Add some ramblings

This PR improved upon the tests, but there's always work left to do. This commits adds a few of my ramblings about how we could improve further.
django-oscar · Oct 7, 2015 · f08e7d8 · f08e7d8
1 parent 816a155
commit f08e7d8
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 1 deletion.
diff --git a/adyen/scaffold.py b/adyen/scaffold.py
@@ -10,6 +10,9 @@ class Scaffold:
     # These are the constants that all scaffolds are expected to return
     # to a multi-psp application. They might look like those actually returned
     # by the psp itself, but that would be a pure coincidence.
+    # At some point we could discuss merging cancelled & refused & error and just
+    # ensuring good error messages are returned. I doubt the distinction is
+    # important to most checkout procedures.
     PAYMENT_STATUS_ACCEPTED = 'ACCEPTED'
     PAYMENT_STATUS_CANCELLED = 'CANCELLED'
     PAYMENT_STATUS_REFUSED = 'REFUSED'

diff --git a/tests/test_redirects.py b/tests/test_redirects.py
@@ -23,7 +23,11 @@
 
 class TestAdyenPaymentRedirects(TestCase):
     """
-    Test case that tests Adyen payment redirects (user redirected from Adyen to us)
+    Test case that tests Adyen payment redirects (user redirected from Adyen to us).
+
+    Note that notifications and redirects are pretty similar and share a lot of
+    common code. So those tests will actually test a lot of code for notifications
+    as well. In an ideal world, we'd split things up to check the shared code individually.
     """
 
     def test_handle_authorised_payment(self):
@@ -129,6 +133,15 @@ def test_handle_refused_payment(self):
         assert AdyenTransaction.objects.filter(status='REFUSED').count() == 1
 
     def test_signing_is_enforced(self):
+        """
+        Test that the supplied signature (in field merchantSig) is checked and
+        notifications are ignored when the signature doesn't match.
+
+        In an ideal world, our other tests would ignore the signature checking
+        because it's annoying to have to alter the sig when altering the fake
+        data. Maik gets valid signatures by adding a print(expected_hash) to
+        PaymentRedirection.validate.
+        """
         fake_signature = copy(AUTHORISED_PAYMENT_PARAMS_GET)
         fake_signature['merchantSig'] = '14M4N3V1LH4X0RZ'
         signature_none = copy(AUTHORISED_PAYMENT_PARAMS_GET)