Added a request to give consent for non-LI information on user login. Addresses issue #2505.

- Legacy-Id: 15211

ietf/ietfauth/views.py

@@ -46,10 +46,11 @@ from django.contrib.auth.decorators import login_required
 from django.contrib.auth.forms import AuthenticationForm
 from django.contrib.auth.hashers import identify_hasher
 from django.contrib.auth.models import User
-from django.contrib.auth.views import login as django_login
+from django.contrib.auth.views import LoginView
 from django.contrib.sites.models import Site
 from django.core.validators import ValidationError
 from django.urls import reverse as urlreverse
+from django.utils.safestring import mark_safe
 from django.http import Http404, HttpResponseRedirect  #, HttpResponse, 
 from django.shortcuts import render, redirect, get_object_or_404
 
@@ -583,6 +584,22 @@ def login(request, extra_context=None):
         form = AuthenticationForm(request, data=request.POST)
         username = form.data.get('username')
         user = User.objects.filter(username=username).first()
+        #
+        require_consent = []
+        if user.person and not user.person.consent:
+            person = user.person
+            if person.name != person.name_from_draft:
+                require_consent.append("full name")
+            elif person.ascii != person.name_from_draft:
+                require_consent.append("ascii name")
+            elif person.biography:
+                require_consent.append("biography")
+            elif user.communitylist_set.exists():
+                require_consent.append("draft notification subscription(s)")
+            else:
+                for email in person.email_set.all():
+                    if not email.origin.split(':')[0] in ['author', 'role', 'reviewer', 'liaison', 'shepherd', ]:
+                        require_consent.append("email address(es)")
         if user:
             try:
                 identify_hasher(user.password)
@@ -593,8 +610,19 @@ def login(request, extra_context=None):
                                     "Please use the password reset link below "
                                     "to set a new password for your account.",
                                 }
+    response = LoginView.as_view(extra_context=extra_context)(request)
+    if isinstance(response, HttpResponseRedirect) and user.is_authenticated():
+        if require_consent:
+            messages.warning(request, mark_safe("""
 
-    return django_login(request, extra_context=extra_context)
+                You have personal information associated with your account which is not
+                derived from draft submissions or other ietf work, namely: %s.  Please go
+                to your <a href='/accounts/profile'>account profile</a> and review your
+                personal information, and confirm that it may be used and displayed
+                within the IETF datatracker.
+
+                """ % ', '.join(require_consent)))
+    return response
 
 @login_required
 @person_required

ietf/static/ietf/css/ietf.css

@@ -658,6 +658,11 @@ ul.list-inline li {
 	max-width: 85ex;
 }
 
+.photo {
+	max-width: 200px;
+}
+
+
 .bio-photo {
 	float: left;
 	margin: 0.3em 1em 0.5em 0.1em;

ietf/templates/registration/edit_profile.html

@@ -77,6 +77,19 @@
       </div>
     </div>
 
+    {% if person.photo %}
+    <div class="form-group">
+      <label class="col-sm-2 control-label">Photo &dagger;</label>
+      <div class="col-sm-10">
+	 <p class="form-control-static">
+	   <a href="{{person.photo.url}}">
+	     <img class="photo" src="{{ person.photo.url }}" alt="Photo of {{ person }}" />
+	   </a>
+	 </p>
+      </div>
+    </div>
+    {% endif %}
+
     <div class="form-group">
       <label class="col-sm-2 control-label">Nomcom Eligible</label>
       <div class="col-sm-1 form-control-static">{{person|is_nomcom_eligible|yesno:'Yes,No,No'}}</div>
@@ -89,20 +102,24 @@
       <label class="col-sm-2 control-label">Email addresses</label>
       <div class="col-sm-10">
         <div class="row">
-	  <div class="col-sm-5" id="emails">
+	  <div class="col-sm-10" id="emails">
 	    <table class="table table-condensed">
-	      <tr ><th>Primary</th><th>Active</th><th>Address</th></tr>
+	      <tr ><th>Primary</th><th>Active</th><th>Address</th><th>Origin</th></tr>
 	      {% for email in emails %}
 	      <tr >
 		 <td><input type="radio" name="primary_email" value="{{ email.pk }}" {% if email.primary %}checked{% endif %}></td>
 		 <td><input type="checkbox" name="active_emails" value="{{ email.pk }}" {% if email.active %}checked{% endif %}></td>
-		 <td>{{ email }}</td>
+		 <td>
+		   {% if email.origin == person.user.username or email.origin == '' %}&dagger;{% endif %}
+		   {{ email }}
+		 </td>
+		 <td>{{ email.origin|default:'(unknown)' }}</td>
 	      </tr>
 	      {% endfor %}
 	    </table>
 	  </div>
-	  <div class="col-sm-7">
-	    <div class="help-block">Note: Email addresses cannot be deleted, only deactivated.</div>
+	  <div class="col-sm-10">
+	    <div class="help-block">Note: Email addresses cannot be deleted in this form, only deactivated.</div>
 	  </div>
         </div>
       </div>
@@ -146,11 +163,11 @@
    $(document).ready(function() {
        $("input[name=active_emails]").on("change keypress click", function () {
            if (this.checked) {
-               $(this).parent().parent().addClass("text-success");;
-               $(this).parent().parent().removeClass("text-danger line-through");
+               $(this).parent().next().addClass("text-success");;
+               $(this).parent().next().removeClass("text-danger line-through");
            } else {
-               $(this).parent().parent().addClass("text-danger line-through");
-               $(this).parent().parent().removeClass("text-success");
+               $(this).parent().next().addClass("text-danger line-through");
+               $(this).parent().next().removeClass("text-success");
            }
        }).trigger("change");