Accept terms of use

[gahermar]

Accept term of use after login for all users
After change term of use set status accepted on all users to false.

[jiri1337]

This is one possible way of course. What would you think about a solution that uses terms_accepted_at (DateTime) on a user model - this way you would simply compare updated_at on Site with the terms_accepted_at on a model to check whether the user has accepted the updated terms.

[gahermar]

Yeah this solution is nice to. I following instructions in task (#317)
And it depend ... if we need to save date of accepted it will be better your solution. but if we wouldn't need it, i think solution with boolean is better .... for example when we need check in DB who accept and who not it will be more readeble when we have this data. Of course we can have both or it is just simple sql query to show it but if we no need date of accept i think it is useles.

[panterch]

Since you introduced terms_of_use_accepted_date the boolean field terms_of_use_accepted is a duplicate. I'd would stay with terms_of_use_accepted_date on the user and simply add a virtual field on user (pseudo code):

def terms_of_use_accepted
  user.terms_of_use_accepted_date < site.terms_of_use_accepted_date 
end

Then you don't have to update all database rows when the terms change.

[gahermar]

yes, good tip. I changed it..

[jiri1337]

This project is using cancancan and devise - I think there are better ways to ensure the user is not nil or that the user has to be authorized to perform this action.
This of course will work but it's not the cleanest solution.

Also, you could use .nil? and you don't need to find the user when you have current_user available in this context - it already has found the user for you.

[gahermar]

I must say i need to look more on cancancan ....

i was repair nil and remove finding user.

[jiri1337]

This is a way but the performance could be better-using database query -> using where or exists?

[gahermar]

I came out of the solution which is in application_controller.
And i don't understand what you mean with DB query. I thought DB queries are more difficult..

[jiri1337]

Ah I meant something in this manner (using Activerecord) current_user.mentor_matchings.exists?(state: 'pending')

[gahermar]

Ah this. ok. I changed it. And now question - we have same things in application controller after login. Change it too? I just ask because it is not my code but on the other side it is improve.

[jiri1337]

It would be cool to check if

• After updating the terms, the terms_of_use_accepted gets reset for other users that have previously accepted the terms
• Checking whether the user's terms_of_use_accepted change from false to true on the database level

[gahermar]

I think the first check what you want is test on line 29 - i create admin and teacher (both with akcepted = true) then i login with admin - did some change in terms of use and save. Logout and login with teacher and check if there is showed page with term of use.

Second check - i tried to do new test in same file on line 57 - similar function but at the end i was reload teacher and check terms_of_use_accepted. Did you mean that?

[panterch]

Dear @MartinGaher

Thanks for your work - very much appreciated!

I've checked out the branch and did some acceptance testing. Here are my findings:

The following acceptance criteria seems not to be fulfilled:

Werden die Nutzungsbedingungen erneut geändert, müssen diese erneut angezeigt und akzeptiert werden

In the implementation notes there were some hints how to achive this. Feel free to find another way of implementing it, that fulfills the same criterias:

Auf dem site model soll aufgezeichnet, wann die Nutzungsbedingungen das letzte mal geändert wurden. Dies kann z.B. über den "Dirty" state des Feldes gemacht werden: https://api.rubyonrails.org/classes/ActiveRecord/AttributeMethods/Dirty.html

Auf dem User Model muss ebenfalls aufgezeichnet werden, wann Benutzer*innen das letzte Mal die Nutzungsbedingungen akzeptiert haben.

I tested by logging in as admin, accepting the tos, then changing the tos, logging out and login in again. It should have displayed me the tos again but did not.

[gahermar]

Hello @panterch ,
sorry for that. I usually do not enforce accept for user which making changes - it was for all other users. I repair it and now after save app wants to accept too for admin which make changes. I also added datetime to user for check last accepted date and also datetime to site for check last update date.

[jiri1337]

I see one little issue here - What if theoretically speaking saving failed. In this case, we would still set terms_of_use_accepted to false for all users.
This is not a big issue but it could maybe be addressed as well.

[panterch]

There's a convention to end date fields with _at. Maybe you rename this to site.terms_of_use_changed_at to make the code more readable.

[gahermar]

Ok. when i changed logic to dates it is unnecessarily now.

i changed column names to _at

[panterch]

There's a convention to end date fields with _at. Maybe you rename this to terms_of_use_accepted_at to make the code more readable.

[gahermar]

i changed column names to _at

[gahermar]

Hi,
i have question about default values. Now i changed columns in DB to have default values to datetime.now. It is ok or it is better to let it nil and do some check in code? It depends on how is user created. If there is some acceptation during creation or not or if some other user create user account?