DIV-619

edivorce/apps/core/middleware/bceid_middleware.py

@@ -17,6 +17,7 @@ class AnonymousUser():
 
     guid = None
     display_name = ''
+    has_accepted_terms = False
 
     def is_authenticated(self):
         return False

edivorce/apps/core/migrations/0018_bceiduser_has_accepted_terms.py

@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0017_bceiduser_has_seen_orders_page'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='bceiduser',
+            name='has_accepted_terms',
+            field=models.BooleanField(default=False),
+        ),
+    ]

edivorce/apps/core/models.py

@@ -28,6 +28,9 @@ class BceidUser(models.Model):
     has_seen_orders_page = models.BooleanField(default=False)
     """ Flag for intercept page """
 
+    has_accepted_terms = models.BooleanField(default=False)
+    """ Flag for accepting terms of service """
+
     def is_authenticated(self):
         return True
 

edivorce/apps/core/static/js/ajax.js

@@ -1,10 +1,7 @@
 // when change triggered, collect user input data, validate data and POST via ajax
 var ajaxOnChange = function () {
     var el = $(this);
-    // Skip ajax call for checkbox on terms and condition
-    if (el.is("#terms_checkbox")){
-        return;
-    }
+
     // show/hide additional information if needed
     reveal(el);
 

edivorce/apps/core/static/js/functions.js

@@ -197,7 +197,11 @@ var radioWithTextboxControl = function(el){
 var getValue = function(el, question){
     var value = [];
     // if checkbox, get list of values.
-    if (el.is("input[type=checkbox]")){
+    if (el.is("input[type=checkbox]")) {
+        if (el.is('[naked]')) {
+          return el.is(':checked') ? 'true' : 'false';
+        }
+
         if (el.attr('data-checkbox_radio') === "true") {
             checkboxRadioControl(el);
         }

edivorce/apps/core/templates/base.html

@@ -160,6 +160,46 @@
 
         <div id="progress-overlay" style="display: none"><div id="progress-overlay-spinner"></div></div>
 
+{% if request.user.is_authenticated and not request.user.has_accepted_terms and request.path != '/current' %}
+        <div id="terms_modal" class="modal" tabindex="-1" role="dialog" data-backdrop="static">
+            <div class="modal-dialog" role="document">
+                <div class="modal-content">
+                    <div class="modal-header">
+                        <i class="fa fa-file" aria-hidden="true"></i>
+                        <h1 class="modal-title">Online Divorce Assistant Terms of Use</h1>
+                    </div>
+                    <div class="modal-body">
+                        <p>Version 1.0, March 31, 2017</p>
+                        <p>The Online Divorce Assistant application is provided as a public service by the Government of British Columbia, Box 9411, Victoria, British Columbia, Canada V8W 9V1.</p>
+                        <p>
+                            <strong>User Agreement</strong><br />
+                            Every person who accesses the Online Divorce Assistant application ("User" or "You") agrees to the Terms of Use in this document and to the fact that the Government of British Columbia may amend these terms from time to time. The Government of British Columbia reserves the right, at its discretion, to change, modify, add, or remove portions of these terms at any time. Please check these terms periodically for changes. Your continued use of the Online Divorce Assistant application following the posting of changes to these terms will mean you accept these changes.
+                        </p>
+                        <p>
+                            <strong>Privacy Protection</strong><br />
+                            The Online Divorce Assistant application does not collect personal information about Users without their consent, and has set up means to keep personal information confidential. However, the Government of British Columbia does collect aggregate data about Users' use of the Online Divorce Assistant application to better understand general User trends at an aggregate level and improve web performance, web services, and website maintenance.
+                        </p>
+                        <p>
+                            An Internet Protocol (IP) network domain name (e.g. shaw.ca) and a partial, non-specific IP address (e.g. 216.10.100.xx) of the computer you are using may be collected and stored on servers located outside Canada. Other information that the Online Divorce Assistant collects (e.g. email addresses) is stored in Canada.
+                        </p>
+                        <p>
+                            The anonymity of Users is therefore reasonably protected but not fully guaranteed. The Online Divorce Assistant applications management of personal information is described more fully on the Government of British Columbia's Privacy Policy page.
+                        </p>
+                        <p>
+                            Absent the use of encryption, the internet and email are not secure media and privacy cannot be ensured. The Government of British Columbia will not be responsible for any damages you or any third party may suffer as a result of the transmission of confidential information that you make to any party through the internet email links provided on the Online Divorce Assistant. The Government of British Columbia is not responsible for any errors or any changes made to any transmitted information. Should you decide to transmit information using internet email links, you do so at your own risk.
+                        </p>
+                        <div class="checkbox" id="terms_and_conditions">
+                            <label> <input type="checkbox" name="has_accepted_terms" value="true" id="terms_checkbox"naked> I agree to the Online Divorce Assistant Terms of Use </label>
+                        </div>
+                    </div>
+                    <div class="modal-footer">
+                        <a type="button" id="terms_agree_button" class="btn btn-primary btn-lg">Accept and continue</a>
+                    </div>
+                </div>
+            </div>
+        </div>
+{% endif %}
+
         {% compress js %}
         <script type="text/javascript" src="{% static 'js/vendor/jquery-1.12.4.min.js' %}"></script>
         <script type="text/javascript" src="{% static 'js/vendor/bootstrap.min.js' %}"></script>

edivorce/apps/core/templates/dashboard/current.html

@@ -77,6 +77,17 @@ Are you sure you want to continue?"
   {% if not request.user.is_anonymous %}
       <h3>User Fields</h3>
       <table class='inner'>
+        <tr>
+          <td>Has accepted terms of service</td>
+          <td>
+            {{ request.user.has_accepted_terms }}<br>
+            [ <a href="?terms=reset" class="confirm-link"
+                data-message="This will toggle the flag set when the user accepted the terms of service.
+
+Are you sure you want to continue?"
+              >Toggle terms flag</a> ]
+          </td>
+        </tr>
         <tr>
           <td>Has seen orders page</td>
           <td>

edivorce/apps/core/templates/overview.html

@@ -137,43 +137,6 @@
     </div>
 </div>
 {% elif request.session.first_login and not request.session.viewed_dashboard_during_session %}
-<div id="terms_modal" class="modal" tabindex="-1" role="dialog" data-backdrop="static">
-    <div class="modal-dialog" role="document">
-        <div class="modal-content">
-            <div class="modal-header">
-                <i class="fa fa-file" aria-hidden="true"></i>
-                <h1 class="modal-title">Online Divorce Assistant Terms of Use</h1>
-            </div>
-            <div class="modal-body">
-                <p>Version 1.0, March 31, 2017</p>
-                <p>The Online Divorce Assistant application is provided as a public service by the Government of British Columbia, Box 9411, Victoria, British Columbia, Canada V8W 9V1.</p>
-                <p>
-                    <strong>User Agreement</strong><br />
-                    Every person who accesses the Online Divorce Assistant application ("User" or "You") agrees to the Terms of Use in this document and to the fact that the Government of British Columbia may amend these terms from time to time. The Government of British Columbia reserves the right, at its discretion, to change, modify, add, or remove portions of these terms at any time. Please check these terms periodically for changes. Your continued use of the Online Divorce Assistant application following the posting of changes to these terms will mean you accept these changes.
-                </p>
-                <p>
-                    <strong>Privacy Protection</strong><br />
-                    The Online Divorce Assistant application does not collect personal information about Users without their consent, and has set up means to keep personal information confidential. However, the Government of British Columbia does collect aggregate data about Users' use of the Online Divorce Assistant application to better understand general User trends at an aggregate level and improve web performance, web services, and website maintenance.
-                </p>
-                <p>
-                    An Internet Protocol (IP) network domain name (e.g. shaw.ca) and a partial, non-specific IP address (e.g. 216.10.100.xx) of the computer you are using may be collected and stored on servers located outside Canada. Other information that the Online Divorce Assistant collects (e.g. email addresses) is stored in Canada.
-                </p>
-                <p>
-                    The anonymity of Users is therefore reasonably protected but not fully guaranteed. The Online Divorce Assistant applications management of personal information is described more fully on the Government of British Columbia's Privacy Policy page.
-                </p>
-                <p>
-                    Absent the use of encryption, the internet and email are not secure media and privacy cannot be ensured. The Government of British Columbia will not be responsible for any damages you or any third party may suffer as a result of the transmission of confidential information that you make to any party through the internet email links provided on the Online Divorce Assistant. The Government of British Columbia is not responsible for any errors or any changes made to any transmitted information. Should you decide to transmit information using internet email links, you do so at your own risk.
-                </p>
-                <div class="checkbox" id="terms_and_conditions">
-                    <label> <input type="checkbox" id="terms_checkbox"> I agree to the Online Divorce Assistant Terms of Use </label>
-                </div>
-            </div>
-            <div class="modal-footer">
-                <a type="button" id="terms_agree_button" class="btn btn-primary btn-lg">Accept and continue</a>
-            </div>
-        </div>
-    </div>
-</div>
 {% endif %}
 
 {% endblock %}

edivorce/apps/core/views/api.py

@@ -16,21 +16,34 @@ class UserResponseHandler(APIView):
         serializer = UserResponseSerializer(data=request.data)
         question_key = request.data['question']
 
+        value = request.data['value'].replace('<', '&lt;').replace('>', '&gt;')
+        user_attribute_updated = False
         try:
-            question = Question.objects.get(pk=question_key)
-            # As a result of discussion, decide to escape < and > only
-            value = request.data['value'].replace('<', '&lt;').replace('>', '&gt;')
-            if request.user.is_authenticated():
-                save_to_db(serializer, question, value, request.user)
+            try:
+                question = Question.objects.get(pk=question_key)
+            except Question.DoesNotExist:
+                question = None
+
+            if question is not None:
+                # As a result of discussion, decide to escape < and > only
+                if request.user.is_authenticated():
+                    save_to_db(serializer, question, value, request.user)
+                else:
+                    # only prequalification questions can be answered when you
+                    # aren't logged into BCeID
+                    if question_key not in question_step_mapping['prequalification']:
+                        return Response(data="Not logged in",
+                                        status=status.HTTP_511_NETWORK_AUTHENTICATION_REQUIRED)
+                    save_to_session(request, question, value)
             else:
-                # only prequalification questions can be answered when you
-                # aren't logged into BCeID
-                if question_key not in question_step_mapping['prequalification']:
-                    return Response(data="Not logged in",
-                                    status=status.HTTP_511_NETWORK_AUTHENTICATION_REQUIRED)
-                save_to_session(request, question, value)
-        except Question.DoesNotExist:
-            return Response(data="Question: '%s' does not exist" % question_key,
-                            status=status.HTTP_400_BAD_REQUEST)
+                if request.user.is_authenticated() and hasattr(request.user, question_key):
+                    setattr(request.user, question_key, value == 'true')
+                    request.user.save()
+                    user_attribute_updated = True
+        except Exception as e:
+            if question is None and not user_attribute_updated:
+                return Response(data="Question: '%s' does not exist" % question_key,
+                                status=status.HTTP_400_BAD_REQUEST)
+            return Response(status=status.HTTP_500_INTERNAL_ERROR)
 
         return Response(status=status.HTTP_200_OK)

edivorce/apps/core/views/system.py

@@ -37,6 +37,11 @@ def current(request):
         request.user.responses.filter(question__key='want_which_orders').delete()
         return redirect(reverse('current'))
 
+    if request.GET.get('terms', False) and request.user.is_authenticated():
+        request.user.has_accepted_terms = not request.user.has_accepted_terms
+        request.user.save()
+        return redirect(reverse('current'))
+
     context = {
         'hide_nav': True,
         'is_anonymous': request.user.is_anonymous(),