Overview
Every user need to Accept the terms and conditions in order to access the portal:
- Case 1: Existing user, will be flagged with terms & conditions flag will be set to false.
- Case 2: Whenever a new user registers his terms&conditions flag will be set to false.
- Case 3: When the terms & conditions are changed - all the affected user's terms&conditions flag will be set to false.
After login, we will detect - if user needs to accept the terms of condition - in either of above cases, we will present him with screen to accept the same.
Applicability/configuration of terms and conditions will be based on chosen approach.
Approach 1:
We can have Terms & Conditions definition per installation.
In this case a simple table will be created:
Column Name | Purpose |
---|---|
tacId | Primary key of the table, auto-generated |
tacStatus | boolean true means in force, false - means past |
tacContent | html content |
tacUpdatedDate | datetime - when terms and condition was last updated |
tacUpdatedBy | user- who updated it for last time |
When user updates the terms and conditions
- a new row will be inserted with content as well as date/user/status
- old row status will be marked to false.
- flag in user table for terms & conditions will be marked to false.
Approach 2:
We can create terms & conditions per channel basis.
In this case - we just need one more column - which stores the channel for which terms and conditions is applicable.
When user updates the terms and condition
- a new row will be inserted with content as well as date/user/status/channel
- old row status will be marked to false for the given channel
- flag in user table for terms & conditions will be marked to false based on channel value.
API
POST /v1/update/terms
{
"request": {
"termsAndConditions": "<html> content</html>",
"channel": "channel-id"
}
}
Response
200 OK - Terms updated successfully
400 Bad Request - Request validation - empty Terms And Conditions
403 Forbidden - if user is not org admin
POST /v1/accept/terms
Empty Request body
Response
200 OK - Success
401 Unauthorized - Unauthorized access.
If called without user-token