Add some ramblings

maiksprenger · maiksprenger · commit f08e7d8ddc6a · 2015-10-07T12:54:22.000+02:00
This PR improved upon the tests, but there's always work left to do.
This commits adds a few of my ramblings about how we could improve
further.
diff --git a/adyen/scaffold.py b/adyen/scaffold.py
@@ -10,6 +10,9 @@ class Scaffold:
     # These are the constants that all scaffolds are expected to return
     # to a multi-psp application. They might look like those actually returned
     # by the psp itself, but that would be a pure coincidence.
+    # At some point we could discuss merging cancelled & refused & error and just
+    # ensuring good error messages are returned. I doubt the distinction is
+    # important to most checkout procedures.
     PAYMENT_STATUS_ACCEPTED = 'ACCEPTED'
     PAYMENT_STATUS_CANCELLED = 'CANCELLED'
     PAYMENT_STATUS_REFUSED = 'REFUSED'
diff --git a/tests/test_redirects.py b/tests/test_redirects.py
@@ -23,7 +23,11 @@
 
 class TestAdyenPaymentRedirects(TestCase):
     """
-    Test case that tests Adyen payment redirects (user redirected from Adyen to us)
+    Test case that tests Adyen payment redirects (user redirected from Adyen to us).
+
+    Note that notifications and redirects are pretty similar and share a lot of
+    common code. So those tests will actually test a lot of code for notifications
+    as well. In an ideal world, we'd split things up to check the shared code individually.
     """
 
     def test_handle_authorised_payment(self):
@@ -129,6 +133,15 @@ def test_handle_refused_payment(self):
         assert AdyenTransaction.objects.filter(status='REFUSED').count() == 1
 
     def test_signing_is_enforced(self):
+        """
+        Test that the supplied signature (in field merchantSig) is checked and
+        notifications are ignored when the signature doesn't match.
+
+        In an ideal world, our other tests would ignore the signature checking
+        because it's annoying to have to alter the sig when altering the fake
+        data. Maik gets valid signatures by adding a print(expected_hash) to
+        PaymentRedirection.validate.
+        """
         fake_signature = copy(AUTHORISED_PAYMENT_PARAMS_GET)
         fake_signature['merchantSig'] = '14M4N3V1LH4X0RZ'
         signature_none = copy(AUTHORISED_PAYMENT_PARAMS_GET)
