jenkins-bot has submitted this change and it was merged.
Change subject: Quit flooding antifraud queue
......................................................................
Quit flooding antifraud queue
Oops, we're sending a ton of useless messages. Only send 'em
when the total changes, and we've actually done something.
Also, initial filter messages for paypal have no order id. Stop
sending these for now, fix that soon.
Bug: T136381
Change-Id: Ic8fbd071d7bf4f6bd94059bab27cfb51ce0828b3
---
M extras/FraudFilter.php
M extras/custom_filters/custom_filters.body.php
2 files changed, 59 insertions(+), 17 deletions(-)
Approvals:
Awight: Looks good to me, approved
jenkins-bot: Verified
diff --git a/extras/FraudFilter.php b/extras/FraudFilter.php
index b183f7c..e6755d8 100644
--- a/extras/FraudFilter.php
+++ b/extras/FraudFilter.php
@@ -38,11 +38,15 @@
$transaction =
$this->gateway_adapter->makeFreeformStompTransaction( $stomp_msg );
- try {
- $this->fraud_logger->info( 'Pushing transaction to
payments-antifraud queue.' );
- DonationQueue::instance()->push( $transaction,
'payments-antifraud' );
- } catch ( Exception $e ) {
- $this->fraud_logger->error( 'Unable to send
payments-antifraud message' );
+ // FIXME: figure out why we don't have an order_id for paypal
+ // for now, just don't send messages that'll raise the alarm
+ if ( isset( $msg['contribution_tracking_id'] ) && isset(
$msg['order_id'] ) ) {
+ try {
+ $this->fraud_logger->info( 'Pushing transaction
to payments-antifraud queue.' );
+ DonationQueue::instance()->push( $transaction,
'payments-antifraud' );
+ } catch ( Exception $e ) {
+ $this->fraud_logger->error( 'Unable to send
payments-antifraud message' );
+ }
}
}
}
diff --git a/extras/custom_filters/custom_filters.body.php
b/extras/custom_filters/custom_filters.body.php
index 146043e..5546f1e 100644
--- a/extras/custom_filters/custom_filters.body.php
+++ b/extras/custom_filters/custom_filters.body.php
@@ -76,26 +76,33 @@
$this->fraud_logger->info( '"addRiskScore" ' . $log_message );
$this->risk_score[$source] = $score;
}
-
+
/**
- * @throws InvalidArgumentException
+ * Add up the risk scores in an array, by default $this->risk_score
+ * @param array|null $scoreArray
+ * @return float total risk score
*/
- public function getRiskScore() {
+ public function getRiskScore( $scoreArray = null ) {
+ if ( is_null( $scoreArray ) ) {
+ $scoreArray = $this->risk_score;
+ }
- if ( is_numeric( $this->risk_score ) ) {
- return $this->risk_score;
-
- } elseif ( is_array( $this->risk_score) ) {
+ if ( is_numeric( $scoreArray ) ) {
+ return $scoreArray;
+ } elseif ( is_array( $scoreArray ) ) {
$total = 0;
- foreach ( $this->risk_score as $score ){
+ foreach ( $scoreArray as $score ){
$total += $score;
}
return $total;
} else {
// TODO: We should catch this during setRiskScore.
- throw new InvalidArgumentException( __FUNCTION__ . "
risk_score is neither numeric, nor an array." . print_r( $this->risk_score,
true ) );
+ throw new InvalidArgumentException(
+ __FUNCTION__ . " risk_score is neither numeric,
nor an array."
+ . print_r( $scoreArray, true )
+ );
}
}
@@ -125,15 +132,46 @@
$log_message = '"' . addslashes( json_encode( $utm ) ) . '"';
$this->fraud_logger->info( '"utm" ' . $log_message );
- $storedScores =
$this->gateway_adapter->getRequest()->getSessionData( 'risk_scores' );
- if ( $storedScores != $this->risk_score ) {
- $this->gateway_adapter->getRequest()->setSessionData(
'risk_scores', $this->risk_score );
+ if ( $this->shouldSendMessage( $score ) ) {
$this->sendAntifraudMessage( $localAction,
$this->getRiskScore(), $this->risk_score );
}
+ // Always keep the stored scores up to date
+ $this->gateway_adapter->getRequest()->setSessionData(
'risk_scores', $this->risk_score );
+
return TRUE;
}
+ /**
+ * Determine if we should send an antifraud message
+ * @param float $score total risk score for this run
+ * @return bool true if a queue message is warranted
+ */
+ protected function shouldSendMessage( $score ) {
+ // We only send a message when the total changes
+ $storedScores =
$this->gateway_adapter->getRequest()->getSessionData( 'risk_scores' );
+ if ( is_array( $storedScores ) ) {
+ $storedTotal = $this->getRiskScore( $storedScores );
+ } else {
+ // Nothing stored? Set this to an impossible value so we
+ // send a message even if our new total is zero.
+ $storedTotal = -1;
+ }
+
+ // We don't want to send a message if we didn't run anything,
+ // i.e., if $this->risk_score looks like this:
+ $shirked = array(
+ 'initial' => $this->gateway_adapter->getGlobal(
'CustomFiltersRiskScore' )
+ );
+
+ if ( $this->risk_score != $shirked && $storedTotal !== $score )
{
+ // We ran something, and the total changed
+ return true;
+ }
+
+ return false;
+ }
+
static function onValidate( GatewayType $gateway_adapter ) {
if ( !$gateway_adapter->getGlobal( 'EnableCustomFilters' ) ){
return true;
--
To view, visit https://gerrit.wikimedia.org/r/291151
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ic8fbd071d7bf4f6bd94059bab27cfb51ce0828b3
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/DonationInterface
Gerrit-Branch: master
Gerrit-Owner: Ejegg <[email protected]>
Gerrit-Reviewer: AndyRussG <[email protected]>
Gerrit-Reviewer: Awight <[email protected]>
Gerrit-Reviewer: Cdentinger <[email protected]>
Gerrit-Reviewer: Ssmith <[email protected]>
Gerrit-Reviewer: XenoRyet <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
