I want to ask what is the purpose of Black list in ofbiz and how should it really work?
I tried to use it and found that it is not working at all.
1) First of all we ALWAYS pass the checkBlackList request with success and always go to processpayment request. The reason is in the return value of the checkBlackList event...The applied patch fix this problem.
2) Is the intend of checkBlackList is preventing from order creation (when someone is in BlackList) or creating the order but preventing from processpayment request, as it is now? Currently the order is created and then we check the black list. if we fail on the black list check we are again in Order Confirmation screen (btw there is no message in the UI saying that there is an error or cannot pass the black list check) but the order is created. If we press again the Create Order button another order is created but we are still in Order Confirmation screen thinking that the order is not created for some reason...The applied patch shows an error message.
In ecommerce it works better. If we fail on checkOrderBlacklist, then failedBlacklistCheck event changes the order status to rejected, the user login is disabled and there is some info for it on the screen. I can add an event like this for order application, that will change the order status to rejected, without disabling the userlogin, what do you think?
3)This should be another issue for improvement. There is not a screen or service for populating the black list. How and where should we put such a screen or button for blocking a email, phone, postall address, cc and may be some other types.
4)A question: How can I add a person (not only his email, or phone but everything) to the OrderBlacklist? Is it correct to add a new Blacklist Type BLACKLIST_PARTY and to add the partyId to the Black list?