You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org
This is the homepage for fundraising-tech documentation. If you can't find what you are looking from from here then take a look at our documentation plan and add the appropriate header & links.
Note that much of the content on this page should be moved to linked pages.
- If you want to understand what fr-tech does, who we are and how to contact us head over to https://www.mediawiki.org/wiki/Fundraising_tech
- There is some information on this page - Fundraising Software Development. - that needs to be migrated onto this main page
legacy DonationForm - reusable frontend
B Internal endpoints
WMF fundraising uses CiviCRM to track donor data.
CiviCRM requires a 'host CMS' and to that end we use Drupal7. Drupal 7 is EOL in November 2022 and next year we plan to upgrade to Drupal 9 - or maybe even 10. Our goal, however, is that we do not use any CMS-specific code going forwards. While we currently expect to stick with Drupal in we should be equally able to move to Wordpress. To this end we are in the process of migrating our drupal modules to CiviCRM extensions.
Drush is a really useful drupal command line utility. There is a lot of documentation about drush on the internet but a few things to know with regards to WMF.
- On production, staging and in our docker dev set up we have an alias 'wmff' which tells drush details about where the code is and to use user 1.
- Common usage:
|`drush @wmff updb`||local dev and prod||Run any database updates that need to be run|
|`drush @wmff up --security-only`||local dev||Download and install any security updates (these are then checked into git to deploy)|
|`drush @wmff cvapi Contact.get version=4 checkPermissions=0`||local dev and prod||Run a civicrm api - the Contact.get action is probably not in itself useful but it does show how a api version 4 call would look|
Our CiviCRM customisations
Custom fields in CiviCRM can be created through the user interface. In order to allow flexibility to our users the arrangement we have with our super-users (Nora, Rosie) is that they can create custom fields through the UI but they should create a phab task so that fr-tech can follow up ( add field to advance search and so on ).
The follow up by frtech is in 2 parts - ensuring the fields are present in our dev environments and creating triggers.
Ensuring the fields are present in our dev environments
Keeping our dev environment fields in sync is a best-efforts endeavor rather than something we keep 100% in sync, but it does make it easier for us to develop locally. All tracked/synced fields are declared in the CustomGroups.php file in the Managed directory in the `wmf_civicrm` extension. This file follows the conventions of the CiviCRM managed entities functionality and the fields declared in the file are added to our developer builds on install.
However, because the file is not a direct match to the Custom fields on prod, we have not registered this file with the civicrm_managed hook, and instead we have a custom wmf command which adds any declared fields in the CustomGroups.php, that are missing for the dev site. (the command is currently a drupal command and needs to be migrated to our CiviCRM WMF custom code)
drush @wmff ucf
This command adds CustomGroups and CustomFields to dev sites if missing, but does not update them. It only creates option values if the field did not previously exist or it is being run in a development environment - ie we want to add but not update on live.
- API v4 explorer - once the criteria are selected & execute has been hit the field data is listed in a json format and there is even an option next to it to switch to a php format. Fields that do not differ from the defaults (including is_active) should be removed from the resulting array, along with the id field. The explorer can be used in a similar way to get the CustomFields in the group and any option values (using the option_group_id from the custom field definition). Do not include option_group_id or custom_group_id in the checked in array
- In CivICRM all field types can be extended with custom groups - however, CiviCRM must know that they can be extended. CiviCRM has a hard coded mapping of the common entities (Contribution, Contact etc) but also maintains an option group ` cg_extends` with other entities. When extending an entity type that is not extendable by default we need to ensure the option value exists.
