RubyGems - workarea-kount - Versions diffs - 3.3.0 - Mend

workarea-kount 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (163) hide show

checksums.yaml +7 -0
data/.editorconfig +20 -0
data/.eslintrc +24 -0
data/.github/ISSUE_TEMPLATE/bug_report.md +37 -0
data/.github/ISSUE_TEMPLATE/documentation-request.md +17 -0
data/.github/ISSUE_TEMPLATE/feature_request.md +20 -0
data/.github/workflows/ci.yml +58 -0
data/.gitignore +14 -0
data/.rubocop.yml +2 -0
data/CHANGELOG.md +212 -0
data/CODE_OF_CONDUCT.md +3 -0
data/CONTRIBUTING.md +3 -0
data/Gemfile +17 -0
data/LICENSE.md +3 -0
data/README.md +98 -0
data/Rakefile +53 -0
data/app/controllers/workarea/admin/orders_controller.decorator +5 -0
data/app/controllers/workarea/storefront/checkout/place_order_controller.decorator +11 -0
data/app/controllers/workarea/storefront/kount_controller.rb +19 -0
data/app/controllers/workarea/storefront/kount_orders_controller.rb +40 -0
data/app/lib/active_shipping/rate_estimate.decorator +10 -0
data/app/mailers/workarea/storefront/order_mailer.decorator +14 -0
data/app/models/workarea/checkout.decorator +37 -0
data/app/models/workarea/checkout/fraud/kount_analyzer.rb +71 -0
data/app/models/workarea/kount/ens_event.rb +13 -0
data/app/models/workarea/kount/order.rb +14 -0
data/app/models/workarea/order.decorator +62 -0
data/app/models/workarea/order/fraud_decision.decorator +9 -0
data/app/models/workarea/order/item.decorator +8 -0
data/app/models/workarea/order/status/review.rb +13 -0
data/app/models/workarea/payment/credit_card.decorator +13 -0
data/app/models/workarea/payment/payment.decorator +11 -0
data/app/models/workarea/payment/status/kount_declined.rb +13 -0
data/app/models/workarea/payment/status/kount_review.rb +13 -0
data/app/models/workarea/payment/tender/credit_card.decorator +10 -0
data/app/models/workarea/search/admin.decorator +12 -0
data/app/models/workarea/search/admin/order.decorator +7 -0
data/app/models/workarea/shipping/rate_lookup.decorator +26 -0
data/app/models/workarea/shipping/service.decorator +9 -0
data/app/models/workarea/shipping/service_selection.decorator +7 -0
data/app/models/workarea/shipping_option.decorator +27 -0
data/app/services/workarea/kount/cancel_order_under_review.rb +28 -0
data/app/services/workarea/kount/event.rb +43 -0
data/app/services/workarea/kount/event/dmc_event.rb +9 -0
data/app/services/workarea/kount/event/risk_change_event.rb +21 -0
data/app/services/workarea/kount/event/special_alert_event.rb +21 -0
data/app/services/workarea/kount/event/workflow_event.rb +25 -0
data/app/services/workarea/kount/event_batch.rb +37 -0
data/app/services/workarea/kount/order_fraud_update_service.rb +42 -0
data/app/services/workarea/kount/ris_inquiry.rb +120 -0
data/app/services/workarea/kount/ris_inquiry/product.rb +53 -0
data/app/services/workarea/kount/ris_request.rb +84 -0
data/app/services/workarea/kount/ris_update.rb +39 -0
data/app/view_models/workarea/admin/order_view_model.decorator +35 -0
data/app/view_models/workarea/storefront/order_view_model.decorator +11 -0
data/app/views/workarea/admin/orders/_kount.html.haml +28 -0
data/app/views/workarea/admin/orders/kount.html.haml +46 -0
data/app/views/workarea/storefront/checkouts/_kount_data_collector.html.haml +4 -0
data/app/views/workarea/storefront/order_mailer/hold_denial.html.haml +14 -0
data/app/workers/workarea/kount/process_review_order.rb +75 -0
data/app/workers/workarea/kount/update_ris_inquiry.rb +31 -0
data/bin/rails +18 -0
data/config/initializers/appends.rb +11 -0
data/config/initializers/workarea.rb +26 -0
data/config/locales/en.yml +26 -0
data/config/routes.rb +14 -0
data/doc/Kount Technical Specification Guide 5.5.5.pdf +0 -0
data/lib/workarea/kount.rb +87 -0
data/lib/workarea/kount/address.rb +39 -0
data/lib/workarea/kount/bogus_gateway.rb +415 -0
data/lib/workarea/kount/engine.rb +8 -0
data/lib/workarea/kount/errors.rb +2 -0
data/lib/workarea/kount/gateway.rb +50 -0
data/lib/workarea/kount/mappings.rb +195 -0
data/lib/workarea/kount/payment_types.rb +50 -0
data/lib/workarea/kount/response.rb +141 -0
data/lib/workarea/kount/security_mash.rb +79 -0
data/lib/workarea/kount/user_defined_fields.rb +16 -0
data/lib/workarea/kount/version.rb +5 -0
data/lib/workarea/mailer_previews/storefront/order_mailer_preview.rb +10 -0
data/test/dummy/Rakefile +6 -0
data/test/dummy/app/assets/config/manifest.js +4 -0
data/test/dummy/app/assets/images/.keep +0 -0
data/test/dummy/app/assets/javascripts/application.js +13 -0
data/test/dummy/app/assets/stylesheets/application.css +15 -0
data/test/dummy/app/controllers/application_controller.rb +3 -0
data/test/dummy/app/controllers/concerns/.keep +0 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/jobs/application_job.rb +2 -0
data/test/dummy/app/mailers/application_mailer.rb +4 -0
data/test/dummy/app/models/concerns/.keep +0 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/app/views/layouts/mailer.html.erb +13 -0
data/test/dummy/app/views/layouts/mailer.text.erb +1 -0
data/test/dummy/bin/bundle +3 -0
data/test/dummy/bin/rails +4 -0
data/test/dummy/bin/rake +4 -0
data/test/dummy/bin/setup +34 -0
data/test/dummy/bin/update +29 -0
data/test/dummy/config.ru +5 -0
data/test/dummy/config/application.rb +23 -0
data/test/dummy/config/boot.rb +5 -0
data/test/dummy/config/cable.yml +9 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +56 -0
data/test/dummy/config/environments/production.rb +86 -0
data/test/dummy/config/environments/test.rb +44 -0
data/test/dummy/config/initializers/application_controller_renderer.rb +6 -0
data/test/dummy/config/initializers/assets.rb +11 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/test/dummy/config/initializers/inflections.rb +16 -0
data/test/dummy/config/initializers/mime_types.rb +4 -0
data/test/dummy/config/initializers/new_framework_defaults.rb +21 -0
data/test/dummy/config/initializers/session_store.rb +3 -0
data/test/dummy/config/initializers/workarea.rb +5 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +23 -0
data/test/dummy/config/puma.rb +47 -0
data/test/dummy/config/routes.rb +6 -0
data/test/dummy/config/secrets.yml +22 -0
data/test/dummy/config/spring.rb +6 -0
data/test/dummy/db/seeds.rb +2 -0
data/test/dummy/lib/assets/.keep +0 -0
data/test/dummy/log/.keep +0 -0
data/test/dummy/public/404.html +67 -0
data/test/dummy/public/422.html +67 -0
data/test/dummy/public/500.html +66 -0
data/test/dummy/public/apple-touch-icon-precomposed.png +0 -0
data/test/dummy/public/apple-touch-icon.png +0 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/factories/kount.rb +164 -0
data/test/integration/workarea/api/admin/payment_transactions_integration_test.decorator +29 -0
data/test/integration/workarea/kount_moneris_integration_test.rb +37 -0
data/test/integration/workarea/storefront/kount_integration_test.rb +37 -0
data/test/integration/workarea/storefront/kount_orders_integration_test.rb +89 -0
data/test/lib/workarea/kount/response_test.rb +95 -0
data/test/lib/workarea/kount/security_mash_test.rb +62 -0
data/test/models/workarea/checkout/fraud/kount_analyzer_test.rb +44 -0
data/test/models/workarea/checkout_test.decorator +22 -0
data/test/models/workarea/order/queries_test.decorator +28 -0
data/test/models/workarea/order_test.decorator +25 -0
data/test/models/workarea/payment/payment_test.rb +106 -0
data/test/models/workarea/payment/saved_credit_card_test.rb +24 -0
data/test/models/workarea/payment_test.decorator +54 -0
data/test/models/workarea/shipping_option_test.rb +29 -0
data/test/services/workarea/kount/event_batch_test.rb +95 -0
data/test/services/workarea/kount/event_test.rb +51 -0
data/test/services/workarea/kount/order_fraud_update_service_test.rb +48 -0
data/test/support/workarea/kount_api_config.rb +27 -0
data/test/system/workarea/kount_system_test.rb +72 -0
data/test/system/workarea/storefront/kount_guest_checkout_system_test.rb +32 -0
data/test/system/workarea/storefront/kount_logged_in_checkout_system_test.rb +102 -0
data/test/test_helper.rb +16 -0
data/test/vcr_cassettes/kount/basic_fraud_test.yml +43 -0
data/test/vcr_cassettes/kount/integration/moneris_new_credit_card.yml +84 -0
data/test/vcr_cassettes/kount/integration/moneris_saved_credit_card.yml +84 -0
data/test/vcr_cassettes/kount/order_fraud_update.yml +82 -0
data/test/workers/workarea/kount/clean_orders_test.rb +40 -0
data/test/workers/workarea/kount/process_review_order_test.rb +100 -0
data/workarea-kount.gemspec +17 -0
metadata +238 -0

