user consent WIP

pull/6341/head
Markus Kahl 7 years ago
parent 0bc22be618
commit 2ac652efcd
  1. 1
      app/controllers/account_controller.rb
  2. 95
      app/controllers/concerns/user_consent.rb
  3. 55
      app/views/account/consent.html.erb
  4. 11
      app/views/settings/_users.html.erb
  5. 7
      config/initializers/authentication_stages.rb
  6. 4
      config/locales/en.yml
  7. 3
      config/routes.rb
  8. 18
      config/settings.yml
  9. 5
      db/migrate/20180524113516_add_consent_timestamp_to_user.rb

@ -33,6 +33,7 @@ class AccountController < ApplicationController
include Concerns::OmniauthLogin
include Concerns::RedirectAfterLogin
include Concerns::AuthenticationStages
include Concerns::UserConsent
# prevents login action to be filtered by check_if_login_required application scope filter
skip_before_action :check_if_login_required

@ -0,0 +1,95 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2017 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
##
# Intended to be used by the AccountController to implement the user consent
# check.
module Concerns::UserConsent
def consent
if !consent_required?
consent_finished
else
render 'account/consent', locals: {
consent_info: consent_info[I18n.locale],
consent_label: consent_label[I18n.locale]
}
end
end
def confirm_consent
user = consenting_user
if user.present?
update_user_consent! user
consent_finished
else
consent_failed
end
end
def consent_required?
Setting.consent_required? && consent_expired?
end
def consent_expired?
return true if Setting.consent_date.blank?
consented_at = consenting_user.try(:consented_at)
if consented_at.present?
consented_at >= Setting.consent_date
else
false
end
end
def consent_info
Setting.consent_info
end
def consent_label
Setting.consent_label
end
def consenting_user
User.find_by id: session[:authenticated_user_id]
end
def update_user_consent!(user)
user.update consented_at: DateTime.now
end
def consent_finished
redirect_to authentication_stage_complete_path(:consent)
end
def consent_failed
redirect_to Stage.failure_path(:consent)
end
end

@ -0,0 +1,55 @@
<%#-- copyright
OpenProject is a project management system.
Copyright (C) 2012-2017 the OpenProject Foundation (OPF)
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License version 3.
OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
Copyright (C) 2006-2017 Jean-Philippe Lang
Copyright (C) 2010-2013 the ChiliProject Team
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
See doc/COPYRIGHT.rdoc for more details.
++#%>
<% disable_accessibility_css! %>
<% breadcrumb_paths("Consent") %>
<% html_title "Consent" %>
<%= call_hook :view_account_consent_top %>
<div id="login-form" class="form -bordered">
<h1>Consent</h1>
<%= format_text consent_info %>
<%= form_tag(account_confirm_consent_path, method: :post, class: "form -wide-labels") do %>
<section class="form--section">
<label class="form--label-with-check-box">
<div class="form--check-box-container">
<input type="checkbox" class="form--check-box" required="required">
</div>
<%= format_text consent_label %>
</label>
</section>
<section class="form--section">
<input type="submit" class="button -highlight" value="OK"/>
</section>
<% end %>
</div>
<%= call_hook :view_account_consent_bottom %>

@ -38,5 +38,16 @@ See doc/COPYRIGHT.rdoc for more details.
<%= setting_check_box :users_deletable_by_self %>
</div>
</div>
<fieldset class="form--fieldset">
<fieldset id="consent_settings" class="form--fieldset">
<legend class="form--fieldset-legend"><%= I18n.t(:label_consent_settings) %></legend>
<div class="form--field">
<%= setting_check_box :consent_required %>
</div>
<%= cell Settings::TextSettingCell, I18n.locale, name: "consent_info" %>
<%= cell Settings::TextSettingCell, I18n.locale, name: "consent_label" %>
</fieldset>
</fieldset>
<%= styled_button_tag l(:button_save), class: '-highlight -with-icon icon-checkmark' %>
<% end %>

@ -0,0 +1,7 @@
OpenProject::Authentication::Stage
.register(
:consent,
active: ->() { Setting.consent_required? }
) {
account_consent_path
}

@ -1072,6 +1072,7 @@ en:
label_calendar: "Calendar"
label_calendar_show: "Show Calendar"
label_category: "Category"
label_consent_settings: "User Consent"
label_wiki_menu_item: Wiki menu item
label_select_main_menu_item: Select new main menu item
label_select_project: "Select a project"
@ -1930,6 +1931,9 @@ en:
setting_commit_logtime_activity_id: "Activity for logged time"
setting_commit_logtime_enabled: "Enable time logging"
setting_commit_ref_keywords: "Referencing keywords"
setting_consent_info: "Consent information text"
setting_consent_label: "Consent (checkbox) label"
setting_consent_required: "Consent required"
setting_cross_project_work_package_relations: "Allow cross-project work package relations"
setting_date_format: "Date format"
setting_default_language: "Default language"

@ -60,6 +60,9 @@ OpenProject::Application.routes.draw do
get '/login/:stage/failure', action: 'stage_failure', as: 'stage_failure'
get '/login/:stage/:secret', action: 'stage_success', as: 'stage_success'
get '/account/consent', action: 'consent', as: 'account_consent'
post '/account/confirm_consent', action: 'confirm_consent', as: 'account_confirm_consent'
end
namespace :api do

@ -69,6 +69,24 @@ brute_force_block_minutes:
brute_force_block_after_failed_logins:
default: 20
format: int
# Date after which users have to have consented to what ever they need to consent
# to (depending on other settings) such as a privacy policy.
consent_date:
default: ''
# Additional info about what the user is consenting to (optional).
consent_info:
serialized: true
default:
en:
# Label next to the checkbox showing what the user is consenting to in short (required).
consent_label:
serialized: true
default:
en:
# Indicates wether or not users need to consent to something such as privacy policy.
consent_required:
default: 0
format: boolean
welcome_title:
default:
welcome_text:

@ -0,0 +1,5 @@
class AddConsentTimestampToUser < ActiveRecord::Migration[5.0]
def change
add_column :users, :consented_at, :datetime
end
end
Loading…
Cancel
Save