Bug 995324 - "Agree to the Terms of Use" should be displayed looks relevant to users that sign up with OpenId
"Agree to the Terms of Use" should be displayed looks relevant to users that...
Status: CLOSED CURRENTRELEASE
Product: Zanata
Classification: Community
Component: Authentication-OpenID (Show other bugs)
3.0
Unspecified Unspecified
unspecified Severity medium
: ---
: 3.3
Assigned To: Alex Eng
Zanata-QA Mailling List
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-09 00:55 EDT by Ding-Yi Chen
Modified: 2014-03-20 01:47 EDT (History)
6 users (show)

See Also:
Fixed In Version: 3.3.0-SNAPSHOT (20131205-0040)
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-03-20 01:47:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Sign Up page in narrow screen (37.63 KB, image/png)
2013-11-26 19:45 EST, Ding-Yi Chen
no flags Details

  None (edit)
Description Ding-Yi Chen 2013-08-09 00:55:57 EDT
Description of problem:
While it is required to check the "I agree to the Terms of Use" for users who sign up from Zanata internal authentication; however, Open ID users can happily slip through this.

It does not make sense that in same system, some users does not need to agree the Terms of Use when they use external services to authenticate themselves.

Version-Release number of selected component (if applicable):
Zanata version 3.0.0-alpha-2-SNAPSHOT (20130809-1309)

How reproducible:
Always

Steps to Reproduce:
1. Go to Sign Up page.
2. Sign Up through any of non-Zanata authentication methods.
3. In Editing Profile view, fill in Name, username and email and press "Save"

Actual results:
  You are greeted in following words:
    You will soon receive an email with a link to activate your account. 

Expected results:
 The check box should exist during the sign up and block the sign up until user check that box.


Additional info:
Alternatively, we can reword the activation letter and say:

By clicking the activation link, you accept the terms of use (TermOfUSeURL).

Activation link: (ActivationURL)
Comment 1 Alex Eng 2013-09-18 20:08:55 EDT
I would prefer the activation email solution. But not until we improve our "Terms and conditions" page as we don't really have any terms and conditions at the moment.
Comment 2 Ding-Yi Chen 2013-09-18 20:28:56 EDT
(In reply to Alex Eng from comment #1)
> I would prefer the activation email solution. But not until we improve our
> "Terms and conditions" page as we don't really have any terms and conditions
> at the moment.

For the sake of consistency, we either rely on activation link and remove the checkbox; or put the checkbox in both paths.
Comment 3 Ding-Yi Chen 2013-09-18 20:31:46 EDT
Issac,

Do you think that every users need to check the "Agree the term and condition", or saying that "By clicking the activation link, you accept the terms of use (TermOfUSeURL)" in activation email is sufficient?
Comment 4 Sean Flanigan 2013-09-18 20:34:21 EDT
We're after some sort of reasonably explicit consent from the user, so I think we need the checkbox.  I don't think we can just rely on the activation link.
Comment 5 Luke Brooker 2013-09-19 00:42:38 EDT
Firstly, we don't even have any terms & conditions written.

Secondly, we don't need a checkbox.

My solution for this is here: http://assets-zanata.rhcloud.com/2/signup

This same idea is used by Github and Mailchimp.

Thirdly, most second party OpenID services have their own terms and conditions pages which also say you agree to the connecting services terms. Not sure about Fedora login though.

Basically as long as we have a link to the terms on the page and reference them we should be fine.

But I think first we should focus on *actually writing some*.
Comment 6 Alex Eng 2013-09-19 00:50:55 EDT
The mockup screen seems to suggest that user that wish to use
- Zanata authentication - needs to agree to our terms and condition (good)
- OpenId - only need to agree to the openId terms, but not Zanata's terms.

Is that sufficient enough? I think users should agree to Zanata's term no matter which authentication they choose.
Comment 11 Alex Eng 2013-11-25 18:20:53 EST
Register page has been redesigned in Zanata 3.1 release with "terms and condition" link displayed if its url is set by admin of Zanata. 

http://zanata.org/terms

https://github.com/zanata/zanata-server/pull/203

Please confirm if this bug is still relevant.
Comment 12 Ding-Yi Chen 2013-11-26 19:45:13 EST
Created attachment 829553 [details]
Sign Up page in narrow screen

As shown in attachment, the location of the Term and Condition visually imply that it's not relevant to OpenID sign up.

Perhaps we should put the term and condition link on the registration profile. (The edit profile view to be used in registration.
Comment 13 Luke Brooker 2013-11-26 23:30:05 EST
Why don't we just show that statement on the first page we show after they return from open ID authentication? (The one where they have to enter their name, email etc)
Comment 14 Ding-Yi Chen 2013-11-26 23:35:04 EST
(In reply to Luke Brooker from comment #13)
> Why don't we just show that statement on the first page we show after they
> return from open ID authentication? (The one where they have to enter their
> name, email etc)

That's exactly what I meant.
Comment 15 Alex Eng 2013-12-01 15:00:41 EST
Pull request:
https://github.com/zanata/zanata-server/pull/305
Comment 16 Ding-Yi Chen 2013-12-04 19:30:27 EST
VERIFIED with Zanata version 3.3.0-SNAPSHOT (20131205-0040).
Comment 17 Sean Flanigan 2014-03-20 01:47:37 EDT
Closing VERIFIED bugs for Zanata server 3.3.2.

Note You need to log in before you can comment on or make changes to this bug.