boinc/html/inc/consent.inc

<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2018 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.

// functions dealing with the consent and consent_type tables.

include_once("../inc/boinc_db.inc");
include_once("../inc/util.inc");

define('CONSENT_TYPE_ENROLL','ENROLL');

function consent_to_a_policy($user, $consent_type_id, $consent_flag, $consent_not_required, $source, $ctime = 0) {
    $mys = BoincDb::escape_string($source);
    if ($ctime==0) {
        $mytime = $user->create_time;
    }
    else {
        $mytime = $ctime;
    }
    return BoincConsent::insert(
        "(userid, consent_type_id, consent_time, consent_flag, consent_not_required, source) " .
        "values($user->id, $consent_type_id, $mytime, $consent_flag, $consent_not_required, '$mys')"
    );

}

// Checks to see if a user has consented to specfic consent_type_id.
function check_user_consent($user, $consent_name) {
    list($checkct, $ctid) = check_consent_type($consent_name);
    if ($checkct) {
        $consent_result = BoincLatestConsent::lookup("userid={$user->id} AND consent_type_id=$ctid AND consent_flag=1");
        if ($consent_result) {
            return TRUE;
        }
    }
    return FALSE;
}

function consent_after_login($user, $perm=true, $next_url = "") {
    send_cookie('tempuserid', $user->id, false);
    send_cookie('tempperm', $perm, false);
    $save_url = $next_url;
    $next_url = "user_agreetermsofuse.php?next_url=$save_url";
    return $next_url;
}

// Checks to see if a particular consent_type name is in
// available. Returns an array of format: (BOOLEAN, INTEGER). The
// boolean is T/F depending on whether that consent_type exists, and
// if checkenabled=TRUE, if the consent_type is enabled/available for
// use. The integer is the consent_type_id- the id from consent_type
// table. If the boolean is FALSE, the integer returned is -1.
function check_consent_type($name, $checkenabled=TRUE) {
    $ct = BoincConsentType::lookup("shortname = '{$name}'");
    if ($ct and ( !$checkenabled or ($ct->enabled)) ) {
        return array(TRUE, $ct->id);
    }
    return array(FALSE, -1);
}
web: Add functionality of consent to Web site and RPCs. create_account RPC modified to record a user's consent. am_set_info RPC modified to allow for modification of user's consent. Account registration on Web site modified to show terms_of_use.txt file and record user's consent. 2018-05-04 23:42:05 +00:00			`<?php`
			`// This file is part of BOINC.`
			`// http://boinc.berkeley.edu`
web: minor changes found in review 2018-06-11 14:38:35 +00:00			`// Copyright (C) 2018 University of California`
web: Add functionality of consent to Web site and RPCs. create_account RPC modified to record a user's consent. am_set_info RPC modified to allow for modification of user's consent. Account registration on Web site modified to show terms_of_use.txt file and record user's consent. 2018-05-04 23:42:05 +00:00			`//`
			`// BOINC is free software; you can redistribute it and/or modify it`
			`// under the terms of the GNU Lesser General Public License`
			`// as published by the Free Software Foundation,`
			`// either version 3 of the License, or (at your option) any later version.`
			`//`
			`// BOINC is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.`
			`// See the GNU Lesser General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Lesser General Public License`
			`// along with BOINC. If not, see <http://www.gnu.org/licenses/>.`

			`// functions dealing with the consent and consent_type tables.`

			`include_once("../inc/boinc_db.inc");`
			`include_once("../inc/util.inc");`

web: defined CONSENT_TYPE_ENROLL and replaced string 'ENROLL' with this define. No changes to functionally, only a new define(). 2018-09-17 15:39:24 +00:00			`define('CONSENT_TYPE_ENROLL','ENROLL');`

web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`function consent_to_a_policy($user, $consent_type_id, $consent_flag, $consent_not_required, $source, $ctime = 0) {`
web: Add functionality of consent to Web site and RPCs. create_account RPC modified to record a user's consent. am_set_info RPC modified to allow for modification of user's consent. Account registration on Web site modified to show terms_of_use.txt file and record user's consent. 2018-05-04 23:42:05 +00:00			`$mys = BoincDb::escape_string($source);`
			`if ($ctime==0) {`
			`$mytime = $user->create_time;`
			`}`
			`else {`
			`$mytime = $ctime;`
			`}`
			`return BoincConsent::insert(`
Removed unnecessary primary_key from insert statements. 2018-09-17 14:50:44 +00:00			`"(userid, consent_type_id, consent_time, consent_flag, consent_not_required, source) " .`
			`"values($user->id, $consent_type_id, $mytime, $consent_flag, $consent_not_required, '$mys')"`
web: Add functionality of consent to Web site and RPCs. create_account RPC modified to record a user's consent. am_set_info RPC modified to allow for modification of user's consent. Account registration on Web site modified to show terms_of_use.txt file and record user's consent. 2018-05-04 23:42:05 +00:00			`);`

web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`}`

web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`// Checks to see if a user has consented to specfic consent_type_id.`
			`function check_user_consent($user, $consent_name) {`
			`list($checkct, $ctid) = check_consent_type($consent_name);`
			`if ($checkct) {`
web: Modified lookup to also search fo consent_flag. Query for what is needed to determine if a user has consented to a policy. 2018-09-17 16:11:00 +00:00			`$consent_result = BoincLatestConsent::lookup("userid={$user->id} AND consent_type_id=$ctid AND consent_flag=1");`
			`if ($consent_result) {`
web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`return TRUE;`
			`}`
			`}`
			`return FALSE;`
			`}`

web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`function consent_after_login($user, $perm=true, $next_url = "") {`
web: Replaced SESSION with temporary cookies. Temporary cookies hold the userid information so the subsequent form can set the consent. 2018-06-11 16:43:16 +00:00			`send_cookie('tempuserid', $user->id, false);`
			`send_cookie('tempperm', $perm, false);`
web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`$save_url = $next_url;`
web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`$next_url = "user_agreetermsofuse.php?next_url=$save_url";`
web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`return $next_url;`
web: Misc minor changes. Changed name of consent function to be more generic. Added translation of ops page text. 2018-05-22 20:40:18 +00:00			`}`
web: modified RPCs to use new consent_type table definitions. Added check consent type function for RPCs and Web forms. 2018-06-01 20:13:51 +00:00
web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`// Checks to see if a particular consent_type name is in`
			`// available. Returns an array of format: (BOOLEAN, INTEGER). The`
			`// boolean is T/F depending on whether that consent_type exists, and`
			`// if checkenabled=TRUE, if the consent_type is enabled/available for`
			`// use. The integer is the consent_type_id- the id from consent_type`
			`// table. If the boolean is FALSE, the integer returned is -1.`
			`function check_consent_type($name, $checkenabled=TRUE) {`
web: modified RPCs to use new consent_type table definitions. Added check consent type function for RPCs and Web forms. 2018-06-01 20:13:51 +00:00			`$ct = BoincConsentType::lookup("shortname = '{$name}'");`
web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`if ($ct and ( !$checkenabled or ($ct->enabled)) ) {`
			`return array(TRUE, $ct->id);`
web: modified RPCs to use new consent_type table definitions. Added check consent type function for RPCs and Web forms. 2018-06-01 20:13:51 +00:00			`}`
web: Web code modified to work with new database table definitions. Modified web code to use consent_type_id in place of consent_name in various places. RPCs also modified to use the new definitions. 2018-06-15 19:54:35 +00:00			`return array(FALSE, -1);`
web: Exiting users agree to terms of use when logging in. Renamed 'optin consent' to 'agree to terms of use'. New config.xml variable name. Decoupled new user agree to terms of use from existing users. If there is a ENROLL terms of use, and the project has enabled the 'enable_login_mustagree_termsofuse' boolean, then existing users must agree to the terms of use when the login, and this is recorded in the consent table. 2018-06-04 16:22:38 +00:00			`}`