From 81be8f48d6c9bfb71031d4206775f5693f3d36c0 Mon Sep 17 00:00:00 2001 From: ilugobayo Date: Thu, 11 Feb 2021 04:36:43 -0700 Subject: [PATCH 1/3] Changes blocklist management Changes the way the blocklist/whitelist are managed, removes the use of customer ID in order to allow adding guest customers' email addresses to the lists. --- .../Adminhtml/BayonetBlocklist/ListAction.php | 4 +--- Helper/DirectQuery.php | 16 ++++++++++++++ Observer/OrderPlaced.php | 22 +++++++++---------- Setup/InstallSchema.php | 6 ----- .../Listing/Column/BlocklistAction.php | 8 +++---- ...onetantifraud_bayonetblocklist_listing.xml | 8 ------- 6 files changed, 31 insertions(+), 33 deletions(-) diff --git a/Controller/Adminhtml/BayonetBlocklist/ListAction.php b/Controller/Adminhtml/BayonetBlocklist/ListAction.php index 984185b..8377121 100644 --- a/Controller/Adminhtml/BayonetBlocklist/ListAction.php +++ b/Controller/Adminhtml/BayonetBlocklist/ListAction.php @@ -41,9 +41,7 @@ public function execute() $resultRedirect = $this->resultRedirectFactory->create(); $customerModel = $this->customerFactory->create(); $blocklistId = $this->getRequest()->getParam('blocklist_id'); - $customerId = $this->getRequest()->getParam('customer_id'); - $customer = $customerModel->load($customerId); - $customerEmail = $customer->getEmail(); + $customerEmail = $this->getRequest()->getParam('email'); $whitelistCurrent = $this->getRequest()->getParam('whitelistValue'); $blocklistCurrent = $this->getRequest()->getParam('blocklistValue'); $listToManage = $this->getRequest()->getParam('list'); diff --git a/Helper/DirectQuery.php b/Helper/DirectQuery.php index aa61c17..1330492 100644 --- a/Helper/DirectQuery.php +++ b/Helper/DirectQuery.php @@ -110,4 +110,20 @@ public function getBayonetIds() return $result; } + + /** + * Gets the IDs of the rows in the Blocklist table associated to an email + * + * @param string $email + * @return array + */ + public function getBlocklistIds($email) + { + $connection = $this->resourceConnection->getConnection(); + $tableName = $connection->getTableName('bayonet_antifraud_blocklist'); + $query = $connection->select('distinct')->from($tableName, 'blocklist_id')->where('email = ?', $email); + $result = $connection->fetchCol($query); + + return $result; + } } diff --git a/Observer/OrderPlaced.php b/Observer/OrderPlaced.php index 10cbd2e..a245636 100644 --- a/Observer/OrderPlaced.php +++ b/Observer/OrderPlaced.php @@ -82,7 +82,7 @@ public function execute(\Magento\Framework\Event\Observer $observer) 'api_mode' => $apiMode ]; - if ($response) { + if (isset($response)) { $orderData['bayonet_tracking_id'] = (int)$response->reason_code === 0 ? $response->bayonet_tracking_id : null; @@ -102,7 +102,7 @@ public function execute(\Magento\Framework\Event\Observer $observer) $bayonetOrder->save(); if (isset($response->decision) && $response->decision === 'decline') { - $this->addBlocklistRows($requestBody['consumer_internal_id'], $requestBody['email']); + $this->addBlocklistRows($requestBody['email']); throw new \Magento\Framework\Exception\ValidatorException(__( "There was an error processing your order. Please try again later" )); @@ -114,10 +114,10 @@ public function execute(\Magento\Framework\Event\Observer $observer) $bayonetOrder->save(); } - if (isset($response) && (int)$requestBody['consumer_internal_id']) { - $this->addBlocklistRows($requestBody['consumer_internal_id'], $requestBody['email']); + if (isset($response)) { + $this->addBlocklistRows($requestBody['email']); } - } catch (Exception $e) { + } catch (\Exception $e) { return; } } @@ -149,21 +149,19 @@ protected function getTriggeredRules($response) } /** - * Adds a customer to the Bayonet's blocklist table in the database. + * Adds a customer's email to the Bayonet's blocklist table in the database. * It performs a validation before trying to add them, this to make - * sure the customer is not present in the table yet + * sure the email is not present in the table already * - * @param string $customerId * @param string $email */ - protected function addBlocklistRows($customerId, $email) + protected function addBlocklistRows($email) { $bayonetBlocklist = $this->bayonetBlocklistFactory->create(); - $blocklistRow = $bayonetBlocklist->load($customerId, 'customer_id'); + $blocklistIds = $this->directQuery->getBlocklistIds($email); - if (empty($blocklistRow->getData())) { + if (empty($blocklistIds)) { $blocklistData = [ - 'customer_id' => $customerId, 'email' => $email, 'api_mode' => 0 ]; diff --git a/Setup/InstallSchema.php b/Setup/InstallSchema.php index 007ed76..626b9e5 100644 --- a/Setup/InstallSchema.php +++ b/Setup/InstallSchema.php @@ -155,12 +155,6 @@ public function install(SchemaSetupInterface $setup, ModuleContextInterface $con null, ['identity' => true, 'unsigned' => true, 'nullable' => false, 'primary' => true], 'Bayonet Blocklist ID' - )->addColumn( - 'customer_id', - \Magento\Framework\DB\Ddl\Table::TYPE_INTEGER, - null, - ['unsigned' => true, 'nullable' => false], - 'Customer ID' )->addColumn( 'email', \Magento\Framework\DB\Ddl\Table::TYPE_TEXT, diff --git a/Ui/Component/Listing/Column/BlocklistAction.php b/Ui/Component/Listing/Column/BlocklistAction.php index 676348e..1c35dcb 100644 --- a/Ui/Component/Listing/Column/BlocklistAction.php +++ b/Ui/Component/Listing/Column/BlocklistAction.php @@ -58,7 +58,7 @@ public function prepareDataSource(array $dataSource) static::CMS_URL_PATH_BLOCKLIST, [ 'blocklist_id' => $item['blocklist_id'], - 'customer_id' => $item['customer_id'], + 'email' => $item['email'], 'blocklistValue' => $item['blocklist'], 'whitelistValue' => $item['whitelist'], 'list' => $listToManage, @@ -68,11 +68,11 @@ public function prepareDataSource(array $dataSource) ), 'label' => $actionLabel, 'confirm' => [ - 'title' => __('Customer with ID %1', $item['customer_id']), + 'title' => __('Email address %1', $item['email']), 'message' => __( - 'Are you sure you want to %1 customer with ID %2?', + 'Are you sure you want to %1 the email %2?', strtolower($actionLabel), - $item['customer_id'] + $item['email'] ) ], 'post' => true diff --git a/view/adminhtml/ui_component/bayonet_bayonetantifraud_bayonetblocklist_listing.xml b/view/adminhtml/ui_component/bayonet_bayonetantifraud_bayonetblocklist_listing.xml index cd04f2f..fb271b7 100644 --- a/view/adminhtml/ui_component/bayonet_bayonetantifraud_bayonetblocklist_listing.xml +++ b/view/adminhtml/ui_component/bayonet_bayonetantifraud_bayonetblocklist_listing.xml @@ -43,14 +43,6 @@ - - - - text - ID of Customer - - - From 646315979aeb17454fe0d4c030ee413a8365af66 Mon Sep 17 00:00:00 2001 From: ilugobayo Date: Thu, 11 Feb 2021 04:44:32 -0700 Subject: [PATCH 2/3] Updates API key validations Adds key validations for codes 12, 13, 15 for Bayonet API and 12, 15, 16 for Fingerprint API. Adding the corresponding error messages. --- Model/Config/Backend/KeyValidation.php | 54 +++++++++++++++++++------- 1 file changed, 40 insertions(+), 14 deletions(-) diff --git a/Model/Config/Backend/KeyValidation.php b/Model/Config/Backend/KeyValidation.php index ec1e827..860b2b1 100644 --- a/Model/Config/Backend/KeyValidation.php +++ b/Model/Config/Backend/KeyValidation.php @@ -49,6 +49,8 @@ public function __construct( */ public function beforeSave() { + $invalidBayonet = [ 12, 13, 15 ]; + $invalidJS = [ 12, 15, 16]; $apiKey = $this->getValue(); $label = $this->translateKeyLabel($this->getData('field_config/label')); $fieldId = $this->getData('field_config/id'); @@ -61,18 +63,30 @@ public function beforeSave() $requestBody['auth']['api_key'] = $apiKey; $response = $this->requestHelper->consulting($requestBody); - // if the response from the API was successful but the code is not - // the one expected, then the API key is not valid and an excepction - // is thrown, otherwise, the process of saving continues. - if (isset($response->reason_code) && (int)$response->reason_code !== 101) { + // if the response from the API was successful and the code is + // the one expected the process of saving continues, otherwise, + // the API key is not valid and an excepction is thrown, + // otherwise, the process of saving continues. + if (isset($response->reason_code) && (int)$response->reason_code === 101) { + $this->setValue(($this->getValue())); + parent::beforeSave(); + } elseif (isset($response->reason_code) && (int)$response->reason_code === 12) { throw new \Magento\Framework\Exception\ValidatorException(__( 'Invalid value for the %1. Please check your key and try again', $label )); - } elseif (isset($response->reason_code) && (int)$response->reason_code === 101) { - $this->setValue(($this->getValue())); - parent::beforeSave(); - } elseif (!isset($response->reason_code)) { + } elseif (isset($response->reason_code) && (int)$response->reason_code === 13) { + throw new \Magento\Framework\Exception\ValidatorException(__( + "%1: Source IP is not valid, please add your IP to the whitelist in Bayonet's console", + $label + )); + } elseif (isset($response->reason_code) && (int)$response->reason_code === 15) { + throw new \Magento\Framework\Exception\ValidatorException(__( + "%1: The key you entered has expired, please generate a new key from Bayonet's console", + $label + )); + } elseif (!isset($response->reason_code) || (isset($response->reason_code) && + !in_array((int)$response->reason_code, $invalidBayonet))) { throw new \Magento\Framework\Exception\ValidatorException(__( 'An error ocurred while validating the %1. Please try again', $label @@ -82,19 +96,31 @@ public function beforeSave() $requestBody['auth']['jsKey'] = $apiKey; $response = $this->requestHelper->deviceFingerprint($requestBody); - if (isset($response->reasonCode) && (int)$response->reasonCode !== 51) { + if (isset($response->reasonCode) && (int)$response->reasonCode === 51) { + $this->setValue(($this->getValue())); + parent::beforeSave(); + } elseif (isset($response->reasonCode) && (int)$response->reasonCode === 12) { throw new \Magento\Framework\Exception\ValidatorException(__( 'Invalid value for the %1. Please check your key and try again', $label )); - } elseif (isset($response->reasonCode) && (int)$response->reasonCode === 51) { - $this->setValue(($this->getValue())); - parent::beforeSave(); - } elseif (!isset($response->reasonCode)) { + } elseif (isset($response->reasonCode) && (int)$response->reasonCode === 15) { + throw new \Magento\Framework\Exception\ValidatorException(__( + "%1: The key you entered has expired, please generate a new key from Bayonet's console", + $label + )); + } elseif (isset($response->reasonCode) && (int)$response->reasonCode === 16) { + throw new \Magento\Framework\Exception\ValidatorException(__( + "%1: Store domain is not registered, please add your store domain to the whitelist in Bayonet's console", + $label + )); + } elseif (!isset($response->reasonCode) || (isset($response->reasonCode) && + !in_array((int)$response->reasonCode, $invalidJS))) { throw new \Magento\Framework\Exception\ValidatorException(__( 'An error ocurred while validating the %1. Please try again', $label - )); } + )); + } } } elseif (!empty($apiKey) && '**********' === $apiKey) { // when the merchant doesn't modify an existing key $currentApiKey = $this->getHelper->getConfigValue($fieldId); From 04919bd9392ff5b491e77872f44cdc1b1b5e8ae2 Mon Sep 17 00:00:00 2001 From: ilugobayo Date: Thu, 11 Feb 2021 04:45:00 -0700 Subject: [PATCH 3/3] Updates translation files Adds new validation messages --- i18n/en_US.csv | 7 +++++-- i18n/es_ES.csv | 7 +++++-- i18n/es_MX.csv | 7 +++++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/i18n/en_US.csv b/i18n/en_US.csv index 7cf2b10..6212289 100644 --- a/i18n/en_US.csv +++ b/i18n/en_US.csv @@ -18,6 +18,9 @@ Added,Added "This API version is invalid, please try again","This API version is invalid, please try again" "Cannot enable the module with no pair of API keys saved. Please save a pair of API keys first","Cannot enable the module with no pair of API keys saved. Please save a pair of API keys first" "Invalid value for the %1. Please check your key and try again","Invalid value for the %1. Please check your key and try again" +"%1: The key you entered has expired, please generate a new key from Bayonet's console","%1: The key you entered has expired, please generate a new key from Bayonet's console" +"%1: Source IP is not valid, please add your IP to the whitelist in Bayonet's console","%1: Source IP is not valid, please add your IP to the whitelist in Bayonet's console" +"%1: Store domain is not registered, please add your store domain to the whitelist in Bayonet's console","%1: Store domain is not registered, please add your store domain to the whitelist in Bayonet's console" "An error ocurred while validating the %1. Please try again","An error ocurred while validating the %1. Please try again" "Cannot save an empty live (production) API key when the live (production) mode is enabled","Cannot save an empty live (production) API key when the live (production) mode is enabled" "Bayonet Sandbox (test) Key","Bayonet Sandbox (test) Key" @@ -29,8 +32,8 @@ Added,Added "Add to Blocklist","Add to Blocklist" "Remove from Whitelist","Remove from Whitelist" "Add to Whitelist","Add to Whitelist" -"Customer with ID %1","Customer with ID %1" -"Are you sure you want to %1 customer with ID %2?","Are you sure you want to %1 customer with ID %2?" +"Email address %1","Email address %1" +"Are you sure you want to %1 the email %2?","Are you sure you want to %1 the email %2?" "View","View" "Information for Bayonet Anti-Fraud","Information for Bayonet Anti-Fraud" "Order