Commit 382e5f7e authored by Maria Sorica's avatar Maria Sorica

Bug 1734169: Suspend user if privacy statement is refused

If a privacy switch has the value 'No', a confirmation
form will be displayed to make sure this is really the
users decision.
If yes, the users account is suspended.

behatnotneeded

Change-Id: Ifa7c175569cbad780a449c8431d4d9f981839c21
parent 44a6284e
......@@ -750,12 +750,27 @@ function auth_get_available_auth_types($institution=null) {
*/
function auth_check_required_fields() {
global $USER, $SESSION;
// for the case we are mascarading as the user and we want to return to be admin user
$restoreadmin = param_integer('restore', 0);
$refused = param_boolean('refuseprivacy', false);
// Privacy statement.
if (get_config('institutionstrictprivacy') && !$USER->has_latest_agreement() && !$restoreadmin) {
if (get_config('institutionstrictprivacy') && !$USER->has_latest_agreement()) {
if ($refused) {
$elements['refused'] = array(
'type' => 'hidden',
'value' => 1
);
$elements['submit'] = array(
'type' => 'submitcancel',
'class' => 'btn-default',
'value' => array(get_string('yes'), get_string('no')),
'goto' => get_config('wwwroot'),
);
$form = pieform(array(
'name' => 'refuseprivacy',
'elements' => $elements,
));
}
else {
// Get all institutions of a user.
$userinstitutions = array_keys($USER->get('institutions'));
// Include the 'mahara' institution so that we may show the site privacy statement as well.
......@@ -791,17 +806,16 @@ function auth_check_required_fields() {
'type' => 'submit',
'value' => get_string('savechanges', 'admin')
);
$form = pieform(array(
'name' => 'agreetoprivacy',
'jsform' => false,
'jssuccesscallback' => 'contentSaved',
'elements' => $elements,
));
}
define('TITLE', get_string('privacy', 'admin'));
$smarty = smarty();
setpageicon($smarty, 'icon-umbrella');
$smarty->assign('form', $form);
$smarty->assign('refused', $refused);
$smarty->display('account/useracceptprivacy.tpl');
exit;
}
......@@ -1198,21 +1212,43 @@ function agreetoprivacy_submit(Pieform $form, $values) {
$userinstitutions = array_keys($USER->get('institutions'));
array_push($userinstitutions, 'mahara');
$hasrefused = false;
foreach ($userinstitutions as $institution) {
if ($values[$institution . 'switch'] == 'disabled') {
// check if the institution has a privacy statement
// if not, it depends on the site one and we can skip it
// if yes, check if the user has already accepted it (switch is disabled)
if (!isset($values[$institution]) || $values[$institution . 'switch'] == 'disabled') {
continue;
}
$agreed = (empty($values[$institution]) ? 0 : $values[$institution]);
try {
$agreed = (empty($values[$institution]) ? 0 : $values[$institution]);
save_user_reply_to_agreement($USER->get('id'), $values[$institution . 'id'], $agreed);
if ($values[$institution]) {
$SESSION->add_ok_msg(get_string('agreementsaved', 'admin'));
}
else {
$hasrefused = true;
}
}
catch (SQLException $e) {
$SESSION->add_ok_msg(get_string('savefailed', 'admin'));
}
}
if ($hasrefused) {
redirect(get_config('wwwroot') . '?refuseprivacy=true');
}
$SESSION->set('nocheckrequiredfields', true);
redirect();
}
function refuseprivacy_submit(Pieform $form, $values) {
global $USER, $SESSION;
suspend_user($USER->get('id'), 'privacyrefusal');
$SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
$SESSION->set('nocheckrequiredfields', true);
$USER->logout();
redirect();
}
/**
......
......@@ -1351,3 +1351,7 @@ $string['privacyagreement'] = 'I consent to this privacy statement';
$string['privacyagreementdescription'] = 'By choosing "Yes", you give your consent to the clauses of the privacy statement above.';
$string['privacyagreedto'] = 'You agreed to this privacy statement in %s.';
$string['agreementsaved'] = 'Agreement saved';
$string['refuseprivacy'] = 'Refuse privacy statement';
$string['confirmprivacyrefusal'] = 'Are you really sure you wish to continue?';
$string['privacyrefusaldetails'] = 'If you do not consent to the privacy statement, your account will be suspended.';
$string['privacyrefusal'] = 'Refused to consent to the privacy statement.';
......@@ -866,6 +866,7 @@ $string['youraccounthasbeensuspendedtextcron'] = 'Your account at %s has been su
$string['youraccounthasbeensuspendedreasontext'] = "Your account at %s has been suspended by %s. Reason:\n\n%s";
$string['youraccounthasbeensuspendedreasontextcron'] = "Your account at %s has been suspended. Reason:\n\n%s";
$string['youraccounthasbeenunsuspendedtext2'] = 'Your account at %s has been unsuspended. You may once again log in and use the site.'; // can't provide a login link because we don't know how they log in - it might be by xmlrpc
$string['youraccounthasbeensuspendedtext3'] = 'Your account on %s has been suspended because you refused to consent to the privacy statement';
// size of stuff
$string['sizemb'] = 'MB';
......
......@@ -1426,7 +1426,7 @@ function suspend_user($suspendeduserid, $reason, $suspendinguserid=null) {
$suspendrec = new StdClass;
$suspendrec->id = $suspendeduserid;
$suspendrec->suspendedcusr = $suspendinguserid;
$suspendrec->suspendedreason = $reason;
$suspendrec->suspendedreason = $reason == 'privacyrefusal' ? get_string($reason, 'admin') : $reason;
$suspendrec->suspendedctime = db_format_timestamp(time());
update_record('usr', $suspendrec, 'id');
......@@ -1449,6 +1449,10 @@ function suspend_user($suspendeduserid, $reason, $suspendinguserid=null) {
get_config('sitename'), display_name($suspendinguserid, $suspendeduserid));
}
}
else if ($reason == 'privacyrefusal') {
$message->message = get_string_from_language($lang, 'youraccounthasbeensuspendedtext3', 'mahara',
get_config('sitename'));
}
else {
if ($iscron) {
// Suspended by a cron task
......
{include file="header.tpl"}
<div class="lead">{str tag="newprivacy" section="admin"}</div>
<div>{$form|safe}</div>
{if $refused}
<div class="panel panel-danger view-container">
<h2 class="panel-heading">{str tag="refuseprivacy" section="admin"}</h2>
<div class="panel-body">
<h5>{str tag="privacyrefusaldetails" section="admin"}</h5>
<p>{str tag="confirmprivacyrefusal" section="admin"}</p>
{$form|safe}
</div>
</div>
{else}
<div class="lead">{str tag="newprivacy" section="admin"}</div>
<div>{$form|safe}</div>
{/if}
{include file="footer.tpl"}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment