Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-1085

Allow Merchant Gateways to bypass Blesta when creating/editing payment accounts

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.2.0-b1
    • Fix Version/s: Short Term
    • Component/s: Gateways
    • Labels:
      None

      Description

      Merchant Gateways should have the ability to inject HTML content into the add/edit payment account forms presented throughout the system (similar to how Nonmerchant Gateways currently work).

      This will allow Merchant Gateways the ability to bypass Blesta as the API requester, passing that responsibility onto the browser client (and subsequently bypassing all PCI-compliance requirements).

      MerchantCcOffSite and MerchantAchOffSite interfaces will need to be updated (and all interfacing callers) to allow the following data substitutions:

      MerchantCcOffSite:

      • card_number => card_last4

      MerchantAchOffSite:

      • account_number => account_last4
      • routing_number => (void)

      Thus, two new methods should be added, one each to MerchantCc and MerchantAch (yes, MerchantCc and MerchantAch – not offsite) respectively:

      • buildStoreCc(void)
      • buildStoreAch(void)

      -------

      Additionally, Merchant Gateways should be able to set a 'gateway_error' form field, that, when POST is displayed to the client. This allows the gateway that is bypassing Blesta to still provide error feedback as if it passed through Blesta.

        Issue Links

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              cody Cody Phillips (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: