Commit 0c4434ee authored by Robert Lyon's avatar Robert Lyon Committed by Gerrit Code Review
Browse files

Merge changes from topic 'GDPR'

* changes:
  Bug 1746259: Display the T&C on 'Configure site'->'Legal' page
  Bug 1746259: Move the T&C to the site_content_version table
  Bug 1746259: Add the T&C to the site_content_version table
parents 1721bd04 03a3b227
......@@ -14,10 +14,9 @@ define('ADMIN', 1);
define('MENUITEM', 'configsite/privacy');
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
define('SECTION_PAGE', 'privacy');
define('SECTION_PAGE', 'legal');
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
define('TITLE', get_string('legal', 'admin'));
define('SUBSECTIONHEADING', get_string('privacy', 'admin'));
$versionid = param_integer('id', null);
......@@ -26,14 +25,23 @@ if (!is_logged_in()) {
}
$data = get_records_sql_assoc("
SELECT s.id, s.version, u.firstname, u.lastname, u.id AS userid, s.content, s.ctime
SELECT s.id, s.version, u.firstname, u.lastname, u.id AS userid, s.content, s.ctime, s.type
FROM {site_content_version} s
LEFT JOIN {usr} u ON s.author = u.id
WHERE s.institution = ?
ORDER BY s.id DESC", array('mahara'));
if ($data) {
// Add the displayname of user
foreach ($data as $k => $v) {
$v->displayname = display_name($v->userid, null, true);
}
}
$selectedtab = 'privacy';
if ($versionid) {
if ($pageoptions = get_record('site_content_version', 'id', $versionid, 'institution', 'mahara')) {
$selectedtab = $pageoptions->type;
$form = pieform(array(
'name' => 'editsitepage',
'jsform' => false,
......@@ -109,18 +117,27 @@ function editsitepage_submit(Pieform $form, $values) {
redirect(get_config('wwwroot').'admin/site/privacy.php');
}
// JQuery logic for tab hide/show and to keep the same tab active on page refresh.
$js = <<< EOF
$(document).ready(function() {
checkActiveTab('$selectedtab');
})
EOF;
if ($versionid && $pageoptions) {
$smarty = smarty(array('adminsitepages'), array(), array('admin' => array('discardpageedits')));
$smarty = smarty(array('adminsitepages', 'privacy'), array(), array('admin' => array('discardpageedits')));
$smarty->assign('pageeditform', $form);
$smarty->assign('content', $pageoptions->content);
$smarty->assign('version', $pageoptions->version);
}
else {
$smarty = smarty();
$smarty = smarty(array('privacy'));
}
setpageicon($smarty, 'icon-umbrella');
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('results', $data);
$smarty->assign('latestversion', reset($data)->version);
$smarty->assign('latestversion', null);
$smarty->assign('versionid', $versionid);
$smarty->assign('latestprivacyid', reset($data)->id);
$smarty->assign('latestprivacyid', null);
$smarty->assign('link', "admin/site/privacy.php?id=");
$smarty->display('admin/site/privacy.tpl');
......@@ -57,7 +57,7 @@ $privacies = get_records_sql_assoc("
SELECT s.id, s.version, u.firstname, u.lastname, u.id AS userid, s.content, s.ctime
FROM {site_content_version} s
LEFT JOIN {usr} u ON s.author = u.id
WHERE s.institution = ?
WHERE s.type = 'privacy' AND s.institution = ?
ORDER BY s.id DESC", array($institution));
$form = false;
......@@ -143,7 +143,7 @@ function editsitepage_submit(Pieform $form, $values) {
$siteprivacycontent = get_record_sql("
SELECT s.content, s.ctime
FROM {site_content_version} s
WHERE s.institution = ?
WHERE s.type = 'privacy' AND s.institution = ?
ORDER BY s.id DESC
LIMIT 1", array('mahara'));
......
/**
* General javascript routines for Mahara
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
function checkActiveTab(activeTab) {
$('a[href="#' + activeTab + '"]').tab('show');
showTab('#' + activeTab);
}
function showTab(el) {
var i;
var x = $(".tab");
for (i = 0; i < x.length; i++) {
$(x[i]).addClass("js-hidden");
}
$(el).removeClass("js-hidden");
$(el + '-text').removeClass("js-hidden");
}
......@@ -505,6 +505,7 @@ $string['sitepageloaded'] = 'Site page loaded';
$string['termsandconditions'] = 'Terms and conditions';
$string['uploadcopyright'] = 'Upload copyright statement';
$string['privacypagedescription'] = 'Edit the privacy statement for the entire site. The version you edited last becomes the current privacy statement automatically.';
$string['termspagedescription'] = 'Edit the terms and conditions for the entire site. The version you edited last becomes the current terms and conditions automatically.';
// Links and resources menu editor
$string['sitefile'] = 'Site file';
......@@ -1343,7 +1344,8 @@ $string['lastversion'] = 'Privacy statements must have unique version names of u
$string['versionalreadyexist'] = 'A privacy statement with the version name "%s" already exists.';
$string['siteprivacystatement'] = 'Site privacy statement';
$string['addoneversionlink'] = '<a href="%s">Add one</a> if you need it.';
$string['versionfor'] = 'Privacy statement for version "%s" is as follows:';
$string['privacyversionfor'] = 'Privacy statement for version "%s" is as follows:';
$string['termsversionfor'] = 'Terms and conditions for version "%s" is as follows:';
$string['institutionprivacystatement'] = 'Institution privacy statement';
$string['userprivacypagedescription'] = 'Displayed are the current privacy statements to which you consented.';
$string['lastupdated'] = 'Last updated on';
......
......@@ -5656,5 +5656,30 @@ function xmldb_core_upgrade($oldversion=0) {
}
if ($oldversion < 2018013001) {
log_debug('Move the site terms and conditions from the site_content table to the site_content_version table');
if ($records = get_records_array('site_content', 'name', 'termsandconditions')) {
foreach ($records as $data) {
$record = new stdClass;
$record->type = 'termsandconditions';
$record->content = $data->content;
$record->author = $data->mauthor;
$record->institution = $data->institution;
$record->version = '1.0';
$record->ctime = db_format_timestamp(time());
insert_record('site_content_version', $record);
delete_records('site_content', 'id', $data->id);
}
}
log_debug('Auto accept the terms and conditions for all site admins');
$sitecontentid = get_field('site_content_version', 'id', 'type', 'termsandconditions', 'institution', 'mahara');
$admins = get_site_admins();
foreach ($admins as $admin) {
save_user_reply_to_agreement($admin->id, $sitecontentid, 1);
}
}
return $status;
}
......@@ -820,6 +820,9 @@ function core_install_lastcoredata_defaults() {
// Accept the user privacy agreement on install
$sitecontentid = get_field('site_content_version', 'id', 'type', 'privacy', 'institution', 'mahara');
save_user_reply_to_agreement($user->id, $sitecontentid, 1);
// Accept the user T&C on install
$sitecontentid = get_field('site_content_version', 'id', 'type', 'termsandconditions', 'institution', 'mahara');
save_user_reply_to_agreement($user->id, $sitecontentid, 1);
handle_event('createuser', $user, array('password'));
activity_add_admin_defaults(array($user->id));
db_commit();
......
......@@ -3251,9 +3251,10 @@ function get_latest_privacy_versions($institutions = array(), $ignoreagreevalue
FROM {site_content_version} s
INNER JOIN (SELECT MAX(id) as current, institution
FROM {site_content_version}
WHERE type = 'privacy'
GROUP BY institution) s2 ON s.institution = s2.institution AND s.id = s2.current
" . $useragreementsql . "
WHERE s.institution IN (" . join(',',array_map('db_quote', $institutions)) . ")
" . $useragreementsql . "
WHERE s.type = 'privacy' AND s.institution IN (" . join(',',array_map('db_quote',$institutions)) . ")
ORDER BY type", $params);
return $latestversions;
......
......@@ -16,7 +16,7 @@ $config = new stdClass();
// See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy
// For upgrades on stable branches, increment the version by one. On master, use the date.
$config->version = 2018013000;
$config->version = 2018013001;
$config->series = '18.04';
$config->release = '18.04dev';
$config->minupgradefrom = 2015030409;
......
......@@ -3213,7 +3213,7 @@ function site_menu() {
* @return array of names
*/
function site_content_pages() {
return array('about', 'home', 'loggedouthome', 'termsandconditions');
return array('about', 'home', 'loggedouthome');
}
/**
......@@ -3221,7 +3221,7 @@ function site_content_pages() {
* @return array of names
*/
function site_content_version_pages() {
return array('privacy');
return array('privacy', 'termsandconditions');
}
function get_site_page_content($pagename) {
......
......@@ -12,66 +12,53 @@
{/if}
</div>
{else}
<div class="lead">{str tag="privacypagedescription" section="admin"}</div>
<div class="row">
<div class="col-md-12">
<div class="panel panel-default view-container">
<div class="table-responsive">
<table id="adminstitutionslist" class="fullwidth table table-striped">
<thead>
<tr>
<th>{str tag="version" section="admin"}</th>
<th>{str tag="author" section="admin"}</th>
<th>{str tag="content" section="admin"}</th>
<th>{str tag="creationdate" section="admin"}</th>
<th><span class="accessible-hidden sr-only">{str tag=edit}</span></th>
</tr>
</thead>
<tbody>
{foreach from=$results item=result key=key}
<tr>
<td>{$result->version}</td>
<td>{if $result->firstname === NULL}
{str tag=default}
{else}
<a href="{$WWWROOT}user/view.php?id={$result->userid}">
{$result->firstname} {$result->lastname}
</a>
{/if}
</td>
<td>{$result->content|truncate:100:"..."|htmlspecialchars_decode|strip_tags}</td>
<td>{$result->ctime|date_format:'%d %b %Y %H:%M'}</td>
<td class="control-buttons">
{if $key === $latestprivacyid}
<div class="btn-group">
<a href="{$WWWROOT}admin/site/privacy.php?id={$result->id}" title="{str tag=editversion section='admin' arg1='$result->version'}" class="btn btn-default btn-xs">
<span class="icon icon-pencil icon-lg" role="presentation" aria-hidden="true"></span>
</a>
</div>
{else}
<div class="btn-group">
<a href="{$WWWROOT}admin/site/privacy.php?id={$result->id}" title="{str tag=viewversion section='admin' arg1='$result->version'}" class="btn btn-default btn-xs">
<span class="icon icon-eye icon-lg" role="presentation" aria-hidden="true"></span>
</a>
</div>
{/if}
</td>
</tr>
{if $result->version === $version}
<tr>
<td colspan="5">
<div>{str tag=versionfor section=admin arg1="$result->version"}</div>
{$result->content|clean_html|safe}
</td>
</tr>
{/if}
{/foreach}
</tbody>
</table>
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="active">
<a href="#privacy" role="tab" data-toggle="tab" aria-expanded="true" onclick="showTab('#privacy')">
{str tag="privacy" section="admin"}
</a>
</li>
<li role="presentation">
<a href="#termsandconditions" role="tab" data-toggle="tab" aria-expanded="false" onclick="showTab('#termsandconditions')">
{str tag="termsandconditions" section="admin"}
</a>
</li>
</ul>
<br>
<div id="privacy-text" class="lead tab">{str tag="privacypagedescription" section="admin"}</div>
<div id="termsandconditions-text" class="lead tab js-hidden">{str tag="termspagedescription" section="admin"}</div>
<div class="row">
<div class="col-md-12">
<div class="panel panel-default view-container">
<div class="table-responsive">
<table id="adminstitutionslist" class="fullwidth table table-striped">
<thead>
<tr>
<th>{str tag="version" section="admin"}</th>
<th>{str tag="author" section="admin"}</th>
<th>{str tag="content" section="admin"}</th>
<th>{str tag="creationdate" section="admin"}</th>
<th><span class="accessible-hidden sr-only">{str tag=edit}</span></th>
</tr>
</thead>
<tbody id="privacy" class="tab">
{foreach from=$results item=result key=key}
{if $result->type == 'privacy'}
{include file="admin/site/privacytable.tpl"}
{/if}
{/foreach}
</tbody>
<tbody id="termsandconditions" class="tab js-hidden">
{foreach from=$results item=result key=key}
{if $result->type == 'termsandconditions'}
{include file="admin/site/privacytable.tpl"}
{/if}
{/foreach}
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
{/if}
{include file="footer.tpl"}
<tr>
<td>{$result->version}</td>
<td>{if $result->userid == '0'}
{$result->displayname}
{else}
<a href="{$WWWROOT}user/view.php?id={$result->userid}">
{$result->displayname}
</a>
{/if}
</td>
<td>{$result->content|htmlspecialchars_decode|strip_tags|truncate:100:"..."}</td>
<td>{$result->ctime|date_format:'%d %b %Y %H:%M'}</td>
<td class="control-buttons">
{if $key === $latestprivacyid}
<div class="btn-group">
<a href="{$WWWROOT}{$link}{$result->id}" title="{str tag=editversion section='admin' arg1='$result->version'}" class="btn btn-default btn-xs">
<span class="icon icon-pencil icon-lg" role="presentation" aria-hidden="true"></span>
</a>
</div>
{else}
<div class="btn-group">
<a href="{$WWWROOT}{$link}{$result->id}" title="{str tag=viewversion section='admin' arg1='$result->version'}" class="btn btn-default btn-xs">
<span class="icon icon-eye icon-lg" role="presentation" aria-hidden="true"></span>
</a>
</div>
{/if}
</td>
</tr>
<!-- Because T&C and PS can have the same version, we must check the id as well -->
{if $result->version === $version && $result->id == $versionid}
<tr>
<td colspan="5">
<div>
{if $result->type == 'privacy'}
{str tag=privacyversionfor section=admin arg1="$result->version"}
{else}
{str tag=termsversionfor section=admin arg1="$result->version"}
{/if}
</div>
{$result->content|clean_html|safe}
</td>
</tr>
{/if}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment