From b843454941061c79410d2b0efc8da5124e1021e2 Mon Sep 17 00:00:00 2001 From: Jonathan Prykop Date: Tue, 3 Jan 2017 17:33:26 -0600 Subject: [PATCH] 71513: Card tokenization [banned_pay tweaks] --- FS/FS/banned_pay.pm | 10 +++++++- FS/FS/cust_main/Billing_Realtime.pm | 51 +++++++++++++++---------------------- 2 files changed, 30 insertions(+), 31 deletions(-) diff --git a/FS/FS/banned_pay.pm b/FS/FS/banned_pay.pm index 3d51bcd20..0afff334e 100644 --- a/FS/FS/banned_pay.pm +++ b/FS/FS/banned_pay.pm @@ -4,7 +4,7 @@ use base qw( FS::otaker_Mixin FS::Record ); use strict; use Digest::MD5 qw(md5_base64); use Digest::SHA qw( sha512_base64 ); -use FS::Record qw( qsearchs dbh ); +use FS::Record qw( qsearch qsearchs dbh ); use FS::CurrentUser; =head1 NAME @@ -169,6 +169,14 @@ sub ban_search { # Used by FS::Upgrade to migrate to a new database. sub _upgrade_data { # class method my ($class, %opts) = @_; + + die "Cannot upgrade md5 banned_pay entries" + if qsearch({ + 'table' => 'banned_pay', + 'hashref' => {}, + 'extra_sql' => "WHERE payinfo_hash IS NULL OR payinfo_hash = '' OR payinfo_hash = 'MD5'", + }); + $class->_upgrade_otaker(%opts); } diff --git a/FS/FS/cust_main/Billing_Realtime.pm b/FS/FS/cust_main/Billing_Realtime.pm index 5d376e6c2..d96b8ba99 100644 --- a/FS/FS/cust_main/Billing_Realtime.pm +++ b/FS/FS/cust_main/Billing_Realtime.pm @@ -416,6 +416,13 @@ sub realtime_bop { # set fields from passed cust_payby _bop_cust_payby_options(\%options); + # check for banned credit card/ACH + my $ban = FS::banned_pay->ban_search( + 'payby' => $bop_method2payby{$options{method}}, + 'payinfo' => $options{payinfo}, + ); + return "Banned credit card" if $ban && $ban->bantype ne 'warn'; + # possibly run a separate transaction to tokenize card number, # so that we never store tokenized card info in cust_pay_pending if (($options{method} eq 'CC') && !$self->tokenized($options{'payinfo'})) { @@ -502,16 +509,6 @@ sub realtime_bop { die $@ if $@; ### - # check for banned credit card/ACH - ### - - my $ban = FS::banned_pay->ban_search( - 'payby' => $bop_method2payby{$options{method}}, - 'payinfo' => $options{payinfo}, - ); - return "Banned credit card" if $ban && $ban->bantype ne 'warn'; - - ### # check for term discount validity ### @@ -1793,6 +1790,13 @@ sub realtime_verify_bop { return "No cust_payby" unless $options{'cust_payby'}; _bop_cust_payby_options(\%options); + # check for banned credit card/ACH + my $ban = FS::banned_pay->ban_search( + 'payby' => $bop_method2payby{'CC'}, + 'payinfo' => $options{payinfo}, + ); + return "Banned credit card" if $ban && $ban->bantype ne 'warn'; + # possibly run a separate transaction to tokenize card number, # so that we never store tokenized card info in cust_pay_pending if (($options{method} eq 'CC') && !$self->tokenized($options{'payinfo'})) { @@ -1813,16 +1817,6 @@ sub realtime_verify_bop { die $@ if $@; ### - # check for banned credit card/ACH - ### - - my $ban = FS::banned_pay->ban_search( - 'payby' => $bop_method2payby{'CC'}, - 'payinfo' => $options{payinfo}, - ); - return "Banned credit card" if $ban && $ban->bantype ne 'warn'; - - ### # massage data ### @@ -2230,6 +2224,13 @@ sub realtime_tokenize { return '' unless $options{method} eq 'CC'; return '' if $self->tokenized($options{payinfo}); #already tokenized + # check for banned credit card/ACH + my $ban = FS::banned_pay->ban_search( + 'payby' => $bop_method2payby{'CC'}, + 'payinfo' => $options{payinfo}, + ); + return "Banned credit card" if $ban && $ban->bantype ne 'warn'; + ### # select a gateway ### @@ -2258,16 +2259,6 @@ sub realtime_tokenize { && grep /^Tokenize$/, @{$supported_actions{'CC'}}; ### - # check for banned credit card/ACH - ### - - my $ban = FS::banned_pay->ban_search( - 'payby' => $bop_method2payby{'CC'}, - 'payinfo' => $options{payinfo}, - ); - return "Banned credit card" if $ban && $ban->bantype ne 'warn'; - - ### # massage data ### -- 2.11.0