Add an option to require the CTs to be agreed to edit

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1d3297d16eb4ceabe4994a04293850dfbb849f9a..619ef981a61ba8260248368f681b04a6136e246a 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -50,7 +50,7 @@ class ApplicationController < ActionController::Base
     # method, otherwise an OAuth token was used, which has to be checked.
     unless current_token.nil?
       unless current_token.read_attribute(cap)
-        render :text => "OAuth token doesn't have that capability.", :status => :forbidden
+        report_error "OAuth token doesn't have that capability.", :forbidden
         return false
       end
     end
@@ -84,6 +84,11 @@ class ApplicationController < ActionController::Base
   end
   def require_allow_write_api
     require_capability(:allow_write_api)
+
+    if REQUIRE_TERMS_AGREED and @user.terms_agreed.nil?
+      report_error "You must accept the contributor terms before you can edit.", :forbidden
+      return false
+    end
   end
   def require_allow_read_gpx
     require_capability(:allow_read_gpx)

diff --git a/config/example.application.yml b/config/example.application.yml
index cf7565856883570d8fd960f1762e2850e26a4efa..a8ebb4d8fbb938426c1b32b96061ba32217955eb 100644 (file)
--- a/config/example.application.yml
+++ b/config/example.application.yml
@@ -69,6 +69,8 @@ standard_settings: &standard_settings
   #potlatch2_key: ""
   # Whether to require users to view the CTs before continuing to edit...
   require_terms_seen: false
+  # Whether to require users to agree to the CTs before editing
+  require_terms_agreed: false
 
 development:
   <<: *standard_settings