Store terms and condition acceptance record in database

[MCatherine1994]

Describe the task
Create a new data table to store the acceptance record of terms and conditions for fam delegated admin bceid users.

Acceptance Criteria

• Create a new table, include columns user_id, terms and conditions version, accept date
• Create an api to check if user needs to accept the terms and conditions, add basic security check that user is app admin or delegated admin
• Create an api to store when user accept the terms and conditions, add basic security check that user is app admin or delegated admin
• add database user permissions to insert, read from new table (insert only, no edits)
• Regenerate client-code-gen

Additional context

• API is created under access management Lambda (lower privileged)
• will hold a design session for data model changes -table and column naming
• API modifications to enforce T&C acceptance under issue Use user terms acceptance api for frontend and security check #1383

[MCatherine1994]

Another idea Ian suggested that we can create an validation method to check if user needs to accept the terms and conditions, add the check to the get my access api, and return false in the json. But we need to think about the get my access api is under admin management apis, but we want to reuse that in regular apis.

[MCatherine1994]

I was thinking about to do user's terms and condition check with the get_admin_user_access api.

If we add a validation method to check that when calling get_admin_user_access , currently this method will be called every time after user login to FAM. However, no matter we call the validation as router guard, or in the api cal:

• If user already accepts terms and conditions, return user's access directly
• If user needs to accept, we have to return something different than the current return to indicate that we need to popup the terms and conditions for the user. And once the user accept the terms and conditions, we have to call the get_admin_user_access api again to get user's access.
  By that said, I feel this doesn't simplify the apis, also will cause duplicate.
  

If we create a new api to check if user needs to accept terms and conditions, this is nothing related to the admin management apis. So every time when user login:

• check if user needs to accept terms and conditions
  • if hasn't accept show popup, when accept, call get my admin access api
  • if accepted already, call get my admin access api
    But need to think about what should we return in the case user needs to accept terms and conditions, throw any error and catches in frontend? or return 200 with data "FALSE"?