#15209: Implement User Usage Conditions in HaikuDepot
---------------------------------------+--------------------------------
Reporter: apl-haiku | Owner: stippi
Type: enhancement | Status: new
Priority: normal | Milestone: Unscheduled
Component: Applications/HaikuDepot | Version: R1/Development
Resolution: | Keywords: UUC conditions HDS
Blocked By: | Blocking:
Has a Patch: 0 | Platform: All
---------------------------------------+--------------------------------
Description changed by apl-haiku:
Old description:
== About UUCs
The backend now supports the concept of a document called "user usage
conditions" (UUC). The UUCs are versioned so a user may agree with an
older UUC which is out of date because there is a newer UUC in place.
Each UUC version is identified by a code such as {{{UUC2019V01}}}. It is
possible that legacy users have not yet agreed to any UUC. The *latest*
UUC document is available at https://depot.haiku-
os.org/__user/usageconditions/latest/document.html. A specific version
of the UUC can be obtained by replacing the {{{latest}}} with the code of
the specific UUC. The UUC maybe obtained from a URL of the similar form
with the ".html" extension swapped for ".md" if Markdown is required
instead of HTML.
== Signup Requirements
When the user signs up, the logic should first obtain the latest UUC.
This can be obtained using the JSON-RPC API
{{{UserApi#getUserUsageConditions}}} which provides the latest UUC code
as well as the minimum age that user should be to sign up. The user GUI
should ask that the user confirms they are as old or older than the
minimum age and that they agree to the latest UUC. The latest UUC should
be able to be displayed in a window. The HaikuDepot class {{{TextView}}}
is partially able to display the Markdown, but some enhancements will be
required in the class {{{MarkupParser}}} to deal with headings etc... Put
another way, {{{MarkupParser}}} class needs to be enhanced to be able to
parse Markdown sufficiently to cover the requirements of the UUC document
display. The user should only be able to proceed with creating a new
user when they have agreed to the UUC and confirmed that they meet the
minimum age requirement.
== Viewing User's Current UUC
The user should be able to view the UUC that they agreed to. It is
possible to use the JSON-RPC API {{{UserApi#getUser}}} to find out what
UUC was agreed to and then to use the URL above to obtain the Markdown
data and render it in a window.
== Updated UUC
The UUC may be updated from time to time. If the user has not agreed to
the latest UUC then they will not be allowed to perform many operations
such as reading and writing some data; this is currently *NOT* enforced
because this ticket is not completed. If the user has agreed to an older
UUC then it is possible that the HaikuDepot desktop application is able
to find this out by using the JSON-RPC API {{{UserApi#getUser}}} which is
able to indicate if the UUC that the user agreed to is the latest.
If it is not the latest then the user should be prompted to agree to the
latest UUC. In this case the user should be presented with a GUI to
confirm they meet or exceed the minimum age and agree to the latest UUC
wording. They can store this confirmation into the HDS backend using the
JSON-RPC API {{{UserApi#agreeUserUsageConditions}}}.
This check could be done (a) when HaikuDepot starts and (b) when a user
authenticates/logs-in via HaikuDepot.
== Failure
Later, HaikuDepot will raise an authorisation error when the user
attempts to perform some action without the authenticated user having
agreed to the latest UUC. The semantics around this will need to be
confirmed because it has not been finalised and then the HaikuDepot
should catch this situation and inform the user correctly that this is
the case. The user should be offered the opportunity to agree to the
latest age restriction and UUC wording at this time.