#15209 closed enhancement (fixed)
Implement User Usage Conditions in HaikuDepot
Reported by: | apl-haiku | Owned by: | apl-haiku |
---|---|---|---|
Priority: | normal | Milestone: | R1/beta2 |
Component: | Applications/HaikuDepot | Version: | R1/Development |
Keywords: | UUC conditions HDS | Cc: | |
Blocked By: | Blocking: | ||
Platform: | All |
Description (last modified by )
About UUCs
The backend now supports the concept of a document called "user usage conditions" (UUC). The UUCs are versioned so a user may agree with an older UUC which is out of date because there is a newer UUC in place. Each UUC version is identified by a code such as UUC2019V01
. It is possible that legacy users have not yet agreed to any UUC. The *latest* UUC document is available at https://depot.haiku-os.org/__user/usageconditions/latest/document.html. A specific version of the UUC can be obtained by replacing the latest
with the code of the specific UUC. The UUC maybe obtained from a URL of the similar form with the ".html" extension swapped for ".md" if Markdown is required instead of HTML.
Signup Requirements
When the user signs up, the logic should first obtain the latest UUC. This can be obtained using the JSON-RPC API UserApi#getUserUsageConditions
which provides the latest UUC code as well as the minimum age that user should be to sign up. The user GUI should ask that the user confirms they are as old or older than the minimum age and that they agree to the latest UUC. The latest UUC should be able to be displayed in a window. The user should only be able to proceed with creating a new user when they have agreed to the UUC and confirmed that they meet the minimum age requirement.
Viewing User's Current UUC
The user should be able to view the UUC that they agreed to. It is possible to use the JSON-RPC API UserApi#getUser
to find out what UUC was agreed to and then to use the URL above to obtain the Markdown data and render it in a window.
Updated UUC
The UUC may be updated from time to time. If the user has not agreed to the latest UUC then they will not be allowed to perform many operations such as reading and writing some data; this is currently *NOT* enforced because this ticket is not completed. If the user has agreed to an older UUC then it is possible that the HaikuDepot desktop application is able to find this out by using the JSON-RPC API UserApi#getUser
which is able to indicate if the UUC that the user agreed to is the latest.
If it is not the latest then the user should be prompted to agree to the latest UUC. In this case the user should be presented with a GUI to confirm they meet or exceed the minimum age and agree to the latest UUC wording. They can store this confirmation into the HDS backend using the JSON-RPC API UserApi#agreeUserUsageConditions
.
This check could be done (a) when HaikuDepot starts and (b) when a user authenticates/logs-in via HaikuDepot.
Failure
Later, HaikuDepot will raise an authorisation error when the user attempts to perform some action without the authenticated user having agreed to the latest UUC. The semantics around this will need to be confirmed because it has not been finalised and then the HaikuDepot should catch this situation and inform the user correctly that this is the case. The user should be offered the opportunity to agree to the latest age restriction and UUC wording at this time.
Display of UUC
See ticket #15337
Change History (6)
comment:1 by , 5 years ago
comment:3 by , 5 years ago
Description: | modified (diff) |
---|
comment:4 by , 5 years ago
Milestone: | Unscheduled → R1/beta3 |
---|---|
Owner: | changed from | to
Status: | new → assigned |
There is a change review in and the item was discussed at the beta 2 status meeting, so let's track it on that milestone.
comment:5 by , 5 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
All of these tasks are completed now.
comment:6 by , 5 years ago
Milestone: | R1/beta3 → R1/beta2 |
---|
Assign tickets with status=closed and resolution=fixed within the R1/beta2 development window to the R1/beta2 Milestone
Thanks for the detailled write up, Andrew! I am busy myself, but having such a clear description of what needs to be done is very helpful and motivating.