Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-1085

Allow Merchant Gateways to bypass Blesta when creating/editing payment accounts

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.2.0-b1
    • Fix Version/s: Short Term
    • Component/s: Gateways
    • Labels:
      None

      Description

      Merchant Gateways should have the ability to inject HTML content into the add/edit payment account forms presented throughout the system (similar to how Nonmerchant Gateways currently work).

      This will allow Merchant Gateways the ability to bypass Blesta as the API requester, passing that responsibility onto the browser client (and subsequently bypassing all PCI-compliance requirements).

      MerchantCcOffSite and MerchantAchOffSite interfaces will need to be updated (and all interfacing callers) to allow the following data substitutions:

      MerchantCcOffSite:

      • card_number => card_last4

      MerchantAchOffSite:

      • account_number => account_last4
      • routing_number => (void)

      Thus, two new methods should be added, one each to MerchantCc and MerchantAch (yes, MerchantCc and MerchantAch – not offsite) respectively:

      • buildStoreCc(void)
      • buildStoreAch(void)

      -------

      Additionally, Merchant Gateways should be able to set a 'gateway_error' form field, that, when POST is displayed to the client. This allows the gateway that is bypassing Blesta to still provide error feedback as if it passed through Blesta.

        Issue Links

          Activity

          cody Cody Phillips (Inactive) created issue -
          cody Cody Phillips (Inactive) made changes -
          Field Original Value New Value
          Description Merchant Gateways should have the ability to inject HTML content into the add/edit payment account forms presented throughout the system (similar to how Nonmerchant Gateways currently work).

          This will allow Merchant Gateways the ability to bypass Blesta as the API requester, passing that responsibility onto the browser client (and subsequently bypassing all PCI-compliance requirements).

          MerchantCcOffSite and MerchantAchOffSite interfaces will need to be updated (and all interfacing callers) to allow the following data substitutions:

          MerchantCcOffSite:
          - card_number => card_last4

          MerchantAchOffSite:
          - account_number => account_last4
          - routing_number => (void)


          Thus, two new methods should be added, one each to MerchantCc and MerchantAch (yes, MerchantCc and MerchantAch -- not offsite) respectively:

          - buildStoreCc(void)
          - buildStoreAch(void)
          Merchant Gateways should have the ability to inject HTML content into the add/edit payment account forms presented throughout the system (similar to how Nonmerchant Gateways currently work).

          This will allow Merchant Gateways the ability to bypass Blesta as the API requester, passing that responsibility onto the browser client (and subsequently bypassing all PCI-compliance requirements).

          MerchantCcOffSite and MerchantAchOffSite interfaces will need to be updated (and all interfacing callers) to allow the following data substitutions:

          MerchantCcOffSite:
          - card_number => card_last4

          MerchantAchOffSite:
          - account_number => account_last4
          - routing_number => (void)


          Thus, two new methods should be added, one each to MerchantCc and MerchantAch (yes, MerchantCc and MerchantAch -- not offsite) respectively:

          - buildStoreCc(void)
          - buildStoreAch(void)

          -------

          Additionally, Merchant Gateways should be able to set a 'gateway_error' form field, that, when POST is displayed to the client. This allows the gateway that is bypassing Blesta to still provide error feedback as if it passed through Blesta.
          cody Cody Phillips (Inactive) made changes -
          Comment [ Additionally, Merchant Gateways should be able to set a 'gateway_error' form field, that, when POST is displayed to the client. This allows the gateway that is bypassing Blesta to still provide error feedback as if it passed through Blesta. ]
          admin Paul Phillips made changes -
          Fix Version/s 3.3.0-b2 [ 10507 ]
          Fix Version/s 3.3.0-b1 [ 10100 ]
          admin Paul Phillips made changes -
          Fix Version/s 3.3.0 [ 10508 ]
          Fix Version/s 3.3.0-b2 [ 10507 ]
          admin Paul Phillips made changes -
          Fix Version/s 3.4.0 [ 10400 ]
          Fix Version/s 3.3.0 [ 10508 ]
          admin Paul Phillips made changes -
          Fix Version/s 3.5.0 [ 10401 ]
          Fix Version/s 3.4.0 [ 10400 ]
          cody Cody Phillips (Inactive) made changes -
          Fix Version/s 3.5.0 [ 10401 ]
          admin Paul Phillips made changes -
          Rank Ranked higher
          admin Paul Phillips made changes -
          Assignee Cody Phillips [ cody ]
          admin Paul Phillips made changes -
          Fix Version/s Short Term [ 10800 ]
          admin Paul Phillips made changes -
          Rank Ranked higher
          tyson Tyson Phillips (Inactive) made changes -
          Rank Ranked higher
          tyson Tyson Phillips (Inactive) made changes -
          Link This issue relates to CORE-2940 [ CORE-2940 ]
          tyson Tyson Phillips (Inactive) made changes -
          Epic Link CORE-3038 [ 14196 ]
          tyson Tyson Phillips (Inactive) made changes -
          Rank Ranked higher

            People

            • Assignee:
              Unassigned
              Reporter:
              cody Cody Phillips (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: