Add comprehensive unit tests for invoice API endpoints

[devin-ai-integration]

Add comprehensive unit tests for invoice API endpoints

Summary

This PR adds a comprehensive test suite for all invoice API endpoints in the backend, addressing the lack of test coverage for the frontend API client layer. The new test_invoices_api.py file includes 24 unit tests that cover all CRUD operations for invoice management.

Key additions:

• Tests for all 5 invoice API endpoints: GET /api/invoices/, GET /api/invoices/{id}, POST /api/invoices/, PUT /api/invoices/{id}, DELETE /api/invoices/{id}
• Comprehensive coverage of success scenarios, error handling, authentication, and user isolation
• Uses in-memory SQLite for isolated testing with proper Flask app context management
• Follows existing test patterns from test_jwt.py

Test coverage includes:

• ✅ JWT authentication requirements for all endpoints
• ✅ Input validation (required fields, data types, format validation)
• ✅ User isolation (users can only access their own invoices)
• ✅ Error scenarios (404, 400, 401, 500 status codes)
• ✅ Database operations with proper rollback handling
• ✅ Invoice item management and total calculations

All 31 tests now pass (24 new + 7 existing JWT tests).

Review & Testing Checklist for Human

• Run tests locally - Execute python3 src/backend/tests/run_tests.py and python3 src/backend/tests/test_invoices_api.py to verify all tests pass consistently
• Review test scenarios against business requirements - Check that the test cases cover actual user workflows and edge cases that matter in production
• Verify JWT authentication handling - Ensure the JWT token creation in tests matches the real authentication flow used in the application
• Test database isolation - Run individual tests multiple times to ensure no state leakage or race conditions between test methods
• Validate test data realism - Review sample invoice data, date formats, and edge cases to ensure they reflect real-world usage patterns

Recommended test plan: After code review, run the full test suite locally, then test the actual invoice API endpoints manually with a tool like Postman to verify the tests accurately represent the real API behavior.

---

Diagram

%%{ init : { "theme" : "default" }}%%
graph TD
    A["src/backend/tests/test_invoices_api.py"]:::major-edit
    B["src/backend/routes/invoices.py"]:::context
    C["src/backend/models.py"]:::context
    D["src/backend/tests/test_jwt.py"]:::context
    E["src/backend/tests/run_tests.py"]:::context
    F["src/frontend/src/utils/api.js"]:::context

    A -->|"Tests all endpoints"| B
    A -->|"Uses Invoice & InvoiceItem models"| C
    A -->|"Follows same pattern"| D
    E -->|"Auto-discovers"| A
    F -->|"invoicesAPI methods tested"| A

    subgraph Legend
        L1[Major Edit]:::major-edit
        L2[Minor Edit]:::minor-edit
        L3[Context/No Edit]:::context
    end

    classDef major-edit fill:#90EE90
    classDef minor-edit fill:#87CEEB
    classDef context fill:#FFFFFF

Loading

Notes

• The tests use the same Flask app setup pattern as existing JWT tests, ensuring consistency
• Fixed SQLAlchemy deprecation warnings by using db.session.get() instead of Query.get()
• Generated unique invoice numbers using timestamps and UUIDs to avoid constraint violations
• All tests run in isolated in-memory SQLite databases that are created/destroyed for each test method

Session Info: Requested by @JRWu (jia.wu@codeium.com)
Link to Devin run: https://app.devin.ai/sessions/02a3f281c63e47af88674cdb2a997b11

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

⚙️ Control Options:

• Disable automatic comment and CI monitoring