You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Fundraising: Difference between revisions

From Wikitech-static
Jump to navigation Jump to search
imported>Greg Grossmeier
(c/e)
imported>Eileen
Line 319: Line 319:


=== Performance tracking ===
=== Performance tracking ===
==== Redis ====
In addition to using graphana the command to monitor Redis cache misses is below - but note you can avoid putting the password on the command line by using `auth` once 'in' redis. You then type `monitor` as a separate command  
In addition to using graphana the command to monitor Redis cache misses is below - but note you can avoid putting the password on the command line by using `auth` once 'in' redis. You then type `monitor` as a separate command  
   
   
Line 326: Line 328:


</syntaxhighlight>The password is in civicrm.settings.php as CIVICRM_DB_CACHE_PASSWORD
</syntaxhighlight>The password is in civicrm.settings.php as CIVICRM_DB_CACHE_PASSWORD
==== Queries & timing ====
You can run the following drush command on dev or staging to import (60) contributions and get timings.<syntaxhighlight lang="bash">
drush @wmff qperf-d 60 "your comment"
</syntaxhighlight>If you wish to see what queries run you can add this line to your civicrm.settings.php file - the 'n' is just part of the file name, in case you want to do separate runs<syntaxhighlight lang="php">
define('CIVICRM_DEBUG_LOG_QUERY', 'n');
</syntaxhighlight>The output will be in drupal/sites/default/files/civicrm/ConfigAndLog/ - eg. the bottom file below (with the 'n') - see https://docs.civicrm.org/dev/en/latest/tools/debugging/<syntaxhighlight lang="bash">
docker@civicrm:/srv/civi-sites/wmff$ ls -altr drupal/sites/default/files/civicrm/ConfigAndLog/
total 27816
-rw-r--r-- 1 1000 1000      202 Dec 22  2021 .htaccess
drwxr-xr-x 8 1000 1000    4096 Mar  8 02:51 ..
-rw-r--r-- 1 1000 1000  215636 Jun 30 03:50 CiviCRM.b4f78a4e4ce41be7806fadbb.log.202207050615
-rw-r--r-- 1 1000 1000      623 Jul  9 00:41 CiviCRM.b4f78a4e4ce41be7806fadbb.log.202208030206
-rw-r--r-- 1 1000 1000    31549 Aug 23 23:11 CiviCRM.b4f78a4e4ce41be7806fadbb.log
drwxr-xr-x 2 1000 1000    4096 Aug 25 06:14 .
-rw-r--r-- 1 1000 1000 28205254 Aug 25 06:14 CiviCRM.sql_logn.b4f78a4e4ce41be7806fadbb.log
</syntaxhighlight>The extension org.wikimedia.systemtools provides a script / api to help analyse this file - you may need to installl it - in the UI it is called  "Home for WMF helpers".
Once enabled you can run the following <syntaxhighlight lang="bash">
echo '{"fileName":"/srv/civi-sites/wmff/drupal/sites/default/files/civicrm/ConfigAndLog/CiviCRM.sql_logn.b4f78a4e4ce41be7806fadbb.log", "version":4}' | drush @wmff cvapi Querylog.parse --in=json
</syntaxhighlight>It will output a csv with a cleaned up version of the queries to the directory you are in - the output will give the filename (spoiler - it's gonna be query_log_parsed.csv)
At this point I generally figure out where a single row starts & ends in the file & pick one from the middle of the file & discard the rest....


=== Mediawiki extensions===
=== Mediawiki extensions===

Revision as of 06:43, 25 August 2022

WMF Donation Pipeline overview

This is the homepage for fundraising-tech documentation. If you can't find what you are looking from from here then take a look at our documentation plan and add the appropriate header & links.

Note that much of the content on this page should be moved to linked pages.

A External-facing

Payments

legacy DonationForm - reusable frontend

Email Preference Center

B Internal endpoints

CiviCRM (Drupal)

WMF fundraising uses CiviCRM to track donor data.

CiviCRM requires a 'host CMS' and to that end we use Drupal7. Drupal 7 is EOL in November 2022 and next year we plan to upgrade to Drupal 9 - or maybe even 10. Our goal, however, is that we do not use any CMS-specific code going forwards. While we currently expect to stick with Drupal in we should be equally able to move to Wordpress. To this end we are in the process of migrating our drupal modules to CiviCRM extensions.

drush

Drush is a really useful drupal command line utility. There is a lot of documentation about drush on the internet but a few things to know with regards to WMF.

  • On production, staging and in our docker dev set up we have an alias 'wmff' which tells drush details about where the code is and to use user 1.
  • Common usage:
Command Where What
`drush @wmff updb` local dev and prod Run any database updates that need to be run
`drush @wmff up --security-only` local dev Download and install any security updates (these are then checked into git to deploy)
`drush @wmff cvapi Contact.get version=4 checkPermissions=0` local dev and prod Run a civicrm api - the Contact.get action is probably not in itself useful but it does show how a api version 4 call would look

Our CiviCRM customisations

We have customised CiviCRM using both CiviCRM Extensions and drupal modules

Custom fields

Custom fields in CiviCRM can be created through the user interface. In order to allow flexibility to our users the arrangement we have with our super-users (Nora, Rosie) is that they can create custom fields through the UI but they should create a phab task so that fr-tech can follow up ( add field to advance search and so on ).

The follow up by frtech is in 2 parts - ensuring the fields are present in our dev environments and creating triggers.

Ensuring the fields are present in our dev environments

Keeping our dev environment fields in sync is a best-efforts endeavor rather than something we keep 100% in sync, but it does make it easier for us to develop locally. All tracked/synced fields are declared in the CustomGroups.php file in the Managed directory in the `wmf_civicrm` extension. This file follows the conventions of the CiviCRM managed entities functionality and the fields declared in the file are added to our developer builds on install.

However, because the file is not a direct match to the Custom fields on prod, we have not registered this file with the civicrm_managed hook, and instead we have a custom wmf command which adds any declared fields in the CustomGroups.php, that are missing for the dev site.

As of May 2022 this command is about to be changed via https://gerrit.wikimedia.org/r/c/wikimedia/fundraising/crm/+/801443 The new command will be

drush @wmff cvapi WMFConfig.syncCustomFields version=4

The old command was

drush @wmff ucf

This command adds CustomGroups and CustomFields to dev sites if missing, but does not update them. It only creates option values if the field did not previously exist or it is being run in a development environment - ie we want to add but not update on live.

Note that

  • When declaring the fields in the CustomGroups array an easy way to get the data from live is to use the API v4 explorer - once the criteria are selected & execute has been hit the field data is listed in a json format and there is even an option next to it to switch to a php format. Fields that do not differ from the defaults (including is_active) should be removed from the resulting array, along with the id field. The explorer can be used in a similar way to get the CustomFields in the group and any option values (using the option_group_id from the custom field definition). Do not include option_group_id or custom_group_id in the checked in array
  • In CivICRM all field types can be extended with custom groups - however, CiviCRM must know that they can be extended. CiviCRM has a hard coded mapping of the common entities (Contribution, Contact etc) but also maintains an option group ` cg_extends` with other entities. When extending an entity type that is not extendable by default we need to ensure the option value exists.
    CRM_Core_BAO_OptionValue::ensureOptionValueExists([
      'option_group_id' => 'cg_extend_objects',
      'name' => 'civicrm_relationship',
      'label' => ts('Relationship'),
      'value' => 'Relationship',
    ]);
    
  • In some cases the functionality of the custom fields are owned by extensions rather than WMF user driven. In these cases the fields are declared in the relevant extension (e.g the Omnimail extension installs 2 custom groups and the relationship block extension installs one). These are written into the Upgrade classes in the relevant extensions and extension upgrades are run using the following command.
drush @wmff cvapi Extension.upgrade
Update triggers on production

We use mysql triggers to log civicrm database updates to the log tables. These triggers are managed by CiviCRM. However, our production user does not have enough mysql permissions to create the triggers within mysql. To get around this we use a CiviCRM setting on production to log the sql to update the triggers to a file rather than live update them. We then check this file into our crm repo (sites/all/modules/wmf_civicrm/scripts/triggers.mysql currently) and fr-Ops run the file on live.

On development environments triggers are automatically updated in the database - which is generally easier - but to make your local output the triggers as live does the logging_no_trigger_permission setting can be enabled

drush @wmff cvapi Setting.create logging_no_trigger_permission=1

Trigger generation needs to be done on production as the fields differ slightly on staging / dev environments. There are a few methods but turning logging off & back on generally generates consistent output. ie

 drush @wmff cvapi Setting.create logging=0
 drush @wmff cvapi Setting.create logging=1

This will generate a file named something like CiviCRM.trigger62451ae5ab5a5mYm67702126718965e4a41105a08d6202e60.sql that will be in drupal/sites/default/files/civicrm/ConfigAndLog/ - copy this back to your home drive and scp it back to your local machine as sites/all/modules/wmf_civicrm/scripts/triggers.mysql. Changes to this files are committed, reviewed and deployed but they will not be 'live' until fr-tech-ops loads them so once deployed they need to be engages to run the latest triggers.mysql file

Automated emails from CiviCRM

We send out the following automated emails

  • Recurring failure notifications - these are send when a monthly recurring email is failing and encourages people to set up a new one. It is not sent if they have an active recurring email.
  • Thank you letters - these are send by an automated job for every donation in CiviCRM, unless the 'no_thankyou' field is populated or it is a recurring donations
  • End of year emails - these are sent at the start of the year to cover all the recurring contributions in the previous year. These can also be sent ad hoc to individual donors (in which case they include all donations, not just the recurring ones)

C Libraries

SmashPig

D Service Providers

E Cluster layout, deployment, codebases

Deployment

Staging server

Civicrm Staging Server

Payments Staging Server

F Data and flow

Payment processors

We have the ability to use several payment processors for online donations. Currently, we route most credit card donations to Ingenico (now called WorldLine).

Ingenico

  • http://www.ingenico.com/
  • Ingenico has the ability to handle payments from multiple international systems including: credit card, direct debit, real time bank transfer, eWallets and more. We're currently only using them for cards.

PayPal

Braintree

Amazon

  • A widget on our page, integrated using Login and Pay with Amazon.

Adyen

  • https://www.adyen.com/, documentation
  • Backup credit card processor in most countries, primary in a few. As of December 2021 Adyen is the only gateway we use to process iDEAL and Apple Pay transactions.

dLocal

  • https://dlocal.com/
  • A payment processor specializing in the local payment methods of South America and India

See also, "Ways to Give" for our recommended donation methods according to country.

Payment processor capabilities:

Ingenico PayPal Amazon Adyen D*Local Braintree Banks Checks
Credit card Yes Yes Yes Yes Yes Yes
Bank transfer Yes Yes No Yes Yes IBAN, Swift
Countries list USA[1] Latam+IN
Currencies [2] list USD All[3] USD (different accounts for other curriencies)
Direct debit [4] No No Yes
Recurring Yes Yes Yes Yes n/i Yes
Mobile optimized No n/i[5] n/i[6] n/i
Languages [7] [8] ? ?
Donor needs account No Yes Yes No No Yes
Refund by API n/i n/i n/i n/i n/i
Fully automated auditing Yes Yes Yes Yes Yes Yes

Legend:

Yes Implemented
n/i Not yet implemented
No Unsupported by processor

Notification failure policies:

When we don't respond to an IPN message from a payment processor with a successful HTTP code, they usually resend it.

Adyen: back-off algorithm from 5 minutes to 8 hrs, then every 8 hrs for a week

Amazon: every hour for 14 days

Email integration - Acoustic

Acoustic is the service we use to send out bulk emails. They are able to handle high volumes of emails and are responsible for managing server reputation to improve deliverability. Acoustic also provide tools for A-B testing to see which emails perform better. In order to be able to use our donor information from Acoustic we have a nightly upload job. We also re-import information from acoustic - for details go to Fundraising/Data and Integrated Processes/Acoustic Integration

Note that prior brandings of the Acoustic platform may still linger - ie Silverpop, WCM, Watson Campaign Manager, or sometimes just 'IBM'

Message queues

This describes the WMF fundraising systems configuration. See the MediaWiki.org page on payments message queues for a discussion of how message queues are used to buffer and decouple fundraising infrastructure, and to read about the format and content of normalized messages.

WMF fundraising uses the PHP-Queue library to abstract queue access. In production we use Redis lists as queue storage This redis server is outside of PCI scope, and communicates with CiviCRM.

Various queue wrangling techniques are available.

Redis

All queues feeding into services outside the fr-cluster live on a single Redis instance. This is a SPOF.

TODO

We should clean up any unused queues, and overly narrowly defined ones.

Contribution tracking

When a potential donor visits the Wikimedia donation page, a tracking record is created in the drupal.contribution_tracking table. This record includes the user's language, referrer, donation comment, opt-out status, a timestamp, and various other data. The tracking is handled on the MediaWiki side by the DonationInterface extension, which retrieves a contribution_tracking_id from a sequence generator in Redis. If the user makes a successful donation, a contribution record is passed to CiviCRM via the donations queue. The queue2civicrm module then inserts the contribution record into the CiviCRM database and updates the contribution_tracking record with the id given to the contribution by CiviCRM.

Stats

Banner impressions and landing page stats are collected from the production proxies. Fundraising_Analytics/Impression_Stats. The wmf:Thank_you page includes wmf:Template:Hide_banners which loads Special:HideBanners from multiple domains via image src. HideBanners sets cookies for donors which tell CentralNotice's bannerController.js not to pester them for a year or so.

utm_source

This is a tracking variable which is supposed to collect information about the transaction. Currently, it is a period-separated concatenation of three components. One interpretation of the components is, 1) banner name, 2) landing page name, and 3) payment method. We are currently in the process of standardizing (see FR #965 and FR #673).

In theory, each component may be a tilde-concatenation of a sequence of landing pages, for example. That code is badly dysfunctional.

utm_medium

Donor was referred by this type of site: sitenotice, spontaneous, sidebar, socialmedia.

Seems unuseful at this broad granularity.

utm_campaign

The parent campaign for the banner where this donation was initiated.

utm_key

TODO

Performance tracking

Redis

In addition to using graphana the command to monitor Redis cache misses is below - but note you can avoid putting the password on the command line by using `auth` once 'in' redis. You then type `monitor` as a separate command

redis-cli  -a 'password' monitor

The password is in civicrm.settings.php as CIVICRM_DB_CACHE_PASSWORD

Queries & timing

You can run the following drush command on dev or staging to import (60) contributions and get timings.

drush @wmff qperf-d 60 "your comment"

If you wish to see what queries run you can add this line to your civicrm.settings.php file - the 'n' is just part of the file name, in case you want to do separate runs

define('CIVICRM_DEBUG_LOG_QUERY', 'n');

The output will be in drupal/sites/default/files/civicrm/ConfigAndLog/ - eg. the bottom file below (with the 'n') - see https://docs.civicrm.org/dev/en/latest/tools/debugging/

docker@civicrm:/srv/civi-sites/wmff$ ls -altr drupal/sites/default/files/civicrm/ConfigAndLog/
total 27816
-rw-r--r-- 1 1000 1000      202 Dec 22  2021 .htaccess
drwxr-xr-x 8 1000 1000     4096 Mar  8 02:51 ..
-rw-r--r-- 1 1000 1000   215636 Jun 30 03:50 CiviCRM.b4f78a4e4ce41be7806fadbb.log.202207050615
-rw-r--r-- 1 1000 1000      623 Jul  9 00:41 CiviCRM.b4f78a4e4ce41be7806fadbb.log.202208030206
-rw-r--r-- 1 1000 1000    31549 Aug 23 23:11 CiviCRM.b4f78a4e4ce41be7806fadbb.log
drwxr-xr-x 2 1000 1000     4096 Aug 25 06:14 .
-rw-r--r-- 1 1000 1000 28205254 Aug 25 06:14 CiviCRM.sql_logn.b4f78a4e4ce41be7806fadbb.log

The extension org.wikimedia.systemtools provides a script / api to help analyse this file - you may need to installl it - in the UI it is called "Home for WMF helpers". Once enabled you can run the following

echo '{"fileName":"/srv/civi-sites/wmff/drupal/sites/default/files/civicrm/ConfigAndLog/CiviCRM.sql_logn.b4f78a4e4ce41be7806fadbb.log", "version":4}' | drush @wmff cvapi Querylog.parse --in=json

It will output a csv with a cleaned up version of the queries to the directory you are in - the output will give the filename (spoiler - it's gonna be query_log_parsed.csv)


At this point I generally figure out where a single row starts & ends in the file & pick one from the middle of the file & discard the rest....

Mediawiki extensions

The following Mediawiki extensions related to fundraising are installed on the payments wiki:

DonationInterface

Renders donation forms and handles donor interaction, redirecting donors to payment processors when necessary and then either presenting an error or redirecting to a thank you page.

Extension documentation on mediawiki.org

Fraud filtering

There are a series of extra filters, that perform analysis on credit card transactions to determine the likelihood that a transaction is fraudulent. Each of the filters helps determine the 'risk score' for a transaction. Actions to take based on certain risk scores can be configured per gateway (reject, review, challenge, accept). The filters currently available include:

  • MaxMind/MinFraud - a third party solution that helps analyze the transaction. They return their own 'risk score' for a transaction which heavily influences our own internal scoring.
  • Referrer - Regular expressions can be configured to be run on a transaction's 'referrer', and each regex can be configured to apply a different score in the event that the referrer is a match.
  • utm_source - Same as referrer, but for the utm_source bit in the tracking fields.

FundraisingEmailUnsubscribe

Allows a donor to unsubscribe from fundraising-related emails.

Extension documentation on mediawiki.org

High-level Overview of Donation Pipeline

Click the images for further explanation.

Miscellaneous Scripts

There are some miscellaneous scripts to help with things like Paypal Verification, queue handling, etc. Details of which can be found on Fundraising.wikimedia.org.

Translations

See Fundraising/Translation for more info

  • Donatewiki translations go out regularly on the l10n cache
  • TYs need to be manually deployed - make a task for this and put it in pending review in the current sprint
  • Subject line needs to be manually deployed - make a task for this and put it in pending review in the current sprint
  • Payments needs to be manually deployed - make a task for this and put it in pending review in the current sprint


Public reporting

We export some extremely aggregated datasets at https://frdata.wikimedia.org/, generated every half hour by the public_data_export process-control job running the fundraiser_public_data_export and fundraiser_public_data_mover child jobs.

fundraiser_public_data_export runs the FundraiserStatisticsGen/fundstatgen.py script from the tools repo, then fundraiser_public_data_mover just rsyncs the data to the frdata server.

G How we work (Team Processes)

Fundraising Tech is a Scrum team. We use Phabricator to manage our backlog and we work in 2-week sprints.

Fundraising Emergencies

Fundraising Engineering Documentation has with system information and emergency response protocols. Or more specifically Shutting the pipeline down details how/when to disable banner campaigns or other fundraising/payment services.

Fundraising On-Call documentation

Fundraising Engineering On-call documentation is a quick-reference page for on-call duty.

Feature / Bug Trackers

There's loads of information about how fr-tech triages bugs at Fundraising/Bug Triaging Not sure what to do next? See Fundraising Tech's Phabricator Workboard

PCI Compliance

Payment Card Industry rules we have to follow to keep accepting credit cards.

H Development Tools

Getting Started

Local setup for cluster SSH access

Docker

Testing locally

Gerrit

Gitlab

CI

Subpages: