Commit b3e084a0 authored by Matthias Larisch's avatar Matthias Larisch

handle privacy policy acknowledge submission

parent dddd4d8b
Pipeline #22569292 canceled with stages
......@@ -45,3 +45,10 @@ group:
legal:
newpp: Neue Datenschutzerklärung
acknowledge: Stimmst du der Datenschutzerklärung zu?
not_acknowledge_description: Um die foodsharing.de Plattform benutzen zu können, musst du der beschriebenenen Datenschutzerklärung zustimmen. Stimmst du nicht zu, musst du deinen Account löschen.
agree_privacy_policy: Ich stimme der Datenschutzvereinbarung zu.
delete_account: Ich stimme nicht zu und möchte meinen Account löschen.
actions:
safe: Ich bin mit den Bestimmungen einverstanden
must_accept_pp: Um bei foodsharing.de mitzumachen, musst du den Datenschutzbedingungen zustimmen.
......@@ -104,6 +104,11 @@ class S
$legalModel = DI::$shared->get(LegalGateway::class);
$ppVersion = $legalModel->getPpVersion();
if (self::id() && $ppVersion && $ppVersion > self::user('privacy_policy_accepted_date')) {
/* Allow Settings page, otherwise redirect to legal page */
if (in_array(self::$func->getPage(), ['settings', 'logout'])) {
return null;
}
return LegalControl::class;
}
......
......@@ -2,9 +2,11 @@
namespace Foodsharing\Modules\Legal;
use Foodsharing\Lib\Session\S;
use Foodsharing\Modules\Core\Control;
use Foodsharing\Modules\Core\Model;
use Foodsharing\Modules\Core\View;
use Symfony\Component\Form\FormFactoryBuilder;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
......@@ -12,6 +14,11 @@ class LegalControl extends Control
{
private $gateway;
/**
* @var FormFactoryBuilder
*/
private $formFactory;
public function __construct(LegalGateway $gateway, View $view, Model $model)
{
$this->model = $model;
......@@ -21,8 +28,30 @@ class LegalControl extends Control
parent::__construct();
}
/**
* @required
*/
public function setFormFactory(FormFactoryBuilder $formFactory)
{
$this->formFactory = $formFactory;
}
public function index(Request $request, Response $response)
{
$response->setContent($this->render('pages/Legal/newPp.twig', ['pp' => $this->gateway->getPp()]));
$data = new LegalData();
$data->privacy_policy_date = $this->gateway->getPpVersion();
$data->privacy_policy = S::user('privacy_policy_accepted_date') == $data->privacy_policy_date;
$form = $this->formFactory->getFormFactory()->create(LegalForm::class, $data);
$form->handleRequest($request);
if ($form->isSubmitted()) {
if ($form->isValid()) {
$this->gateway->agreeToPp(S::id(), $data->privacy_policy_date);
/* need to reload session cache. TODO: This should be further abstracted */
$this->model->relogin();
}
}
$response->setContent($this->render('pages/Legal/page.twig', [
'pp' => $this->gateway->getPp(),
'form' => $form->createView()]));
}
}
<?php
namespace Foodsharing\Modules\Legal;
use Symfony\Component\Validator\Constraints as Assert;
class LegalData
{
/**
* @Assert\Type("string")
* @Assert\NotBlank()
*/
public $privacy_policy_date;
/**
* @Assert\Type("boolean")
* @Assert\IsTrue(message="legal.must_accept_pp")
*/
public $privacy_policy;
}
<?php
namespace Foodsharing\Modules\Legal;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\FormBuilderInterface;
class LegalForm extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('privacy_policy_date', HiddenType::class)
->add('privacy_policy', CheckboxType::class, ['label' => 'legal.agree_privacy_policy', 'required' => true]);
}
}
......@@ -17,4 +17,9 @@ class LegalGateway extends BaseGateway
{
return $this->db->fetchValue('SELECT `body` FROM fs_content WHERE id = :content_id', ['content_id' => self::PP_CONTENT]);
}
public function agreeToPp($fsId, $ppVersion)
{
$this->db->update('fs_foodsaver', ['privacy_policy_accepted_date' => $ppVersion], ['id' => $fsId]);
}
}
{% extends 'layouts/default.twig' %}
{% block main %}
{{ form_start(form) }}
{% embed 'components/field.twig' with {'title': 'legal.newpp'|trans, 'classes': ['ui-padding']} %}
{% block content %}
{{ pp|raw }}
{% endblock %}
{% endembed %}
{% embed 'components/field.twig' with {'title': 'legal.acknowledge'|trans, 'classes': ['ui-padding']} %}
{% block content %}
{{ 'legal.not_acknowledge_description'|trans }}
{{ form_row(form.privacy_policy) }}
<a href="/?page=settings&sub=deleteaccount">{{ 'legal.delete_account'|trans }}</a>
{% endblock %}
{% endembed %}
<input type="submit" value="{{ 'legal.actions.safe'|trans }}" />
{{ form_end(form) }}
{% endblock %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment