jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/398777 )
Change subject: Top out risk score at 100 million.
......................................................................
Top out risk score at 100 million.
100 million is effectively 'infinite risk' & the DB breaks somewhere above that
point
Bug: T183102
Change-Id: I5529ff86abf082c41b9c5d075bdc9c164f762872
---
M sites/all/modules/queue2civicrm/fredge/wmf_fredge_qc.module
A sites/all/modules/queue2civicrm/tests/data/payments-antifraud-high.json
M sites/all/modules/queue2civicrm/tests/phpunit/AntifraudQueueTest.php
3 files changed, 52 insertions(+), 1 deletion(-)
Approvals:
jenkins-bot: Verified
Ejegg: Looks good to me, approved
diff --git a/sites/all/modules/queue2civicrm/fredge/wmf_fredge_qc.module
b/sites/all/modules/queue2civicrm/fredge/wmf_fredge_qc.module
index 4dd223d..47de8e4 100644
--- a/sites/all/modules/queue2civicrm/fredge/wmf_fredge_qc.module
+++ b/sites/all/modules/queue2civicrm/fredge/wmf_fredge_qc.module
@@ -136,6 +136,11 @@
if (array_key_exists('mysql_type', $definition) &&
$definition['mysql_type'] === 'DATETIME') {
$msg[$field] = wmf_common_date_unix_to_sql($msg[$field]);
}
+ // e.g. 3.5848273556811E+38 breaks the db - use 100 mill as 'infinitely
dubious'
+ if (!empty($msg['risk_score']) && $msg['risk_score'] > 100000000) {
+ $msg['risk_score'] = 100000000;
+ }
+
$data[$field] = $msg[$field];
}
}
diff --git
a/sites/all/modules/queue2civicrm/tests/data/payments-antifraud-high.json
b/sites/all/modules/queue2civicrm/tests/data/payments-antifraud-high.json
new file mode 100644
index 0000000..91ce046
--- /dev/null
+++ b/sites/all/modules/queue2civicrm/tests/data/payments-antifraud-high.json
@@ -0,0 +1,24 @@
+{
+ "validation_action": " reject",
+ "risk_score": "3.5848273556811E+38",
+ "score_breakdown": {
+ "initial": "0",
+ "getCVVResult": "0.2",
+ "getAVSResult": "0",
+ "getScoreCountryMap": "0",
+ "getScoreUtmCampaignMap": "0",
+ "getScoreEmailDomainMap": "0",
+ "minfraud_filter": "0.10",
+ "IPVelocityFilter": "0"
+ },
+ "php-message-class":
"SmashPig\\CrmLink\\Messages\\DonationInterfaceAntifraud",
+ "user_ip": "1.2.3.4",
+ "freeform": "1",
+ "gateway_txn_id": "",
+ "date": "1445990975",
+ "server": "testpayments1001",
+ "gateway": "testgateway",
+ "contribution_tracking_id": "28713751",
+ "order_id": "28713751.0",
+ "payment_method": "cc"
+}
diff --git
a/sites/all/modules/queue2civicrm/tests/phpunit/AntifraudQueueTest.php
b/sites/all/modules/queue2civicrm/tests/phpunit/AntifraudQueueTest.php
index ea63274..feffc91 100644
--- a/sites/all/modules/queue2civicrm/tests/phpunit/AntifraudQueueTest.php
+++ b/sites/all/modules/queue2civicrm/tests/phpunit/AntifraudQueueTest.php
@@ -32,7 +32,29 @@
$this->compareMessageWithDb( $message,
$message['score_breakdown'] );
}
- /**
+ /**
+ * If the risk score is more than 100 million it should be set to 100 mil.
+ *
+ * This is effectively 'infinite risk' and our db can't cope with
+ * real value! '3.5848273556811E+38'
+ */
+ public function testFraudMessageWithOutOfRangeScore() {
+ $message = json_decode(
+ file_get_contents(__DIR__ . '/../data/payments-antifraud-high.json'),
+ TRUE
+ );
+ $ctId = mt_rand();
+ $oId = $ctId . '.0';
+ $message['contribution_tracking_id'] = $ctId;
+ $message['order_id'] = $oId;
+ $this->consumer->processMessage($message);
+
+ $message['risk_score'] = 100000000;
+
+ $this->compareMessageWithDb($message, $message['score_breakdown']);
+ }
+
+ /**
* The first message for a ct_id / order_id pair needs to be complete
*
* @expectedException FredgeDataValidationException
--
To view, visit https://gerrit.wikimedia.org/r/398777
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I5529ff86abf082c41b9c5d075bdc9c164f762872
Gerrit-PatchSet: 4
Gerrit-Project: wikimedia/fundraising/crm
Gerrit-Branch: master
Gerrit-Owner: Eileen <[email protected]>
Gerrit-Reviewer: Ejegg <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
