Extension:DonationInterface

From MediaWiki.org
Jump to: navigation, search
MediaWiki extensions manual
Crystal Clear action run.png
DonationInterface

Release status: stable

Implementation Special page
Description Provides fundraising mechanisms for collecting payments
Author(s) Katie Horn, Sherah Smith, Matt Walker, Adam Wight
Latest version git
License GPLv2
Download

Translate the DonationInterface extension if it is available at translatewiki.net

Check usage and version matrix; code metrics
Bugs: list open list all report

DonationInterface provides fundraising mechanisms for collecting and tracking payments through various payment gateways.

Overview[edit | edit source]

The majority of the work done by the Donation Interface extension is in communicating with payment gateways. We also provide a user-facing forms layer for accepting donations.

Installation[edit | edit source]

Prior to the refactoring, it was necessary to include the installation files for several subdirectories as if they were standalone extensions. After the refactoring is complete, the installation will be simpler than it was before.

In your LocalSettings.php file, first define which gateways you want to be enabled. For example, the following would turn on all current gateways and extensions:

$wgDonationInterfaceEnablePayflowPro = true;
$wgDonationInterfaceEnableGlobalCollect = true;
$wgDonationInterfaceEnableStomp = true;
$wgDonationInterfaceEnableConversionLog = true;
$wgDonationInterfaceEnableMinfraud = true;
$wgDonationInterfaceEnableRecaptcha = true;
$wgDonationInterfaceEnableMinfraud_as_filter = true; //you wouldn't ever actually want this AND minfraud as a standalone enabled at the same time.
$wgDonationInterfaceEnableReferrerFilter = true;
$wgDonationInterfaceEnableSourceFilter = true;

Next, include the following line in LocalSettings.php:

require_once( "$IP/extensions/DonationInterface/DonationInterface.php" );

After this, TODO be sure to redefine the global variables for each gateway you intend to use. Particularly, the MerchantID and Password.

Important Note: DonationInterface searches for globals in a special way. Any DonationInterface global used by a gateway, can be assigned a value that is either specific to that gateway, or the default for the entire extension (with the specifics overriding the default where both are present). To assign an extension-wide default for gateway globals, simply swap out the gateway prefix in the global variable name, to "wgDonationInterface". For instance: To turn on syslogging by default for the entire DonationInterface extension instead of just, say, the payflow pro gateway, change this:

$wgPayflowProGatewayUseSyslog = true;

to this:

$wgDonationInterfaceUseSyslog = true;

Syslog will now be enabled for all gateways, unless you turn them off with gateway-specific globals.

Additionally, the refactored DonationInterface requires Extension:ContributionTracking to be installed and configured: DonationInterface now uses a number of static ContributionTracking functions to record relevant donation tracking data.

To create custom donation filtering rules, set the $wgCustomFiltersRefRules and $wgCustomFiltersSrcRules global variables in your LocalSettings.php file. These should be set to associative arrays which pair regex patterns with risk score numbers, for example:

// Filter for suspicious HTTP referrer URLs
$wgCustomFiltersRefRules = array(
    '/hackers\.com/' => 100
    '/wikipedia\.org/' => -50,
);
// Filter for suspicious utm_source values
$wgCustomFiltersSrcRules = array(
    '/TestNotice1/' => 50
    '/foobar/' => -100,
);

Define Globals in LocalSettings.php[edit | edit source]

While there are many more globals available to override, the following probably need to be defined in LocalSettings if you want DonationInterface to actually work. The majority of additional global variables of interest can be found in donationinterface.php, /payflowpro_gateway/payflowpro_gateway.php, and /globalcollect_gateway/globalcollect_gateway.php. NOTE: There is a slight timing issue in the installation process here, so order totally matters. In general, it is probably a good idea to define your donationinterface globals before you define your gateway-specific globals.

