jenkins-bot has submitted this change and it was merged. Change subject: Nonsense Name Fraud Filter ......................................................................
Nonsense Name Fraud Filter New anti-fraud test to detect gibberish names. Devides keyboard into zones and assigns points based on a configurable percentage of characters coming from one zone. Bug: T120255 Change-Id: I2d664cb40d9cb1f8682101958ef00c1827299fc2 --- M DonationInterface.php M gateway_common/gateway.adapter.php M tests/Adapter/GatewayAdapterTest.php 3 files changed, 114 insertions(+), 13 deletions(-) Approvals: Ejegg: Looks good to me, approved jenkins-bot: Verified diff --git a/DonationInterface.php b/DonationInterface.php index 29bed19..15106f0 100644 --- a/DonationInterface.php +++ b/DonationInterface.php @@ -235,10 +235,10 @@ */ //$wgDonationInterfaceThankYouPage = 'https://wikimediafoundation.org/wiki/Thank_You'; $wgDonationInterfaceThankYouPage = 'Donate-thanks'; -$wgDonationInterfaceFailPage = 'Donate-error'; +$wgDonationInterfaceFailPage = 'Donate-error'; /** - * Retry Loop Count - If there's a place where the API can choose to loop on some retry behavior, do it this number of times. + * Retry Loop Count - If there's a place where the API can choose to loop on some retry behavior, do it this number of times. */ $wgDonationInterfaceRetryLoopCount = 3; @@ -252,22 +252,22 @@ ); /** - * Forbidden countries. No donations will be allowed to come in from countries + * Forbidden countries. No donations will be allowed to come in from countries * in this list. * All should be represented as all-caps ISO 3166-1 alpha-2 - * This one global shouldn't ever be overridden per gateway. As it's probably + * This one global shouldn't ever be overridden per gateway. As it's probably * going to only conatin countries forbidden by law, there's no reason - * to override by gateway and as such it's always referenced directly. + * to override by gateway and as such it's always referenced directly. */ $wgDonationInterfaceForbiddenCountries = array(); /** * 3D Secure enabled currencies (and countries) for Credit Card. - * An array in the form of currency => array of countries + * An array in the form of currency => array of countries * (all-caps ISO 3166-1 alpha-2), or an empty array for all transactions in that * currency regardless of country of origin. * As this is a mandatroy check for all INR transactions, that rule made it into - * the default. + * the default. */ $wgDonationInterface3DSRules = array( 'INR' => array(), //all countries @@ -288,7 +288,7 @@ 'M' => true, //CVV check performed and valid value. 'N' => false, //CVV checked and no match. 'P' => true, //CVV check not performed, not requested - 'S' => false, //Card holder claims no CVV-code on card, issuer states CVV-code should be on card. + 'S' => false, //Card holder claims no CVV-code on card, issuer states CVV-code should be on card. 'U' => true, //? //Issuer not certified for CVV2. 'Y' => false, //Server provider did not respond. '0' => true, //No service available. @@ -302,7 +302,7 @@ 'D' => 0, //Street address and postal codes match for international transaction. 'E' => 100, //AVS Error. 'F' => 0, //Address does match and five digit ZIP code does match (UK only). - 'G' => 50, //Address information is unavailable; international transaction; non-AVS participant. + 'G' => 50, //Address information is unavailable; international transaction; non-AVS participant. 'I' => 50, //Address information not verified for international transaction. 'M' => 0, //Street address and postal codes match for international transaction. 'N' => 100, //No Match on Address (Street) or Zip. @@ -316,7 +316,7 @@ 'Z' => 50, //5 digit Zip matches, Address (Street) does not. '0' => 25, //No service available. '' => 100, //No code returned. All the points. -); +); # $wgAmazonGatewayAccountInfo['example'] = array( # 'SellerID' => '', // 13 or so uppercase letters @@ -750,6 +750,40 @@ */ $wgDonationInterfaceUtmSourceMap = array(); +/** + * $wgDonationInterfaceKeyMapA + * $wgDonationInterfaceKeyMapB + * $wgDonationInterfaceNameGibberishWeight + * $wgDonationInterfaceNameScore + * + * Set KeyMapA and KeyMapB to mutually exclusive arrays of characters. + * Set NameGibberishWeight to reflect the ratio of characters from one group that will cause a fail. + * Set NameScore to the number of points to assign on fail. + * + * To enable this filter add this to your LocalSettings.php: + * + * @code + * <?php + * + * $wgCustomFiltersFunctions = array( + * 'getScoreName' => 100, + * ); + * + * $wgDonationInterfaceKeyMapA = array('a','s','d'); + * + * $wgDonationInterfaceKeyMapB = array('h','j','k','l'); + * + * $wgDonationInterfaceNameGibberishWeight = .9; + * + * $wgDonationInterfaceNameScore = 10; + * + */ + +$wgDonationInterfaceKeyMapA = array(); +$wgDonationInterfaceKeyMapB = array(); +$wgDonationInterfaceNameGibberishWeight = 0; +$wgDonationInterfaceNameScore = 0; + $wgDonationInterfaceEnableQueue = false; $wgDonationInterfaceEnableConversionLog = false; //this is definitely an Extra $wgDonationInterfaceEnableMinfraud = false; //this is definitely an Extra diff --git a/gateway_common/gateway.adapter.php b/gateway_common/gateway.adapter.php index 8415073..ceef4f9 100644 --- a/gateway_common/gateway.adapter.php +++ b/gateway_common/gateway.adapter.php @@ -2825,7 +2825,7 @@ * * @return boolean true if validation passes * - * TODO: Maybe validate on $unstaged_data directly? + * TODO: Maybe validate on $unstaged_data directly? */ public function revalidate() { $check_not_empty = $this->getRequiredFields(); @@ -2842,6 +2842,59 @@ return false; } + /** + * This custom filter function checks the global variable: + * + * KeyMapA + * KeyMapB + * + * How the score is tabulated: + * - If the configurable portion letters in a name come from the same zone points are added. + * - Returns an integer: 0 <= $score <= 100 + * + * @see $wgDonationInterfaceCustomFiltersFunctions + * @see $wgDonationInterfaceKeyMapA* @see $wgDonationInterfaceKeyMapB + * + * @return integer + */ + public function getScoreName(){ + + $fName = $this->getData_Unstaged_Escaped( 'fname' ); + $lName = $this->getData_Unstaged_Escaped( 'lname' ); + + $nameArray = str_split( strtolower( $fName . $lName ) ); + + $keyMapA = $this->getGlobal( 'KeyMapA' ); + + $keyMapB = $this->getGlobal( 'KeyMapB' ); + + $gibberishWeight = $this->getGlobal( 'NameGibberishWeight' ); + + $failScore = $this->getGlobal( 'NameScore' ); + + $points = 0; + + $score = 0; + + if ( is_array( $nameArray ) && !empty( $nameArray ) ){ + foreach($nameArray as $letter){ + // For each char in zone A add a point, zone B subtract. + if( in_array( $letter, $keyMapA ) ){ + $points++; + } + if( in_array( $letter, $keyMapB ) ){ + $points--; + } + } + + if( abs( $points ) / count( $nameArray ) >= $gibberishWeight ){ + $score = $failScore; + } + } + + return $score; + + } /** * This custom filter function checks the global variable: * diff --git a/tests/Adapter/GatewayAdapterTest.php b/tests/Adapter/GatewayAdapterTest.php index a0be9d9..16a5a16 100644 --- a/tests/Adapter/GatewayAdapterTest.php +++ b/tests/Adapter/GatewayAdapterTest.php @@ -102,8 +102,8 @@ $this->assertInstanceOf( 'TestingGlobalCollectAdapter', $gateway ); - // please define this function only inside the TESTS_ADAPTER_DEFAULT, - // which should be a test adapter object that descende from one of the + // please define this function only inside the TESTS_ADAPTER_DEFAULT, + // which should be a test adapter object that descende from one of the // production adapters. $exposed = TestingAccessWrapper::newFromObject( $gateway ); $this->assertInstanceOf( 'DonationData', $exposed->dataObj ); @@ -287,5 +287,19 @@ $gateway = $this->getFreshGatewayObject( $data, array( 'batch_mode' => true ) ); $this->assertEquals( '8.8.8.8', $gateway->getData_Unstaged_Escaped( 'user_ip' ) ); } + + function testGetScoreName() { + $this->setMwGlobals( array( 'wgDonationInterfaceKeyMapA' => array('a','s','d','f','q','w','e','r','t'), + 'wgDonationInterfaceKeyMapB' => array(), + 'wgDonationInterfaceNameGibberishWeight' => .9, + 'wgDonationInterfaceNameScore' => 10) ); + $init = $this->getDonorTestData(); + $init['fname'] = 'asdf'; + $init['lname'] = 'qwert'; + + $gateway = $this->getFreshGatewayObject( $init ); + $result = $gateway->getScoreName(); + $this->assertNotEquals( 0, $result, 'Bad name not detected'); + } } -- To view, visit https://gerrit.wikimedia.org/r/266456 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I2d664cb40d9cb1f8682101958ef00c1827299fc2 Gerrit-PatchSet: 10 Gerrit-Project: mediawiki/extensions/DonationInterface Gerrit-Branch: master Gerrit-Owner: XenoRyet <[email protected]> Gerrit-Reviewer: AndyRussG <[email protected]> Gerrit-Reviewer: Awight <[email protected]> Gerrit-Reviewer: Cdentinger <[email protected]> Gerrit-Reviewer: Ejegg <[email protected]> Gerrit-Reviewer: Ssmith <[email protected]> Gerrit-Reviewer: XenoRyet <[email protected]> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
