From 81c65acab9dc3ad688542d818291ba569b70c1d0 Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Tue, 24 Nov 2020 12:23:43 +0100
Subject: [PATCH] for nont obligatory privacy notice just show the notification
that can be dismissed
---
smash/web/api_urls.py | 1 +
smash/web/api_views/worker.py | 9 ++++++++
smash/web/templates/_base.html | 40 ++++++++++++++++++++++++++++++----
smash/web/views/__init__.py | 9 +++++++-
4 files changed, 54 insertions(+), 5 deletions(-)
diff --git a/smash/web/api_urls.py b/smash/web/api_urls.py
index 11a02b7b..a3baf735 100644
--- a/smash/web/api_urls.py
+++ b/smash/web/api_urls.py
@@ -64,6 +64,7 @@ urlpatterns = [
url(r'^workers/add_extra_availability/(?P<worker_id>\d+)/(?P<start_str_date>\d{4}-\d{2}-\d{2}-\d{2}-\d{2})/(?P<end_str_date>\d{4}-\d{2}-\d{2}-\d{2}-\d{2})/$',
worker.add_worker_extra_availability, name='web.api.workers.add_extra_availability'),
+ url(r'^worker/accept_privacy_notice/$', worker.accept_privacy_notice, name='web.api.workers.accept_privacy_notice'),
# daily planning data
url(r'^daily_planning/workers/$', worker.workers_for_daily_planning, name='web.api.workers.daily_planning'),
diff --git a/smash/web/api_views/worker.py b/smash/web/api_views/worker.py
index c956782d..2ecf1a00 100644
--- a/smash/web/api_views/worker.py
+++ b/smash/web/api_views/worker.py
@@ -26,6 +26,15 @@ def units(request):
"units": [x[0] for x in workers]
})
+
+def accept_privacy_notice(request):
+ worker = Worker.get_by_user(request.user)
+ worker.privacy_notice_accepted = True
+ worker.save()
+ return JsonResponse({
+ "status": 'ok'
+ })
+
def workers_for_daily_planning(request):
start_date = request.GET.get('start_date')
workers = get_workers_for_daily_planning(request)
diff --git a/smash/web/templates/_base.html b/smash/web/templates/_base.html
index b5ec2ee0..688db99e 100644
--- a/smash/web/templates/_base.html
+++ b/smash/web/templates/_base.html
@@ -32,6 +32,8 @@
<script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
+ <script src="https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js"></script>
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css">
{% endblock styles %}
</head>
<!--
@@ -73,7 +75,7 @@ desired effect
<a href="#" class="sidebar-toggle" data-toggle="offcanvas" role="button">
<span class="sr-only">Toggle navigation</span>
</a>
-
+
<div class="col-xs-7 navbar-text" style="margin-left: 0px">
<div class="warning_ticker">
<div class="ticker_list">
@@ -388,7 +390,7 @@ desired effect
mousePause: 1
});
}else if($('.ticker_list').children().length == 1){
-
+
}else{
$('.warning_ticker').css('display', 'none');
}
@@ -397,12 +399,42 @@ desired effect
var $e = $(".sidebar-menu li[data-desc='" + page_to_activate + "']");
$e.addClass("active");
if($($e).parents('li[data-desc]').length > 0){ //if there is a parent, it should also be active
- $($e).parents('li[data-desc]').addClass("active");
+ $($e).parents('li[data-desc]').addClass("active");
}
-
+
};
activate({% block ui_active_tab %}{% endblock ui_active_tab %});
+ if ("{{ show_notice }}".toLowerCase() === "true") {
+ window.cookieconsent.initialise({
+ container: document.getElementById("content"),
+ content: {
+ header: 'Privacy notice!',
+ message: '{{ study.study_privacy_notice.summary}}',
+ href: '{{ study.study_privacy_notice.document.url }}',
+ dismiss: 'Got it!',
+ },
+ palette: {
+ popup: {background: "#fff"},
+ button: {background: "#aa0000"},
+ },
+ revokable: true,
+ onStatusChange: function (status) {
+ if (this.hasConsented()) {
+ $.ajax({
+ url: "{% url 'web.api.workers.accept_privacy_notice' %}",
+ success: function (result) {
+ if (result.isOk === false) console.log(result.message);
+ },
+ async: false
+ });
+ }
+ },
+ law: {
+ regionalLaw: false,
+ }
+ });
+ }
</script>
{% comment "TODO: Check, and add if works %}
diff --git a/smash/web/views/__init__.py b/smash/web/views/__init__.py
index a7dcf170..779ba855 100644
--- a/smash/web/views/__init__.py
+++ b/smash/web/views/__init__.py
@@ -1,5 +1,6 @@
# coding=utf-8
from django.conf import settings
+from django.http import HttpRequest
from django.shortcuts import redirect, render
from django.views.generic.base import ContextMixin
@@ -41,13 +42,16 @@ def wrap_response(request, template, params):
return render(request, template, final_params)
-def extend_context(params, request):
+def extend_context(params, request: HttpRequest):
study = Study.get_by_id(GLOBAL_STUDY_ID)
person = Worker.get_by_user(request.user) # None if AnonymousUser or no Worker associated
permissions = set()
+ show_notice = True
if person is not None:
role = person.role
permissions = person.get_permissions(study)
+ show_notice = study.study_privacy_notice \
+ and not person.privacy_notice_accepted
person = str(person)
else:
#use full name if available, username otherwise
@@ -56,6 +60,8 @@ def extend_context(params, request):
else:
person = request.user.get_username()
role = '<No worker information>'
+ if request.resolver_match is not None and request.resolver_match.url_name == 'web.views.accept_privacy_notice':
+ show_notice = False
notifications = get_notifications(request.user)
final_params = params.copy()
final_params.update({
@@ -65,6 +71,7 @@ def extend_context(params, request):
'person': person,
'role': role,
'notifications': notifications,
+ 'show_notice' : show_notice,
'study_id': GLOBAL_STUDY_ID,
'study' : study
})
--
GitLab