- Check for consent before allowing users to perform activities in the administrative app.

2025-10-14 16:20:30 +02:00
parent 37819cd7e5
commit 3ea3a06de6
11 changed files with 316 additions and 23 deletions
--- a/eveai_app/views/user_views.py
+++ b/eveai_app/views/user_views.py
@@ -6,6 +6,8 @@ from flask_security import roles_accepted, current_user
 from sqlalchemy.exc import SQLAlchemyError, IntegrityError
 import ast

+from wtforms import BooleanField
+
 from common.models.user import User, Tenant, Role, TenantDomain, TenantProject, PartnerTenant, TenantMake, \
    ConsentVersion
 from common.extensions import db, security, minio_client, simple_encryption, cache_manager
@@ -33,6 +35,32 @@ from eveai_app.views.list_views.list_view_utils import render_list_view
 user_bp = Blueprint('user_bp', __name__, url_prefix='/user')


+# --- Consent flow placeholder views ---
+@user_bp.route('/consent/tenant', methods=['GET'])
+@roles_accepted('Super User', 'Partner Admin', 'Tenant Admin')
+def tenant_consent():
+    # Placeholder view; UI can be implemented in templates
+    return render_template('user/tenant_consent.html') if current_app.jinja_env.loader else "Tenant Consent"
+
+
+@user_bp.route('/consent/no_access', methods=['GET'])
+@roles_accepted('Super User', 'Partner Admin', 'Tenant Admin')
+def no_consent():
+    return render_template('user/no_consent.html') if current_app.jinja_env.loader else "Consent required - contact your admin"
+
+
+@user_bp.route('/consent/tenant_renewal', methods=['GET'])
+@roles_accepted('Super User', 'Partner Admin', 'Tenant Admin')
+def tenant_consent_renewal():
+    return render_template('user/tenant_consent_renewal.html') if current_app.jinja_env.loader else "Tenant Consent Renewal"
+
+
+@user_bp.route('/consent/renewal', methods=['GET'])
+@roles_accepted('Super User', 'Partner Admin', 'Tenant Admin')
+def consent_renewal():
+    return render_template('user/consent_renewal.html') if current_app.jinja_env.loader else "Consent renewal in progress"
+
+
@user_bp.before_request
 def log_before_request():
    current_app.logger.debug(f'Before request: {request.path} =====================================')
@@ -777,6 +805,15 @@ def edit_consent_version(consent_version_id):
    return render_template('user/edit_consent_version.html', form=form, consent_version_id=consent_version_id)


+@user_bp.route('/tenant_consent', methods=['GET', 'POST'])
+@roles_accepted('Tenant Admin')
+def tenant_consent():
+    dpa_consent = BooleanField("DPA Consent", default=False)
+    t_c_consent = BooleanField("T&C Consent", default=False)
+
+
+
+
 def reset_uniquifier(user):
    security.datastore.set_uniquifier(user)
    db.session.add(user)