ID:","Order ID:" diff --git a/i18n/es_ES.csv b/i18n/es_ES.csv index 368e7ad..ca950c3 100644 --- a/i18n/es_ES.csv +++ b/i18n/es_ES.csv @@ -18,6 +18,9 @@ Added,Agregado "This API version is invalid, please try again","Esta version del API es invalida, por favor intentalo de nuevo" "Cannot enable the module with no pair of API keys saved. Please save a pair of API keys first","No se puede habilitar el módulo sin ningun par de llaves de API guardadas. Por favor guarda un par de llaves de API primero" "Invalid value for the %1. Please check your key and try again","Valor inválido para la %1. Por favor revisa tu llave e intentalo de nuevo" +"%1: The key you entered has expired, please generate a new key from Bayonet's console","%1: La llave que ingresaste ha expirado, por favor genera una nueva llave desde la consola de Bayonet" +"%1: Source IP is not valid, please add your IP to the whitelist in Bayonet's console","%1: La IP de origen no es válida, por favor agrega tu IP a la whitelist en la consola de Bayonet" +"%1: Store domain is not registered, please add your store domain to the whitelist in Bayonet's console","%1: El dominio de la tienda no está registrado, por favor agrega el dominio de tu tienda a la whitelist en la consola de Bayonet" "An error ocurred while validating the %1. Please try again","Un error ocurrió al validar la %1. Por favor intentalo de nuevo" "Cannot save an empty live (production) API key when the live (production) mode is enabled","No se puede guardar una llave live (producción) de API vacía cuando el modo live (producción) está habilitado" "Bayonet Sandbox (test) Key","Llave Sandbox (prueba) de Bayonet" @@ -29,8 +32,8 @@ Added,Agregado "Add to Blocklist","Agregar a la Lista de Bloqueo" "Remove from Whitelist","Remover de la Lista de Aceptación" "Add to Whitelist","Agregar a Lista de Aceptación" -"Customer with ID %1","Cliente con ID %1" -"Are you sure you want to %1 customer with ID %2?","Estás seguro de que quieres %1 el cliente con ID %2?" +"Email address %1","Correo electrónico %1" +"Are you sure you want to %1 the email %2?","Estás seguro de que quieres %1 el correo electrónico %2?" "View","Ver" "Information for Bayonet Anti-Fraud","Información para Bayonet Anti-Fraud" "ID of Order:","ID de orden:" diff --git a/i18n/es_MX.csv b/i18n/es_MX.csv index 368e7ad..ca950c3 100644 --- a/i18n/es_MX.csv +++ b/i18n/es_MX.csv @@ -18,6 +18,9 @@ Added,Agregado "This API version is invalid, please try again","Esta version del API es invalida, por favor intentalo de nuevo" "Cannot enable the module with no pair of API keys saved. Please save a pair of API keys first","No se puede habilitar el módulo sin ningun par de llaves de API guardadas. Por favor guarda un par de llaves de API primero" "Invalid value for the %1. Please check your key and try again","Valor inválido para la %1. Por favor revisa tu llave e intentalo de nuevo" +"%1: The key you entered has expired, please generate a new key from Bayonet's console","%1: La llave que ingresaste ha expirado, por favor genera una nueva llave desde la consola de Bayonet" +"%1: Source IP is not valid, please add your IP to the whitelist in Bayonet's console","%1: La IP de origen no es válida, por favor agrega tu IP a la whitelist en la consola de Bayonet" +"%1: Store domain is not registered, please add your store domain to the whitelist in Bayonet's console","%1: El dominio de la tienda no está registrado, por favor agrega el dominio de tu tienda a la whitelist en la consola de Bayonet" "An error ocurred while validating the %1. Please try again","Un error ocurrió al validar la %1. Por favor intentalo de nuevo" "Cannot save an empty live (production) API key when the live (production) mode is enabled","No se puede guardar una llave live (producción) de API vacía cuando el modo live (producción) está habilitado" "Bayonet Sandbox (test) Key","Llave Sandbox (prueba) de Bayonet" @@ -29,8 +32,8 @@ Added,Agregado "Add to Blocklist","Agregar a la Lista de Bloqueo" "Remove from Whitelist","Remover de la Lista de Aceptación" "Add to Whitelist","Agregar a Lista de Aceptación" -"Customer with ID %1","Cliente con ID %1" -"Are you sure you want to %1 customer with ID %2?","Estás seguro de que quieres %1 el cliente con ID %2?" +"Email address %1","Correo electrónico %1" +"Are you sure you want to %1 the email %2?","Estás seguro de que quieres %1 el correo electrónico %2?" "View","Ver" "Information for Bayonet Anti-Fraud","Información para Bayonet Anti-Fraud" "ID of Order:","ID de orden:"