From 70e98306319dda23595897739fdb98d7d5e47fd6 Mon Sep 17 00:00:00 2001
From: Alma Malambo <amalambo@spreedly.com>
Date: Mon, 12 Aug 2024 09:30:14 -0500
Subject: [PATCH] Elavon: Update sending CVV for MIT transactions

CVV should be sent for all transactions if present.

Remote
40 tests, 178 assertions, 2 failures, 0 errors, 0 pendings, 0 omissions, 0 notifications
95% passed
---
 CHANGELOG                                      | 1 +
 lib/active_merchant/billing/gateways/elavon.rb | 2 --
 test/unit/gateways/elavon_test.rb              | 6 +++---
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index eb875e25342..7b24258add9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -7,6 +7,7 @@
 * FlexCharge: add more descriptives error messages [gasb150] #5199
 * Braintree: Updates to Paypal Integration [almalee24] #5190
 * CommerceHub: Update test url [DustinHaefele] #5211
+* Elavon: Update sending CVV for MIT transactions  [almalee24] #5210
 
 == Version 1.137.0 (August 2, 2024)
 * Unlock dependency on `rexml` to allow fixing a CVE (#5181).
diff --git a/lib/active_merchant/billing/gateways/elavon.rb b/lib/active_merchant/billing/gateways/elavon.rb
index fa4892618da..625ca8872d1 100644
--- a/lib/active_merchant/billing/gateways/elavon.rb
+++ b/lib/active_merchant/billing/gateways/elavon.rb
@@ -246,8 +246,6 @@ def add_currency(xml, money, options)
 
       def add_verification_value(xml, credit_card, options)
         return unless credit_card.verification_value?
-        # Don't add cvv if this is a non-initial stored credential transaction
-        return if options[:stored_credential] && !options.dig(:stored_credential, :initial_transaction) && options[:stored_cred_v2]
 
         xml.ssl_cvv2cvc2            credit_card.verification_value
         xml.ssl_cvv2cvc2_indicator  1
diff --git a/test/unit/gateways/elavon_test.rb b/test/unit/gateways/elavon_test.rb
index 760d210e927..bbc20a050ae 100644
--- a/test/unit/gateways/elavon_test.rb
+++ b/test/unit/gateways/elavon_test.rb
@@ -448,7 +448,7 @@ def test_stored_credential_pass_in_recurring_request
       assert_match(/<ssl_approval_code>1234566<\/ssl_approval_code>/, data)
       assert_match(/<ssl_recurring_flag>1<\/ssl_recurring_flag>/, data)
       refute_match(/<ssl_entry_mode/, data)
-      refute_match(/<ssl_cvv2cvc2/, data)
+      assert_match(/<ssl_cvv2cvc2/, data)
     end.respond_with(successful_purchase_response)
   end
 
@@ -475,7 +475,7 @@ def test_stored_credential_pass_in_installment_request
       assert_match(/<ssl_payment_number>2<\/ssl_payment_number>/, data)
       assert_match(/<ssl_payment_count>4<\/ssl_payment_count>/, data)
       refute_match(/<ssl_entry_mode/, data)
-      refute_match(/<ssl_cvv2cvc2/, data)
+      assert_match(/<ssl_cvv2cvc2/, data)
     end.respond_with(successful_purchase_response)
   end
 
@@ -502,7 +502,7 @@ def test_stored_credential_pass_in_unscheduled_with_additional_data_request
       assert_match(/<ssl_entry_mode>12<\/ssl_entry_mode>/, data)
       assert_match(/<ssl_par_value>1234567890<\/ssl_par_value>/, data)
       assert_match(/<ssl_association_token_data>1<\/ssl_association_token_data>/, data)
-      refute_match(/<ssl_cvv2cvc2/, data)
+      assert_match(/<ssl_cvv2cvc2/, data)
     end.respond_with(successful_purchase_response)
   end