CRM_Core_BAO_OptionValue::ensureOptionValueExists([ 'option_group_id' => 'cg_extend_objects', 'name' => 'civicrm_relationship', 'label' => ts('Relationship'), 'value' => 'Relationship', ]);
- In some cases the functionality of the custom fields are owned by extensions rather than WMF user driven. In these cases the fields are declared in the relevant extension (e.g the Omnimail extension installs 2 custom groups and the relationship block extension installs one). These are written into the Upgrade classes in the relevant extensions and extension upgrades are run using the following command.
drush @wmff cvapi Extension.upgrade
Update triggers on production
We use mysql triggers to log civicrm database updates to the log tables. These triggers are managed by CiviCRM. However, our production user does not have enough mysql permissions to create the triggers within mysql. To get around this we use a CiviCRM setting on production to log the sql to update the triggers to a file rather than live update them. We then check this file into our crm repo (sites/all/modules/wmf_civicrm/scripts/triggers.mysql currently) and fr-Ops run the file on live.
On development environments triggers are automatically updated in the database - which is generally easier - but to make your local output the triggers as live does the logging_no_trigger_permission setting can be enabled
drush @wmff cvapi Setting.create logging_no_trigger_permission=1
Trigger generation needs to be done on production as the fields differ slightly on staging / dev environments. There are a few methods but turning logging off & back on generally generates consistent output. ie
drush @wmff cvapi Setting.create logging=0 drush @wmff cvapi Setting.create logging=1
This will generate a file named something like CiviCRM.trigger62451ae5ab5a5mYm67702126718965e4a41105a08d6202e60.sql that will be in drupal/sites/default/files/civicrm/ConfigAndLog/ - copy this back to your home drive and scp it back to your local machine as sites/all/modules/wmf_civicrm/scripts/triggers.mysql. Changes to this files are committed, reviewed and deployed but they will not be 'live' until fr-tech-ops loads them so once deployed they need to be engages to run the latest triggers.mysql file
Automated emails from CiviCRM
We send out the following automated emails
- Recurring failure notifications - these are send when a monthly recurring email is failing and encourages people to set up a new one. It is not sent if they have an active recurring email.
- Thank you letters - these are send by an automated job for every donation in CiviCRM, unless the 'no_thankyou' field is populated or it is a recurring donations
- End of year emails - these are sent at the start of the year to cover all the recurring contributions in the previous year. These can also be sent ad hoc to individual donors (in which case they include all donations, not just the recurring ones)
D Service Providers
E Cluster layout, deployment, codebases
F Data and flow
We have the ability to use several payment processors for online donations. Currently, we route most credit card donations to Ingenico (now called WorldLine).
- Ingenico has the ability to handle payments from multiple international systems including: credit card, direct debit, real time bank transfer, eWallets and more. We're currently only using them for cards.
- We get notified about payments via PayPal's IPN service (documentation: https://cms.paypal.com/cms_content/US/en_US/files/developer/IPNGuide.pdf) The receiving endpoint is our IPN listener
- Note: In general, note that the PayPal documentation tends to be incorrect, out of date, etc.
- A widget on our page, integrated using Login and Pay with Amazon.
- https://www.adyen.com/, documentation
- Backup credit card processor in most countries, primary in a few. As of December 2021 Adyen is the only gateway we use to process iDEAL and Apple Pay transactions.
- A payment processor specializing in the local payment methods of South America and India
See also, "Ways to Give" for our recommended donation methods according to country.
Payment processor capabilities:
|Bank transfer||Yes||Yes||No||Yes||Yes||IBAN, Swift|
|Donor needs account||No||Yes||Yes||No||No|
|Refund by API||n/i||n/i||n/i||n/i||n/i|
|Fully automated auditing||Yes||Yes||Yes||Yes||Yes|
|n/i||Not yet implemented|
|No||Unsupported by processor|
Notification failure policies:
When we don't respond to an IPN message from a payment processor with a successful HTTP code, they usually resend it.
Adyen: back-off algorithm from 5 minutes to 8 hrs, then every 8 hrs for a week
Amazon: every hour for 14 days
- See GlobalCollectAdapter::getCurrencies
- DE, IT, NL (todo: AT, BE, CH, ES, FR, GB)
- See GlobalCollectAdapter::getAvailableLanguages. Our code must find a fallback language if the donor's native tongue is unsupported.
- See PaypalAdapter::stage_locale. For unknown reasons, we have to specify language *by country*.
Email integration - Acoustic
Acoustic is the service we use to send out bulk emails. They are able to handle high volumes of emails and are responsible for managing server reputation to improve deliverability. Acoustic also provide tools for A-B testing to see which emails perform better. In order to be able to use our donor information from Acoustic we have a nightly upload job. We also re-import information from acoustic - for details go to Fundraising/Data and Integrated Processes/Acoustic Integration
Note that prior brandings of the Acoustic platform may still linger - ie Silverpop, WCM, Watson Campaign Manager, or sometimes just 'IBM'
This describes the WMF fundraising systems configuration. See the MediaWiki.org page on payments message queues for a discussion of how message queues are used to buffer and decouple fundraising infrastructure, and to read about the format and content of normalized messages.
WMF fundraising uses the PHP-Queue library to abstract queue access. In production we use Redis lists as queue storage This redis server is outside of PCI scope, and communicates with CiviCRM.
Various queue wrangling techniques are available.
All queues feeding into services outside the fr-cluster live on a single Redis instance. This is a SPOF.
We should clean up any unused queues, and overly narrowly defined ones.
When a potential donor visits the Wikimedia donation page, a tracking record is created in the drupal.contribution_tracking table. This record includes the user's language, referrer, donation comment, opt-out status, a timestamp, and various other data. The tracking is handled on the MediaWiki side by the DonationInterface extension, which retrieves a contribution_tracking_id from a sequence generator in Redis. If the user makes a successful donation, a contribution record is passed to CiviCRM via the donations queue. The queue2civicrm module then inserts the contribution record into the CiviCRM database and updates the contribution_tracking record with the id given to the contribution by CiviCRM.
Banner Impression/Landing Page Stats Collection
Banner impressions and landing page stats are collected from the production proxies. Fundraising_Analytics/Impression_Stats. The wmf:Thank_you page includes wmf:Template:Hide_banners which loads Special:HideBanners from multiple domains via image src. HideBanners sets cookies for donors which tell CentralNotice's bannerController.js not to pester them for a year or so.
This is a tracking variable which is supposed to collect information about the transaction. Currently, it is a period-separated concatenation of three components. One interpretation of the components is, 1) banner name, 2) landing page name, and 3) payment method. We are currently in the process of standardizing (see FR #965 and FR #673).
In theory, each component may be a tilde-concatenation of a sequence of landing pages, for example. That code is badly dysfunctional.
Donor was referred by this type of site: sitenotice, spontaneous, sidebar, socialmedia.
Seems unuseful at this broad granularity.
The parent campaign for the banner where this donation was initiated.
The following Mediawiki extensions related to fundraising are installed on the payments wiki:
Renders donation forms and handles donor interaction, redirecting donors to payment processors when necessary and then either presenting an error or redirecting to a thank you page.
Extension documentation on mediawiki.org
There are a series of extra filters, that perform analysis on credit card transactions to determine the likelihood that a transaction is fraudulent. Each of the filters helps determine the 'risk score' for a transaction. Actions to take based on certain risk scores can be configured per gateway (reject, review, challenge, accept). The filters currently available include:
- MaxMind/MinFraud - a third party solution that helps analyze the transaction. They return their own 'risk score' for a transaction which heavily influences our own internal scoring.
- Referrer - Regular expressions can be configured to be run on a transaction's 'referrer', and each regex can be configured to apply a different score in the event that the referrer is a match.
- utm_source - Same as referrer, but for the utm_source bit in the tracking fields.
Allows a donor to unsubscribe from fundraising-related emails.
Extension documentation on mediawiki.org
High-level Overview of Donation Pipeline
Click the images for further explanation.
