Update src/streamlit_app.py

src/streamlit_app.py

@@ -1,10 +1,14 @@
-import streamlit as st
-import msal
+import os
+import json
+import urllib.parse
+import secrets
+
 import requests
+import streamlit as st
 import pandas as pd
-import re
 from bs4 import BeautifulSoup
 from io import BytesIO, StringIO
+import re
 from datetime import datetime, timedelta
 
 # ── Page config ────────────────────────────────────────────────────────────────
@@ -14,20 +18,12 @@ st.set_page_config(
     layout="wide",
 )
 
-# ── Styling ────────────────────────────────────────────────────────────────────
 st.markdown("""
 <style>
     @import url('https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=DM+Sans:wght@400;500;600&display=swap');
-
-    html, body, [class*="css"] {
-        font-family: 'DM Sans', sans-serif;
-    }
-    h1, h2, h3 {
-        font-family: 'DM Serif Display', serif;
-    }
-    .main { background: #f7f5f0; }
+    html, body, [class*="css"] { font-family: 'DM Sans', sans-serif; }
+    h1, h2, h3 { font-family: 'DM Serif Display', serif; }
     .block-container { padding-top: 2rem; max-width: 960px; }
-
     .status-card {
         background: white;
         border: 1px solid #e5e0d8;
@@ -37,18 +33,11 @@ st.markdown("""
         box-shadow: 0 1px 4px rgba(0,0,0,0.05);
     }
     .step-label {
-        font-size: 0.72rem;
-        font-weight: 600;
-        letter-spacing: 0.1em;
-        text-transform: uppercase;
-        color: #9a8f82;
-        margin-bottom: 0.25rem;
-    }
-    .step-title {
-        font-size: 1.1rem;
-        font-weight: 600;
-        color: #1a1612;
+        font-size: 0.72rem; font-weight: 600;
+        letter-spacing: 0.1em; text-transform: uppercase;
+        color: #9a8f82; margin-bottom: 0.25rem;
     }
+    .step-title { font-size: 1.1rem; font-weight: 600; color: #1a1612; }
     .badge-success {
         background: #d4edda; color: #155724;
         padding: 2px 10px; border-radius: 20px;
@@ -60,67 +49,102 @@ st.markdown("""
         font-size: 0.78rem; font-weight: 600;
     }
     .stButton > button {
-        background: #1a1612 !important;
-        color: white !important;
-        border: none !important;
-        border-radius: 8px !important;
+        background: #1a1612 !important; color: white !important;
+        border: none !important; border-radius: 8px !important;
         font-family: 'DM Sans', sans-serif !important;
         font-weight: 600 !important;
         padding: 0.55rem 1.4rem !important;
         font-size: 0.9rem !important;
     }
-    .stButton > button:hover {
-        background: #3d3530 !important;
-        transform: translateY(-1px);
-        transition: all 0.15s ease;
-    }
-    div[data-testid="stNumberInput"] label,
-    div[data-testid="stTextInput"] label {
+    .stButton > button:hover { background: #3d3530 !important; }
+    .login-btn a {
+        display: inline-block;
+        background: #0078d4;
+        color: white !important;
+        text-decoration: none;
+        padding: 0.55rem 1.6rem;
+        border-radius: 8px;
         font-weight: 600;
-        font-size: 0.85rem;
-        color: #3d3530;
-    }
-    .result-header {
-        font-size: 1rem;
-        font-weight: 700;
-        color: #1a1612;
-        margin-bottom: 0.4rem;
-        padding-bottom: 0.4rem;
-        border-bottom: 2px solid #e5e0d8;
+        font-size: 0.95rem;
+        font-family: 'DM Sans', sans-serif;
     }
+    .login-btn a:hover { background: #106ebe; }
 </style>
 """, unsafe_allow_html=True)
 
-# ── Constants ──────────────────────────────────────────────────────────────────
-CLIENT_ID = "bfcbb298-4cc1-496e-9d9b-ff8c2d967a3a"
-TENANT_ID = "5dac2bf2-8842-4788-ae07-33fb103b55d6"
-AUTHORITY = f"https://login.microsoftonline.com/{TENANT_ID}"
-SCOPES = ["Mail.Read"]
+# ── Config (from HF Secrets) ───────────────────────────────────────────────────
+CLIENT_ID     = os.environ.get("AZURE_CLIENT_ID",     "bfcbb298-4cc1-496e-9d9b-ff8c2d967a3a")
+CLIENT_SECRET = os.environ.get("AZURE_CLIENT_SECRET", "")   # set in HF Secrets
+TENANT_ID     = os.environ.get("AZURE_TENANT_ID",     "5dac2bf2-8842-4788-ae07-33fb103b55d6")
+REDIRECT_URI  = os.environ.get("REDIRECT_URI",        "")   # e.g. https://yourspace.hf.space/
 
-# ── Session state defaults ─────────────────────────────────────────────────────
-for key, default in {
+AUTHORITY     = f"https://login.microsoftonline.com/{TENANT_ID}"
+AUTH_ENDPOINT = f"{AUTHORITY}/oauth2/v2.0/authorize"
+TOKEN_ENDPOINT= f"{AUTHORITY}/oauth2/v2.0/token"
+SCOPES        = "Mail.Read offline_access"
+
+DEFAULT_SENDER = "agabrielse@newfrontieradvisors.com"
+DEFAULT_TARGET = "cfeng@newfrontieradvisors.com"
+
+# ── Session defaults ───────────────────────────────────────────────────────────
+for k, v in {
     "token": None,
-    "messages": [],
+    "oauth_state": None,
     "rj_emails": [],
     "cash_df": None,
     "withdrawals_df": None,
     "deposits_df": None,
     "notice_df": None,
 }.items():
-    if key not in st.session_state:
-        st.session_state[key] = default
+    if k not in st.session_state:
+        st.session_state[k] = v
 
-# ── Helper functions ───────────────────────────────────────────────────────────
+# ── OAuth helpers ──────────────────────────────────────────────────────────────
 
-def get_access_token():
-    app = msal.PublicClientApplication(CLIENT_ID, authority=AUTHORITY)
-    result = app.acquire_token_interactive(scopes=SCOPES)
-    if "access_token" not in result:
-        raise RuntimeError(result.get("error_description", str(result)))
-    return result["access_token"]
+def build_auth_url():
+    state = secrets.token_urlsafe(16)
+    st.session_state.oauth_state = state
+    params = {
+        "client_id": CLIENT_ID,
+        "response_type": "code",
+        "redirect_uri": REDIRECT_URI,
+        "response_mode": "query",
+        "scope": SCOPES,
+        "state": state,
+    }
+    return AUTH_ENDPOINT + "?" + urllib.parse.urlencode(params)
 
 
-def get_emails_from_sender(token, sender_email, top=50):
+def exchange_code_for_token(code: str) -> str:
+    resp = requests.post(TOKEN_ENDPOINT, data={
+        "client_id":     CLIENT_ID,
+        "client_secret": CLIENT_SECRET,
+        "code":          code,
+        "redirect_uri":  REDIRECT_URI,
+        "grant_type":    "authorization_code",
+    }, timeout=30)
+    resp.raise_for_status()
+    return resp.json()["access_token"]
+
+
+# ── Check for OAuth callback (code in URL query params) ───────────────────────
+query_params = st.query_params
+if not st.session_state.token and "code" in query_params:
+    code  = query_params["code"]
+    state = query_params.get("state", "")
+    if state == st.session_state.oauth_state or not st.session_state.oauth_state:
+        try:
+            with st.spinner("Completing sign-in..."):
+                st.session_state.token = exchange_code_for_token(code)
+            # Clear the code from the URL
+            st.query_params.clear()
+            st.rerun()
+        except Exception as e:
+            st.error(f"Sign-in failed: {e}")
+
+# ── Email helpers ──────────────────────────────────────────────────────────────
+
+def get_emails(token, sender, top=50):
     url = "https://graph.microsoft.com/v1.0/me/mailFolders/inbox/messages"
     headers = {
         "Authorization": f"Bearer {token}",
@@ -128,37 +152,32 @@ def get_emails_from_sender(token, sender_email, top=50):
     }
     params = {
         "$top": top,
-        "$filter": f"from/emailAddress/address eq '{sender_email}'",
-        "$select": "subject,from,toRecipients,ccRecipients,receivedDateTime,body,id",
+        "$filter": f"from/emailAddress/address eq '{sender}'",
+        "$select": "id,subject,from,toRecipients,ccRecipients,receivedDateTime,body",
     }
-    resp = requests.get(url, headers=headers, params=params, timeout=60)
-    resp.raise_for_status()
-    return resp.json().get("value", [])
+    r = requests.get(url, headers=headers, params=params, timeout=60)
+    r.raise_for_status()
+    return r.json().get("value", [])
 
 
-def extract_email_info(msg):
-    def get_addresses(recipients):
-        return [
-            (r.get("emailAddress") or {}).get("address")
-            for r in (recipients or [])
-            if (r.get("emailAddress") or {}).get("address")
-        ]
+def extract_info(msg):
+    def addrs(lst):
+        return [(r.get("emailAddress") or {}).get("address") for r in (lst or [])
+                if (r.get("emailAddress") or {}).get("address")]
     body_html = (msg.get("body") or {}).get("content", "")
     return {
         "id": msg.get("id"),
         "subject": msg.get("subject"),
         "from": ((msg.get("from") or {}).get("emailAddress") or {}).get("address"),
-        "to": get_addresses(msg.get("toRecipients")),
-        "cc": get_addresses(msg.get("ccRecipients")),
+        "to": addrs(msg.get("toRecipients")),
+        "cc": addrs(msg.get("ccRecipients")),
         "received_time": msg.get("receivedDateTime"),
         "body_html": body_html,
     }
 
 
 def html_to_text(html):
-    if not html:
-        return ""
-    return BeautifulSoup(html, "html.parser").get_text("\n", strip=True)
+    return BeautifulSoup(html, "html.parser").get_text("\n", strip=True) if html else ""
 
 
 def reply_marker_html(body_html):
@@ -171,63 +190,57 @@ def reply_marker_html(body_html):
     return "".join(str(n) for n in marker.next_siblings).strip()
 
 
-def extract_forwarded_headers(body_html):
+def fwd_headers(body_html):
     text = html_to_text(body_html)
     def grab(label):
         m = re.search(rf"{label}:\s*(.*)", text)
         return m.group(1).strip() if m else ""
-    return {
-        "forwarded_from": grab("From"),
-        "forwarded_sent_time": grab("Sent"),
-        "forwarded_to": grab("To"),
-        "forwarded_cc": grab("Cc"),
-        "forwarded_subject": grab("Subject"),
-    }
-
-
-def is_rj_forward(info):
-    subject = (info.get("subject") or "").lower()
-    body_html = info.get("body_html") or ""
-    body_text = html_to_text(body_html).lower()
-    if "rj emails--overview" in subject:
+    return {k: grab(v) for k, v in {
+        "forwarded_from": "From",
+        "forwarded_sent_time": "Sent",
+        "forwarded_to": "To",
+        "forwarded_cc": "Cc",
+        "forwarded_subject": "Subject",
+    }.items()}
+
+
+def is_rj(info):
+    subj = (info.get("subject") or "").lower()
+    html = info.get("body_html") or ""
+    text = html_to_text(html).lower()
+    if "rj emails--overview" in subj:
         return False
-    has_forward = 'id="divRplyFwdMsg"' in body_html or ("from:" in body_text and "sent:" in body_text)
-    if not has_forward:
+    has_fwd = 'id="divRplyFwdMsg"' in html or ("from:" in text and "sent:" in text)
+    if not has_fwd:
         return False
     return any([
-        "raymond james" in subject,
-        "raymond james" in body_text,
-        "amstradingadmin@raymondjames.com" in body_text,
-        "ams managed operations" in subject,
-        "ams managed operations" in body_text,
-        "direct asset transfers" in subject,
-        "distribution & cash balance check" in subject,
+        "raymond james" in subj, "raymond james" in text,
+        "amstradingadmin@raymondjames.com" in text,
+        "ams managed operations" in subj, "ams managed operations" in text,
+        "direct asset transfers" in subj,
+        "distribution & cash balance check" in subj,
     ])
 
 
-def build_rj_emails(messages, target_filter):
+def build_rj(messages, target):
     rows = []
-    for idx, msg in enumerate(messages, 1):
-        info = extract_email_info(msg)
-        recipients = [a.lower() for a in info.get("to", []) + info.get("cc", [])]
-        if target_filter.lower() not in recipients:
+    for i, msg in enumerate(messages, 1):
+        info = extract_info(msg)
+        recips = [a.lower() for a in info.get("to", []) + info.get("cc", [])]
+        if target.lower() not in recips:
             continue
-        if not is_rj_forward(info):
+        if not is_rj(info):
             continue
-        fwd = extract_forwarded_headers(info.get("body_html", ""))
+        fwd = fwd_headers(info.get("body_html", ""))
         rows.append({
-            "email_id": info.get("id") or f"msg_{idx}",
+            "email_id": info.get("id") or f"msg_{i}",
             "fw_subject": info.get("subject"),
             "fw_from": info.get("from"),
             "fw_to": ", ".join(info.get("to", [])),
             "fw_cc": ", ".join(info.get("cc", [])),
             "fw_received_time": info.get("received_time"),
             "fw_body_html": info.get("body_html", ""),
-            "original_from": fwd.get("forwarded_from", ""),
-            "original_sent_time": fwd.get("forwarded_sent_time", ""),
-            "original_to": fwd.get("forwarded_to", ""),
-            "original_cc": fwd.get("forwarded_cc", ""),
-            "original_subject": fwd.get("forwarded_subject", ""),
+            **{k: fwd.get(k, "") for k in fwd},
             "original_body_html": reply_marker_html(info.get("body_html", "")),
         })
     return rows
@@ -256,12 +269,12 @@ def extract_tables(body_html):
     return out
 
 
-def parse_date(value):
-    if not value:
+def parse_date(v):
+    if not v:
         return None
     for fmt in ("%m/%d/%Y", "%m/%d/%y", "%A, %B %d, %Y %I:%M %p"):
         try:
-            return datetime.strptime(value.strip(), fmt)
+            return datetime.strptime(v.strip(), fmt)
         except ValueError:
             pass
     return None
@@ -270,21 +283,19 @@ def parse_date(value):
 def build_notice(row):
     section = row.get("source_section")
     account = row.get("Account") or row.get("customer_account")
-    amount = row.get("Cash Amount") or row.get("Amount")
-    row_type = (row.get("Type") or "").strip()
-
+    amount  = row.get("Cash Amount") or row.get("Amount")
     if section == "Withdrawals":
         input_date = row.get("Input date")
-        deadline = parse_date(input_date)
+        deadline   = parse_date(input_date)
         response_time = (
-            (deadline + timedelta(days=8)).strftime("%Y-%m-%d") if deadline
-            else f"8 calendar days after {input_date}"
+            (deadline + timedelta(days=8)).strftime("%Y-%m-%d")
+            if deadline else f"8 calendar days after {input_date}"
         )
         action = (
             f"Enter withdrawal in portal for account {account} for {amount}. "
             f"Schedule 8 calendar days after input date {input_date}."
         )
-    elif section == "Deposits" or row_type.lower() == "deposit":
+    elif section == "Deposits" or (row.get("Type") or "").lower() == "deposit":
         response_time = "As soon as practical after email receipt"
         action = (
             f"Message dutytrader in Teams: contribution/deposit for account {account} "
@@ -294,36 +305,37 @@ def build_notice(row):
         response_time = "ASAP"
         action = (
             f"Halt account and advise of pending trades on {account}. "
-            f"Immediate cash movement noted: {amount}."
+            f"Immediate cash movement: {amount}."
         )
     return {
-        "email_id": row.get("email_id"),
-        "sent_time": row.get("fw_received_time"),
+        "email_id":            row.get("email_id"),
+        "sent_time":           row.get("fw_received_time"),
         "response_time_needed": response_time,
-        "account": account,
-        "action": action,
-        "source_section": section,
+        "account":             account,
+        "action":              action,
+        "source_section":      section,
     }
 
 
-def to_excel(dfs_dict):
+def to_excel(dfs):
     buf = BytesIO()
-    with pd.ExcelWriter(buf, engine="openpyxl") as writer:
-        for sheet_name, df in dfs_dict.items():
+    with pd.ExcelWriter(buf, engine="openpyxl") as w:
+        for name, df in dfs.items():
             if df is not None and not df.empty:
-                df.to_excel(writer, sheet_name=sheet_name, index=False)
+                df.to_excel(w, sheet_name=name, index=False)
     return buf.getvalue()
 
 
 # ── UI ─────────────────────────────────────────────────────────────────────────
 
 st.markdown("## 📬 Raymond James Email Processor")
-st.markdown("Pulls forwarded RJ emails from your inbox, extracts cash movement tables, and generates action notices.")
+st.markdown("Pulls forwarded RJ emails, extracts cash movement tables, and generates action notices.")
 st.divider()
 
-# Step 1 — Login
+# Step 1 — Sign in
+st.markdown('<div class="status-card">', unsafe_allow_html=True)
 st.markdown('<div class="step-label">Step 1</div>', unsafe_allow_html=True)
-col1, col2 = st.columns([4, 1])
+col1, col2 = st.columns([5, 1])
 with col1:
     st.markdown('<div class="step-title">Sign in to Microsoft</div>', unsafe_allow_html=True)
 with col2:
@@ -333,77 +345,77 @@ with col2:
         st.markdown('<span class="badge-pending">Not signed in</span>', unsafe_allow_html=True)
 
 if not st.session_state.token:
-    st.markdown("Click the button below. A Microsoft login window will open in your browser.")
-    if st.button("🔐 Sign in with Microsoft"):
-        with st.spinner("Opening Microsoft login window..."):
-            try:
-                st.session_state.token = get_access_token()
-                st.success("Signed in successfully!")
-                st.rerun()
-            except Exception as e:
-                st.error(f"Login failed: {e}")
+    auth_url = build_auth_url()
+    st.markdown(
+        f'<div class="login-btn"><a href="{auth_url}" target="_self">🔐 Sign in with Microsoft</a></div>',
+        unsafe_allow_html=True,
+    )
+    st.caption("You'll be redirected to Microsoft's login page and back automatically.")
 else:
     st.markdown("You are signed in. ✓")
+    if st.button("Sign out"):
+        st.session_state.token = None
+        st.rerun()
 
-# Step 2 — Configuration
+st.markdown('</div>', unsafe_allow_html=True)
+
+# Step 2 — Config
+st.markdown('<div class="status-card">', unsafe_allow_html=True)
 st.markdown('<div class="step-label">Step 2</div>', unsafe_allow_html=True)
 st.markdown('<div class="step-title">Configure</div>', unsafe_allow_html=True)
-
+st.markdown("")
 col_a, col_b, col_c = st.columns(3)
 with col_a:
-    sender_email = st.text_input(
-        "Sender email (who forwards the RJ emails)",
-        value="agabrielse@newfrontieradvisors.com",
-    )
+    sender_email = st.text_input("Sender email (who forwards RJ emails)", value=DEFAULT_SENDER)
 with col_b:
-    target_email = st.text_input(
-        "Filter: recipient email to look for",
-        value="cfeng@newfrontieradvisors.com",
-    )
+    target_email = st.text_input("Recipient email to filter for", value=DEFAULT_TARGET)
 with col_c:
     top_n = st.number_input("Max emails to fetch", min_value=5, max_value=200, value=50, step=5)
+st.markdown('</div>', unsafe_allow_html=True)
 
 # Step 3 — Run
+st.markdown('<div class="status-card">', unsafe_allow_html=True)
 st.markdown('<div class="step-label">Step 3</div>', unsafe_allow_html=True)
-st.markdown('<div class="step-title">Fetch & Process Emails</div>', unsafe_allow_html=True)
+st.markdown('<div class="step-title">Fetch & Process</div>', unsafe_allow_html=True)
+st.markdown("")
 
 if st.button("▶ Run", disabled=not st.session_state.token):
     with st.spinner("Fetching emails from Outlook..."):
         try:
-            raw = get_emails_from_sender(st.session_state.token, sender_email, top=int(top_n))
-            st.session_state.messages = raw
-        except Exception as e:
-            st.error(f"Failed to fetch emails: {e}")
+            raw = get_emails(st.session_state.token, sender_email, int(top_n))
+        except requests.HTTPError as e:
+            if e.response.status_code == 401:
+                st.error("Session expired. Please sign in again.")
+                st.session_state.token = None
+            else:
+                st.error(f"API error: {e}")
             st.stop()
 
-    with st.spinner("Filtering Raymond James forwarded emails..."):
-        st.session_state.rj_emails = build_rj_emails(raw, target_email)
+    with st.spinner("Filtering Raymond James emails..."):
+        st.session_state.rj_emails = build_rj(raw, target_email)
 
-    with st.spinner("Extracting tables from email bodies..."):
+    with st.spinner("Extracting cash tables..."):
         cash_rows, wd_rows, dep_rows = [], [], []
         for email in st.session_state.rj_emails:
             for section, df in extract_tables(email.get("original_body_html", "")):
                 rows = df.to_dict("records")
-                for row in rows:
-                    row.update({
+                for r in rows:
+                    r.update({
                         "email_id": email.get("email_id"),
                         "fw_subject": email.get("fw_subject"),
                         "fw_received_time": email.get("fw_received_time"),
-                        "original_subject": email.get("original_subject"),
-                        "original_from": email.get("original_from"),
-                        "original_sent_time": email.get("original_sent_time"),
+                        "original_subject": email.get("forwarded_subject", ""),
+                        "original_from": email.get("forwarded_from", ""),
+                        "original_sent_time": email.get("forwarded_sent_time", ""),
                         "source_section": section,
                     })
-                if section == "Cash Only Transactions":
-                    cash_rows.extend(rows)
-                elif section == "Withdrawals":
-                    wd_rows.extend(rows)
-                elif section == "Deposits":
-                    dep_rows.extend(rows)
+                if section == "Cash Only Transactions": cash_rows.extend(rows)
+                elif section == "Withdrawals":          wd_rows.extend(rows)
+                elif section == "Deposits":             dep_rows.extend(rows)
 
-        st.session_state.cash_df = pd.DataFrame(cash_rows) if cash_rows else pd.DataFrame()
-        st.session_state.withdrawals_df = pd.DataFrame(wd_rows) if wd_rows else pd.DataFrame()
-        st.session_state.deposits_df = pd.DataFrame(dep_rows) if dep_rows else pd.DataFrame()
+        st.session_state.cash_df        = pd.DataFrame(cash_rows) if cash_rows else pd.DataFrame()
+        st.session_state.withdrawals_df = pd.DataFrame(wd_rows)   if wd_rows   else pd.DataFrame()
+        st.session_state.deposits_df    = pd.DataFrame(dep_rows)  if dep_rows  else pd.DataFrame()
 
     with st.spinner("Building action notices..."):
         all_rows = cash_rows + wd_rows + dep_rows
@@ -412,55 +424,38 @@ if st.button("▶ Run", disabled=not st.session_state.token):
             if all_rows else pd.DataFrame()
         )
 
-    st.success(f"Done! Found {len(st.session_state.rj_emails)} RJ forwarded emails.")
+    st.success(f"Done! Found **{len(st.session_state.rj_emails)}** RJ forwarded emails.")
+
+st.markdown('</div>', unsafe_allow_html=True)
 
 # ── Results ────────────────────────────────────────────────────────────────────
 if st.session_state.rj_emails:
     st.divider()
     st.markdown("### Results")
-
     tab1, tab2, tab3, tab4 = st.tabs([
-        "📋 Action Notices",
-        "💵 Cash Transactions",
-        "⬆ Withdrawals",
-        "⬇ Deposits",
+        "📋 Action Notices", "💵 Cash Transactions", "⬆ Withdrawals", "⬇ Deposits"
     ])
+    for tab, key, label in [
+        (tab1, "notice_df",        "No action notices generated."),
+        (tab2, "cash_df",          "No cash transactions found."),
+        (tab3, "withdrawals_df",   "No withdrawals found."),
+        (tab4, "deposits_df",      "No deposits found."),
+    ]:
+        with tab:
+            df = st.session_state[key]
+            if df is not None and not df.empty:
+                # Hide HTML columns
+                display_df = df.drop(columns=[c for c in df.columns if "html" in c.lower()], errors="ignore")
+                st.dataframe(display_df, use_container_width=True, hide_index=True)
+            else:
+                st.info(label)
 
-    with tab1:
-        df = st.session_state.notice_df
-        if df is not None and not df.empty:
-            st.dataframe(df, width="stretch", hide_index=True)
-        else:
-            st.info("No action notices generated.")
-
-    with tab2:
-        df = st.session_state.cash_df
-        if df is not None and not df.empty:
-            st.dataframe(df, width="stretch", hide_index=True)
-        else:
-            st.info("No cash transactions found.")
-
-    with tab3:
-        df = st.session_state.withdrawals_df
-        if df is not None and not df.empty:
-            st.dataframe(df, width="stretch", hide_index=True)
-        else:
-            st.info("No withdrawals found.")
-
-    with tab4:
-        df = st.session_state.deposits_df
-        if df is not None and not df.empty:
-            st.dataframe(df, width="stretch", hide_index=True)
-        else:
-            st.info("No deposits found.")
-
-    # Download
     st.divider()
     excel_bytes = to_excel({
-        "Action Notices": st.session_state.notice_df,
+        "Action Notices":    st.session_state.notice_df,
         "Cash Transactions": st.session_state.cash_df,
-        "Withdrawals": st.session_state.withdrawals_df,
-        "Deposits": st.session_state.deposits_df,
+        "Withdrawals":       st.session_state.withdrawals_df,
+        "Deposits":          st.session_state.deposits_df,
     })
     st.download_button(
         label="⬇ Download Excel Report",