Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Automate order approval in NetSuite using data from Stripe's fraud detection system using
Author: <>
Description: Detects if a transaction is marked as fraudulent/safe by Stripe's fraud system
2. User Event
3. Name: Stripe Fraud Handler
4. ID: _stripe_fraud_handler
5. After Submit: afterSubmit
6. Deployments: SalesOrder, Invoice, CashSale (depending on your NetSuite usage)
// Pulled from utilities
function log(msg) {
nlapiLogExecution('DEBUG', msg);
function isEmpty(obj) {
return obj === undefined || obj === null || obj === "";
function startsWith(str, searchString) {
return str.indexOf(searchString) === 0;
// Don't ask why SuiteScript uses 'A' and 'B' to represent the `orderstatus`
// NOTE the wrapper function `processAfterSubmit` is used to enable the logic to be
// easily reused in other contexts (i.e. debugging, mass update, etc)
function afterSubmit() {
var recordType = nlapiGetRecordType();
var recordId = nlapiGetRecordId();
processAfterSubmit(recordType, recordId);
function processAfterSubmit(type, internalId) {
var isFraudProcessed = nlapiLookupField(type, internalId, 'custbody_suitesync_fraud_processed', false);
if(isFraudProcessed == 'T') {
if(isEmpty(nlapiLookupField(type, internalId, 'custbody_suitesync_fraud_message', false))) {
transactionIsSafe(type, internalId);
} else {
transactionIsFraudulent(type, internalId);
} else {
log("transaction not processed for fraud");
function transactionIsFraudulent(recordType, internalId) {
log("transaction is fradulent");
var fraudMessage = nlapiLookupField(recordType, internalId, 'custbody_suitesync_fraud_message', false);
// NOTE startsWith is used to prevent message detection from breaking when whitespace, punctuation, etc
// is added to the fraud message. Note that this is a custom method that is included at the top of this script.
// NOTE you may not want to change how you handle fraudulent transactions based on the fraud message.
// this logic is provided here as an example in case you need this functionality.
if(startsWith(fraudMessage, 'One of your rules placed this charge in manual review')) {
} else if(startsWith(fraudMessage, 'Marked as risky by Stripe')) {
} else {
// additional fraud messages may be added in the future, ensure that all fraud messages are handled
// NOTE exactly what you do when a transaction is fraudulent is highly dependent on your specific
// NetSuite environment. Below are some examples of what you could do.
// NOTE that setting status and statusRef don't do anything, although they won't fail.
// the orderstatus (NOT orderStatus) is the only field that will change the status.
// NOTE pro-tip: use `nlapiGetFieldValue('orderstatus')` in the browser console when you have a transaction
// in edit mode to pull the value that NetSuite expects in SuiteScript.
if(recordType == 'salesorder') {
nlapiSubmitField(recordType, internalId, 'orderStatus', NETSUITE_SALES_ORDER_PENDING_APPROVAL_STATUS);
} else if(type == 'invoice') {
// NOTE that invoices cannot be moved from Approved => Pending Approval
} else if(type == 'cashsale') {
function transactionIsSafe(recordType, internalId) {
log("transaction is safe");
// NOTE exactly what you do when a transaction is safe is highly dependent on your specific
// NetSuite environment. Below are some examples of what you could do.
if(recordType == 'salesorder') {
nlapiSubmitField(recordType, internalId, 'orderstatus', NETSUITE_SALES_ORDER_APPROVED_STATUS);
} else if(type == 'invoice') {
nlapiSubmitField(recordType, internalId, 'approvalstatus', NETSUITE_INVOICE_APPROVED_STATUS);
} else if(type == 'cashsale') {
// this condition enables us to run this script and the debugger to test with
// a specific transaction in NetSuite. This is helpful for script debugging/editing
if(nlapiGetContext().getExecutionContext() == 'debugger') {
processAfterSubmit('salesorder', 8931604);
// allows you set a breakpoint at the end of the script
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment