Page MenuHomePhabricator
Create Task
Maniphest T115171

Record actual amount charged regardless of what's in session
Closed, ResolvedPublic2 Estimated Story Points
Actions

Description

  • Donor clicks $5 button in banner, gets to our form
  • We initiate a $5 transaction with GlobalCollect
  • Before the donor enters their credit card info, they click the $2 button, maybe in another window
  • We update our server's session data about the donation attempt to say the amount is $2
  • Donor finishes the payment in the $5 form
  • We actually charge $5, which is what they intended to give
  • The $2 in session is what gets recorded in Civi and on reciept

We need to update our data at the resultswitcher to make sure we're recording the right donation.

Details

SubjectRepoBranchLines +/-
pass donation amount in return urlmediawiki/extensions/DonationInterfacemaster+1 -0
Add 'amount' to debug loggingmediawiki/extensions/DonationInterfacedeployment+1 -0
Astropay: record charged amount, not session amountmediawiki/extensions/DonationInterfacedeployment+12 -0
GlobalCollect: record charged amount, not session amountmediawiki/extensions/DonationInterfacedeployment+11 -0
Add 'amount' to debug loggingmediawiki/extensions/DonationInterfacemaster+1 -0
Astropay: record charged amount, not session amountmediawiki/extensions/DonationInterfacemaster+43 -0
GlobalCollect: record charged amount, not session amountmediawiki/extensions/DonationInterfacemaster+40 -0
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
Restricted Task
 Resolved cwdentT115171 Record actual amount charged regardless of what's in session

Event Timeline

Ejegg created this task.Oct 10 2015, 12:18 AM
Ejegg raised the priority of this task from to Unbreak Now!.
Ejegg updated the task description. (Show Details)
Ejegg added projects: MediaWiki-extensions-DonationInterface, Fundraising-Backlog, Fundraising Sprint UB40, Unplanned-Sprint-Work.
Ejegg subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 10 2015, 12:18 AM
gerritbot subscribed.Oct 10 2015, 12:37 AM

Change 244829 had a related patch set uploaded (by Ejegg):
GlobalCollect: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244829

gerritbot added a project: Patch-For-Review.Oct 10 2015, 12:37 AM

Change 244833 had a related patch set uploaded (by Ejegg):
Astropay: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244833

Ejegg added a comment.Oct 10 2015, 12:42 AM

Paypal needs no fix since we don't record those from DonationInterface. Amazon is fine because we post back the amount in the same request as we make the payment API calls and queue the message.

Ejegg added a comment.Oct 10 2015, 12:46 AM

Looks like Worldpay is high risk here - even if the donor fills out their credit card details and submits in the page with the initial donation, we will charge them the amount in session, which could be more than they wanted to give!

gerritbot added a comment.Oct 10 2015, 1:16 AM

Change 244836 had a related patch set uploaded (by Ejegg):
Add 'amount' to debug logging

https://gerrit.wikimedia.org/r/244836

gerritbot added a comment.Oct 10 2015, 2:08 AM

Change 244829 merged by jenkins-bot:
GlobalCollect: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244829

gerritbot added a comment.Oct 10 2015, 2:09 AM

Change 244833 merged by jenkins-bot:
Astropay: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244833

gerritbot added a comment.Oct 10 2015, 2:21 AM

Change 244836 merged by jenkins-bot:
Add 'amount' to debug logging

https://gerrit.wikimedia.org/r/244836

gerritbot added a comment.Oct 10 2015, 2:27 AM

Change 244847 had a related patch set uploaded (by Ejegg):
GlobalCollect: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244847

gerritbot added a comment.Oct 10 2015, 2:27 AM

Change 244848 had a related patch set uploaded (by Ejegg):
Astropay: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244848

gerritbot added a comment.Oct 10 2015, 2:27 AM

Change 244849 had a related patch set uploaded (by Ejegg):
Add 'amount' to debug logging

https://gerrit.wikimedia.org/r/244849

gerritbot added a comment.Oct 10 2015, 2:27 AM

Change 244847 merged by Ejegg:
GlobalCollect: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244847

gerritbot added a comment.Oct 10 2015, 2:28 AM

Change 244848 merged by Ejegg:
Astropay: record charged amount, not session amount

https://gerrit.wikimedia.org/r/244848

gerritbot added a comment.Oct 10 2015, 2:28 AM

Change 244849 merged by Ejegg:
Add 'amount' to debug logging

https://gerrit.wikimedia.org/r/244849

Ejegg mentioned this in T115173: Compare amounts and currencies between payments logs and Civi, fix discrepancies.Oct 10 2015, 2:56 AM
ReleaseTaggerBot added a project: MW-1.27-release (WMF-deploy-2015-10-13_(1.27.0-wmf.3)).Oct 10 2015, 3:00 AM
atgo moved this task from Triage to Closed Sprint Work Completed in Q2 1516 on the Fundraising-Backlog board.Oct 13 2015, 3:46 PM
Ejegg set Security to None.Oct 13 2015, 5:07 PM
Ejegg edited a custom field.

Fixes deployed for AstroPay and GlobalCollect, work still needed on Worldpay

atgo subscribed.Oct 14 2015, 9:13 PM

Is this a dupe of T115053 ?

atgo added a comment.Oct 14 2015, 9:29 PM

And is it related to T111436?

Ejegg added a comment.Oct 14 2015, 10:37 PM

Yep, it's the root cause of T115053 - I just made this task 'cause I hid that other one from myself and couldn't put it in sprint! Also wanted to collect the info on the general problem and track progress on fixing it for each gateway.

DStrine added a project: Fundraising Sprint Vengaboys.Oct 14 2015, 11:17 PM
awight moved this task from Backlog to Doing on the Fundraising Sprint Vengaboys board.Oct 15 2015, 7:42 PM
Ejegg claimed this task.Oct 15 2015, 8:05 PM
Ejegg reassigned this task from Ejegg to cwdent.Oct 16 2015, 8:09 PM
Ejegg added a subscriber: cwdent.

Passing this along to @cwdent to implement the fix for Worldpay.

DStrine removed a project: Unplanned-Sprint-Work.Oct 19 2015, 10:40 PM
awight subscribed.Oct 20 2015, 11:42 PM

I take back my objection here, this sounds like a great fix!

cwdent added a comment.Oct 21 2015, 9:51 PM

With Worldpay ESOP we don't send the amount initially in the iframe request (there isn't a field for it). The auth/charge steps pull the amount to charge from the session so whatever's there will be the canonical amount and the same as what's in contribution_tracking. So basically a donor can have n iframes open but they will all charge for the amount typed into the most recently requested one.

awight added a comment.Oct 21 2015, 10:14 PM

Note from our conversation: there is logic to check the session's order_id, and stop if there's a mismatch. Perhaps that's not working?

Also, ejegg pointed out that Worldpay would still have this issue, if it's happening...

cwdent added a comment.Oct 22 2015, 3:09 PM

Patch for review: https://gerrit.wikimedia.org/r/#/c/247946/

cwdent closed this task as Resolved.Oct 23 2015, 5:47 PM

Deployed

cwdent moved this task from Doing to Done on the Fundraising Sprint Vengaboys board.Oct 23 2015, 5:47 PM
DStrine added a parent task: Restricted Task.Oct 26 2015, 8:14 PM
DStrine added a project: Fundraising Sprint William Shatner.Oct 28 2015, 10:58 PM
DStrine removed a project: Fundraising Sprint William Shatner.Oct 28 2015, 11:00 PM
K4-713 added a project: Essential-Work.Oct 30 2015, 9:41 PM
DStrine added a project: FR-Ingenico.Nov 19 2015, 6:29 PM
atgo unsubscribed.Mar 30 2016, 10:03 PM
mmodell removed a subscriber: awight.Jun 22 2017, 9:44 PM
Restricted Application added subscribers: Jay8g, TerraCodes. · View Herald TranscriptJun 22 2017, 9:44 PM
DStrine edited projects, added Fr-tech-archived-from-FY-2015/16; removed Fundraising-Backlog.Jan 11 2018, 9:45 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits