Merge pull request #56 from Skud/tos

Terms of service

Gemfile

@@ -58,7 +58,7 @@ gem 'friendly_id'
 
 # for phusion passenger (i.e. mod_rails) on the server
 gem 'passenger'
-gem 'rake'
+gem 'rake', '>= 10.0.0'
 gem 'cape'
 
 gem 'diff-lcs'

Gemfile.lock

@@ -133,7 +133,7 @@ GEM
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
-    rake (0.9.2.2)
+    rake (10.0.2)
     rdoc (3.12)
       json (~> 1.4)
     rspec (2.11.0)
@@ -206,7 +206,7 @@ DEPENDENCIES
   passenger
   pg
   rails (= 3.2.8)
-  rake
+  rake (>= 10.0.0)
   rspec-rails
   rvm-capistrano
   sass-rails (~> 3.2.3)

app/controllers/policy_controller.rb

@@ -0,0 +1,2 @@
+class PolicyController < ApplicationController
+end

app/models/user.rb

@@ -13,13 +13,17 @@ class User < ActiveRecord::Base
 
   # Setup accessible (or protected) attributes for your model
   attr_accessible :username, :email, :password, :password_confirmation,
-    :remember_me, :login
+    :remember_me, :login, :tos_agreement
   # attr_accessible :title, :body
 
   # Virtual attribute for authenticating by either username or email
   # This is in addition to a real persisted field like 'username'
   attr_accessor :login
 
+  # Requires acceptance of the Terms of Service
+  validates_acceptance_of :tos_agreement, :allow_nil => false,
+    :accept => true
+
   # allow login via either username or email address
   def self.find_first_by_auth_conditions(warden_conditions)
     conditions = warden_conditions.dup

app/views/devise/registrations/new.html.haml

@@ -1,29 +1,31 @@
 - content_for :title, "Sign up"
 
-= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f|
+= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => {:class => "form-horizontal"}) do |f|
   = devise_error_messages!
 
-  %div
-  = f.label :username
-  %br
-  = f.text_field :username
+  .control-group
+    = f.label :username, :class => "control-label"
+    .controls= f.text_field :username
 
-  %div
-  = f.label :email
-  %br
-  = f.email_field :email
+  .control-group
+    = f.label :email, :class => "control-label"
+    .controls= f.email_field :email
 
-  %div
-  = f.label :password
-  %br
-  = f.password_field :password
+  .control-group
+    = f.label :password, :class => "control-label"
+    .controls= f.password_field :password
 
-  %div
-  = f.label :password_confirmation
-  %br
-  = f.password_field :password_confirmation
+  .control-group
+    = f.label :password_confirmation, :class => "control-label"
+    .controls= f.password_field :password_confirmation
 
-  %div
-  = f.submit "Sign up"
+  .control-group
+    .controls
+      = f.check_box :tos_agreement
+      I agree to the 
+      = link_to('Terms of Service', url_for(:action => 'tos', :controller => '/policy'))
+
+    .form-actions
+      = f.submit "Sign up", :class => 'btn'
 
 = render "devise/shared/links"

app/views/layouts/_footer.html.haml

@@ -3,8 +3,8 @@
     .navbar-inner
       %ul.nav
         %li= link_to "About", "http://wiki.growstuff.org"
+        %li= link_to "Terms of Service", url_for(:controller => '/policy', :action => 'tos')
+        %li= link_to "Community Guidelines", url_for(:controller => '/policy', :action => 'community')
         %li= link_to "License", "https://github.com/Growstuff/growstuff/blob/dev/LICENSE.txt"
         %li= link_to "Github", "https://github.com/Growstuff/"
-        %li= link_to "Wiki", "http://wiki.growstuff.org"
         %li= link_to "Mailing list", "http://lists.growstuff.org/mailman/listinfo/discuss"
-        %li= link_to "Community Guidelines", "https://github.com/Growstuff/policy/blob/master/community-guidelines.md"

app/views/policy/community.html.haml

@@ -0,0 +1,27 @@
+-content_for :title, 'Growstuff Community Guidelines'
+
+:markdown
+
+  Growstuff is a community by and for food-gardeners.  Together, we are building a website where we can share our experience, knowledge, and the products of our harvest.  The most important thing about Growstuff is the people.  For Growstuff to thrive, we need people to add their crops, share their knowledge, and help build the site itself.
+
+  Whatever your interest in Growstuff you are welcome here, and will be treated with respect.  In particular:
+
+  - We welcome people of any age, gender identity or expression, ethnicity, nationality, religion or absence thereof, political opinion, sexual orientation, marital status, family structure, ability or disability, appearance, subculture, or other identity or self-identification.
+
+  - Although Growstuff is primarily focused on food gardening, we welcome all kinds of gardeners, including organic and conventional growers; those who grow their crops in fields or on balconies or in hydroponic systems; those who garden commercially or non-commercially; those who subsist on their crops and those who garden for other reasons.
+
+  - We welcome people of all skill and experience levels, and we don't believe in being dismissive or commenting rudely just because you are new or learning.
+
+  - Every role in our community is important, including gardeners who contribute skills, knowledge, and information to our site; coders, designers and other techies who help build it; moderators and others who help our community thrive; or any other form of participation.  We believe in working together, and prioritise communication and mutual understanding.
+
+  If you want to participate in the Growstuff community (which includes our website and any auxiliary forums such as our mailing list(s), IRC channel, etc), you need to agree to our general commitment to inclusiveness and mutual respect, as well as to the following specific policies:
+
+  - Harassment of any Growstuff community member is forbidden.  Harassment includes slurs directed at individuals or groups; unwanted sexual remarks directed at any person or group; sexually explicit comments or imagery in public spaces; stalking or other repeated, unwanted contact; or any repeated or sustained behaviour which disrupts someone else's enjoyment of the Growstuff site or community.
+
+  - The privacy of our community members is very important.  You may not disclose any member's personal details (including names by which they are known outside of Growstuff, their location, employment details, family details, outside-of-Growstuff contact details, or any other identifying or personal information) without their explicit consent.
+
+  - Although we let you choose your own name on our site, and don't insist that you use the same name on our website as you have on the cards in your wallet, you're not allowed to create or use a pseudonymous account to mislead people, evade accountability, or otherwise cause trouble.  (This is commonly known as a "sockpuppet" account.) 
+
+  If you experience or witness behaviour that goes against these community guidelines, you can report it to support@growstuff.org.  We will listen carefully and take your report seriously.  Once we've looked into the situation, we may take any action we deem necessary.  For instance, we may issue a warning, or in serious cases we may suspend or ban people from our community.  If this happens, we will always tell the person affected the reason for our action, with reference to our policy documents.
+
+  We don't want to make these guidelines too long or legalistic, so we'll leave it there, except for one final guideline. As Bill and Ted said: *be excellent to each other*.  And grow stuff.

app/views/policy/tos.html.haml

@@ -0,0 +1,7 @@
+-content_for :title, 'Growstuff Terms of Service'
+
+:markdown
+  1. Growstuff is currently UNDER DEVELOPMENT and is not a complete or reliable service. By signing up for an account, you recognise that this is the case, and that Growstuff may lose, mangle, or incorrectly use any data you enter, up to and including deleting your entire account and everything associated with it.
+  1. You are strongly advised to sign up for our [Mailing list](http://wiki.growstuff.org/index.php/Mailing_list) to keep up with developments on the Growstuff site, and to follow discussions there for information about changes, updates, etc.
+  1. As a member of Growstuff, you agree to abide by our #{link_to('Community Guidelines', url_for(:controller => 'policy', :action => 'community'))}.
+  1. Any changes to this Terms of Service document or related policies (eg. the Community Guidelines) can be tracked at [http://github.com/Growstuff/policy](http://github.com/Growstuff/policy). To be notified of changes to our policies, sign up for a github account and "watch" this repository.

config/routes.rb

@@ -65,4 +65,7 @@ Growstuff::Application.routes.draw do
   # This is a legacy wild controller route that's not recommended for RESTful applications.
   # Note: This route will make all actions in every controller accessible via GET requests.
   # match ':controller(/:action(/:id))(.:format)'
+
+  match '/policy/:action' => 'policy#:action'
+
 end

db/migrate/20121203034745_add_tos_agreement_to_users.rb

@@ -0,0 +1,5 @@
+class AddTosAgreementToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :tos_agreement, :boolean
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20121109130033) do
+ActiveRecord::Schema.define(:version => 20121203034745) do
 
   create_table "crops", :force => true do |t|
     t.string   "system_name",      :null => false
@@ -24,6 +24,17 @@ ActiveRecord::Schema.define(:version => 20121109130033) do
   add_index "crops", ["slug"], :name => "index_crops_on_slug", :unique => true
   add_index "crops", ["system_name"], :name => "index_crops_on_system_name"
 
+  create_table "gardens", :force => true do |t|
+    t.string   "name",       :null => false
+    t.integer  "user_id"
+    t.string   "slug",       :null => false
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
+
+  add_index "gardens", ["slug"], :name => "index_gardens_on_slug", :unique => true
+  add_index "gardens", ["user_id"], :name => "index_gardens_on_user_id"
+
   create_table "scientific_names", :force => true do |t|
     t.string   "scientific_name", :null => false
     t.integer  "crop_id",         :null => false
@@ -63,6 +74,7 @@ ActiveRecord::Schema.define(:version => 20121109130033) do
     t.datetime "updated_at",                             :null => false
     t.string   "username"
     t.string   "slug"
+    t.boolean  "tos_agreement"
   end
 
   add_index "users", ["confirmation_token"], :name => "index_users_on_confirmation_token", :unique => true

spec/models/user_spec.rb

@@ -2,24 +2,40 @@ require 'spec_helper'
 
 describe 'user' do
 
-  before(:each) do
-    @user = User.new
-    @user.email = "example@example.com"
-    @user.username = "someone"
-    @user.password = "irrelevant"
+  context 'valid user' do 
+    before(:each) do
+      @user = User.new
+      @user.email = "example@example.com"
+      @user.username = "someone"
+      @user.password = "irrelevant"
+      @user.tos_agreement = true
+    end
+
+    it 'should save a basic user' do
+      @user.save.should be_true
+    end
+
+    it 'should be fetchable from the database' do
+      @user.save
+      @user2 = User.find_by_email('example@example.com')
+      @user2.email.should == "example@example.com"
+      @user2.username.should == "someone"
+      @user2.slug.should == "someone"
+      @user2.encrypted_password.should_not be_nil
+    end
   end
 
-  it 'should save a basic user' do
-    @user.save.should be_true
-  end
+  context 'no TOS agreement' do
+    before(:each) do
+      @user = User.new
+      @user.email = "example@example.com"
+      @user.username = "someone"
+      @user.password = "irrelevant"
+    end
 
-  it 'should be fetchable from the database' do
-    @user.save
-    @user2 = User.find_by_email('example@example.com')
-    @user2.email.should == "example@example.com"
-    @user2.username.should == "someone"
-    @user2.slug.should == "someone"
-    @user2.encrypted_password.should_not be_nil
+    it "should refuse to save a user who hasn't agreed to the TOS" do
+      @user.save.should_not be_true
+    end
   end
 
 end

spec/support/controller_macros.rb

@@ -3,8 +3,12 @@ module ControllerMacros
   def login_user
     before(:each) do
       @request.env["devise.mapping"] = Devise.mappings[:user]
-      user = User.create! :username => "fred", :email => "fred@example.com",
-        :password => "Yabba-dabba-doo"
+      user = User.create!(
+        :username => "fred",
+        :email => "fred@example.com",
+        :password => "Yabba-dabba-doo",
+        :tos_agreement => true
+      )
       user.confirm!
       sign_in user
     end

spec/views/layouts/_footer_spec.rb

@@ -8,10 +8,14 @@ describe 'layouts/_footer.html.haml', :type => "view" do
 
     it 'should have links in footer' do
         rendered.should contain 'About'
+        assert_select("a[href=#{'/policy/tos'}]", 'Terms of Service')
+        assert_select("a[href=#{'/policy/community'}]", 'Community Guidelines')
         rendered.should contain 'License'
         rendered.should contain 'Github'
-        rendered.should contain 'Wiki'
         rendered.should contain 'Mailing list'
-        rendered.should contain 'Community Guidelines'
+    end
+
+    it 'should not have an explicit wiki link' do
+        rendered.should_not contain 'Wiki'
     end
 end

spec/views/policy/community_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe 'policy/community.html.haml', :type => "view" do
+  before(:each) do
+    render
+  end
+
+  it 'should show community guidelines' do
+    render
+    rendered.should contain 'Growstuff is a community by and for food-gardeners.'
+  end
+end

spec/views/policy/tos_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe 'policy/tos.html.haml', :type => "view" do
+  before(:each) do
+    render
+  end
+
+  it 'should show terms of service' do
+    render
+    rendered.should contain 'Terms of Service'
+  end
+end

spec/views/updates/index.html.haml_spec.rb

@@ -5,7 +5,8 @@ describe "updates/index" do
     user = User.create!(
       :username => "test_user",
       :email => "test@growstuff.org",
-      :password => "password"
+      :password => "password",
+      :tos_agreement => true
     )
     assign(:updates, [
       stub_model(Update,

spec/views/updates/show.html.haml_spec.rb

@@ -2,8 +2,12 @@ require 'spec_helper'
 
 describe "updates/show" do
   before(:each) do
-    @user = User.create! :username => "test_user", :email => "test@example.com",
-      :password => "password"
+    @user = User.create!(
+      :username => "test_user",
+      :email => "test@example.com",
+      :password => "password",
+      :tos_agreement => true
+    )
   end
 
   it "renders the post" do