Add interstitial for Terms of Service updates (#34527)

app/controllers/concerns/web_app_controller_concern.rb

@@ -8,6 +8,7 @@ module WebAppControllerConcern
 
     before_action :redirect_unauthenticated_to_permalinks!
     before_action :set_referer_header
+    before_action :redirect_to_tos_interstitial!
 
     content_security_policy do |p|
       policy = ContentSecurityPolicy.new
@@ -45,6 +46,13 @@ module WebAppControllerConcern
 
   protected
 
+  def redirect_to_tos_interstitial!
+    return unless current_user&.require_tos_interstitial?
+
+    @terms_of_service = TermsOfService.published.first
+    render 'terms_of_service_interstitial/show', layout: 'auth'
+  end
+
   def set_referer_header
     response.set_header('Referrer-Policy', Setting.allow_referrer_origin ? 'strict-origin-when-cross-origin' : 'same-origin')
   end

app/controllers/terms_of_service_controller.rb

@@ -4,8 +4,19 @@ class TermsOfServiceController < ApplicationController
   include WebAppControllerConcern
 
   skip_before_action :require_functional!
+  skip_before_action :redirect_to_tos_interstitial!
+
+  before_action :clear_redirect_interstitial!
 
   def show
     expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
   end
+
+  private
+
+  def clear_redirect_interstitial!
+    return unless user_signed_in?
+
+    current_user.update(require_tos_interstitial: false)
+  end
 end

app/models/terms_of_service.rb

@@ -23,6 +23,8 @@ class TermsOfService < ApplicationRecord
 
   validate :effective_date_cannot_be_in_the_past
 
+  NOTIFICATION_ACTIVITY_CUTOFF = 1.year.freeze
+
   def published?
     published_at.present?
   end
@@ -39,8 +41,20 @@ class TermsOfService < ApplicationRecord
     notification_sent_at.present?
   end
 
+  def base_user_scope
+    User.confirmed.where(created_at: ..published_at).joins(:account)
+  end
+
+  def email_notification_cutoff
+    published_at - NOTIFICATION_ACTIVITY_CUTOFF
+  end
+
+  def scope_for_interstitial
+    base_user_scope.merge(Account.suspended).or(base_user_scope.where(current_sign_in_at: [nil, ...email_notification_cutoff]))
+  end
+
   def scope_for_notification
-    User.confirmed.joins(:account).merge(Account.without_suspended).where(created_at: (..published_at))
+    base_user_scope.merge(Account.without_suspended).where(current_sign_in_at: email_notification_cutoff...)
   end
 
   private

app/models/user.rb

@@ -25,6 +25,7 @@
 #  otp_backup_codes          :string           is an Array
 #  otp_required_for_login    :boolean          default(FALSE), not null
 #  otp_secret                :string
+#  require_tos_interstitial  :boolean          default(FALSE), not null
 #  reset_password_sent_at    :datetime
 #  reset_password_token      :string
 #  settings                  :text

app/views/terms_of_service_interstitial/show.html.haml

@@ -0,0 +1,15 @@
+- content_for :header_tags do
+  %meta{ name: 'robots', content: 'noindex, noarchive' }/
+
+- content_for :body_classes, 'app-body'
+
+.simple_form
+  %h1.title= t('terms_of_service_interstitial.title', domain: site_hostname)
+
+  - effective_date = @terms_of_service.effective_date || Time.zone.today
+  %p.lead= effective_date.past? ? t('terms_of_service_interstitial.past_preamble_html') : t('terms_of_service_interstitial.future_preamble_html', date: l(effective_date))
+
+  %p.lead= t('user_mailer.terms_of_service_changed.agreement', domain: site_hostname)
+
+  .stacked-actions
+    = link_to t('terms_of_service_interstitial.review_link'), terms_of_service_path, class: 'button'

app/workers/admin/distribute_terms_of_service_notification_worker.rb

@@ -6,6 +6,8 @@ class Admin::DistributeTermsOfServiceNotificationWorker
   def perform(terms_of_service_id)
     terms_of_service = TermsOfService.find(terms_of_service_id)
 
+    terms_of_service.scope_for_interstitial.in_batches.update_all(require_tos_interstitial: true)
+
     terms_of_service.scope_for_notification.find_each do |user|
       UserMailer.terms_of_service_changed(user, terms_of_service).deliver_later!
     end