From 3d713ac114085e091815aa486fb96905347c3002 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Fri, 8 Jun 2018 13:20:44 +0200 Subject: Users can accept terms during registration When a user checks the `accept` checkbox, we will track that acceptance as usual. That way they don't need to accept again after they complete the registration. When an unauthenticated user visits the `/-/users/terms` page, there is no button to accept, decline or continue. The 'current-user menu' is also hidden from the top bar. --- app/controllers/registrations_controller.rb | 27 +++++++++++++++++++++- app/controllers/users/terms_controller.rb | 3 ++- .../admin/application_settings/_terms.html.haml | 6 ++--- .../admin/application_settings/show.html.haml | 4 ++-- app/views/devise/shared/_signup_box.html.haml | 7 ++++++ app/views/users/terms/index.html.haml | 27 +++++++++++----------- 6 files changed, 54 insertions(+), 20 deletions(-) (limited to 'app') diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index f5a222b3a48..e6d6965036e 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -3,6 +3,9 @@ class RegistrationsController < Devise::RegistrationsController include AcceptsPendingInvitations before_action :whitelist_query_limiting, only: [:destroy] + before_action :ensure_terms_accepted, + if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? }, + only: [:create] def new redirect_to(new_user_session_path) @@ -18,7 +21,9 @@ class RegistrationsController < Devise::RegistrationsController if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha accept_pending_invitations - super + super do |new_user| + persist_accepted_terms_if_required(new_user) + end else flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.' flash.delete :recaptcha_error @@ -40,6 +45,16 @@ class RegistrationsController < Devise::RegistrationsController protected + def persist_accepted_terms_if_required(new_user) + return unless new_user.persisted? + return unless Gitlab::CurrentSettings.current_application_settings.enforce_terms? + + if terms_accepted? + terms = ApplicationSetting::Term.latest + Users::RespondToTermsService.new(new_user, terms).execute(accepted: true) + end + end + def destroy_confirmation_valid? if current_user.confirm_deletion_with_password? current_user.valid_password?(params[:password]) @@ -91,4 +106,14 @@ class RegistrationsController < Devise::RegistrationsController def whitelist_query_limiting Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42380') end + + def ensure_terms_accepted + return if terms_accepted? + + redirect_to new_user_session_path, alert: _('You must accept our Terms of Service and privacy policy in order to register an account') + end + + def terms_accepted? + Gitlab::Utils.to_boolean(params[:terms_opt_in]) + end end diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb index f7c6d1d59db..1b1560a2a00 100644 --- a/app/controllers/users/terms_controller.rb +++ b/app/controllers/users/terms_controller.rb @@ -2,6 +2,7 @@ module Users class TermsController < ApplicationController include InternalRedirect + skip_before_action :authenticate_user! skip_before_action :enforce_terms! skip_before_action :check_password_expiration skip_before_action :check_two_factor_requirement @@ -14,7 +15,7 @@ module Users def index @redirect = redirect_path - if @term.accepted_by_user?(current_user) + if current_user && @term.accepted_by_user?(current_user) flash.now[:notice] = "You have already accepted the Terms of Service as #{current_user.to_reference}" end end diff --git a/app/views/admin/application_settings/_terms.html.haml b/app/views/admin/application_settings/_terms.html.haml index 257565ce193..7941c8508e8 100644 --- a/app/views/admin/application_settings/_terms.html.haml +++ b/app/views/admin/application_settings/_terms.html.haml @@ -1,4 +1,4 @@ -= form_for @application_setting, url: admin_application_settings_path do |f| += form_for @application_setting, url: admin_application_settings_path, html: { class: 'fieldset-form' } do |f| = form_errors(@application_setting) %fieldset @@ -7,13 +7,13 @@ .form-check = f.check_box :enforce_terms, class: 'form-check-input' = f.label :enforce_terms, class: 'form-check-label' do - = _("Require all users to accept Terms of Service when they access GitLab.") + = _("Require all users to accept Terms of Service and Privacy Policy when they access GitLab.") .form-text.text-muted = _("When enabled, users cannot use GitLab until the terms have been accepted.") .form-group.row .col-sm-12 = f.label :terms do - = _("Terms of Service Agreement") + = _("Terms of Service Agreement and Privacy Policy") .col-sm-12 = f.text_area :terms, class: 'form-control', rows: 8 .form-text.text-muted diff --git a/app/views/admin/application_settings/show.html.haml b/app/views/admin/application_settings/show.html.haml index 3ac1721f7cd..cb8c22ff076 100644 --- a/app/views/admin/application_settings/show.html.haml +++ b/app/views/admin/application_settings/show.html.haml @@ -50,11 +50,11 @@ %section.settings.as-terms.no-animate#js-terms-settings{ class: ('expanded' if expanded) } .settings-header %h4 - = _('Terms of Service') + = _('Terms of Service and Privacy Policy') %button.btn.btn-default.js-settings-toggle{ type: 'button' } = expanded ? _('Collapse') : _('Expand') %p - = _('Include a Terms of Service agreement that all users must accept.') + = _('Include a Terms of Service agreement and Privacy Policy that all users must accept.') .settings-content = render 'terms' diff --git a/app/views/devise/shared/_signup_box.html.haml b/app/views/devise/shared/_signup_box.html.haml index 2554b2688bb..ee7369f54a9 100644 --- a/app/views/devise/shared/_signup_box.html.haml +++ b/app/views/devise/shared/_signup_box.html.haml @@ -22,6 +22,13 @@ = f.label :password = f.password_field :password, class: "form-control bottom", required: true, pattern: ".{#{@minimum_password_length},}", title: "Minimum length is #{@minimum_password_length} characters." %p.gl-field-hint Minimum length is #{@minimum_password_length} characters + - if Gitlab::CurrentSettings.current_application_settings.enforce_terms? + .form-group + = check_box_tag :terms_opt_in, '1', false, required: true + = label_tag :terms_opt_in do + - terms_link = link_to s_("I accept the|Terms of Service and Privacy Policy"), terms_path, target: "_blank" + - accept_terms_label = _("I accept the %{terms_link}") % { terms_link: terms_link } + = accept_terms_label.html_safe %div - if Gitlab::Recaptcha.enabled? = recaptcha_tags diff --git a/app/views/users/terms/index.html.haml b/app/views/users/terms/index.html.haml index 33cddf63952..a869cf9cdee 100644 --- a/app/views/users/terms/index.html.haml +++ b/app/views/users/terms/index.html.haml @@ -2,16 +2,17 @@ .card-body.rendered-terms = markdown_field(@term, :terms) -.card-footer.footer-block.clearfix - - if can?(current_user, :accept_terms, @term) - .float-right - = button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do - = _('Accept terms') - - else - .pull-right - = link_to root_path, class: 'btn btn-success prepend-left-8' do - = _('Continue') - - if can?(current_user, :decline_terms, @term) - .float-right - = button_to decline_term_path(@term, redirect_params), class: 'btn btn-default prepend-left-8' do - = _('Decline and sign out') +- if current_user + .card-footer.footer-block.clearfix + - if can?(current_user, :accept_terms, @term) + .float-right + = button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do + = _('Accept terms') + - else + .pull-right + = link_to root_path, class: 'btn btn-success prepend-left-8' do + = _('Continue') + - if can?(current_user, :decline_terms, @term) + .float-right + = button_to decline_term_path(@term, redirect_params), class: 'btn btn-default prepend-left-8' do + = _('Decline and sign out') -- cgit v1.2.3