fix(enable_banking): match bank list search against BIC, not just name

[dripsmvcp]

Summary

• The Enable Banking bank-selection modal's client-side search only indexed aspsp[:name], so users searching by BIC (e.g. INGDDEFF) got an empty result even when the bank was visibly rendered in the list. This change extends the search haystack to include the BIC alongside the name.

Root Cause

app/views/enable_banking_items/select_bank.html.erb:31 rendered each list row with data-bank-name="<%= aspsp[:name].downcase(:fold) %>", and the Stimulus controller at app/javascript/controllers/bank_search_controller.js:11 substring-matched the user's query against that single field. The BIC was shown in the row's body but was never part of what the filter looked at.

Fix

• View renders a combined data-bank-search="<name> <bic>" (case-folded, blanks dropped) on each item.
• Stimulus controller reads from dataset.bankSearch.
• No backwards-compatibility shim — data-bank-name had exactly one consumer (this controller), renamed in lockstep.

Scope note

Issue #1814 describes ING Germany as missing from the list entirely. The Sure code path does not filter ASPSPs — provider.get_aspsps(country:) results are passed through unmodified — so a bank being absent reflects what Enable Banking's /aspsps?country=DE returned for that application, not an app-side allowlist. This PR addresses one concrete UX gap the report calls out (BIC search returning no results) without claiming to make a truly-absent bank appear; the latter is an Enable Banking dashboard / upstream concern.

Test plan

• New regression test: test/controllers/enable_banking_items_controller_test.rb — mocks Provider::EnableBanking#get_aspsps to return ING-DiBa with BIC INGDDEFF, asserts the rendered list row's data-bank-search attribute contains both ingddeff and ing-diba ag.

• Test fails before the fix, passes after:

  $ bin/rails test test/controllers/enable_banking_items_controller_test.rb
  Run options: --seed 2260
  
  # Running:
  
  .
  
  Finished in 1.428127s, 0.7002 runs/s, 4.2013 assertions/s.
  1 runs, 6 assertions, 0 failures, 0 errors, 0 skips
  

• bin/rubocop -f github -a clean on the new Ruby test file

• bundle exec erb_lint ./app/views/enable_banking_items/select_bank.html.erb -a clean

• npm run lint (biome) clean on the changed Stimulus controller

• bin/brakeman --no-pager — 0 security warnings

• Manual UI smoke: open the Enable Banking bank-selection modal, type a BIC substring, confirm the matching bank stays visible

Refs #1814

Summary by CodeRabbit

• Improvements
  • Bank search now matches against both bank name and BIC, improving discoverability via either term; search remains case-insensitive and tolerant of minor formatting.
• Tests
  • Added integration tests to verify bank selection/search behavior and ensure BIC and name are searchable.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7c8ded5e-c423-4b11-a3fa-ce6aba8366a9

📥 Commits

Reviewing files that changed from the base of the PR and between 7520f21 and d47a4a2.

📒 Files selected for processing (1)

• app/javascript/controllers/bank_search_controller.js

---

📝 Walkthrough

Walkthrough

View renders a combined data-bank-search (bank name + BIC); the Stimulus search controller reads data-bank-search for filtering instead of data-bank-name; an integration test asserts the rendered attribute includes both bank name and lowercased BIC.

Changes

Bank search with BIC

Layer / File(s)	Summary
Expose bank search data with BIC app/views/enable_banking_items/select_bank.html.erb	The bank option item element now sets data-bank-search with a space-separated combination of bank name and BIC, replacing the previous data-bank-name attribute.
Update search filter to read combined attribute app/javascript/controllers/bank_search_controller.js	The filter method reads from item.dataset.bankSearch (falling back to '') instead of item.dataset.bankName, preserving case-insensitive substring matching and item visibility toggling.
Verify BIC-enhanced search integration test/controllers/enable_banking_items_controller_test.rb	Integration test confirms the select_bank view exposes both the ASPSP BIC and bank name in the data-bank-search attribute by staking a stubbed provider response and asserting the rendered attribute.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested labels

pr:verified

Suggested reviewers

• jjmata

Poem

🐰 I hopped through HTML and JS,

I stitched name and BIC into one mesh.
Now searches find banks both near and far,
A tiny change — a brighter star. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: enabling bank list search against BIC codes in addition to bank names, which directly addresses the root cause described in the PR objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

app/javascript/controllers/bank_search_controller.js (1)

11-11: ⚡ Quick win

Consider using toLowerCase() instead of toLocaleLowerCase().

The toLocaleLowerCase() method is locale-sensitive and can produce unexpected results in certain locales (e.g., Turkish locale lowercases 'I' to 'ı' instead of 'i'). Since bank names and BIC codes are not locale-specific data, toLowerCase() would provide more predictable, locale-independent behavior and better align with the intent of case-insensitive matching.

🔄 Proposed change

-      const haystack = (item.dataset.bankSearch ?? "").toLocaleLowerCase();
+      const haystack = (item.dataset.bankSearch ?? "").toLowerCase();

Also update line 7 for consistency:

-    const query = this.inputTarget.value.toLocaleLowerCase().trim();
+    const query = this.inputTarget.value.toLowerCase().trim();

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@app/javascript/controllers/bank_search_controller.js` at line 11, Replace the
locale-sensitive toLocaleLowerCase() call on the bank search string with
toLowerCase() to ensure locale-independent, predictable case folding: update the
expression that assigns haystack from item.dataset.bankSearch to use
toLowerCase() instead of toLocaleLowerCase(); also make the similar change for
the other search-normalization call referenced in the file (the comparable
dataset/variable used on line 7) so both sides of the case-insensitive
comparison use toLowerCase().

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@app/javascript/controllers/bank_search_controller.js`:
- Line 11: Replace the locale-sensitive toLocaleLowerCase() call on the bank
search string with toLowerCase() to ensure locale-independent, predictable case
folding: update the expression that assigns haystack from
item.dataset.bankSearch to use toLowerCase() instead of toLocaleLowerCase();
also make the similar change for the other search-normalization call referenced
in the file (the comparable dataset/variable used on line 7) so both sides of
the case-insensitive comparison use toLowerCase().

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 156cb804-e022-47dd-9651-1a109c45a975

📥 Commits

Reviewing files that changed from the base of the PR and between 04ba4dd and 7520f21.

📒 Files selected for processing (3)

• app/javascript/controllers/bank_search_controller.js
• app/views/enable_banking_items/select_bank.html.erb
• test/controllers/enable_banking_items_controller_test.rb

[JSONbored]

@jjmata @dripsmvcp - a few additional thoughts:

• Security: no issue found; ERB escapes attribute data and JS only filters text.
• Required: run Biome format; formatter wants the JS callback formatting fixed.
• Test: keep/confirm search by bank name and BIC both match.

[jjmata]

Clean, well-scoped fix. Renaming data-bank-name → data-bank-search in lockstep with the controller is the right call since it had exactly one consumer.

The test is good — it exercises the rendered HTML attribute content directly, which is the right level for this kind of view+controller integration.

One note on the scope clarification in the PR description: the comment about ING Germany being absent from the upstream list entirely (rather than just not searchable) is a useful distinction. Good to document that this PR addresses the UX gap (BIC search returns no results) without claiming to fix the upstream availability issue. That context will be useful for anyone following up on #1814.

---

Generated by Claude Code

[plind-junior]

Thanks @jjmata for the review