Overview
Every user need to Accept the terms and conditions in order to access the portal:
- Case 1: Existing user, will be flagged with terms & conditions flag will be set to false.
- Case 2: Whenever a new user registers his terms&conditions flag will be set to false.
- Case 3: When the terms & conditions are changed - In this scenario we will get the accepted version of TAC from user and the latest version of TAC from systemSetting, if there is any difference in the version we will ask user to accept the TAC again.
After login, we will detect - if user needs to accept the terms of condition - in either of above cases, we will present him with screen to accept the same.
Applicability/configuration of terms and conditions will be based on chosen approach.
Approach 1:
We can have Terms & Conditions definition per installation.
In this case a simple table will be created:
| Column Name | Purpose |
|---|---|
| tacId | Primary key of the table, auto-generated |
| tacStatus | boolean true means in force, false - means past |
| tacContent | html content |
| tacUpdatedDate | datetime - when terms and condition was last updated |
| tacUpdatedBy | user- who updated it for last time |
When user updates the terms and conditions
- a new row will be inserted with content as well as date/user/status
- old row status will be marked to false.
- flag in user table for terms & conditions will be marked to false.
Approach 2:
We can create terms & conditions per channel basis.
In this case - we just need one more column - which stores the channel for which terms and conditions is applicable.
When user updates the terms and condition
- a new row will be inserted with content as well as date/user/status/channel
- old row status will be marked to false for the given channel
- flag in user table for terms & conditions will be marked to false based on channel value.
API
POST /v1/update/terms
{
"request": {
"termsAndConditions": "<html> content</html>",
"channel": "channel-id"
}
}Response
200 OK - Terms updated successfully
400 Bad Request - Request validation - empty Terms And Conditions
403 Forbidden - if user is not org admin
POST /v1/accept/terms
Empty Request bodyResponse
200 OK - Success
401 Unauthorized - Unauthorized access.
If called without user-token
Approach 3:
We can create terms & conditions manually and inserts the version information in system settings.
When user updates the terms and condition
- A new row will be inserted in the TAC table
- We have to update the latest version of tac in system setting table
DB changes
We need to create TAC table which will contain column
Column Name Purpose id Primary key of the table, auto-generated version version of TAC
content html content created on created date created by user- who created it updatedOn last updated on updated by user- who updated it - We need system setting which contains the latest version id of TAC
- We need to add ( tacStatus, tacAcceptedDate, tacVersionId) columns in user table and we can drop (tcstatus, tcupdateddate) as we are not using them
We will create 2 api's
- Accept TAC
POST /v1/tac/accepts/{ "request": {
"tacVersion":"v1", "userId": "userId",
"status": true } }
2. Get TAC
GET /v1/tac/read
For fetching TAC we will get the current version of the TAC from system setting and then fetch the particular TAC from table
Response
200 OK - Terms updated successfully
400 Bad Request - Request validation - invalid userId or invalid tacVersion