There are some miscellaneous scripts to help with things like Paypal Verification, queue handling, etc. Details of which can be found on Fundraising.wikimedia.org.
See Fundraising/Translation for more info
- Donatewiki translations go out regularly on the l10n cache
- TYs need to be manually deployed - make a task for this and put it in pending review in the current sprint
- Subject line needs to be manually deployed - make a task for this and put it in pending review in the current sprint
- Payments needs to be manually deployed - make a task for this and put it in pending review in the current sprint
We export some extremely aggregated datasets at https://frdata.wikimedia.org/, generated every half hour by the public_data_export process-control job running the fundraiser_public_data_export and fundraiser_public_data_mover child jobs.
fundraiser_public_data_export runs the FundraiserStatisticsGen/fundstatgen.py script from the tools repo, then fundraiser_public_data_mover just rsyncs the data to the frdata server.
G How we work (Team Processes)
Fundraising Engineering Documentation has with system information and emergency response protocols. Or more specifically Shutting the pipeline down details how/when to disable banner campaigns or other fundraising/payment services.
Fundraising On-Call documentation
Fundraising Engineering On-call documentation is a quick-reference page for on-call duty.
Feature / Bug Trackers
There's loads of information about how fr-tech triages bugs here: https://wikitech.wikimedia.org/wiki/Fundraising/Bug_Triaging Not sure what to do next? See Fundraising Tech's Phabricator Workboard
Payment Card Industry rules we have to follow to keep accepting credit cards.
H Development Tools
Local setup for cluster SSH access
- Fundraising/Annual PCI form
- Fundraising/Bug Triaging
- Fundraising/CiviCRM Reporting
- Fundraising/Cluster/Civicrm staging server
- Fundraising/Cluster/Payments staging server
- Fundraising/Data and Integrated Processes/Acoustic Integration
- Fundraising/Data and flow/Audits
- Fundraising/Data and flow/Database cheatsheet
- Fundraising/Data and flow/Failmail zoo
- Fundraising/Data and flow/Monthly convert
- Fundraising/Data and flow/PSP integrations/Adyen Checkout
- Fundraising/Data and flow/PSP integrations/Amazon
- Fundraising/Data and flow/PSP integrations/Braintree
- Fundraising/Data and flow/PSP integrations/Ingenico
- Fundraising/Data and flow/PSP integrations/dLocal
- Fundraising/Data and flow/Queues
- Fundraising/Data and flow/Queues/Testing
- Fundraising/Data and flow/Recurring
- Fundraising/Data and flow/Stats pipeline
- Fundraising/Development tools/Docker
- Fundraising/Development tools/Fundraising-dev
- Fundraising/Development tools/Testing
- Fundraising/External-facing/E-mail preference center
- Fundraising/Internal Endpoints/CiviCRM extensions
- Fundraising/Internal Endpoints/Drupal modules
- Fundraising/Internal Endpoints/End of year emails
- Fundraising/Normalized donation messages
- Fundraising/Queue wrangling
- Fundraising/RFC/Abstract CRM import
- Fundraising/RFC/Direct Mail Appeal campaign management
- Fundraising/Syslog Settings
- Fundraising/Team processes
- Fundraising/Team processes/DRI
- Fundraising/Team processes/DRI/Rotation
- Fundraising/Team processes/Definition of Done
- Fundraising/Team processes/New integration manual
- Fundraising/Team processes/Onboarding
- Fundraising/Team processes/Tech talks
- Fundraising/Team processes/Training
- Fundraising/tech/Apache httpd
- Fundraising/tech/Currency conversion sample
- Fundraising/tech/Installing Drupal and CiviCRM
- Fundraising/tech/crm/Add a New Gateway
- Fundraising/tech/crm/Running tests
- Fundraising/tech/crm/Upgrade CiviCRM
- Fundraising/tech/crm/Upgrade Drupal
- Fundraising/tech/ssh config