Privacy policy tools

2025-03-15 12:15:34 +01:00 · 2025-03-15 12:15:34 +01:00 · 2cf6d9f6aa
commit 2cf6d9f6aa
parent 0369056c0e
8 changed files with 52 additions and 1 deletions
--- a/modules/setting/service.go
+++ b/modules/setting/service.go
@ -85,6 +85,7 @@ var Service = struct {
 	DefaultOrgMemberVisible                 bool
 	UserDeleteWithCommentsMaxTime           time.Duration
 	ValidSiteURLSchemes                     []string
+	PrivacyPolicyURL                        string

 	// OpenID settings
 	EnableOpenIDSignIn bool
@ -263,6 +264,8 @@ func loadServiceFrom(rootCfg ConfigProvider) {
 	}
 	Service.ValidSiteURLSchemes = schemes

+	Service.PrivacyPolicyURL = sec.Key("PRIVACY_POLICY_URL").MustString("")
+
 	mustMapSetting(rootCfg, "service.explore", &Service.Explore)

 	loadOpenIDSetting(rootCfg)
--- a/modules/web/middleware/data.go
+++ b/modules/web/middleware/data.go
@ -58,6 +58,7 @@ func CommonTemplateContextData() ContextData {
 		"EnableOpenIDSignIn": setting.Service.EnableOpenIDSignIn,
 		"PageStartTime":      time.Now(),

-		"RunModeIsProd": setting.IsProd,
+		"RunModeIsProd":    setting.IsProd,
+		"PrivacyPolicyURL": setting.Service.PrivacyPolicyURL,
 	}
 }
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@ -28,6 +28,7 @@ licenses = Licenses
 return_to_forgejo = Return to Forgejo
 toggle_menu = Toggle menu
 more_items = More items
+privacy_policy = Privacy Policy

 username = Username
 email = Email address
@ -38,6 +39,8 @@ captcha = CAPTCHA
 twofa = Two-factor authentication
 twofa_scratch = Two-factor scratch code
 passcode = Passcode
+consent_agree = I agree to the <a href="%s">Privacy Policy</a>
+consent_help = Our Privacy Policy explains how we handle your data.

 webauthn_insert_key = Insert your security key
 webauthn_sign_in = Press the button on your security key. If your security key has no button, re-insert it.
@ -485,6 +488,7 @@ password_pwned_err = Could not complete request to HaveIBeenPwned
 last_admin = You cannot remove the last admin. There must be at least one admin.
 back_to_sign_in = Back to Sign in
 sign_in_openid = Proceed with OpenID
+must_consent = Agreement to our Privacy Policy is required to register.

 [mail]
 view_it_on = View it on %s
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@ -479,6 +479,12 @@ func SignUpPost(ctx *context.Context) {
 		ctx.RenderWithErr(password.BuildComplexityError(ctx.Locale), tplSignUp, &form)
 		return
 	}
+
+	if !form.Consent {
+		ctx.RenderWithErr(ctx.Tr("auth.must_consent"), tplSignUp, &form)
+		return
+	} // consent is required before sending password anywhere
+
 	if err := password.IsPwned(ctx, form.Password); err != nil {
 		errMsg := ctx.Tr("auth.password_pwned", "https://haveibeenpwned.com/Passwords")
 		if password.IsErrIsPwnedRequest(err) {
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@ -96,6 +96,7 @@ type RegisterForm struct {
 	Email    string `binding:"Required;MaxSize(254)"`
 	Password string `binding:"MaxSize(255)"`
 	Retype   string
+	Consent  bool
 }

 // Validate validates the fields
--- a/templates/base/footer_content.tmpl
+++ b/templates/base/footer_content.tmpl
@ -27,6 +27,7 @@
 		</div>
 		<a href="{{AssetUrlPrefix}}/licenses.txt">{{ctx.Locale.Tr "licenses"}}</a>
 		{{if .EnableSwagger}}<a href="{{AppSubUrl}}/api/swagger">API</a>{{end}}
+		{{if .PrivacyPolicyURL}}<a href="{{.PrivacyPolicyURL}}">{{ctx.Locale.Tr "privacy_policy"}}</a>{{end}}
 		{{template "custom/extra_links_footer" .}}
 	</div>
 </footer>
--- a/templates/user/auth/signup_inner.tmpl
+++ b/templates/user/auth/signup_inner.tmpl
@ -37,6 +37,18 @@

 				{{template "user/auth/captcha" .}}

+				{{ if (.PrivacyPolicyURL) }}
+					<div id="consent_container">
+						<label>
+							<input id="consent" name="consent" type="checkbox">
+							{{ ctx.Locale.Tr "consent_agree" .PrivacyPolicyURL }}
+						</label>
+						<span class="help">{{ ctx.Locale.Tr "consent_help" }}</span>
+					</div>
+				{{ else }}
+					<input id="consent" name="consent" type="checkbox" checked hidden>
+        {{ end }}
+
 				<div class="inline field">
 					<button class="ui primary button tw-w-full">
 						{{if .LinkAccountMode}}
--- a/web_src/css/index.css
+++ b/web_src/css/index.css
@ -76,3 +76,26 @@

@tailwind utilities;
@import "./helpers.css";
+
+/* git724 tweaks below this line */
+
+#consent_container {
+  margin-bottom: .6em;
+
+  label {
+    input {
+      margin-right: .75em;
+      margin-top: .2em;
+      margin-bottom: .4em;
+    }
+
+    &::after {
+      content: "*";
+      color: var(--color-red);
+    }
+  }
+
+  .help {
+    margin-left: 0 !important;
+  }
+}