[MediaWiki-commits] [Gerrit] Run antifraud filters before redirecting to Astropay - change (mediawiki...DonationInterface)

Tue, 19 May 2015 17:28:36 -0700 

Ejegg has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/212228

Change subject: Run antifraud filters before redirecting to Astropay
......................................................................

Run antifraud filters before redirecting to Astropay

We don't get a lot of info, but email, country, and IP might be
enough to catch some scammers
Bug: T90504

Change-Id: Ifd8bc024d8b8f6f0b732f4b098d60e592139de8b
---
M astropay_gateway/astropay.adapter.php
M tests/Adapter/Astropay/AstropayTest.php
M tests/DonationInterfaceTestCase.php
M tests/includes/test_gateway/TestingAstropayAdapter.php
4 files changed, 36 insertions(+), 4 deletions(-)


  git pull 
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/DonationInterface 
refs/changes/28/212228/1

diff --git a/astropay_gateway/astropay.adapter.php 
b/astropay_gateway/astropay.adapter.php
index fe50e8c..d409bcb 100644
--- a/astropay_gateway/astropay.adapter.php
+++ b/astropay_gateway/astropay.adapter.php
@@ -341,8 +341,13 @@
        }
 
        function doPayment() {
+               $transaction_result = $this->do_transaction( 'NewInvoice' );
+               $this->runAntifraudHooks();
+               if ( $this->getValidationAction() !== 'process' ) {
+                       $this->finalizeInternalStatus( FinalStatus::FAILED );
+               }
                $result = PaymentResult::fromResults(
-                       $this->do_transaction( 'NewInvoice' ),
+                       $transaction_result,
                        $this->getFinalStatus()
                );
                if ( $result->getRedirect() ) {
diff --git a/tests/Adapter/Astropay/AstropayTest.php 
b/tests/Adapter/Astropay/AstropayTest.php
index 64992c5..bbdd9b0 100644
--- a/tests/Adapter/Astropay/AstropayTest.php
+++ b/tests/Adapter/Astropay/AstropayTest.php
@@ -80,15 +80,15 @@
                        'x_bank' => 'TE',
                        'x_country' => 'BR',
                        'x_description' => wfMessage( 
'donate_interface-donation-description' )->inLanguage( $init['language'] 
)->text(),
-                       'x_iduser' => '08feb2d12771bbcfeb86',
+                       'x_iduser' => '802004aeec17f9544784',
                        'x_cpf' => '00003456789',
                        'x_name' => 'Nome Apelido',
-                       'x_email' => 'nob...@wikimedia.org',
+                       'x_email' => 'nob...@example.org',
                        // 'x_address' => 'Rua Falso 123',
                        // 'x_zip' => '01110-111',
                        // 'x_city' => 'São Paulo',
                        // 'x_state' => 'SP',
-                       'control' => 
'AF895D1D5514842A0BC424FBC8EF9CB89E3DFBC6A4A1BA5BBC664020D6A0A476',
+                       'control' => 
'22A9DE18CB924AED05C6D8194BB38F5300F9B77CB00DC5342FF754146FF13250',
                        'type' => 'json',
                );
                $this->assertEquals( $expected, $actual, 'NewInvoice is not 
including the right parameters' );
@@ -314,4 +314,26 @@
                $submethod = $gateway->getData_Unstaged_Escaped( 
'payment_submethod' );
                $this->assertEquals( 'visa_debit', $submethod, 'Not setting 
payment submethod in doPayment' );
        }
+
+       /**
+        * Test that we run the AntiFraud hooks before redirecting
+        */
+       function testAntiFraudHooks() {
+               DonationInterface_FraudFiltersTest::setupFraudMaps();
+               $init = $this->getDonorTestData( 'BR' );
+               $init['payment_method'] = 'cc';
+               $init['bank_code'] = 'VD';
+               // following data should trip fraud alarms
+               $init['utm_medium'] = 'somethingmedia';
+               $init['utm_source'] = 'somethingmedia';
+               $init['email'] = 'someb...@wikipedia.org';
+
+               $gateway = $this->getFreshGatewayObject( $init );
+
+               $result = $gateway->doPayment();
+
+               $this->assertTrue( $result->isFailed(), 'Result should be 
failure if fraud filters say challenge' );
+               $this->assertEquals( 'challenge', 
$gateway->getValidationAction(), 'Validation action is not as expected' );
+               $this->assertEquals( 60, $gateway->getRiskScore(), 'RiskScore 
is not as expected' );
+       }
 }
diff --git a/tests/DonationInterfaceTestCase.php 
b/tests/DonationInterfaceTestCase.php
index 56b710d..fe82e0d 100644
--- a/tests/DonationInterfaceTestCase.php
+++ b/tests/DonationInterfaceTestCase.php
@@ -241,6 +241,7 @@
                                'lname' => 'Apelido',
                                'amount' => '100',
                                'language' => 'pt',
+                               'email' => 'nob...@example.org'
                        ),
                );
                //default to US
diff --git a/tests/includes/test_gateway/TestingAstropayAdapter.php 
b/tests/includes/test_gateway/TestingAstropayAdapter.php
index 48d11ba..0d57f0d 100644
--- a/tests/includes/test_gateway/TestingAstropayAdapter.php
+++ b/tests/includes/test_gateway/TestingAstropayAdapter.php
@@ -81,4 +81,8 @@
                        'http_code' => $code,
                );
        }
+
+       public function getRiskScore() {
+               return $this->risk_score;
+       }
 }

-- 
To view, visit https://gerrit.wikimedia.org/r/212228
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ifd8bc024d8b8f6f0b732f4b098d60e592139de8b
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/DonationInterface
Gerrit-Branch: master
Gerrit-Owner: Ejegg <eeggles...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to