private async Task ApproveOrRejectPurchase()

in src/Web/Controllers/BasketController.cs [208:283]

• 62 lines of code
• 9 McCabe index (conditional complexity)

        private async Task<OrderStatus> ApproveOrRejectPurchase(string merchantRuleDecision, string cardNumber, string purchaseId, string correlationId, FraudProtectionIOModel fraudProtectionIO)
        {
            var status = OrderStatus.Received;
            BankEvent auth = null;
            BankEvent charge = null;
            PurchaseStatusEvent purchaseStatus;

            if (!FakeCreditCardBankResponses.CreditCardResponses.TryGetValue(cardNumber, out FakeCreditCardBankResponses creditCardBankResponse))
            {
                //default response
                creditCardBankResponse = new FakeCreditCardBankResponses
                {
                    IgnoreFraudRiskRecommendation = false,
                    IsAuthApproved = true,
                    IsChargeApproved = true
                };
            }

            if (!merchantRuleDecision.StartsWith("APPROVE", StringComparison.OrdinalIgnoreCase) &&
                !creditCardBankResponse.IgnoreFraudRiskRecommendation)
            {
                purchaseStatus = SetupPurchaseStatus(purchaseId, PurchaseStatusType.Rejected);
                status = OrderStatus.Rejected;
            }
            else
            {
                //Auth
                if (!creditCardBankResponse.IsAuthApproved)
                {
                    //Auth Rejected
                    auth = SetupBankEvent(BankEventType.Auth, DateTimeOffset.Now, purchaseId, BankEventStatus.Declined);
                    //Purchase Status - Rejected
                    purchaseStatus = SetupPurchaseStatus(purchaseId, PurchaseStatusType.Rejected);
                    status = OrderStatus.Rejected;
                }
                else
                {
                    //Auth Approved
                    auth = SetupBankEvent(BankEventType.Auth, DateTimeOffset.Now, purchaseId, BankEventStatus.Approved);
                    //Charge
                    if (creditCardBankResponse.IsChargeApproved)
                    {
                        //Charge - Approved
                        charge = SetupBankEvent(BankEventType.Charge, DateTimeOffset.Now, purchaseId, BankEventStatus.Approved);
                        //Purchase Status Approved
                        purchaseStatus = SetupPurchaseStatus(purchaseId, PurchaseStatusType.Approved);
                    }
                    else
                    {
                        //Charge - Rejected
                        charge = SetupBankEvent(BankEventType.Charge, DateTimeOffset.Now, purchaseId, BankEventStatus.Declined);
                        //Purchase status Rejected
                        purchaseStatus = SetupPurchaseStatus(purchaseId, PurchaseStatusType.Rejected);
                        status = OrderStatus.Rejected;
                    }
                }
            }

            if (auth != null)
            {
                var response = await _fraudProtectionService.PostBankEvent(auth, correlationId);
                fraudProtectionIO.Add(auth, response, "BankEvent Auth");
            }
            if (charge != null)
            {
                var response = await _fraudProtectionService.PostBankEvent(charge, correlationId);
                fraudProtectionIO.Add(charge, response, "BankEvent Charge");
            }
            if (purchaseStatus != null)
            {
                var response = await _fraudProtectionService.PostPurchaseStatus(purchaseStatus, correlationId);
                fraudProtectionIO.Add(purchaseStatus, response, "PurchaseStatus");
            }

            return status;
        }