Add Pro sign up ban check

When a YAML config file is present, check the payment card before the pro subscription is created. With the YAML: ```yaml - fingerprint: 123abc456DEF789gh address_zip: AB11AB - address_zip: CD11CD ``` This would add two bans. Prevent sign up if the payment card entered matches: 1. the fingerprint and postcode `AB1 1AB`, or 2. the postcode `cd11cd` For fingerprint, these come from the Stripe dashboard and are unique for a given card. See: https://stripe.com/docs/api/cards/object#card_object-fingerprint For postcodes/address zip we upcase and strip all white space from what is provided on the payment form.
mysociety · Sep 28, 2023 · e160de7 · e160de7
1 parent 15b5e41
commit e160de7
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 0 deletions.
diff --git a/lib/alavetelitheme.rb b/lib/alavetelitheme.rb
@@ -55,6 +55,7 @@ def prepend_theme_assets
               'mailer_patches.rb',
               'analytics_event.rb',
               'help_page_history.rb',
+              'pro_account_bans.rb',
               'public_body_questions.rb',
               'school_late_calculator.rb',
               'volunteer_contact_form.rb',

diff --git a/lib/model_patches.rb b/lib/model_patches.rb
@@ -69,6 +69,10 @@ def late_calculator
     ]
   }
 
+  ProAccount.class_eval do
+    prepend ProAccountBans::ModelMethods
+  end
+
   PublicBody.class_eval do
     # Return the domain part of an email address, canonicalised and with common
     # extra UK Government server name parts removed.

diff --git a/lib/pro_account_bans.rb b/lib/pro_account_bans.rb
@@ -0,0 +1,31 @@
+module ProAccountBans
+  module ModelMethods
+    PRO_ACCOUNT_BANS_CONFIG = Rails.root.join('config/pro_account_bans.yml')
+
+    def update_source
+      return super unless pro_account_banned?
+
+      raise ProAccount::CardError, _("The card issuer couldn't authorize " \
+                                     "payment.")
+    end
+
+    def pro_account_banned?
+      return false unless bans_config
+
+      bans_config.any? do |ban|
+        ban.all? do |k, banned_value|
+          value = @token.card[k]
+          value.upcase.gsub(/\S/, '') if k == 'address_key'
+          value == banned_value
+        end
+      end
+    end
+
+    private
+
+    def bans_config
+      return unless File.exist?(PRO_ACCOUNT_BANS_CONFIG)
+      YAML.load_file(PRO_ACCOUNT_BANS_CONFIG)
+    end
+  end
+end