Enforce application wide terms
What does this MR do?
This adds the ability for admins to enforce terms in application settings:
When the feature is enabled, users are presented with a ToS that they need to accept in order to continue using the web application.
Every authenticated request will redirect to the terms page when the user did not accept the terms, after the user accepts they are directed back to where they were going.
API & Git operations are currently not affected.
TODO
-
Add a TermPolicy
that can be checked to show/hide the correct buttons on the terms page. That way we can block some permissions that would otherwise result in a redirect. -
Store the accepted_terms
on the user instead of a boolean. That might be required later to enforce users to accept updated terms but it might be hard to migrate, so we'd better do it now.
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added -
Tests added for this feature/bug - Review
-
Has been reviewed by UX -
Has been reviewed by Frontend -
Has been reviewed by Backend -
Has been reviewed by Database
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Squashed related commits together -
Internationalization required/considered -
End-to-end tests pass ( package-and-qa
manual pipeline job)
What are the relevant issue numbers?
Edited by Filipa Lacerda