{"info":{"_postman_id":"a8a82655-81cc-407f-a83e-510787e38f62","name":"Zorvyn","description":"<html><head></head><body><h1 id=\"zorvyn-finance-api\">Zorvyn Finance API</h1>\n<p>This API provides a secure backend system for managing user authentication and financial records.</p>\n<p>It is designed with a focus on security, role-based access control, and scalable architecture suitable for fintech applications.</p>\n<hr>\n<h2 id=\"🚀-features\">🚀 Features</h2>\n<h3 id=\"🔐-authentication--authorization\">🔐 Authentication &amp; Authorization</h3>\n<ul>\n<li><p>JWT-based authentication using HTTP-only cookies</p>\n</li>\n<li><p>Secure login and logout functionality</p>\n</li>\n<li><p>Admin-controlled user creation</p>\n</li>\n<li><p>Role-based access control (Admin, Analyst, User)</p>\n</li>\n</ul>\n<h3 id=\"👤-user-management\">👤 User Management</h3>\n<ul>\n<li><p>Create users (Admin only)</p>\n</li>\n<li><p>View all users (excluding sensitive data)</p>\n</li>\n<li><p>Update user details (username, role, status, password)</p>\n</li>\n<li><p>Delete users with password verification</p>\n</li>\n</ul>\n<h3 id=\"💰-financial-records-management\">💰 Financial Records Management</h3>\n<ul>\n<li><p>Add income and expense records</p>\n</li>\n<li><p>Update and delete records securely</p>\n</li>\n<li><p>Filter records based on category, type, and date</p>\n</li>\n<li><p>Generate financial summaries (total income, expenses, balance)</p>\n</li>\n</ul>\n<hr>\n<h2 id=\"🧠-system-workflow\">🧠 System Workflow</h2>\n<ol>\n<li><p>Admin logs in using credentials</p>\n</li>\n<li><p>Admin creates and manages users</p>\n</li>\n<li><p>Users authenticate via login</p>\n</li>\n<li><p>Financial records are created and managed by admin</p>\n</li>\n<li><p>Analysts can view and filter records</p>\n</li>\n<li><p>Summary endpoints provide financial insights</p>\n</li>\n</ol>\n<hr>\n<h2 id=\"🔐-authentication\">🔐 Authentication</h2>\n<p>This API uses JWT tokens stored in HTTP-only cookies.</p>\n<ul>\n<li><p>Users must be authenticated to access protected routes</p>\n</li>\n<li><p>Middleware verifies token and attaches user data to requests</p>\n</li>\n</ul>\n<hr>\n<h2 id=\"👥-roles--permissions\">👥 Roles &amp; Permissions</h2>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th>Role</th>\n<th>Permissions</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td>Admin</td>\n<td>Full access (users + records management)</td>\n</tr>\n<tr>\n<td>Analyst</td>\n<td>Read-only access to financial records</td>\n</tr>\n<tr>\n<td>User</td>\n<td>Limited access (authentication only)</td>\n</tr>\n</tbody>\n</table>\n</div><hr>\n<h2 id=\"📡-base-url\">📡 Base URL</h2>\n<p>```bash<br><a href=\"http://localhost:3000\">http://localhost:5000</a></p>\n</body></html>","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[{"content":"Zorvyn Finance API","slug":"zorvyn-finance-api"}],"owner":"36762923","collectionId":"a8a82655-81cc-407f-a83e-510787e38f62","publishedId":"2sBXiomVe4","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2026-04-02T19:12:09.000Z"},"item":[{"name":"Auth","item":[{"name":"Signup","id":"0177253e-e508-48ce-bab2-2c3c0f6a7afa","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"admin\",\r\n    \"email\":\"admin@Zorvyn.com\",\r\n    \"password\":\"admin\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup","description":"<p>Creates a new user account (Admin only).</p>\n<p>This endpoint allows an admin to register a new user in the system.<br />The request must include username, email, and password. Role and active status can also be assigned.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Validates required fields</p>\n</li>\n<li><p>Checks if user already exists</p>\n</li>\n<li><p>Hashes password before storing</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to users with admin role</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: User created successfully</p>\n</li>\n<li><p>400: Missing fields or invalid password</p>\n</li>\n<li><p>403: Only admins can create users</p>\n</li>\n<li><p>409: User already exists</p>\n</li>\n<li><p>400:Bad Request(Validation Failed)</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","auth","signup"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"632a3576-d15e-412f-a53a-cbd277cb36f7","name":"Successful Sign Up","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"viewer\",\r\n    \"email\":\"viewer2@zorvyn.com\",\r\n    \"password\":\"analyst\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"99"},{"key":"Date","value":"Thu, 02 Apr 2026 18:38:26 GMT"},{"key":"X-RateLimit-Reset","value":"1775156007"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"52"},{"key":"ETag","value":"W/\"34-EKTHux7yH+mUr8EmO/+sl62nmPU\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"message\": \"User created successfully\",\n    \"status\": 201\n}"},{"id":"47844e0f-b6fb-4fc9-b536-ffcb68f31281","name":"Unauthorized","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"viewer\",\r\n    \"email\":\"viewer2@zorvyn.com\",\r\n    \"password\":\"analyst\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"94"},{"key":"Date","value":"Fri, 03 Apr 2026 04:57:24 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"45"},{"key":"ETag","value":"W/\"2d-DR9wSgRvj9S4pj3fAmGT1HlKpf8\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can create new users\""},{"id":"25cab20d-f19a-4116-9883-e194558bc984","name":"User Already Exists","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"viewer\",\r\n    \"email\":\"viewer2@zorvyn.com\",\r\n    \"password\":\"analyst\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup"},"status":"Conflict","code":409,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"97"},{"key":"Date","value":"Fri, 03 Apr 2026 04:56:12 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"21"},{"key":"ETag","value":"W/\"15-3FwzSqxGtGYkpZpefdrAKcsMpOc\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"User already exists\""},{"id":"ac0867b1-7645-4591-8c50-8b77da1ca9d8","name":"Incomplete fields","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"\",\r\n    \"email\":\"viewer2@zorvyn.com\",\r\n    \"password\":\"analyst\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"86"},{"key":"Date","value":"Fri, 03 Apr 2026 05:03:12 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"25"},{"key":"ETag","value":"W/\"19-WbfwCSb0NgrvyLt7RWPEsdspq+8\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"All fields are required\""},{"id":"5a269c64-ab86-42ce-8066-ec0848caac2f","name":"Validation Checks","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"username\":\"\",\r\n    \"email\":\"viewer2@zorvyn.com\",\r\n    \"password\":\"analyst\",\r\n    \"role\":\"admin\",\r\n    \"active\":1\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/signup"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Fri, 03 Apr 2026 06:07:45 GMT"},{"key":"X-RateLimit-Reset","value":"1775197359"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"51"},{"key":"ETag","value":"W/\"33-MVsMFZWnHkG+orLb4mPZQxtPkEc\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"error\": \"\\\"username\\\" is not allowed to be empty\"\n}"}],"_postman_id":"0177253e-e508-48ce-bab2-2c3c0f6a7afa"},{"name":"LogIn","id":"0591c500-2bbc-4f2e-8d05-ec17cecefafb","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"email\":\"admin@zorvyn.com\",\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/login","description":"<p>Authenticates a user using email and password.</p>\n<p>On successful authentication:</p>\n<ul>\n<li><p>Returns user details</p>\n</li>\n<li><p>Sets a JWT token in an HTTP-only cookie for session management</p>\n</li>\n</ul>\n<p>Behavior:</p>\n<ul>\n<li><p>Validates input fields</p>\n</li>\n<li><p>Compares hashed password</p>\n</li>\n<li><p>Generates authentication token</p>\n</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Login successful</p>\n</li>\n<li><p>400: Missing email or password</p>\n</li>\n<li><p>401: Invalid credentials</p>\n</li>\n<li><p>404: User not found</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","auth","login"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"187020f8-54dc-4fe3-b89b-5f38f03e3bec","name":"LogIn","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"email\":\"admin@zorvyn.com\",\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/login"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"99"},{"key":"Date","value":"Thu, 02 Apr 2026 18:34:41 GMT"},{"key":"X-RateLimit-Reset","value":"1775155782"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Set-Cookie","value":"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI2OWNlMTU3NjdmY2NlOTRhNjIyOTc1MzciLCJpYXQiOjE3NzUxNTQ4ODIsImV4cCI6MTc3NTE3Mjg4Mn0.sui5AxHtLXD2wGEPSMPsJqW9JmYc-4cscViK1sKCpEE; Max-Age=18000; Path=/; Expires=Thu, 02 Apr 2026 23:34:42 GMT; HttpOnly; SameSite=Strict"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"80"},{"key":"ETag","value":"W/\"50-dr4lPsVqhhFDuWfVl1Lsmqo0qBc\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"_id\": \"69ce15767fcce94a62297537\",\n    \"username\": \"admin\",\n    \"email\": \"admin@zorvyn.com\"\n}"},{"id":"b7b3c2d9-d92d-487f-8921-61fefe810761","name":"Invalid credentials","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"email\":\"admin@zorvyn.com\",\r\n    \"password\":\"admin123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/login"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"94"},{"key":"Date","value":"Thu, 02 Apr 2026 19:32:05 GMT"},{"key":"X-RateLimit-Reset","value":"1775159077"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"21"},{"key":"ETag","value":"W/\"15-JMpTZs6f8ePtsT6XAnyeGuGMYTE\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Invalid credentials\""},{"id":"02ae8bf8-1891-4586-96a1-0bfb66d71978","name":"Incomplete Fields","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"email\":\"\",\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/login"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"92"},{"key":"Date","value":"Fri, 03 Apr 2026 05:00:21 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"25"},{"key":"ETag","value":"W/\"19-WbfwCSb0NgrvyLt7RWPEsdspq+8\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"All fields are required\""},{"id":"c383fe7c-d969-4513-aad4-58a08d54ae93","name":"User not found","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"email\":\"admin@somethingelse.com\",\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/auth/login"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"90"},{"key":"Date","value":"Fri, 03 Apr 2026 05:01:41 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"16"},{"key":"ETag","value":"W/\"10-6tywfCuytUW27UTZGAkxankrqC4\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"User not found\""}],"_postman_id":"0591c500-2bbc-4f2e-8d05-ec17cecefafb"},{"name":"LogOut","id":"51ff5bda-8801-49a4-96c6-cf8ddf73a57b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":""},"url":"http://localhost:5000/api/auth/logout","description":"<p>Logs out the currently authenticated user.</p>\n<p>This endpoint clears the JWT cookie from the browser, effectively ending the user session.</p>\n<p>Behavior:</p>\n<ul>\n<li>Removes authentication token from cookies</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Logged out successfully</p>\n</li>\n<li><p>500: Internal server error</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","auth","logout"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"bd95c149-14bb-4a52-8608-3360d83f4f2d","name":"LogOut","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":""},"url":"http://localhost:5000/api/auth/logout"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"91"},{"key":"Date","value":"Thu, 02 Apr 2026 18:29:36 GMT"},{"key":"X-RateLimit-Reset","value":"1775154942"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Set-Cookie","value":"jwt=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"25"},{"key":"ETag","value":"W/\"19-BBKAUqy2j5rDV+0l3zjakkX54FQ\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Logged out successfully\""}],"_postman_id":"51ff5bda-8801-49a4-96c6-cf8ddf73a57b"}],"id":"43785b4c-0ef8-42d8-aa4d-6fcbcdded8b4","description":"<h2 id=\"user-management-module\">User Management Module</h2>\n<p>This module handles user-related operations such as viewing, updating, and deleting users.</p>\n<p>It is designed with role-based access control to ensure only authorized users can perform sensitive actions.</p>\n<h2 id=\"features\">Features</h2>\n<ul>\n<li><p>View all users (excluding sensitive data like passwords)</p>\n</li>\n<li><p>Update user details (username, role, status, password)</p>\n</li>\n<li><p>Delete users securely with password verification</p>\n</li>\n</ul>\n<h2 id=\"access-control\">Access Control</h2>\n<ul>\n<li><p>Admin:</p>\n<ul>\n<li>Full access to all user operations (view, update, delete)</li>\n</ul>\n</li>\n<li><p>Other roles:</p>\n<ul>\n<li>Restricted access</li>\n</ul>\n</li>\n</ul>\n<h2 id=\"security\">Security</h2>\n<ul>\n<li><p>Password field is excluded from API responses</p>\n</li>\n<li><p>Password updates are securely hashed before saving</p>\n</li>\n<li><p>Deletion requires password confirmation for added security</p>\n</li>\n</ul>\n<h2 id=\"notes\">Notes</h2>\n<ul>\n<li><p>All user operations are protected using authentication middleware</p>\n</li>\n<li><p>Only authorized roles can perform administrative actions</p>\n</li>\n</ul>\n","_postman_id":"43785b4c-0ef8-42d8-aa4d-6fcbcdded8b4"},{"name":"Users","item":[{"name":"getUsers","id":"f46f5580-9cc6-4bfa-abf1-42dbf9e813fc","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://localhost:5000/api/users/getusers","description":"<p>Retrieves a list of all users (Admin only).</p>\n<p>This endpoint returns all registered users in the system, excluding sensitive fields like passwords.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Fetches all users from database</p>\n</li>\n<li><p>Excludes password field</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: List of users returned</p>\n</li>\n<li><p>403: Only admins can view users</p>\n</li>\n<li><p>500: Error fetching users</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","users","getusers"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"88ebc7d2-0edc-4263-9c49-d2d33f64a22d","name":"getUsers","originalRequest":{"method":"GET","header":[],"url":"http://localhost:5000/api/users/getusers"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"88"},{"key":"Date","value":"Thu, 02 Apr 2026 19:11:05 GMT"},{"key":"X-RateLimit-Reset","value":"1775157722"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"361"},{"key":"ETag","value":"W/\"169-ZyV0ML4rt+Z8LxyfNzp3G3foMSw\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"[\n    {\n        \"_id\": \"69ce15767fcce94a62297537\",\n        \"username\": \"admin\",\n        \"email\": \"admin@zorvyn.com\",\n        \"role\": \"admin\",\n        \"active\": 1,\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69ce1623f9bac7af58480fa7\",\n        \"username\": \"analysttester\",\n        \"email\": \"analyst@zorvyn.com\",\n        \"role\": \"analyst\",\n        \"active\": 1,\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69ce99309aec5cbc4e00ddc9\",\n        \"username\": \"viewer\",\n        \"email\": \"viewer@zorvyn.com\",\n        \"role\": \"viewer\",\n        \"active\": 1,\n        \"__v\": 0\n    }\n]"},{"id":"07b1fdf1-a5ab-4b64-b271-509a123e97aa","name":"Forbidden","originalRequest":{"method":"GET","header":[],"url":"http://localhost:5000/api/users/getusers"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"83"},{"key":"Date","value":"Fri, 03 Apr 2026 05:05:24 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"50"},{"key":"ETag","value":"W/\"32-KL1nxpQUllBUi3VKKjVD7bVc6Y0\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can view user information\""},{"id":"3316df15-7e9d-4887-8ad2-0fe691413a8e","name":"Users based on filter","originalRequest":{"method":"GET","header":[],"url":{"raw":"http://localhost:5000/api/users/getusers?username=viewer","protocol":"http","host":["localhost"],"port":"5000","path":["api","users","getusers"],"query":[{"key":"username","value":"viewer"}]}},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"80"},{"key":"Date","value":"Fri, 03 Apr 2026 05:06:13 GMT"},{"key":"X-RateLimit-Reset","value":"1775192928"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"237"},{"key":"ETag","value":"W/\"ed-RcPpPFKzTN4Nh0RtTzswQOnfNWw\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"[\n    {\n        \"_id\": \"69ce99309aec5cbc4e00ddc9\",\n        \"username\": \"viewer\",\n        \"email\": \"viewer@zorvyn.com\",\n        \"role\": \"viewer\",\n        \"active\": 1,\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cec41ea8117c090e85692e\",\n        \"username\": \"viewer\",\n        \"email\": \"viewer2@zorvyn.com\",\n        \"role\": \"admin\",\n        \"active\": 1,\n        \"__v\": 0\n    }\n]"}],"_postman_id":"f46f5580-9cc6-4bfa-abf1-42dbf9e813fc"},{"name":"updateUser","id":"041951c8-af4d-4072-b4fd-4a0a9fbff47f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"analysttester\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/update/69ce1623f9bac7af58480fa7","description":"<p>Updates user details by ID (Admin only).</p>\n<p>Allows an admin to update user information such as username, role, active status, or password.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Updates only provided fields</p>\n</li>\n<li><p>Re-hashes password if updated</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Parameters:</p>\n<ul>\n<li>id: User ID (path parameter)</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: User updated successfully</p>\n</li>\n<li><p>403: Only admins can update users</p>\n</li>\n<li><p>404: User not found</p>\n</li>\n<li><p>500: Server error</p>\n</li>\n<li><p>400:Bad Request(Validation Failed)</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","users","update","69ce1623f9bac7af58480fa7"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"1c8d8d3a-8941-40f5-8a28-c83c73a777b3","name":"successfully updated user","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"analyst\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/update/69ce1623f9bac7af58480fa7"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"95"},{"key":"Date","value":"Thu, 02 Apr 2026 18:37:36 GMT"},{"key":"X-RateLimit-Reset","value":"1775155782"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"27"},{"key":"ETag","value":"W/\"1b-j1+yS9I6fO7NOF/3G0TWrw5fOjM\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"user updated successfully\""},{"id":"6f3edb4c-9dc0-414c-bb2d-ef571d85424f","name":"User not found","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"viewertest\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/update/69ce99309aec5cbc4e00ddc2"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Fri, 03 Apr 2026 05:09:06 GMT"},{"key":"X-RateLimit-Reset","value":"1775193828"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"16"},{"key":"ETag","value":"W/\"10-6tywfCuytUW27UTZGAkxankrqC4\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"User not found\""},{"id":"5e8bd0f4-a9e5-493c-a42b-ddef97347eee","name":"Forbidden","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"viewertest\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/update/69ce99309aec5cbc4e00ddc2"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"95"},{"key":"Date","value":"Fri, 03 Apr 2026 05:10:46 GMT"},{"key":"X-RateLimit-Reset","value":"1775193828"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"52"},{"key":"ETag","value":"W/\"34-RwaWRkkM+FGbgQ2eo8gXPN4v51I\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can update user information\""},{"id":"c7c27fa5-f621-42e0-bd0c-d785860677dc","name":"Validation Checks","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"\",\r\n    \"role\":\"viewer\",\r\n    \"password\":\"viewer123\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/update/69cec41ea8117c090e85692e"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"95"},{"key":"Date","value":"Fri, 03 Apr 2026 06:11:07 GMT"},{"key":"X-RateLimit-Reset","value":"1775197534"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"51"},{"key":"ETag","value":"W/\"33-MVsMFZWnHkG+orLb4mPZQxtPkEc\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"error\": \"\\\"username\\\" is not allowed to be empty\"\n}"}],"_postman_id":"041951c8-af4d-4072-b4fd-4a0a9fbff47f"},{"name":"DeleteUsers","id":"acd47a04-5d34-441a-8f3a-f21afb143bd9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ceb7a351a362879a6ef0c2","description":"<p>Deletes a user account by ID (Admin only, requires password confirmation).</p>\n<p>This endpoint allows an admin to delete a user after confirming their own password.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Verifies admin password before deletion</p>\n</li>\n<li><p>Deletes user from database</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Parameters:</p>\n<ul>\n<li>id: User ID (path parameter)</li>\n</ul>\n<p>Request Body:</p>\n<ul>\n<li>password: Admin password for verification</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: User deleted successfully</p>\n</li>\n<li><p>400: Password required</p>\n</li>\n<li><p>401: Invalid credentials</p>\n</li>\n<li><p>403: Only admins can delete users</p>\n</li>\n<li><p>404: User not found</p>\n</li>\n<li><p>500: Server error</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","users","delete","69ceb7a351a362879a6ef0c2"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"c0af517c-20d7-4dc9-94cb-3a6c3cdc183e","name":"Successfully deleted user","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ceb7a351a362879a6ef0c2"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"97"},{"key":"Date","value":"Thu, 02 Apr 2026 18:39:26 GMT"},{"key":"X-RateLimit-Reset","value":"1775156007"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"27"},{"key":"ETag","value":"W/\"1b-2ULfRZ7uUyc3LMUE3bbsfxoBgu8\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"User deleted successfully\""},{"id":"a3ca213b-2a58-4206-8ac6-73b905e7fb32","name":"Forbidden","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"analyst123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ceb7a351a362879a6ef0c2"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"92"},{"key":"Date","value":"Fri, 03 Apr 2026 05:12:35 GMT"},{"key":"X-RateLimit-Reset","value":"1775193828"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"41"},{"key":"ETag","value":"W/\"29-+J45l1MscZZs3nGPGghCnbPyMoA\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can delete users\""},{"id":"0d9c11c9-12f9-43e5-a194-6175736000c0","name":"Invalid Credentials","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"analyst123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ceb7a351a362879a6ef0c2"},"status":"Unauthorized","code":401,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"88"},{"key":"Date","value":"Fri, 03 Apr 2026 05:13:40 GMT"},{"key":"X-RateLimit-Reset","value":"1775193828"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"21"},{"key":"ETag","value":"W/\"15-JMpTZs6f8ePtsT6XAnyeGuGMYTE\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Invalid credentials\""},{"id":"f24f7cb1-36f9-451a-b540-fa52539f7b58","name":"User not found","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ce99309aec5cbc4e00ddc7"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Fri, 03 Apr 2026 05:17:55 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"16"},{"key":"ETag","value":"W/\"10-6tywfCuytUW27UTZGAkxankrqC4\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"User not found\""},{"id":"11bcab1c-cacd-4a57-8b3c-271f3d2f936d","name":"Password Required","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/users/delete/69ce99309aec5cbc4e00ddc7"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"96"},{"key":"Date","value":"Fri, 03 Apr 2026 05:19:35 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"35"},{"key":"ETag","value":"W/\"23-OjMAj3m7HPy/bM6oiOfIT5rVsH4\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Password is required for deletion\""}],"_postman_id":"acd47a04-5d34-441a-8f3a-f21afb143bd9"}],"id":"13a26970-4f6b-4dc7-b367-78bd5efd9d25","description":"<h2 id=\"user-management-module\">User Management Module</h2>\n<p>This module handles user-related operations such as viewing, updating, and deleting users.</p>\n<p>It is designed with role-based access control to ensure only authorized users can perform sensitive actions.</p>\n<h2 id=\"features\">Features</h2>\n<ul>\n<li><p>View all users (excluding sensitive data like passwords)</p>\n</li>\n<li><p>Update user details (username, role, status, password)</p>\n</li>\n<li><p>Delete users securely with password verification</p>\n</li>\n</ul>\n<h2 id=\"access-control\">Access Control</h2>\n<ul>\n<li><p>Admin:</p>\n<ul>\n<li>Full access to all user operations (view, update, delete)</li>\n</ul>\n</li>\n<li><p>Other roles:</p>\n<ul>\n<li>Restricted access</li>\n</ul>\n</li>\n</ul>\n<h2 id=\"security\">Security</h2>\n<ul>\n<li><p>Password field is excluded from API responses</p>\n</li>\n<li><p>Password updates are securely hashed before saving</p>\n</li>\n<li><p>Deletion requires password confirmation for added security</p>\n</li>\n</ul>\n<h2 id=\"notes\">Notes</h2>\n<ul>\n<li><p>All user operations are protected using authentication middleware</p>\n</li>\n<li><p>Only authorized roles can perform administrative actions</p>\n</li>\n</ul>\n","_postman_id":"13a26970-4f6b-4dc7-b367-78bd5efd9d25"},{"name":"Finances","item":[{"name":"addRecords","id":"942769f3-47cd-4828-9183-185129b079c5","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\":800.5,\r\n    \"type\":\"expense\",\r\n    \"category\":\"Utilities\",\r\n    \"notes\":\"This expense has been added for testing getsummary api\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/add","description":"<p>Creates a new financial record (Admin only).</p>\n<p>This endpoint allows an admin to add a new financial transaction record to the system.<br />Each record can represent income or expense with details such as amount, category, date, and notes.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Stores record with associated user ID and creator name</p>\n</li>\n<li><p>Supports both income and expense types</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Request Body:</p>\n<ul>\n<li><p>amount: Transaction amount</p>\n</li>\n<li><p>category: Category of transaction (e.g. food, salary)</p>\n</li>\n<li><p>date: Transaction date</p>\n</li>\n<li><p>notes: Additional details</p>\n</li>\n<li><p>type: income or expense</p>\n</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>201: Record created successfully</p>\n</li>\n<li><p>403: Only admins can add records</p>\n</li>\n<li><p>500: Error adding record</p>\n</li>\n<li><p>400:Bad Request(Validation Failed)</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","finance","add"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"c8149d0a-4339-446c-8719-71b2f7347396","name":"Record added Successfully","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\":800.5,\r\n    \"type\":\"expense\",\r\n    \"category\":\"Utilities\",\r\n    \"notes\":\"This expense has been added for testing getsummary api\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/add"},"status":"Created","code":201,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Thu, 02 Apr 2026 18:44:09 GMT"},{"key":"X-RateLimit-Reset","value":"1775156338"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"330"},{"key":"ETag","value":"W/\"14a-JDeLaWycTefWppIzPDtzANjVK2E\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"amount\": 800.5,\n    \"type\": \"expense\",\n    \"category\": \"Utilities\",\n    \"date\": \"2026-04-02T18:44:10.249Z\",\n    \"notes\": \"This expense has been added for testing getsummary api\",\n    \"userId\": \"69ce15767fcce94a62297537\",\n    \"createdBy\": \"admin\",\n    \"_id\": \"69ceb8fab8d01751f2e11df9\",\n    \"createdAt\": \"2026-04-02T18:44:10.250Z\",\n    \"updatedAt\": \"2026-04-02T18:44:10.250Z\",\n    \"__v\": 0\n}"},{"id":"d2d73130-d672-46fd-8fd3-4d5e81df2b5b","name":"Forbidden","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\":800.5,\r\n    \"type\":\"expense\",\r\n    \"category\":\"Utilities\",\r\n    \"notes\":\"This expense has been added for testing getsummary api\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/add"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"92"},{"key":"Date","value":"Fri, 03 Apr 2026 05:22:19 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"40"},{"key":"ETag","value":"W/\"28-4Q94mzkUj6ZOyBhy0CY4C7jLZNc\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can add records\""},{"id":"e90e6743-4210-48a5-84d2-e7758187d8bc","name":"Validation checks","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\":\"hello\",\r\n    \"type\":\"expense\",\r\n    \"category\":\"Utilities\",\r\n    \"notes\":\"This expense has been added for testing getsummary api\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/add"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Fri, 03 Apr 2026 05:51:11 GMT"},{"key":"X-RateLimit-Reset","value":"1775196356"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"39"},{"key":"ETag","value":"W/\"27-89l1vjZV2qLO/6zzLnzaJkc3JOI\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"error\": \"\\\"amount\\\" must be a number\"\n}"}],"_postman_id":"942769f3-47cd-4828-9183-185129b079c5"},{"name":"getSummary","id":"1314a0d4-ea97-4384-a0e3-535830291d85","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"description":"<p>Retrieves a summary of financial records.</p>\n<p>This endpoint provides aggregated insights such as total income, total expenses, and balance.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Calculates totals based on stored records</p>\n</li>\n<li><p>Returns summarized financial data</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Requires authenticated user</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Summary retrieved successfully</p>\n</li>\n<li><p>401: Unauthorized access</p>\n</li>\n<li><p>500: Error generating summary</p>\n</li>\n</ul>\n","urlObject":{"query":[],"variable":[]},"url":""},"response":[{"id":"f27b5d9e-0fee-4245-9535-3581c749be16","name":"getSummary","originalRequest":{"method":"GET","header":[],"url":"http://localhost:5000/api/finance/getsummary"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"96"},{"key":"Date","value":"Thu, 02 Apr 2026 18:55:20 GMT"},{"key":"X-RateLimit-Reset","value":"1775156983"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"1676"},{"key":"ETag","value":"W/\"68c-J/J9XL98SuNV+PPFU1K8JjXnlxs\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"totalIncome\": 45000,\n    \"totalExpense\": 1851,\n    \"netBalance\": 43149,\n    \"categoryTotals\": [\n        {\n            \"_id\": \"Groceries\",\n            \"total\": 450\n        },\n        {\n            \"_id\": \"Income\",\n            \"total\": 45000\n        },\n        {\n            \"_id\": \"Utilities\",\n            \"total\": 1401\n        }\n    ],\n    \"recentActivity\": [\n        {\n            \"_id\": \"69cea46b8e6bf3ca22377d25\",\n            \"amount\": 800.5,\n            \"type\": \"expense\",\n            \"category\": \"Utilities\",\n            \"date\": \"2026-04-02T17:16:27.447Z\",\n            \"notes\": \"This expense has been added for testing getsummary api\",\n            \"userId\": \"69ce15767fcce94a62297537\",\n            \"createdBy\": \"admin\",\n            \"createdAt\": \"2026-04-02T17:16:27.448Z\",\n            \"updatedAt\": \"2026-04-02T17:16:27.448Z\",\n            \"__v\": 0\n        },\n        {\n            \"_id\": \"69cea4378e6bf3ca22377d1d\",\n            \"amount\": 600.5,\n            \"type\": \"expense\",\n            \"category\": \"Utilities\",\n            \"date\": \"2026-04-02T17:15:35.130Z\",\n            \"notes\": \"This expense has been added for testing getsummary api\",\n            \"userId\": \"69ce15767fcce94a62297537\",\n            \"createdBy\": \"admin\",\n            \"createdAt\": \"2026-04-02T17:15:35.130Z\",\n            \"updatedAt\": \"2026-04-02T17:15:35.130Z\",\n            \"__v\": 0\n        },\n        {\n            \"_id\": \"69cea4108e6bf3ca22377d19\",\n            \"amount\": 45000,\n            \"type\": \"income\",\n            \"category\": \"Income\",\n            \"date\": \"2026-04-02T17:14:56.892Z\",\n            \"notes\": \"This Income has been added for testing getsummary api\",\n            \"userId\": \"69ce15767fcce94a62297537\",\n            \"createdBy\": \"admin\",\n            \"createdAt\": \"2026-04-02T17:14:56.892Z\",\n            \"updatedAt\": \"2026-04-02T17:14:56.892Z\",\n            \"__v\": 0\n        },\n        {\n            \"_id\": \"69ce9c13707a599e2a345140\",\n            \"amount\": 450,\n            \"type\": \"expense\",\n            \"category\": \"Groceries\",\n            \"date\": \"2026-04-02T16:40:51.516Z\",\n            \"notes\": \"This expense has been added for testing update api\",\n            \"userId\": \"69ce15767fcce94a62297537\",\n            \"createdBy\": \"admin\",\n            \"createdAt\": \"2026-04-02T16:40:51.516Z\",\n            \"updatedAt\": \"2026-04-02T16:42:14.585Z\",\n            \"__v\": 0\n        }\n    ],\n    \"monthlyTrends\": [\n        {\n            \"_id\": {\n                \"year\": 2026,\n                \"month\": 4\n            },\n            \"income\": 45000,\n            \"expense\": 1851\n        }\n    ],\n    \"weeklyTrends\": [\n        {\n            \"_id\": {\n                \"year\": 2026,\n                \"week\": 13,\n                \"month\": 4\n            },\n            \"income\": 45000,\n            \"expense\": 1851\n        }\n    ]\n}"},{"id":"38390d24-e5b3-4eb3-9faa-cbf971d0f9a8","name":"Unauthorized","originalRequest":{"method":"GET","header":[],"url":"http://localhost:5000/api/finance/getsummary"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"90"},{"key":"Date","value":"Fri, 03 Apr 2026 05:38:16 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"14"},{"key":"ETag","value":"W/\"e-GeTh97dfrAN651b8QlKfIYvcMDE\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Unauthorized\""}],"_postman_id":"1314a0d4-ea97-4384-a0e3-535830291d85"},{"name":"updateRecords","id":"245ea347-0cc2-4926-842c-4ab9a3381684","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"\r\n    {\r\n    \"username\":\"analysttester\"\r\n}\r\n"},"url":"http://localhost:5000/api/users/update/69ce1623f9bac7af58480fa7","description":"<p>Updates an existing financial record by ID (Admin only).</p>\n<p>Allows an admin to modify details of a specific record including amount, category, date, notes, and type.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Updates only the fields provided in request</p>\n</li>\n<li><p>Maintains record ownership and metadata</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Parameters:</p>\n<ul>\n<li>id: Record ID (path parameter)</li>\n</ul>\n<p>Request Body:</p>\n<ul>\n<li><p>amount (optional)</p>\n</li>\n<li><p>category (optional)</p>\n</li>\n<li><p>date (optional)</p>\n</li>\n<li><p>notes (optional)</p>\n</li>\n<li><p>type (optional)</p>\n</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Record updated successfully</p>\n</li>\n<li><p>403: Only admins can update records</p>\n</li>\n<li><p>404: Record not found</p>\n</li>\n<li><p>500: Server error</p>\n</li>\n<li><p>400:Bad Request(Validation Failed)</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","users","update","69ce1623f9bac7af58480fa7"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"f7be1063-2cb1-4ad7-b70c-b6e9b339ebfd","name":"Records Updated Successfully","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\": 2000.0\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/update/69ceb8fab8d01751f2e11df9"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"97"},{"key":"Date","value":"Thu, 02 Apr 2026 18:53:12 GMT"},{"key":"X-RateLimit-Reset","value":"1775156834"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"29"},{"key":"ETag","value":"W/\"1d-mi/nialgC/PvhEIeF/2fzwa4aAo\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"record updated successfully\""},{"id":"82fd41c7-df61-4a7b-a2d4-379babf97a65","name":"Forbidden","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\": 2000.0\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/update/69ceb8fab8d01751f2e11df9"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"79"},{"key":"Date","value":"Fri, 03 Apr 2026 05:27:34 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"52"},{"key":"ETag","value":"W/\"34-RwaWRkkM+FGbgQ2eo8gXPN4v51I\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can update user information\""},{"id":"108c448c-d9bd-4bb2-95d7-48478537ee13","name":"Record not found","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\": 2000.0\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/update/69ceb8fab8d01751f2e11df2"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"98"},{"key":"Date","value":"Fri, 03 Apr 2026 05:32:56 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"18"},{"key":"ETag","value":"W/\"12-KquDfH/IC6Ljd9/Pq8BTy24dMMs\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Record not found\""},{"id":"a705b91b-c049-4b65-a692-0188aa5eee0d","name":"Validation checks","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"{\r\n    \"amount\": \"hello\"\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/update/69ceb8fab8d01751f2e11df2"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"97"},{"key":"Date","value":"Fri, 03 Apr 2026 05:59:33 GMT"},{"key":"X-RateLimit-Reset","value":"1775196755"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"39"},{"key":"ETag","value":"W/\"27-89l1vjZV2qLO/6zzLnzaJkc3JOI\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n    \"error\": \"\\\"amount\\\" must be a number\"\n}"}],"_postman_id":"245ea347-0cc2-4926-842c-4ab9a3381684"},{"name":"deleteRecords","id":"b5fc45cf-c8cb-48c7-bf8a-9b795638d159","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df9","description":"<p>Deletes a financial record by ID (Admin only, requires password confirmation).</p>\n<p>This endpoint allows an admin to delete a record after verifying their password for security purposes.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Verifies admin password before deletion</p>\n</li>\n<li><p>Permanently removes record from database</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Restricted to admin users only</li>\n</ul>\n<p>Parameters:</p>\n<ul>\n<li>id: Record ID (path parameter)</li>\n</ul>\n<p>Request Body:</p>\n<ul>\n<li>password: Admin password for verification</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Record deleted successfully</p>\n</li>\n<li><p>400: Password required</p>\n</li>\n<li><p>401: Invalid credentials</p>\n</li>\n<li><p>403: Only admins can delete records</p>\n</li>\n<li><p>404: Record not found</p>\n</li>\n<li><p>500: Server error</p>\n</li>\n</ul>\n","urlObject":{"protocol":"http","port":"5000","path":["api","finance","delete","69ceb8fab8d01751f2e11df9"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"ff1df947-305d-45d7-9247-fd3204512d5a","name":"Records deleted Successfully","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df9"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"97"},{"key":"Date","value":"Thu, 02 Apr 2026 18:55:13 GMT"},{"key":"X-RateLimit-Reset","value":"1775156983"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"29"},{"key":"ETag","value":"W/\"1d-OomU9fO2smg8x4K2mOEzAtl6TKE\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Record deleted successfully\""},{"id":"dde6ae36-a3a6-4ea2-92c1-94b54960670e","name":"Forbidden","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"viewer123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df9"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"76"},{"key":"Date","value":"Fri, 03 Apr 2026 05:29:41 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"41"},{"key":"ETag","value":"W/\"29-+J45l1MscZZs3nGPGghCnbPyMoA\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins can delete users\""},{"id":"c6eea701-725b-4df9-a080-27a4584008ba","name":"Password Required","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df9"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"96"},{"key":"Date","value":"Fri, 03 Apr 2026 05:33:39 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"35"},{"key":"ETag","value":"W/\"23-OjMAj3m7HPy/bM6oiOfIT5rVsH4\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Password is required for deletion\""},{"id":"3c2f5673-f2a6-4ef9-9cfa-a5967a7b5177","name":"Wrong Credentials","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"wrongpassword\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df9"},"status":"Unauthorized","code":401,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"94"},{"key":"Date","value":"Fri, 03 Apr 2026 05:34:52 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"21"},{"key":"ETag","value":"W/\"15-JMpTZs6f8ePtsT6XAnyeGuGMYTE\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Invalid credentials\""},{"id":"2431858f-1e92-49f3-9ffe-05d1ea05ba7c","name":"Record Not Found","originalRequest":{"method":"DELETE","header":[],"body":{"mode":"raw","raw":"{\r\n    \"password\":\"admin\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:5000/api/finance/delete/69ceb8fab8d01751f2e11df1"},"status":"Not Found","code":404,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"93"},{"key":"Date","value":"Fri, 03 Apr 2026 05:35:16 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"18"},{"key":"ETag","value":"W/\"12-KquDfH/IC6Ljd9/Pq8BTy24dMMs\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Record not found\""}],"_postman_id":"b5fc45cf-c8cb-48c7-bf8a-9b795638d159"},{"name":"getRecords","id":"a4d54fff-d3e9-4a29-8e43-34dbcab5e83b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"description":"<p>Retrieves financial records with filtering support (Admin and Analyst only).</p>\n<p>This endpoint returns a list of records based on applied filters such as date range, category, or type.</p>\n<p>Behavior:</p>\n<ul>\n<li><p>Supports filtering and querying of records</p>\n</li>\n<li><p>Can be extended with pagination and search</p>\n</li>\n</ul>\n<p>Access:</p>\n<ul>\n<li>Accessible to admin and analyst roles</li>\n</ul>\n<p>Query Parameters (optional):</p>\n<ul>\n<li><p>category: Filter by category</p>\n</li>\n<li><p>type: income or expense</p>\n</li>\n<li><p>startDate: Filter records from this date</p>\n</li>\n<li><p>endDate: Filter records until this date</p>\n</li>\n</ul>\n<p>Responses:</p>\n<ul>\n<li><p>200: Records retrieved successfully</p>\n</li>\n<li><p>403: Only admins and analysts can view records</p>\n</li>\n<li><p>500: Error fetching records</p>\n</li>\n</ul>\n","urlObject":{"query":[],"variable":[]},"url":""},"response":[{"id":"8d456568-6604-40e4-b002-cf8eada30c1c","name":"Record based on filtering","originalRequest":{"method":"GET","header":[],"url":{"raw":"http://localhost:5000/api/finance/records?type=income","protocol":"http","host":["localhost"],"port":"5000","path":["api","finance","records"],"query":[{"key":"type","value":"income"}]}},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"93"},{"key":"Date","value":"Thu, 02 Apr 2026 18:56:18 GMT"},{"key":"X-RateLimit-Reset","value":"1775156983"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"327"},{"key":"ETag","value":"W/\"147-Ue5m+YaqMNWAuf/RLSuwQ45UMgs\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"[\n    {\n        \"_id\": \"69cea4108e6bf3ca22377d19\",\n        \"amount\": 45000,\n        \"type\": \"income\",\n        \"category\": \"Income\",\n        \"date\": \"2026-04-02T17:14:56.892Z\",\n        \"notes\": \"This Income has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T17:14:56.892Z\",\n        \"updatedAt\": \"2026-04-02T17:14:56.892Z\",\n        \"__v\": 0\n    }\n]"},{"id":"1f54df07-d0e4-4aa0-a620-7e5a4c436890","name":"Forbidden","originalRequest":{"method":"GET","header":[],"url":{"raw":"http://localhost:5000/api/finance/records?type=income","protocol":"http","host":["localhost"],"port":"5000","path":["api","finance","records"],"query":[{"key":"type","value":"income"}]}},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"74"},{"key":"Date","value":"Fri, 03 Apr 2026 05:30:59 GMT"},{"key":"X-RateLimit-Reset","value":"1775194311"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"54"},{"key":"ETag","value":"W/\"36-ImUpM8wcU43WT9eNYMy1oTZGrdg\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\"Forbidden: Only admins and analysts can view records\""},{"id":"ef009753-fda2-4cff-8a6a-a2f8230a2b80","name":"All records","originalRequest":{"method":"GET","header":[],"url":"http://localhost:5000/api/finance/records"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"X-RateLimit-Limit","value":"100"},{"key":"X-RateLimit-Remaining","value":"92"},{"key":"Date","value":"Fri, 03 Apr 2026 05:37:33 GMT"},{"key":"X-RateLimit-Reset","value":"1775195246"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"2307"},{"key":"ETag","value":"W/\"903-z+q0FsG0wQYe3OxveLvu+o/mPtQ\""},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"[\n    {\n        \"_id\": \"69ce9c13707a599e2a345140\",\n        \"amount\": 450,\n        \"type\": \"expense\",\n        \"category\": \"Groceries\",\n        \"date\": \"2026-04-02T16:40:51.516Z\",\n        \"notes\": \"This expense has been added for testing update api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T16:40:51.516Z\",\n        \"updatedAt\": \"2026-04-02T16:42:14.585Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cea4108e6bf3ca22377d19\",\n        \"amount\": 45000,\n        \"type\": \"income\",\n        \"category\": \"Income\",\n        \"date\": \"2026-04-02T17:14:56.892Z\",\n        \"notes\": \"This Income has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T17:14:56.892Z\",\n        \"updatedAt\": \"2026-04-02T17:14:56.892Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cea4378e6bf3ca22377d1d\",\n        \"amount\": 600.5,\n        \"type\": \"expense\",\n        \"category\": \"Utilities\",\n        \"date\": \"2026-04-02T17:15:35.130Z\",\n        \"notes\": \"This expense has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T17:15:35.130Z\",\n        \"updatedAt\": \"2026-04-02T17:15:35.130Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cea46b8e6bf3ca22377d25\",\n        \"amount\": 800.5,\n        \"type\": \"expense\",\n        \"category\": \"Utilities\",\n        \"date\": \"2026-04-02T17:16:27.447Z\",\n        \"notes\": \"This expense has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T17:16:27.448Z\",\n        \"updatedAt\": \"2026-04-02T17:16:27.448Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cebe5da8117c090e85690b\",\n        \"amount\": 800.5,\n        \"type\": \"expense\",\n        \"category\": \"Utilities\",\n        \"date\": \"2026-04-02T19:07:09.402Z\",\n        \"notes\": \"This expense has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T19:07:09.402Z\",\n        \"updatedAt\": \"2026-04-02T19:07:09.402Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cebf29a8117c090e85691a\",\n        \"amount\": 800.5,\n        \"type\": \"expense\",\n        \"category\": \"Utilities\",\n        \"date\": \"2026-04-02T19:10:33.406Z\",\n        \"notes\": \"This expense has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T19:10:33.406Z\",\n        \"updatedAt\": \"2026-04-02T19:10:33.406Z\",\n        \"__v\": 0\n    },\n    {\n        \"_id\": \"69cebf69a8117c090e856926\",\n        \"amount\": 800.5,\n        \"type\": \"expense\",\n        \"category\": \"Utilities\",\n        \"date\": \"2026-04-02T19:11:37.786Z\",\n        \"notes\": \"This expense has been added for testing getsummary api\",\n        \"userId\": \"69ce15767fcce94a62297537\",\n        \"createdBy\": \"admin\",\n        \"createdAt\": \"2026-04-02T19:11:37.786Z\",\n        \"updatedAt\": \"2026-04-02T19:11:37.786Z\",\n        \"__v\": 0\n    }\n]"}],"_postman_id":"a4d54fff-d3e9-4a29-8e43-34dbcab5e83b"}],"id":"4d0ef47a-7e9c-400e-a9df-38d701b5c523","description":"<h2 id=\"financial-records-module\">Financial Records Module</h2>\n<p>This module handles financial transaction records.</p>\n<p>Features:</p>\n<ul>\n<li><p>Add income and expense records</p>\n</li>\n<li><p>Update and delete records securely</p>\n</li>\n<li><p>Filter records based on category, type, and date</p>\n</li>\n<li><p>Generate financial summaries</p>\n</li>\n</ul>\n<p>Access Control:</p>\n<ul>\n<li><p>Admin: Full access (create, update, delete)</p>\n</li>\n<li><p>Analyst: Read-only access (view and filter records)</p>\n</li>\n</ul>\n","_postman_id":"4d0ef47a-7e9c-400e-a9df-38d701b5c523"}]}