Global Name Purpose Type
$wgGlobalCollectGatewayMerchantID Our Merchant ID with GlobalCollect string
$wgDonationInterfaceAllowedHtmlForms A global whitelist of forms allowed to be loaded via RapidHtml. Intended to be used by any gateway. NOTE: This is not actually used anywhere directly. You must add these values to a gateway's AllowedHtmlForms for them to actually get used on any given gateway. Array. For each form, the key should be the name of the form (aka "ffname"), and the value should be the file's location.
$wgGlobalCollectGatewayAllowedHtmlForms The definitive whitelist of forms allowed to be loaded via RapidHtml, for GlobalCollect. Array. For each form, the key should be the name of the form (aka "ffname"), and the value should be the file's location. NOTE: If you wish to use the global list of forms as well, you will have to set $wgGlobalCollectGatewayAllowedHtmlForms = $wgDonationInterfaceAllowedHtmlForms manually, before adding (or removing) forms locally.
$wgDonationInterfaceDisplayDebug Set to true to get extra debugging information dumped to the screen. boolean

Implementation[edit | edit source]

The Code[edit | edit source]

Very generally speaking, the process of completing a donation goes like this:

  • The donor is sent to a donation form that is already tied to a specific payment gateway. This form will be controlled by a gateway-specific unlisted special page of a class descended from the GatewayForm class.
  • The extended GatewayForm class will instantiate its gateway adapter. On construction, the gateway adapter will gather, normalize, and validate any relevant data in $wgRequest. All gateways use the same class, DonationData, to accomplish this task. Doing this means that all the data is subject to the same normalization and validation processes, no matter who's asking for it or where it came from.
  • The controlling GatewayForm child class will then use the gateway adapter to determine where the user is in the donation process, and if appropriate (no errors on validation, all data present, no strangeness with the edit token or session, that sort of thing), use that same gateway adapter to interact with the remote payment servers in order to take the next step in the donation process. As every payment gateway has its own set of rules (and in some cases, completely different transaction types that are not directly analogous to anything else in any of the other gateways) it is up to the adapter to sort all of that out internally, and only expose functionality to the controlling object in such a way that it seems more or less universal across all possible adapter objects.
  • After having the gateway adapter perform one or more transactions with the remote payment gateway, the controlling object would then use the gateway to determine what happened, and display appropriate results to the prospective donor. This could be a "Thank you" page, an error displayed on the submitted form prompting the user to try again in a meaningful way, or a more fatal sort of error page.

GatewayAdapter class[edit | edit source]

(DonationInterface/gateway_common/gateway.adapter.php) - This is an abstract class that takes care of everything a general gateway needs to do. It it also supposed to yell at you rather loudly if you fail to define any of the particulars that a gateway needs, in order to be able to do anything worthwhile.

GatewayForm[edit | edit source]

(DonationInterface/gateway_common/GatewayForm.php) - A class that extends UnlistedSpecialPage. This will take care of all the not-gateway-specific functionality necessary to present a donation form to a user, and get the results. Of particular interest are the mechanisms for displaying the requested form (or not), handling some of the more universal aspects of form validation, and fetching data that could be used by the specified forms (as in, a list of countries and their codes for a country drop-down).

Classes that inherit from these will be specific to a particular payment gateway. As such, they will be located in a folder named something like DonationInterface/[name]_gateway/.

TODO: elaborate

DonationData class[edit | edit source]

(DonationInterface/gateway_common/DonationData.php) - This class is intended to handle everything that we are likely to want to do with Donation Data. It should load the data in a consistent way from any appropriate source (including a test), saves relevant Contribution Tracking data, generates data we always need to generate (like order IDs), normalises everything, and hands it back to the gateway. Classes inheriting from GatewayAdapter will instantiate a DonationData class on creation. The GatewayAdapter child classes should only ever use data that has come through the DonationData class. It also handles edit tokens.

Constructing a Gateway Adapter[edit | edit source]

Quick picture of what happens when a Gateway Adapter is initially constructed

Defining A New Gateway Adapter[edit | edit source]

GatewayAdapter extends the GatewayType interface. TODO: Here is a quick guide to defining the functions in GatewayType.

Testing[edit | edit source]

Unit tests can be found in the tests directory of the DonationInterface extension.

To run unit tests go to the mediawiki-core directory, then under tests/phpunit:

cd /srv/org.wikimedia.payments/tests/phpunit
php phpunit.php --group DonationInterface

Roadmap[edit | edit source]

Some things we want to do:

  • Decouple presentation layer from controllers and payments backend
    • Kill RapidHTML and use a mainline templating engine.
    • Consolidate forms into a single universal form, with boolean params that control block visibility and available features
  • Decouple from payment processing from MediaWiki framework so it can be used as a standalone library
    • Provide access to the payments library inside of Drupal, to enable refunds and cancellation, and status retrieval.

See also[edit | edit source]