Add notice and notification in Advanced Fraud Settings page

[daquinons]

Fixes #6497

Changes proposed in this Pull Request

Advanced fraud protection should not be enabled if no rules are enabled. Right now, because there is no check when that happens, we save it gracefully but then it's reverted back.

This PR adds a new notice at the top of the page to indicate that at least one rule needs to be enabled, and dispatches an error notice when that's not the case and the user saves its settings.

In order to avoid weird states (such as the user enables Advanced with one rule set, saves it, but then goes back to it and disables the rule set), the level is stored as "basic" when clicking on save without any rule enabled (if the current level is not already "basic").

Testing instructions

• Go to Payments - Settings
• Browse to the bottom of the page and see if "Basic" is selected as fraud protection
• If it's not selected, select "Basic" and save
• Select "Advanced" now, and click on "Configure"
• Without enabling any rule, click on "Save"
• You'll see the notification "At least one risk filter needs to be enabled for advanced protection."
• Go back to WooPayments settings
• Check that "Basic" is still selected
• Choose "Advanced" again and click on "Configure"
• Enable any number of rulesets (but at least one)
• Click on "Save"
• You shouldn't see the error notification now, but a notification saying "advanced" is set
• Go back to WooPayments Settings and check "Advanced" is selected

---

• Run npm run changelog to add a changelog file, choose patch to leave it empty if the change is not significant. You can add multiple changelog files in one PR by running this command a few times.
• Covered with tests (or have a good reason not to test in description ☝️)
• Tested on mobile (or does not apply)

Post merge

• Link to testing instructions from release testing doc following these instructions : https://github.com/Automattic/woocommerce-payments/wiki/Release-testing-instructions-for-WC-Payments-7.6.0#advanced-fraud-protection-cant-be-enabled-without-enabling-advanced-fraud-rules
• Add or update critical flows and testing instructions for critical flows, if applicable.
• Add what's changed (description, screenshot, demo videos etc.) to the release announcement post, if applicable.

[botwoo]

Test the build

Option 1. Jetpack Beta

• Install and activate Jetpack Beta.
• Use this build by searching for PR number 8762 or branch name fix/6497-advanced-fraud-settings-empty in your-test.site/wp-admin/admin.php?page=jetpack-beta&plugin=woocommerce-payments

Option 2. Jurassic Ninja - available for logged-in A12s

🚀 Launch a JN site with this branch 🚀

ℹ️ Install this Tampermonkey script to get more options.

---

Build info:

• Latest commit: 9469a20
• Build time: 2024-05-03 15:47:32 UTC

Note: the build is updated when a new commit is pushed to this PR.

[github-actions]

Size Change: +149 B (0%)

Total Size: 1.25 MB

Filename	Size	Change
release/woocommerce-payments/dist/index-rtl.css	40.7 kB	+9 B (0%)
release/woocommerce-payments/dist/index.css	40.7 kB	+10 B (0%)
release/woocommerce-payments/dist/index.js	293 kB	+109 B (0%)
release/woocommerce-payments/dist/settings-rtl.css	11.1 kB	+10 B (0%)
release/woocommerce-payments/dist/settings.css	10.9 kB	+11 B (0%)

ℹ️ View Unchanged

Filename	Size
release/woocommerce-payments/assets/css/admin.css	1.08 kB
release/woocommerce-payments/assets/css/admin.rtl.css	1.08 kB
release/woocommerce-payments/assets/css/success.css	172 B
release/woocommerce-payments/assets/css/success.rtl.css	172 B
release/woocommerce-payments/dist/blocks-checkout-rtl.css	2.06 kB
release/woocommerce-payments/dist/blocks-checkout.css	2.07 kB
release/woocommerce-payments/dist/blocks-checkout.js	56.3 kB
release/woocommerce-payments/dist/bnpl-announcement-rtl.css	530 B
release/woocommerce-payments/dist/bnpl-announcement.css	531 B
release/woocommerce-payments/dist/bnpl-announcement.js	20 kB
release/woocommerce-payments/dist/cart-block.js	21.4 kB
release/woocommerce-payments/dist/cart.js	4.39 kB
release/woocommerce-payments/dist/checkout-rtl.css	599 B
release/woocommerce-payments/dist/checkout.css	599 B
release/woocommerce-payments/dist/checkout.js	37.5 kB
release/woocommerce-payments/dist/multi-currency-analytics.js	1.05 kB
release/woocommerce-payments/dist/multi-currency-rtl.css	3.28 kB
release/woocommerce-payments/dist/multi-currency-switcher-block.js	59.5 kB
release/woocommerce-payments/dist/multi-currency.css	3.29 kB
release/woocommerce-payments/dist/multi-currency.js	54.6 kB
release/woocommerce-payments/dist/order-rtl.css	733 B
release/woocommerce-payments/dist/order.css	735 B
release/woocommerce-payments/dist/order.js	41.8 kB
release/woocommerce-payments/dist/payment-gateways-rtl.css	1.21 kB
release/woocommerce-payments/dist/payment-gateways.css	1.21 kB
release/woocommerce-payments/dist/payment-gateways.js	38.6 kB
release/woocommerce-payments/dist/payment-request-rtl.css	155 B
release/woocommerce-payments/dist/payment-request.css	155 B
release/woocommerce-payments/dist/payment-request.js	12 kB
release/woocommerce-payments/dist/product-details-rtl.css	398 B
release/woocommerce-payments/dist/product-details.css	402 B
release/woocommerce-payments/dist/product-details.js	17.2 kB
release/woocommerce-payments/dist/settings.js	201 kB
release/woocommerce-payments/dist/subscription-edit-page.js	669 B
release/woocommerce-payments/dist/subscription-product-onboarding-modal-rtl.css	527 B
release/woocommerce-payments/dist/subscription-product-onboarding-modal.css	527 B
release/woocommerce-payments/dist/subscription-product-onboarding-modal.js	19.4 kB
release/woocommerce-payments/dist/subscription-product-onboarding-toast.js	693 B
release/woocommerce-payments/dist/subscriptions-empty-state-rtl.css	120 B
release/woocommerce-payments/dist/subscriptions-empty-state.css	120 B
release/woocommerce-payments/dist/subscriptions-empty-state.js	18.5 kB
release/woocommerce-payments/dist/tos-rtl.css	235 B
release/woocommerce-payments/dist/tos.css	236 B
release/woocommerce-payments/dist/tos.js	21 kB
release/woocommerce-payments/dist/woopay-direct-checkout.js	4.54 kB
release/woocommerce-payments/dist/woopay-express-button-rtl.css	155 B
release/woocommerce-payments/dist/woopay-express-button.css	155 B
release/woocommerce-payments/dist/woopay-express-button.js	21 kB
release/woocommerce-payments/dist/woopay-rtl.css	4.25 kB
release/woocommerce-payments/dist/woopay.css	4.22 kB
release/woocommerce-payments/dist/woopay.js	69.4 kB
release/woocommerce-payments/includes/subscriptions/assets/css/plugin-page.css	622 B
release/woocommerce-payments/includes/subscriptions/assets/js/plugin-page.js	815 B
release/woocommerce-payments/vendor/automattic/jetpack-assets/build/i18n-loader.js	2.44 kB
release/woocommerce-payments/vendor/automattic/jetpack-assets/src/js/i18n-loader.js	1.01 kB
release/woocommerce-payments/vendor/automattic/jetpack-connection/dist/tracks-ajax.js	522 B
release/woocommerce-payments/vendor/automattic/jetpack-connection/dist/tracks-callables.js	581 B
release/woocommerce-payments/vendor/automattic/jetpack-identity-crisis/babel.config.js	160 B
release/woocommerce-payments/vendor/automattic/jetpack-identity-crisis/build/index.css	2.37 kB
release/woocommerce-payments/vendor/automattic/jetpack-identity-crisis/build/index.js	13.5 kB
release/woocommerce-payments/vendor/automattic/jetpack-identity-crisis/build/index.rtl.css	2.37 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/about.css	1.03 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/admin-empty-state.css	291 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/admin-order-statuses.css	403 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/admin.css	3.6 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/checkout.css	299 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/modal.css	742 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/view-subscription.css	572 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/css/wcs-upgrade.css	411 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/admin-pointers.js	544 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/admin.js	9.4 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/jstz.js	6.8 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/jstz.min.js	3.83 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/meta-boxes-coupon.js	544 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/meta-boxes-subscription.js	2.52 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/moment.js	22.1 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/moment.min.js	11.6 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/payment-method-restrictions.js	1.29 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/admin/wcs-meta-boxes-order.js	502 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/frontend/payment-methods.js	355 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/frontend/single-product.js	429 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/frontend/view-subscription.js	1.38 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/frontend/wcs-cart.js	781 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/modal.js	1.1 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/assets/js/wcs-upgrade.js	1.27 kB
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css	392 B
release/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.js	3.05 kB

_{compressed-size-action}

[eduardoumpierre]

I see 3 paths in this flow:

1. The user is currently on basic and saves an empty advanced setting.
   • In this case, couldn't we return early to avoid the "Settings saved" toast?
   • Since there are no changes to save, I think it would be safe to just skip the save and present just the At least one risk filter needs to be enabled for advanced protection. message.
2. The user is currently on basic and saves a filled advanced setting.
   • The Current protection level is set to "advanced". makes sense.
3. The user is currently on advanced setting and saves an empty advanced setting (resets the form)
   • The user will be notified by an At least one risk filter needs to be enabled for advanced protection. message, but I think a better message could be Protection level set to "Basic" due to empty advanced configuration. in this case.

What do you think?

[daquinons]

Thanks for the suggestions @eduardoumpierre !

I see 3 paths in this flow:

1. The user is currently on basic and saves an empty advanced setting.

   • In this case, couldn't we return early to avoid the "Settings saved" toast?
   • Since there are no changes to save, I think it would be safe to just skip the save and present just the At least one risk filter needs to be enabled for advanced protection. message.

At the beginning I assumed that we were sharing the context with the main Settings screen so that's why it had to be saved even entering on the Advanced risk screen. However, I just tested it and we are not sharing it so exiting early makes sense here :)

There is a problem though, exiting early without saving the settings will break it in the example I give in the description: a user with advanced settings enabled and one rule enable, if it disables the rule, I wouldn't be able to move it down to "Basic" level. I've added the save only inside that check ( if ( ProtectionLevel.BASIC !== currentProtectionLevel ) ) let me know what you think f030830

2. The user is currently on basic and saves a filled advanced setting.

   • The Current protection level is set to "advanced". makes sense.

👍

3. The user is currently on advanced setting and saves an empty advanced setting (resets the form)

   • The user will be notified by an At least one risk filter needs to be enabled for advanced protection. message, but I think a better message could be Protection level set to "Basic" due to empty advanced configuration. in this case.

What do you think?

I've changed to 'Protection level set to "basic", at least one risk filter needs to be enabled for advanced protection.' to keep the same message that Design gave us but adding the "basic" part too, let me know if you think should be in the other way around but wanted to keep what Design gave just in case :D 38ea9bc

[eduardoumpierre]

I followed the testing instructions and it worked as expected! The code is clear and covered by tests.

Thanks for working on it! LGTM 🚀