feat(accounts)_: Persist acceptance of Terms of Use & Privacy policy (#…

…5766) The original GH issue status-im/status-mobile#21113 came from a request from the Legal team. We must show to Status v1 users the new terms (Terms of Use & Privacy Policy) right after they upgrade to Status v2 from the stores. The solution we use is to create a flag in the accounts table, named hasAcceptedTerms. The flag will be set to true on the first account ever created in v2 and we provide a native call in mobile/status.go#AcceptTerms, which allows the client to persist the user's choice in case they are upgrading (from v1 -> v2, or from a v2 older than this PR). This solution is not the best because we should store the setting in a separate table, not in the accounts table. Related Mobile PR status-im/status-mobile#21124 --------- Co-authored-by: Igor Sirotin <sirotin@status.im>
status-im · Aug 26, 2024 · 14c9961 · 14c9961
1 parent 3b9d82f
commit 14c9961
Show file tree

Hide file tree

Showing 8 changed files with 281 additions and 12 deletions.
diff --git a/api/backend_test.go b/api/backend_test.go
@@ -859,6 +859,7 @@ func TestLoginAccount(t *testing.T) {
 	acc, err := b.CreateAccountAndLogin(createAccountRequest)
 	require.NoError(t, err)
 	require.Equal(t, nameserver, b.config.WakuV2Config.Nameserver)
+	require.True(t, acc.HasAcceptedTerms)
 
 	waitForLogin(c)
 	require.NoError(t, b.Logout())
@@ -884,6 +885,8 @@ func TestLoginAccount(t *testing.T) {
 }
 
 func TestEnableInstallationAndPair(t *testing.T) {
+	t.Skip("flaky test")
+
 	// create account acc
 	utils.Init()
 	displayName := "some-display-name"
@@ -1767,6 +1770,33 @@ func TestRestoreAccountAndLogin(t *testing.T) {
 	require.Empty(t, mnemonic)
 }
 
+func TestAcceptTerms(t *testing.T) {
+	tmpdir := t.TempDir()
+	b := NewGethStatusBackend()
+	conf, err := params.NewNodeConfig(tmpdir, 1777)
+	require.NoError(t, err)
+	require.NoError(t, b.AccountManager().InitKeystore(conf.KeyStoreDir))
+	b.UpdateRootDataDir(conf.DataDir)
+	require.NoError(t, b.OpenAccounts())
+
+	nameserver := "8.8.8.8"
+	createAccountRequest := &requests.CreateAccount{
+		DisplayName:        "some-display-name",
+		CustomizationColor: "#ffffff",
+		Password:           "some-password",
+		RootDataDir:        tmpdir,
+		LogFilePath:        tmpdir + "/log",
+		WakuV2Nameserver:   &nameserver,
+		WakuV2Fleet:        "status.staging",
+	}
+
+	_, err = b.CreateAccountAndLogin(createAccountRequest)
+	require.NoError(t, err)
+
+	err = b.AcceptTerms()
+	require.NoError(t, err)
+}
+
 func TestCreateAccountPathsValidation(t *testing.T) {
 	tmpdir := t.TempDir()
 

diff --git a/api/geth_backend.go b/api/geth_backend.go
@@ -240,6 +240,24 @@ func (b *GethStatusBackend) GetAccounts() ([]multiaccounts.Account, error) {
 	return b.multiaccountsDB.GetAccounts()
 }
 
+func (b *GethStatusBackend) AcceptTerms() error {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	if b.multiaccountsDB == nil {
+		return errors.New("accounts db wasn't initialized")
+	}
+
+	accounts, err := b.multiaccountsDB.GetAccounts()
+	if err != nil {
+		return err
+	}
+	if len(accounts) == 0 {
+		return errors.New("accounts is empty")
+	}
+
+	return b.multiaccountsDB.UpdateHasAcceptedTerms(accounts[0].KeyUID, true)
+}
+
 func (b *GethStatusBackend) getAccountByKeyUID(keyUID string) (*multiaccounts.Account, error) {
 	b.mu.Lock()
 	defer b.mu.Unlock()
@@ -1579,6 +1597,14 @@ func (b *GethStatusBackend) buildAccount(request *requests.CreateAccount, input
 		acc.KDFIterations = dbsetup.ReducedKDFIterationsNumber
 	}
 
+	count, err := b.multiaccountsDB.GetAccountsCount()
+	if err != nil {
+		return nil, err
+	}
+	if count == 0 {
+		acc.HasAcceptedTerms = true
+	}
+
 	if request.ImagePath != "" {
 		imageCropRectangle := request.ImageCropRectangle
 		if imageCropRectangle == nil {

diff --git a/api/old_mobile_user_upgrading_from_v1_to_v2_test.go b/api/old_mobile_user_upgrading_from_v1_to_v2_test.go
@@ -141,6 +141,11 @@ func (s *OldMobileUserUpgradingFromV1ToV2Test) TestLoginAndMigrationsStillWorkWi
 		s.Require().True(len(keyKps[0].Accounts) == 1)
 		info, err = generator.LoadAccount(keyKps[0].Accounts[0].Address.Hex(), oldMobileUserPasswd)
 		s.Require().NoError(err)
+
+		// The user should manually accept terms, so we make sure we don't set it
+		// automatically by mistake.
+		s.Require().False(info.ToMultiAccount().HasAcceptedTerms)
+
 		s.Require().Equal(keyKps[0].KeyUID, info.KeyUID)
 		s.Require().Equal(keyKps[0].Accounts[0].KeyUID, info.KeyUID)
 		info, err = generator.ImportPrivateKey("c3ad0b50652318f845565c13761e5369ce75dcbc2a94616e15b829d4b07410fe")

diff --git a/mobile/status.go b/mobile/status.go
@@ -349,6 +349,11 @@ func CreateAccountAndLogin(requestJSON string) string {
 	return makeJSONResponse(nil)
 }
 
+func AcceptTerms() string {
+	err := statusBackend.AcceptTerms()
+	return makeJSONResponse(err)
+}
+
 func LoginAccount(requestJSON string) string {
 	var request requests.Login
 	err := json.Unmarshal([]byte(requestJSON), &request)

diff --git a/multiaccounts/database.go b/multiaccounts/database.go
@@ -29,6 +29,9 @@ type Account struct {
 	Images                  []images.IdentityImage    `json:"images"`
 	KDFIterations           int                       `json:"kdfIterations,omitempty"`
 	CustomizationColorClock uint64                    `json:"-"`
+
+	// HasAcceptedTerms will be set to true when the first account is created.
+	HasAcceptedTerms bool `json:"hasAcceptedTerms"`
 }
 
 func (a *Account) RefersToKeycard() bool {
@@ -145,7 +148,7 @@ func (db *Database) GetAccountKDFIterationsNumber(keyUID string) (kdfIterationsN
 }
 
 func (db *Database) GetAccounts() (rst []Account, err error) {
-	rows, err := db.db.Query("SELECT  a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.customizationColor, a.customizationColorClock, a.keycardPairing, a.keyUid, a.kdfIterations, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid ORDER BY loginTimestamp DESC")
+	rows, err := db.db.Query("SELECT  a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.customizationColor, a.customizationColorClock, a.keycardPairing, a.keyUid, a.kdfIterations, a.hasAcceptedTerms, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid ORDER BY loginTimestamp DESC")
 	if err != nil {
 		return nil, err
 	}
@@ -179,6 +182,7 @@ func (db *Database) GetAccounts() (rst []Account, err error) {
 			&acc.KeycardPairing,
 			&acc.KeyUID,
 			&acc.KDFIterations,
+			&acc.HasAcceptedTerms,
 			&iiName,
 			&ii.Payload,
 			&iiWidth,
@@ -236,8 +240,14 @@ func (db *Database) GetAccounts() (rst []Account, err error) {
 	return rst, nil
 }
 
+func (db *Database) GetAccountsCount() (int, error) {
+	var count int
+	err := db.db.QueryRow("SELECT COUNT(1) FROM accounts").Scan(&count)
+	return count, err
+}
+
 func (db *Database) GetAccount(keyUID string) (*Account, error) {
-	rows, err := db.db.Query("SELECT  a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.customizationColor, a.customizationColorClock, a.keycardPairing, a.keyUid, a.kdfIterations, ii.key_uid, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid WHERE a.keyUid = ? ORDER BY loginTimestamp DESC", keyUID)
+	rows, err := db.db.Query("SELECT  a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.customizationColor, a.customizationColorClock, a.keycardPairing, a.keyUid, a.kdfIterations, a.hasAcceptedTerms, ii.key_uid, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid WHERE a.keyUid = ? ORDER BY loginTimestamp DESC", keyUID)
 	if err != nil {
 		return nil, err
 	}
@@ -273,6 +283,7 @@ func (db *Database) GetAccount(keyUID string) (*Account, error) {
 			&acc.KeycardPairing,
 			&acc.KeyUID,
 			&acc.KDFIterations,
+			&acc.HasAcceptedTerms,
 			&iiKeyUID,
 			&iiName,
 			&ii.Payload,
@@ -323,7 +334,7 @@ func (db *Database) SaveAccount(account Account) error {
 		account.KDFIterations = dbsetup.ReducedKDFIterationsNumber
 	}
 
-	_, err = db.db.Exec("INSERT OR REPLACE INTO accounts (name, identicon, colorHash, colorId, customizationColor, customizationColorClock, keycardPairing, keyUid, kdfIterations, loginTimestamp) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", account.Name, account.Identicon, colorHash, account.ColorID, account.CustomizationColor, account.CustomizationColorClock, account.KeycardPairing, account.KeyUID, account.KDFIterations, account.Timestamp)
+	_, err = db.db.Exec("INSERT OR REPLACE INTO accounts (name, identicon, colorHash, colorId, customizationColor, customizationColorClock, keycardPairing, keyUid, kdfIterations, loginTimestamp, hasAcceptedTerms) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", account.Name, account.Identicon, colorHash, account.ColorID, account.CustomizationColor, account.CustomizationColorClock, account.KeycardPairing, account.KeyUID, account.KDFIterations, account.Timestamp, account.HasAcceptedTerms)
 	if err != nil {
 		return err
 	}
@@ -340,6 +351,11 @@ func (db *Database) UpdateDisplayName(keyUID string, displayName string) error {
 	return err
 }
 
+func (db *Database) UpdateHasAcceptedTerms(keyUID string, hasAcceptedTerms bool) error {
+	_, err := db.db.Exec("UPDATE accounts SET hasAcceptedTerms = ? WHERE keyUid = ?", hasAcceptedTerms, keyUID)
+	return err
+}
+
 func (db *Database) UpdateAccount(account Account) error {
 	colorHash, err := json.Marshal(account.ColorHash)
 	if err != nil {
@@ -350,7 +366,7 @@ func (db *Database) UpdateAccount(account Account) error {
 		account.KDFIterations = dbsetup.ReducedKDFIterationsNumber
 	}
 
-	_, err = db.db.Exec("UPDATE accounts SET name = ?, identicon = ?, colorHash = ?, colorId = ?, customizationColor = ?, customizationColorClock = ?, keycardPairing = ?, kdfIterations = ? WHERE keyUid = ?", account.Name, account.Identicon, colorHash, account.ColorID, account.CustomizationColor, account.CustomizationColorClock, account.KeycardPairing, account.KDFIterations, account.KeyUID)
+	_, err = db.db.Exec("UPDATE accounts SET name = ?, identicon = ?, colorHash = ?, colorId = ?, customizationColor = ?, customizationColorClock = ?, keycardPairing = ?, kdfIterations = ?, hasAcceptedTerms = ? WHERE keyUid = ?", account.Name, account.Identicon, colorHash, account.ColorID, account.CustomizationColor, account.CustomizationColorClock, account.KeycardPairing, account.KDFIterations, account.HasAcceptedTerms, account.KeyUID)
 	return err
 }