Remove the require_terms_seen configuration option

This option has been set to 'true' for over six years in production.

Refs #2097

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 9666adf129698f8fc690c61c33aec247623e7acb..227e5198f5de115b9dc90d97acbf069cbfb2c581 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -105,7 +105,7 @@ class ApplicationController < ActionController::Base
       # if the user hasn't seen the contributor terms then don't
       # allow editing - they have to go to the web site and see
       # (but can decline) the CTs to continue.
-      if REQUIRE_TERMS_SEEN && !current_user.terms_seen && flash[:skip_terms].nil?
+      if !current_user.terms_seen && flash[:skip_terms].nil?
         set_locale
         report_error t("application.setup_user_auth.need_to_see_terms"), :forbidden
       end

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 01eee61df47fb9ee7e1806b1395fbd8110fcdbdd..d1a94b9f6898659f2af5f476625e3dc818dc52a3 100644 (file)
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -644,7 +644,7 @@ class UsersController < ApplicationController
     # - If they have a block on them, show them that.
     # - If they were referred to the login, send them back there.
     # - Otherwise, send them to the home page.
-    if REQUIRE_TERMS_SEEN && !user.terms_seen
+    if !user.terms_seen
       redirect_to :action => :terms, :referer => target
     elsif user.blocked_on_view
       redirect_to user.blocked_on_view, :referer => target

diff --git a/config/example.application.yml b/config/example.application.yml
index 7db7861b2dfe8acf84f47fdeb8d7ca5c4b441f4c..bf9ebeb59b789f69c1b09b48c60412af73450d58 100644 (file)
--- a/config/example.application.yml
+++ b/config/example.application.yml
@@ -87,8 +87,6 @@ defaults: &defaults
   #oauth_key: ""
   # OAuth consumer key for iD
   #id_key: ""
-  # Whether to require users to view the CTs before continuing to edit...
-  require_terms_seen: false
   # Whether to require users to agree to the CTs before editing
   require_terms_agreed: false
   # Imagery to return in capabilities as blacklisted

diff --git a/test/integration/user_terms_seen_test.rb b/test/integration/user_terms_seen_test.rb
index 03e8c6f54d7978e494c2d155ee05074e615d3ebd..33a6950ee62378ebabd7ab02acb4a6947b50a939 100644 (file)
--- a/test/integration/user_terms_seen_test.rb
+++ b/test/integration/user_terms_seen_test.rb
@@ -6,69 +6,63 @@ class UserTermsSeenTest < ActionDispatch::IntegrationTest
   end
 
   def test_api_blocked
-    with_terms_seen(true) do
-      user = create(:user, :terms_seen => false)
+    user = create(:user, :terms_seen => false)
 
-      get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
-      assert_response :forbidden
+    get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
+    assert_response :forbidden
 
-      # touch it so that the user has seen the terms
-      user.terms_seen = true
-      user.save
+    # touch it so that the user has seen the terms
+    user.terms_seen = true
+    user.save
 
-      get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
-      assert_response :success
-    end
+    get "/api/#{API_VERSION}/user/preferences", :headers => auth_header(user.display_name, "test")
+    assert_response :success
   end
 
   def test_terms_presented_at_login
-    with_terms_seen(true) do
-      user = create(:user, :terms_seen => false)
-
-      # try to log in
-      get "/login"
-      follow_redirect!
-      assert_response :success
-      assert_template "users/login"
-      post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
-      assert_response :redirect
-      # but now we need to look at the terms
-      assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
-      follow_redirect!
-      assert_response :success
-
-      # don't agree to the terms, but hit decline
-      post "/user/save", :params => { :decline => true, :referer => "/diary/new" }
-      assert_redirected_to "/diary/new"
-      follow_redirect!
-
-      # should be carried through to a normal login with a message
-      assert_response :success
-      assert_not flash[:notice].nil?
-    end
+    user = create(:user, :terms_seen => false)
+
+    # try to log in
+    get "/login"
+    follow_redirect!
+    assert_response :success
+    assert_template "users/login"
+    post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
+    assert_response :redirect
+    # but now we need to look at the terms
+    assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
+    follow_redirect!
+    assert_response :success
+
+    # don't agree to the terms, but hit decline
+    post "/user/save", :params => { :decline => true, :referer => "/diary/new" }
+    assert_redirected_to "/diary/new"
+    follow_redirect!
+
+    # should be carried through to a normal login with a message
+    assert_response :success
+    assert_not flash[:notice].nil?
   end
 
   def test_terms_cant_be_circumvented
-    with_terms_seen(true) do
-      user = create(:user, :terms_seen => false)
-
-      # try to log in
-      get "/login"
-      follow_redirect!
-      assert_response :success
-      assert_template "users/login"
-      post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
-      assert_response :redirect
-      # but now we need to look at the terms
-      assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
-
-      # check that if we go somewhere else now, it redirects
-      # back to the terms page.
-      get "/traces/mine"
-      assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine"
-      get "/traces/mine", :params => { :referer => "/diary/new" }
-      assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
-    end
+    user = create(:user, :terms_seen => false)
+
+    # try to log in
+    get "/login"
+    follow_redirect!
+    assert_response :success
+    assert_template "users/login"
+    post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
+    assert_response :redirect
+    # but now we need to look at the terms
+    assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
+
+    # check that if we go somewhere else now, it redirects
+    # back to the terms page.
+    get "/traces/mine"
+    assert_redirected_to :controller => :users, :action => :terms, :referer => "/traces/mine"
+    get "/traces/mine", :params => { :referer => "/diary/new" }
+    assert_redirected_to :controller => :users, :action => :terms, :referer => "/diary/new"
   end
 
   private
@@ -76,14 +70,4 @@ class UserTermsSeenTest < ActionDispatch::IntegrationTest
   def auth_header(user, pass)
     { "HTTP_AUTHORIZATION" => format("Basic %{auth}", :auth => Base64.encode64("#{user}:#{pass}")) }
   end
-
-  def with_terms_seen(value)
-    require_terms_seen = Object.send("remove_const", "REQUIRE_TERMS_SEEN")
-    Object.const_set("REQUIRE_TERMS_SEEN", value)
-
-    yield
-
-    Object.send("remove_const", "REQUIRE_TERMS_SEEN")
-    Object.const_set("REQUIRE_TERMS_SEEN", require_terms_seen)
-  end
 end