- Correctie reset password en confirm email adress by adapting the prefixed_url_for to use config setting

- Adaptation of DPA and T&Cs - Refer to privacy statement as DPA, not a privacy statement - Startup of enforcing signed DPA and T&Cs - Adaptation of eveai_chat_client to ensure we retrieve correct DPA & T&Cs
2025-10-13 14:28:09 +02:00
parent 83272a4e2a
commit 37819cd7e5
35 changed files with 5350 additions and 241 deletions
--- a/eveai_app/views/security_views.py
+++ b/eveai_app/views/security_views.py
@@ -10,7 +10,8 @@ from datetime import datetime as dt, timezone as tz
 from itsdangerous import URLSafeTimedSerializer
 from sqlalchemy.exc import SQLAlchemyError

-from common.models.user import User
+from common.models.user import User, ConsentStatus
+from common.services.user import TenantServices
 from common.utils.eveai_exceptions import EveAIException, EveAINoActiveLicense
 from common.utils.nginx_utils import prefixed_url_for
 from eveai_app.views.security_forms import SetPasswordForm, ResetPasswordForm, ForgotPasswordForm
@@ -56,8 +57,24 @@ def login():
                    db.session.commit()
                    if current_user.has_roles('Super User'):
                        return redirect(prefixed_url_for('user_bp.tenants', for_redirect=True))
-                    else:
-                        return redirect(prefixed_url_for('user_bp.tenant_overview', for_redirect=True))
+                    if current_user.has_roles('Partner Admin'):
+                        return redirect(prefixed_url_for('user_bp.tenants', for_redirect=True))
+                    consent_status = TenantServices.get_consent_status(user.tenant_id)
+                    match consent_status:
+                        case ConsentStatus.CONSENTED:
+                            return redirect(prefixed_url_for('user_bp.tenant_overview', for_redirect=True))
+                        case ConsentStatus.NOT_CONSENTED:
+                            if current_user.has_roles('Tenant Admin'):
+                                return redirect(prefixed_url_for('user_bp.tenant_consent', for_redirect=True))
+                            else:
+                                return redirect(prefixed_url_for('user_bp.no_consent', for_redirect=True))
+                        case ConsentStatus.RENEWAL_REQUIRED:
+                            if current_user.has_roles('Tenant Admin'):
+                                return redirect(prefixed_url_for('user_bp.tenant_consent_renewal', for_redirect=True))
+                            else:
+                                return redirect(prefixed_url_for('user_bp.consent_renewal', for_redirect=True))
+                        case _:
+                            return redirect(prefixed_url_for('basic_bp.index', for_redirect=True))
                else:
                    flash('Invalid username or password', 'danger')
                    current_app.logger.error(f'Invalid username or password for given email: {user.email}')