Forum OpenACS Q&A: acknowledgement module available?

Collapse
Posted by Peter Alberer on
Hi there,

i am thinking about making a small package that allows site-admins to have their users sign "terms of use" for the whole site / subsites. Has anyone done that for openacs already? Otherwise i will start work on that. It should not be too difficult...

Collapse
Posted by Caroline Meeks on
That was at one point in time part of the spec for "Photo Book" from Sloan.  They thought they would need people to "sign" a release before they uploaded thier photos and info.

I believe the lawyers told them it wasn't required and thus it was never built.

Some interesting requirements came out of the discussion.  For instance it maybe important for legal reasons to record the IP address and current password of the user at the moment they click.

It would be smart to implement it so it could be applied to a whole site, a subsite, or to specific programmer specified funcitonality within a package. (e.g. you don't need to "sign" to view data on but you do need to to upload your own data).

Collapse
Posted by Lars Pind on
Peter,

The new authentication stuff has a provision for checking whether an account is open or not.

It's not extensible via service contracts yet, but it would be the right approach: The account would be closed if the user hasn't accepted the terms of use.

Look in acs-authentication/tcl/authentication-procs.tcl

/Lars

Collapse
Posted by Peter Alberer on
Hi Caroline,

At first i have thought about making a singleton package that allows assigning an acknowledgement to the whole site or to a specific openacs-group. But it would also be possible to create the package as a multiple mountable package that gets its "context" via the nearest subsite/community. That is probably the most flexible solution.

could you explain what you mean by "programmer specified funcitonality" in more detail? What kind of data could be useful to upload for an acknowledgement?

For the signing process i thought about several modes. The acknowledgment module could ask users to mark a checkbox, enter a phrase (something like "YES") or to enter their password.

TIA, peter

Collapse
Posted by Peter Alberer on
hi lars,

that´s a really good idea. right now i was checking how i could stop the users from using the system if they do not sign the acknowledgement in time :) but probably this should only apply to "whole-site" acknowledgements.

Collapse
Posted by Caroline Meeks on
Here are some possible use cases where a developer might want to require an acknowlegement to only a specific part of a package.

Publishing Personal Data

A school decides they need a legal authorization before they can show a student's photo graph on the web.  Thus the authroization form should pop up just before the student uploads thier photo.

Non-Disclosure:

A company sets up a file storage area and anyone with access can post a file thier. However, if you want to see a file you have to sign thier non-disclosure agreement first.

I'm thinking that your package could supply a tcl API like:

ad_mayberedirect_for_agreement -form "Blah-nondisclosure"

--

Another possible feature:

Ability to rerequire people to sign.

For instance there is a court case and the lawyer tells your company that they're old agreements are meaningless must reword all thier aggreements and get all new signatures.  They need to be able to upload a new version and reset all the users agreed_p to 'f'.

On the other hand someone finds a typo, you need to upload a new version but not reset agreed_p.

Collapse
Posted by Peter Alberer on
Agreed, those are use cases that should definitely be possible with the system! In the last case (rerequirement) i had thought about issuing a new acknowledgement requirement. But removing the old acknowledgements would save space in the database :)