response = render(
+                        request,
+                        "rules/fragments/transaction_rule/dry_run/updated.html",
+                        {"form": form, "rule": rule, "logs": logs, "results": results},
+                    )
+
+                    # This will rollback the transaction
+                    raise Exception("ROLLBACK")
+            except Exception:
+                pass
+
+            return response
+    else:
+        form = DryRunUpdatedTransactionForm(initial={"is_paid": None, "type": None})
+
+    return render(
+        request,
+        "rules/fragments/transaction_rule/dry_run/updated.html",
+        {"form": form, "rule": rule, "logs": logs, "results": results},
+    )

app/apps/transactions/filters.py

@@ -1,11 +1,4 @@
 import django_filters
-from crispy_forms.helper import FormHelper
-from crispy_forms.layout import Layout, Field, Row, Column
-from django import forms
-from django.db.models import Q
-from django.utils.translation import gettext_lazy as _
-from django_filters import Filter
-
 from apps.accounts.models import Account
 from apps.common.fields.month_year import MonthYearFormField
 from apps.common.widgets.datepicker import AirDatePickerInput
@@ -15,15 +8,26 @@ from apps.currencies.models import Currency
 from apps.transactions.models import (
     Transaction,
     TransactionCategory,
-    TransactionTag,
     TransactionEntity,
+    TransactionTag,
 )
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import Column, Field, Layout, Row
+from django import forms
+from django.db.models import Q
+from django.utils.translation import gettext_lazy as _
+from django_filters import Filter
 
 SITUACAO_CHOICES = (
     ("1", _("Paid")),
     ("0", _("Projected")),
 )
 
+MUTE_STATUS_CHOICES = (
+    ("active", _("Active")),
+    ("muted", _("Muted")),
+)
+
 
 def content_filter(queryset, name, value):
     queryset = queryset.filter(
@@ -60,31 +64,30 @@ class TransactionsFilter(django_filters.FilterSet):
         label=_("Currencies"),
         widget=TomSelectMultiple(checkboxes=True, remove_button=True),
     )
-    category = django_filters.ModelMultipleChoiceFilter(
-        field_name="category__name",
-        queryset=TransactionCategory.objects.all(),
-        to_field_name="name",
+    category = django_filters.MultipleChoiceFilter(
         label=_("Categories"),
         widget=TomSelectMultiple(checkboxes=True, remove_button=True),
+        method="filter_category",
     )
-    tags = django_filters.ModelMultipleChoiceFilter(
-        field_name="tags__name",
-        queryset=TransactionTag.objects.all(),
-        to_field_name="name",
+    tags = django_filters.MultipleChoiceFilter(
         label=_("Tags"),
         widget=TomSelectMultiple(checkboxes=True, remove_button=True),
+        method="filter_tags",
     )
-    entities = django_filters.ModelMultipleChoiceFilter(
-        field_name="entities__name",
-        queryset=TransactionEntity.objects.all(),
-        to_field_name="name",
+    entities = django_filters.MultipleChoiceFilter(
         label=_("Entities"),
         widget=TomSelectMultiple(checkboxes=True, remove_button=True),
+        method="filter_entities",
     )
     is_paid = django_filters.MultipleChoiceFilter(
         choices=SITUACAO_CHOICES,
         field_name="is_paid",
     )
+    mute_status = django_filters.MultipleChoiceFilter(
+        choices=MUTE_STATUS_CHOICES,
+        method="filter_mute_status",
+        label=_("Mute Status"),
+    )
     date_start = django_filters.DateFilter(
         field_name="date",
         lookup_expr="gte",
@@ -125,6 +128,7 @@ class TransactionsFilter(django_filters.FilterSet):
             "is_paid",
             "category",
             "tags",
+            "entities",
             "date_start",
             "date_end",
             "reference_date_start",
@@ -146,6 +150,9 @@ class TransactionsFilter(django_filters.FilterSet):
             if data.get("is_paid") is None:
                 data.setlist("is_paid", ["1", "0"])
 
+            if data.get("mute_status") is None:
+                data.setlist("mute_status", ["active", "muted"])
+
         super().__init__(data, *args, **kwargs)
 
         self.form.helper = FormHelper()
@@ -161,17 +168,19 @@ class TransactionsFilter(django_filters.FilterSet):
                 "is_paid",
                 template="transactions/widgets/transaction_type_filter_buttons.html",
             ),
+            Field(
+                "mute_status",
+                template="transactions/widgets/transaction_type_filter_buttons.html",
+            ),
             Field("description"),
             Row(Column("date_start"), Column("date_end")),
             Row(
-                Column("reference_date_start", css_class="form-group col-md-6 mb-0"),
-                Column("reference_date_end", css_class="form-group col-md-6 mb-0"),
-                css_class="form-row",
+                Column("reference_date_start"),
+                Column("reference_date_end"),
             ),
             Row(
-                Column("from_amount", css_class="form-group col-md-6 mb-0"),
-                Column("to_amount", css_class="form-group col-md-6 mb-0"),
-                css_class="form-row",
+                Column("from_amount"),
+                Column("to_amount"),
             ),
             Field("account", size=1),
             Field("currency", size=1),
@@ -186,6 +195,126 @@ class TransactionsFilter(django_filters.FilterSet):
         self.form.fields["date_end"].widget = AirDatePickerInput()
 
         self.form.fields["account"].queryset = Account.objects.all()
-        self.form.fields["category"].queryset = TransactionCategory.objects.all()
-        self.form.fields["tags"].queryset = TransactionTag.objects.all()
-        self.form.fields["entities"].queryset = TransactionEntity.objects.all()
+        category_choices = list(
+            TransactionCategory.objects.values_list("name", "name").order_by("name")
+        )
+        custom_choices = [
+            ("any", _("Categorized")),
+            ("uncategorized", _("Uncategorized")),
+        ]
+        self.form.fields["category"].choices = custom_choices + category_choices
+        tag_choices = list(
+            TransactionTag.objects.values_list("name", "name").order_by("name")
+        )
+        custom_tag_choices = [("any", _("Tagged")), ("untagged", _("Untagged"))]
+        self.form.fields["tags"].choices = custom_tag_choices + tag_choices
+        entity_choices = list(
+            TransactionEntity.objects.values_list("name", "name").order_by("name")
+        )
+        custom_entity_choices = [
+            ("any", _("Any entity")),
+            ("no_entity", _("No entity")),
+        ]
+        self.form.fields["entities"].choices = custom_entity_choices + entity_choices
+
+    @staticmethod
+    def filter_category(queryset, name, value):
+        if not value:
+            return queryset
+
+        value = list(value)
+
+        if "any" in value:
+            return queryset.filter(category__isnull=False)
+
+        q = Q()
+        if "uncategorized" in value:
+            q |= Q(category__isnull=True)
+            value.remove("uncategorized")
+
+        if value:
+            q |= Q(category__name__in=value)
+
+        if q.children:
+            return queryset.filter(q)
+
+        return queryset
+
+    @staticmethod
+    def filter_tags(queryset, name, value):
+        if not value:
+            return queryset
+
+        value = list(value)
+
+        if "any" in value:
+            return queryset.filter(tags__isnull=False).distinct()
+
+        q = Q()
+        if "untagged" in value:
+            q |= Q(tags__isnull=True)
+            value.remove("untagged")
+
+        if value:
+            q |= Q(tags__name__in=value)
+
+        if q.children:
+            return queryset.filter(q).distinct()
+
+        return queryset
+
+    @staticmethod
+    def filter_entities(queryset, name, value):
+        if not value:
+            return queryset
+
+        value = list(value)
+
+        if "any" in value:
+            return queryset.filter(entities__isnull=False).distinct()
+
+        q = Q()
+        if "no_entity" in value:
+            q |= Q(entities__isnull=True)
+            value.remove("no_entity")
+
+        if value:
+            q |= Q(entities__name__in=value)
+
+        if q.children:
+            return queryset.filter(q).distinct()
+
+        return queryset
+
+    @staticmethod
+    def filter_mute_status(queryset, name, value):
+        from apps.common.middleware.thread_local import get_current_user
+
+        if not value:
+            return queryset
+
+        value = list(value)
+
+        # If both are selected, return all
+        if "active" in value and "muted" in value:
+            return queryset
+
+        user = get_current_user()
+
+        # Only Active selected: exclude muted transactions
+        if "active" in value:
+            return (
+                queryset.exclude(account__untracked_by=user)
+                .filter(
+                    mute=False,
+                )
+                .filter(Q(category__mute=False) | Q(category__isnull=True))
+            )
+
+        # Only Muted selected: include only muted transactions
+        if "muted" in value:
+            return queryset.filter(
+                Q(account__untracked_by=user) | Q(category__mute=True) | Q(mute=True)
+            )
+
+        return queryset