data/LICENSE.md ADDED

@@ -0,0 +1,3 @@
+View this plugin's license here:
+<https://github.com/workarea-commerce/workarea/blob/master/LICENSE.md>

data/README.md ADDED

@@ -0,0 +1,98 @@
+# Workarea Kount
+Kount plugin for the Workarea platform.
+## Kount Response Codes
+Kount's Risk Inquiry Services will return one of three values.
+Approved - the order is not suspected as fraud
+Decline - the order is fraud
+Hold for manager review - the order is suspected fraud
+## Kount Order Flow
+### In Checkout
+The Kount plugin sends the credit card and paypal orders to Kount before payment
+is captured. Based on the response from Kount different actions will be taken.
+#### Approved - The order is not fraud
+The order is placed.
+#### Decline - The order is fraud
+An error is shown to the customer and redirected back to the payment step.
+#### Hold for manager review - the order is suspected fraud
+The credit card is tokenized and inventory is captured but the payment is not
+authorized/purchased. The customer is shown the order confirmation as if the
+order is placed. A Kount admin user needs to use approve or decline the order
+via the Kount admin.
+The Kount Event Notificaion System (ENS) will post the data back to Workarea.
+If the admin declines the order in Kount, the order is canceled and the customer
+recieves a cancelation email.
+If the admin approves the order, the payment is attemped to be captured. If the
+payment captures successfully the order is placed.  If the payment fails
+authorization/purchase, the order is canceled and the customer recives a
+cancelation email.
+## Configuration
+Add values for `merchant_id`, `version`, `key`, and `ksalt` to your application secrets
+```yaml
+  kount:
+    merchant_id:
+    version:
+    key:
+    ksalt:
+    ens_username: username for basic auth for ENS
+    ens_password: password for basic auth for ENS
+    kount_site: <site name for ENS>
+```
+### Event Notification System Configuration
+The Kount ENS requires configuration in Workarea to match configuration in Kount.
+If the ENS is not configured properly, Kount review decisions will not be
+received by Workarea.
+Workarea uses basic auth credentials `ens_username:ens_password` to authenticate
+requests from the Kount ENS. If your application is behind basic_auth (e.g. in
+staging or QA) you should configure these credentials to match your basic auth
+credentials for the environment. If your application is not behind basic auth
+these credentials can be anything you want, as long as they are secure.
+#### Kount Site
+The `kount_site` configuration is used by kount ENS to determine which endpoint
+events should be sent to. If no `kount_site` is provided the DEFAULT site will
+be used. `kount_site` can be used to configure different ENS endpoints for
+testing inQA and Staging, or for multi-site implementations.
+#### Configure ENS in Kount
+In the Kount admin navigate to: Fraud Control -> Websites -> Add Website
+The ENS Api URL should look like `https://ENS_USERNAME:ENS_PASSWORD@WEBSITE_DOMAIN/kount_orders`
+Example: `https://kount:aksjei8243d8@www.example.com/kount_orders`
+## Workarea Platform Documentation
+See [http://developer.workarea.com](http://developer.workarea.com) for Workarea
+platform documentation.
+## Copyright & Licensing
+Copyright WebLinc 2018. All rights reserved.
+For licensing, contact sales@weblinc.com.

