[#540] added IBAN blacklist

Project60 · Aug 28, 2019 · 14f7923 · 14f7923
1 parent 6336222
commit 14f7923
Show file tree

Hide file tree

Showing 4 changed files with 62 additions and 5 deletions.
diff --git a/CRM/Sepa/BAO/SEPAMandate.php b/CRM/Sepa/BAO/SEPAMandate.php
@@ -81,7 +81,7 @@ static function add(&$params) {
       $params['iban'] = strtoupper($params['iban']);           // create uppercase string
       $params['iban'] = str_replace(' ', '', $params['iban']); // strip spaces
       $iban_error = CRM_Sepa_Logic_Verification::verifyIBAN($params['iban'], $creditor['creditor_type']);
-      if ($iban_error) throw new CRM_Exception($iban_error . ':' . $params['iban']);
+      if ($iban_error) throw new CRM_Exception($iban_error . ': ' . $params['iban']);
     }
 
     if (!empty($params['bic'])) {

diff --git a/CRM/Sepa/Logic/Verification.php b/CRM/Sepa/Logic/Verification.php
@@ -52,6 +52,11 @@ public static function formatIBAN($iban, $type = 'SEPA') {
    * @return NULL if given IBAN is valid, localized error message otherwise
    */
   public static function verifyIBAN($iban, $type = 'SEPA') {
+    // first: check if blacklisted (#540)
+    if (self::isIbanBlacklisted($iban)) {
+      return E::ts("IBAN is blacklisted");
+    }
+
     switch ($type) {
       case 'SEPA':
         // We only accept uppecase characters and numerals (machine format)
@@ -77,6 +82,29 @@ public static function verifyIBAN($iban, $type = 'SEPA') {
     return NULL;
   }
 
+  /**
+   * Check if this IBAN is blacklisted
+   *
+   * @param $iban string IBAN to check
+   * @return boolean
+   */
+  public static function isIbanBlacklisted($iban) {
+    static $blacklist = NULL;
+    if ($blacklist === NULL) {
+      // we have to check whether the group exists first, getOptionValuesAssocArrayFromName doesn't do that
+      $blacklist = [];
+      $query = civicrm_api3('OptionValue', 'get', [
+          'option_group_id' => 'iban_blacklist',
+          'option.limit'    => 0,
+          'return'          => 'value'
+      ]);
+      foreach ($query['values'] as $value) {
+        $blacklist[$value['value']] = 1;
+      }
+    }
+    return isset($blacklist[$iban]);
+  }
+
   /**
    * Verifies if the given mandate reference is formally correct
    *

diff --git a/CRM/Sepa/Upgrader.php b/CRM/Sepa/Upgrader.php
@@ -55,10 +55,11 @@ public function disable() {
    */
   public function enable() {
     $customData = new CRM_Sepa_CustomData('org.project60.sepa');
-    $customData->syncOptionGroup(__DIR__ . '/../../resources/batch_status_option_group.json');
-    $customData->syncOptionGroup(__DIR__ . '/../../resources/formats_option_group.json');
-    $customData->syncOptionGroup(__DIR__ . '/../../resources/msg_tpl_workflow_contribution_option_group.json');
-    $customData->syncOptionGroup(__DIR__ . '/../../resources/payment_instrument_option_group.json');
+    $customData->syncOptionGroup(E::path('resources/batch_status_option_group.json'));
+    $customData->syncOptionGroup(E::path('resources/formats_option_group.json'));
+    $customData->syncOptionGroup(E::path('resources/msg_tpl_workflow_contribution_option_group.json'));
+    $customData->syncOptionGroup(E::path('resources/payment_instrument_option_group.json'));
+    $customData->syncOptionGroup(E::path('resources/iban_blacklist_option_group.json'));
 
     // TODO: re-enable payment processor
     // CRM_Core_DAO::executeQuery('UPDATE foo SET is_active = 1 WHERE bar = "whiz"');
@@ -227,4 +228,16 @@ public function upgrade_1501() {
     }
     return TRUE;
   }
+
+  /**
+   * @return TRUE on success
+   * @throws Exception
+   */
+  public function upgrade_1502() {
+    $this->ctx->log->info('Adding IBAN Blacklist');
+    $customData = new CRM_Sepa_CustomData('org.project60.sepa');
+    $customData->syncOptionGroup(E::path('resources/iban_blacklist_option_group.json'));
+    return TRUE;
+  }
+
 }
diff --git a/resources/iban_blacklist_option_group.json b/resources/iban_blacklist_option_group.json
@@ -0,0 +1,16 @@
+{
+  "_lookup": ["name"],
+  "_translate": ["title"],
+  "name": "iban_blacklist",
+  "title": "IBAN Blacklist",
+  "is_reserved": 0,
+  "is_enabled": 1,
+  "_values": [
+    {
+      "_lookup": ["value"],
+      "_translate": ["label"],
+      "label": "Blacklist Example",
+      "value": "DE27100777770209299700"
+    }
+  ]
+}