Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fraud quick fixes #3195

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
steven-tey merged 18 commits into from
Dec 5, 2025
Merged

Fraud quick fixes #3195

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
ac6e1ea
Update route.ts
devkiran Dec 5, 2025
c2b0a3c
Create backfill-fraud-group-events-count.ts
devkiran Dec 5, 2025
c79db4b
Update program.prisma
steven-tey Dec 5, 2025
812dc4e
remove unused action (updateAutoApprovePartnersAction)
steven-tey Dec 5, 2025
394dc34
missed a few spots
steven-tey Dec 5, 2025
8a41f14
Keep programId
devkiran Dec 5, 2025
12f970d
Add a few logs to measure performance
devkiran Dec 5, 2025
9bbf946
Sanitize the metadata
devkiran Dec 5, 2025
278c490
Implement pagination and count for fraud events; refactor related hoo…
devkiran Dec 5, 2025
dbd9c7c
add test for fraud groups
devkiran Dec 5, 2025
f6a50b1
Update fraud.ts
devkiran Dec 5, 2025
93da35e
Refactor fraud detection logic to use CreateFraudEventInput;
devkiran Dec 5, 2025
4892d0b
Update fraud-referral-source-banned-table.tsx
devkiran Dec 5, 2025
e82bb71
Address CodeRabbit feedback
devkiran Dec 5, 2025
82b7922
Enhance fraud event creation by adding deduplication logic for existi…
devkiran Dec 5, 2025
8f9fc2d
Refactor fraud risk assessment by replacing high-risk signal checks w…
devkiran Dec 5, 2025
35c4c98
Revert "Update cleanup-fraud-events.ts"
devkiran Dec 5, 2025
743f623
Update cleanup-fraud-events.ts
devkiran Dec 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 19 additions & 15 deletions apps/web/app/(ee)/api/cron/auto-approve-partner/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
import { handleAndReturnErrorResponse } from "@/lib/api/errors";
import { getPartnerHighRiskSignals } from "@/lib/api/fraud/get-partner-high-risk-signals";
import { getPartnerApplicationRisks } from "@/lib/api/fraud/get-partner-application-risks";
import { verifyQstashSignature } from "@/lib/cron/verify-qstash";
import { approvePartnerEnrollment } from "@/lib/partners/approve-partner-enrollment";
import { getPlanCapabilities } from "@/lib/plan-capabilities";
import { prisma } from "@dub/prisma";
import { log } from "@dub/utils";
import { z } from "zod";
Expand Down Expand Up @@ -50,12 +51,7 @@ export async function POST(req: Request) {
partnerGroup: true,
groupId: true,
status: true,
partner: {
select: {
id: true,
payoutMethodHash: true,
},
},
partner: true,
},
},
},
Expand Down Expand Up @@ -89,15 +85,23 @@ export async function POST(req: Request) {
);
}

const { hasHighRisk } = await getPartnerHighRiskSignals({
program,
partner: programEnrollment.partner,
});
// Check if the workspace plan has fraud event management capabilities
// If enabled, we'll evaluate risk signals before auto-approving
const { canManageFraudEvents } = getPlanCapabilities(
program.workspace.plan,
);

if (hasHighRisk) {
return logAndRespond(
`Partner ${partnerId} has high risk. Skipping auto-approval.`,
);
if (canManageFraudEvents) {
const { riskSeverity } = await getPartnerApplicationRisks({
program,
partner: programEnrollment.partner,
});

if (riskSeverity === "high") {
return logAndRespond(
`Partner ${partnerId} has high risk. Skipping auto-approval.`,
);
}
}

await approvePartnerEnrollment({
Expand Down
50 changes: 50 additions & 0 deletions apps/web/app/(ee)/api/fraud/events/count/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
import { DubApiError } from "@/lib/api/errors";
import { getDefaultProgramIdOrThrow } from "@/lib/api/programs/get-default-program-id-or-throw";
import { withWorkspace } from "@/lib/auth";
import { fraudEventCountQuerySchema } from "@/lib/zod/schemas/fraud";
import { prisma } from "@dub/prisma";
import { NextResponse } from "next/server";

// GET /api/fraud/events/count - Get the count of fraud events
export const GET = withWorkspace(
async ({ workspace, searchParams }) => {
const programId = getDefaultProgramIdOrThrow(workspace);
const { groupId } = fraudEventCountQuerySchema.parse(searchParams);

const fraudGroup = await prisma.fraudEventGroup.findUnique({
where: {
id: groupId,
},
select: {
programId: true,
partnerId: true,
type: true,
},
});

if (!fraudGroup) {
throw new DubApiError({
code: "not_found",
message: "Fraud event group not found.",
});
}

if (fraudGroup.programId !== programId) {
throw new DubApiError({
code: "not_found",
message: "Fraud event group not found in this program.",
});
}

const count = await prisma.fraudEvent.count({
where: {
fraudEventGroupId: groupId,
},
});

return NextResponse.json(count);
},
{
requiredPlan: ["advanced", "enterprise"],
},
);
16 changes: 10 additions & 6 deletions apps/web/app/(ee)/api/fraud/events/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,15 @@ import { z } from "zod";
export const GET = withWorkspace(
async ({ workspace, searchParams }) => {
const programId = getDefaultProgramIdOrThrow(workspace);
const parsedQueryParams = fraudEventQuerySchema.parse(searchParams);
const { page, pageSize, ...queryParams } =
fraudEventQuerySchema.parse(searchParams);

let where: Prisma.FraudEventWhereInput = {};
let eventGroupType: FraudRuleType | undefined;

// Filter by group ID
if ("groupId" in parsedQueryParams) {
const { groupId } = parsedQueryParams;
if ("groupId" in queryParams) {
const { groupId } = queryParams;

const fraudGroup = await prisma.fraudEventGroup.findUnique({
where: {
Expand Down Expand Up @@ -80,8 +81,9 @@ export const GET = withWorkspace(
}

// Filter by customer ID and type
if ("customerId" in parsedQueryParams && "type" in parsedQueryParams) {
const { customerId, type } = parsedQueryParams;
// Currently this is only used in E2E tests to fetch raw fraud events for a given customer + type
if ("customerId" in queryParams && "type" in queryParams) {
const { customerId, type } = queryParams;

where = {
customerId,
Expand Down Expand Up @@ -110,8 +112,10 @@ export const GET = withWorkspace(
customer: true,
},
orderBy: {
id: "asc",
id: "desc",
},
skip: (page - 1) * pageSize,
take: pageSize,
});

return NextResponse.json(z.array(zodSchema).parse(fraudEvents));
Expand Down
70 changes: 23 additions & 47 deletions apps/web/app/(ee)/api/partners/[partnerId]/application-risks/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,58 +1,34 @@
import { FRAUD_RULES } from "@/lib/api/fraud/constants";
import { getPartnerHighRiskSignals } from "@/lib/api/fraud/get-partner-high-risk-signals";
import { checkPartnerEmailDomainMismatch } from "@/lib/api/fraud/rules/check-partner-email-domain-mismatch";
import { checkPartnerEmailMasked } from "@/lib/api/fraud/rules/check-partner-email-masked";
import { checkPartnerNoSocialLinks } from "@/lib/api/fraud/rules/check-partner-no-social-links";
import { checkPartnerNoVerifiedSocialLinks } from "@/lib/api/fraud/rules/check-partner-no-verified-social-links";
import { getPartnerApplicationRisks } from "@/lib/api/fraud/get-partner-application-risks";
import { getDefaultProgramIdOrThrow } from "@/lib/api/programs/get-default-program-id-or-throw";
import { getProgramEnrollmentOrThrow } from "@/lib/api/programs/get-program-enrollment-or-throw";
import { withWorkspace } from "@/lib/auth";
import { getHighestSeverity } from "@/lib/get-highest-severity";
import { getPlanCapabilities } from "@/lib/plan-capabilities";
import { ExtendedFraudRuleType } from "@/lib/types";
import { NextResponse } from "next/server";

// GET /api/partners/:partnerId/application-risks - get application risks for a partner
export const GET = withWorkspace(async ({ workspace, params }) => {
const { partnerId } = params;
const programId = getDefaultProgramIdOrThrow(workspace);

const { partner } = await getProgramEnrollmentOrThrow({
partnerId,
programId,
include: {
partner: true,
},
});
export const GET = withWorkspace(
async ({ workspace, params }) => {
const { partnerId } = params;
const programId = getDefaultProgramIdOrThrow(workspace);

const { partner } = await getProgramEnrollmentOrThrow({
partnerId,
programId,
include: {
partner: true,
},
});

const { hasCrossProgramBan, hasDuplicatePayoutMethod } =
await getPartnerHighRiskSignals({
const { risksDetected, riskSeverity } = await getPartnerApplicationRisks({
program: { id: programId },
partner,
});

const risksDetected: Partial<Record<ExtendedFraudRuleType, boolean>> = {
partnerCrossProgramBan: hasCrossProgramBan,
partnerDuplicatePayoutMethod: hasDuplicatePayoutMethod,
partnerEmailDomainMismatch: checkPartnerEmailDomainMismatch(partner),
partnerEmailMasked: checkPartnerEmailMasked(partner),
partnerNoSocialLinks: checkPartnerNoSocialLinks(partner),
partnerNoVerifiedSocialLinks: checkPartnerNoVerifiedSocialLinks(partner),
};

const detectedRisksInfo = FRAUD_RULES.filter((rule) => {
return risksDetected[rule.type] === true;
});

const { canManageFraudEvents } = getPlanCapabilities(workspace.plan);

// Calculate the highest severity level from all detected risks
const riskSeverity = getHighestSeverity(detectedRisksInfo);

// Return the response with risksDetected only if the workspace has fraud management capabilities,
// otherwise return an empty object to hide sensitive fraud detection details
return NextResponse.json({
risksDetected: canManageFraudEvents ? risksDetected : {},
riskSeverity,
});
});
return NextResponse.json({
risksDetected,
riskSeverity,
});
},
{
requiredPlan: ["advanced", "enterprise"],
},
);
61 changes: 3 additions & 58 deletions ...pp/app.dub.co/(dashboard)/[slug]/(ee)/program/partners/applications/applications-menu.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,15 @@
"use client";

import { updateAutoApprovePartnersAction } from "@/lib/actions/partners/update-auto-approve-partners";
import { mutatePrefix } from "@/lib/swr/mutate";
import useProgram from "@/lib/swr/use-program";
import useWorkspace from "@/lib/swr/use-workspace";
import { DEFAULT_PARTNER_GROUP } from "@/lib/zod/schemas/groups";
import { useConfirmModal } from "@/ui/modals/confirm-modal";
import { useExportApplicationsModal } from "@/ui/modals/export-applications-modal";
import { ThreeDots } from "@/ui/shared/icons";
import { Button, LoadingSpinner, Popover, UserCheck, UserXmark } from "@dub/ui";
import { Button, Popover, UserCheck, UserXmark } from "@dub/ui";
import { Download } from "@dub/ui/icons";
import { useAction } from "next-safe-action/hooks";
import Link from "next/link";
import { useRouter } from "next/navigation";
import { useState } from "react";
import { toast } from "sonner";

export function ApplicationsMenu() {
const router = useRouter();
Expand All @@ -24,55 +19,11 @@ export function ApplicationsMenu() {

const [isOpen, setIsOpen] = useState(false);

const { executeAsync: updateAutoApprove, isPending: isUpdatingAutoApprove } =
useAction(updateAutoApprovePartnersAction, {
onError: ({ error }) => {
toast.error(error.serverError);
},
onSuccess: ({ input }) => {
toast.success(
`Auto-approve ${input.autoApprovePartners ? "enabled" : "disabled"}`,
);
mutatePrefix(["/api/partners", "/api/programs"]);
},
});

const {
confirmModal: confirmEnableAutoApproveModal,
setShowConfirmModal: setShowConfirmEnableAutoApproveModal,
} = useConfirmModal({
title: "Confirm auto-approve",
description: "New applications will be automatically approved.",
onConfirm: async () => {
await updateAutoApprove({
workspaceId: workspaceId!,
autoApprovePartners: true,
});
},
});

const {
confirmModal: confirmDisableAutoApproveModal,
setShowConfirmModal: setShowConfirmDisableAutoApproveModal,
} = useConfirmModal({
title: "Disable auto-approve",
description:
"Future applications will no longer be automatically approved.",
onConfirm: async () => {
await updateAutoApprove({
workspaceId: workspaceId!,
autoApprovePartners: false,
});
},
});

const { setShowExportApplicationsModal, ExportApplicationsModal } =
useExportApplicationsModal();

return (
<>
{confirmEnableAutoApproveModal}
{confirmDisableAutoApproveModal}
<ExportApplicationsModal />
<Popover
openPopover={isOpen}
Expand Down Expand Up @@ -139,14 +90,8 @@ export function ApplicationsMenu() {
type="button"
className="h-8 whitespace-nowrap px-2"
variant="secondary"
disabled={isUpdatingAutoApprove || !program}
icon={
isUpdatingAutoApprove ? (
<LoadingSpinner className="size-4 shrink-0" />
) : (
<ThreeDots className="size-4 shrink-0" />
)
}
disabled={!program}
icon={<ThreeDots className="size-4 shrink-0" />}
/>
</Popover>
</>
Expand Down
47 changes: 0 additions & 47 deletions apps/web/lib/actions/partners/update-auto-approve-partners.ts
View file
Open in desktop

This file was deleted.

Loading