data/Rakefile ADDED

@@ -0,0 +1,53 @@
+#!/usr/bin/env rake
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+require 'rdoc/task'
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Tasker'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+APP_RAKEFILE = File.expand_path('../test/dummy/Rakefile', __FILE__)
+load 'rails/tasks/engine.rake'
+load 'rails/tasks/statistics.rake'
+load 'workarea/changelog.rake'
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+task default: :test
+$LOAD_PATH.unshift File.expand_path('../lib', __FILE__)
+require 'workarea/kount/version'
+desc "Release version #{Workarea::Kount::VERSION} of the gem"
+task :release do
+  host = "https://#{ENV['BUNDLE_GEMS__WORKAREA__COM']}@gems.workarea.com"
+  Rake::Task['workarea:changelog'].execute
+  system 'git add CHANGELOG.md'
+  system 'git commit -m "Update CHANGELOG"'
+  system 'git push origin HEAD'
+  system "git tag -a v#{Workarea::Kount::VERSION} -m 'Tagging #{Workarea::Kount::VERSION}'"
+  system 'git push --tags'
+  system 'gem build workarea-kount.gemspec'
+  system "gem push workarea-kount-#{Workarea::Kount::VERSION}.gem"
+  system "gem push workarea-kount-#{Workarea::Kount::VERSION}.gem --host #{host}"
+  system "rm workarea-kount-#{Workarea::Kount::VERSION}.gem"
+end

data/app/controllers/workarea/admin/orders_controller.decorator ADDED

@@ -0,0 +1,5 @@
+module Workarea
+  decorate Admin::OrdersController, with: :kount do
+    def kount; end
+  end
+end

data/app/controllers/workarea/storefront/checkout/place_order_controller.decorator ADDED

@@ -0,0 +1,11 @@
+module Workarea
+  decorate Storefront::Checkout::PlaceOrderController, with: :kount do
+    def try_place_order
+      if current_checkout.place_order || current_checkout.handle_kount_review
+        completed_place_order
+      else
+        incomplete_place_order
+      end
+    end
+  end
+end

data/app/controllers/workarea/storefront/kount_controller.rb ADDED

@@ -0,0 +1,19 @@
+module Workarea
+  module Storefront
+    class KountController < Workarea::Storefront::ApplicationController
+      def data_collector
+        current_order.update_attributes(kount_session_id: kount_session_id)
+        params = { merchant_id: Workarea::Kount.merchant_id, s: kount_session_id }
+        redirect_to "#{Workarea::Kount.data_collector_url}logo.htm?#{params.to_query}", status: 302
+      end
+      private
+        def kount_session_id
+          @kount_session_id ||= "#{current_order.id}#{Time.now.to_i}R#{rand(10000..99999)}"
+        end
+    end
+  end
+end

data/app/controllers/workarea/storefront/kount_orders_controller.rb ADDED

@@ -0,0 +1,40 @@
+module Workarea
+  module Storefront
+    class KountOrdersController < ApplicationController
+      skip_before_action :verify_authenticity_token, only: [:bulk]
+      before_action :authenticate
+      def bulk
+        event_batch = Kount::EventBatch.new(request.raw_post)
+        if event_batch.valid?
+          event_batch.process!
+          successful_response
+        else
+          unsuccessful_response
+        end
+      end
+      private
+        def authenticate
+          authenticated = authenticate_with_http_basic do |username, password|
+            Kount.credentials[:ens_username].present? &&
+              Kount.credentials[:ens_password].present? &&
+              username == Kount.credentials[:ens_username] &&
+              password == Kount.credentials[:ens_password]
+          end
+          unsuccessful_response unless authenticated
+        end
+        def successful_response
+          render json: { status: 200 }
+        end
+        def unsuccessful_response
+          head :bad_request
+        end
+    end
+  end
+end

data/app/lib/active_shipping/rate_estimate.decorator ADDED

@@ -0,0 +1,10 @@
+module ActiveShipping
+  decorate RateEstimate, with: :kount do
+    decorated { attr_accessor :kount_code }
+    def initialize(origin, destination, carrier, service_name, options = {})
+      super
+      self.kount_code = options[:kount_code]
+    end
+  end
+end

data/app/mailers/workarea/storefront/order_mailer.decorator ADDED

@@ -0,0 +1,14 @@
+module Workarea
+  decorate Storefront::OrderMailer, with: :kount do
+    def hold_denial(order_id)
+      order = Order.find(order_id)
+      @order = Storefront::OrderViewModel.new(order)
+      @recommendations = Storefront::EmailRecommendationsViewModel.wrap(order)
+      mail(
+        to: @order.email,
+        subject: t('workarea.storefront.email.hold_denial.subject', order_id: @order.id)
+      )
+    end
+  end
+end

data/app/models/workarea/checkout.decorator ADDED

@@ -0,0 +1,37 @@
+module Workarea
+  decorate Checkout, with: :kount do
+    def handle_kount_review
+      return false unless order.under_review?
+      return false unless complete?
+      return false unless shippable?
+      return false unless payable?
+      inventory.purchase
+      return false unless inventory.captured?
+      return true unless payment.uses_credit_card?
+      store_credit_card
+    end
+    def handle_kount_approved
+      unless payment_collection.purchase
+        captured_inventory&.rollback
+        return false
+      end
+      result = order.place
+      place_order_side_effects if result
+      result
+    end
+    private
+      def captured_inventory
+        @captured_inventory ||= Inventory::Transaction.captured_for_order(order.id)
+      end
+      def store_credit_card
+        Payment::StoreCreditCard.new(payment.credit_card).save!
+      end
+  end
+end

data/app/models/workarea/checkout/fraud/kount_analyzer.rb ADDED

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+module Workarea
+  class Checkout
+    module Fraud
+      class KountAnalyzer < Analyzer
+        # This is the `:mode` value used in the RIS Inquiry request to
+        # Kount. It tells Kount that this is a new order, and not an
+        # update to an existing order as used in the updater service
+        # class.
+        #
+        # @return [String]
+        MODE_Q = 'Q'
+        delegate :gateway, to: Workarea::Kount
+        delegate :kount_mode, :kount_request_user_defined_fields, to: :checkout
+        delegate :decision, to: :kount_response
+        # Tell Kount about the order and record its response.
+        #
+        # @return [Workarea::Order::FraudDecision]
+        def make_decision
+          kount_order.update_attributes!(response: kount_response)
+          Workarea::Order::FraudDecision.new(
+            decision: decision,
+            message: message
+          )
+        end
+        # Data for this Order from Kount.
+        #
+        # @return [Workarea::Kount::Order]
+        def kount_order
+          @kount_order ||= Workarea::Kount::Order.find_or_initialize_by(id: order.id)
+        end
+        private
+        # Build the RIS inquiry request.
+        #
+        # @private
+        # @return [Hash]
+        def inquiry
+          Workarea::Kount::RisInquiry.new(
+            order: order,
+            payment: payment,
+            shippings: shippings,
+            mode: MODE_Q
+          ).to_h
+        end
+        # Response for the Kount RIS inquiry request.
+        #
+        # @private
+        # @return [Workarea::Kount::Response]
+        def kount_response
+          @kount_response ||= gateway.call(inquiry)
+        end
+        # Translated message for the Kount decision.
+        #
+        # @private
+        # @return [String]
+        def message
+          I18n.t(decision, scope: 'workarea.storefront.fraud.kount')
+        end
+      end
+    end
+  end
+end

data/app/models/workarea/kount/ens_event.rb ADDED

@@ -0,0 +1,13 @@
+module Workarea
+  module Kount
+    class EnsEvent
+      include ApplicationDocument
+      field :xml, type: String
+      embedded_in :kount_order,
+        class_name: 'Workarea::Kount::Order',
+        inverse_of: :ens_events
+    end
+  end
+end

data/app/models/workarea/kount/order.rb ADDED

@@ -0,0 +1,14 @@
+module Workarea
+  module Kount
+    class Order
+      include ApplicationDocument
+      field :response,        type: Workarea::Kount::Response
+      field :update_response, type: Workarea::Kount::Response
+      embeds_many :ens_events, class_name: 'Workarea::Kount::EnsEvent'
+      index(created_at: -1)
+    end
+  end
+end

data/app/models/workarea/order.decorator ADDED

@@ -0,0 +1,62 @@
+module Workarea
+  decorate Order, with: :kount do
+    decorated do
+      field :kount_session_id, type: String
+      field :kount_decision, type: Symbol
+      scope :not_under_review, -> { where(:kount_decision.ne => :review) }
+      before_save :set_kount_decision, if: :fraud_decision?
+    end
+    class_methods do
+      # Query for orders which have expired in checkout, meaning they have been
+      # not been placed or updated for longer than the
+      # +Workarea.config.order_expiration_period+, but have started
+      # checkout. Contrast this with +Order.expired+, which does not
+      # factor in orders that have started checkout.
+      #
+      # Doesn't include orders under review or declined by kount
+      #
+      # @return [Mongoid::Criteria]
+      def expired_in_checkout
+        super.nin(kount_decision: [:review, :decline])
+      end
+      # Overriding method from core/models/order/queries.rb module
+      def need_reminding
+        super.where(kount_decision: nil)
+      end
+      # Find a current cart for a session. Returns a new order if one cannot be found.
+      #
+      # @param params [Hash]
+      # @return [Order]
+      #
+      def find_current(params = {})
+        if params[:id].present?
+          Order.not_placed.not_under_review.find(params[:id].to_s)
+        elsif params[:user_id].present?
+          Order.recently_updated.not_placed.not_under_review.find_by(params.slice(:user_id))
+        else
+          Order.new(user_id: params[:user_id])
+        end
+      rescue Mongoid::Errors::DocumentNotFound
+        Order.new(user_id: params[:user_id])
+      end
+    end
+    # Whether the FraudDecision#decision is `:review`.
+    def under_review?
+      !placed? && !canceled? && kount_decision == :review
+    end
+    def abandoned?
+      super && kount_decision.nil?
+    end
+    def set_kount_decision
+      self.kount_decision = fraud_decision.decision
+    end
+  end
+end