we-promise · jjmata · May 1, 2026 · Apr 30, 2026 · Apr 30, 2026 · May 1, 2026
diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb
@@ -7,53 +7,86 @@ class Api::V1::AccountsController < Api::V1::BaseController
   before_action :ensure_read_scope
 
   def index
-    # Test with Pagy pagination
-    family = current_resource_owner.family
-    accounts_query = family.accounts.accessible_by(current_resource_owner).visible.alphabetically
+    @per_page = safe_per_page_param
 
-    # Handle pagination with Pagy
     @pagy, @accounts = pagy(
-      accounts_query,
+      accounts_scope.alphabetically,
       page: safe_page_param,
-      limit: safe_per_page_param
+      limit: @per_page
     )
 
-    @per_page = safe_per_page_param
-
-    # Rails will automatically use app/views/api/v1/accounts/index.json.jbuilder
     render :index
   rescue => e
-    Rails.logger.error "AccountsController error: #{e.message}"
+    Rails.logger.error "AccountsController#index error: #{e.message}"
     Rails.logger.error e.backtrace.join("\n")
 
     render json: {
       error: "internal_server_error",
       message: "An unexpected error occurred"
     }, status: :internal_server_error
-end
+  end
 
-    private
+  def show
+    unless valid_uuid?(params[:id])
+      render json: {
+        error: "not_found",
+        message: "Account not found"
+      }, status: :not_found
+      return
+    end
 
-      def ensure_read_scope
-        authorize_scope!(:read)
-      end
+    @account = accounts_scope.find(params[:id])
+
+    render :show
+  rescue ActiveRecord::RecordNotFound
+    render json: {
+      error: "not_found",
+      message: "Account not found"
+    }, status: :not_found
+  rescue => e
+    Rails.logger.error "AccountsController#show error: #{e.message}"
+    Rails.logger.error e.backtrace.join("\n")
 
+    render json: {
+      error: "internal_server_error",
+      message: "An unexpected error occurred"
+    }, status: :internal_server_error
+  end
 
+  private
 
-      def safe_page_param
-        page = params[:page].to_i
-        page > 0 ? page : 1
-      end
+    def ensure_read_scope
+      authorize_scope!(:read)
+    end
+
+    def accounts_scope
+      scope = current_resource_owner.family.accounts
+                                    .accessible_by(current_resource_owner)
+                                    .includes(:accountable, account_providers: :provider)
+      include_disabled_accounts? ? scope : scope.visible
+    end
+
+    def include_disabled_accounts?
+      ActiveModel::Type::Boolean.new.cast(params[:include_disabled])
+    end
+
+    def valid_uuid?(value)
+      value.to_s.match?(/\A[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\z/i)
+    end
+
+    def safe_page_param
+      page = params[:page].to_i
+      page > 0 ? page : 1
+    end
 
-      def safe_per_page_param
-        per_page = params[:per_page].to_i
+    def safe_per_page_param
+      per_page = params[:per_page].to_i
 
-        # Default to 25, max 100
-        case per_page
-        when 1..100
-          per_page
-        else
-          25
-        end
+      case per_page
+      when 1..100
+        per_page
+      else
+        25
       end
+    end
 end
diff --git a/app/views/api/v1/accounts/_account.json.jbuilder b/app/views/api/v1/accounts/_account.json.jbuilder
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+balance_money = account.balance_money
+cash_balance_money = account.cash_balance_money
+
+json.id account.id
+json.name account.name
+json.balance balance_money.format
+json.balance_cents((balance_money.amount * balance_money.currency.minor_unit_conversion).round(0).to_i)
+json.cash_balance cash_balance_money.format
+json.cash_balance_cents((cash_balance_money.amount * cash_balance_money.currency.minor_unit_conversion).round(0).to_i)
+json.currency account.currency
+json.classification account.classification
+json.account_type account.accountable_type&.underscore
+json.subtype account.subtype
+json.status account.status
+json.institution_name account.institution_name
+json.institution_domain account.institution_domain
+json.created_at account.created_at.iso8601
+json.updated_at account.updated_at.iso8601
diff --git a/app/views/api/v1/accounts/index.json.jbuilder b/app/views/api/v1/accounts/index.json.jbuilder
@@ -1,12 +1,7 @@
 # frozen_string_literal: true
 
 json.accounts @accounts do |account|
-  json.id account.id
-  json.name account.name
-  json.balance account.balance_money.format
-  json.currency account.currency
-  json.classification account.classification
-  json.account_type account.accountable_type.underscore
+  json.partial! "account", account: account
 end
 
 json.pagination do

diff --git a/app/views/api/v1/accounts/show.json.jbuilder b/app/views/api/v1/accounts/show.json.jbuilder
@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+json.partial! "account", account: @account
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# frozen_string_literal: true

		json.partial! "account", account: @account