From 3ffcc9c077724e94255ea687ca6621c649486c82 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 8 Oct 2024 16:52:57 +0100 Subject: [PATCH 1/4] Override user/_signup Taken from 993d42359e07fceffa216f9052d12b39fa9c50a0. --- lib/views/user/_signup.html.erb | 69 +++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 lib/views/user/_signup.html.erb diff --git a/lib/views/user/_signup.html.erb b/lib/views/user/_signup.html.erb new file mode 100644 index 00000000..6d34134a --- /dev/null +++ b/lib/views/user/_signup.html.erb @@ -0,0 +1,69 @@ +
+ <%= form_tag signup_path, id: 'signup_form' do %> + <%= foi_error_messages_for :user_signup %> + +

+ + + <%= text_field 'user_signup', 'name', size: 20, tabindex: 10, autocomplete: 'off' %> +

+ +
+ <%= _('Your name will appear publicly ' \ + '(why?) on this website and in search ' \ + 'engines. Thinking of using a ' \ + 'pseudonym?', + why_url: help_privacy_path(anchor: 'public_request').html_safe, + help_url: help_privacy_path(anchor: 'real_name').html_safe) %> +
+ +

+ + + <%= text_field 'user_signup', 'email', size: 20, tabindex: 20 %> +

+ +
+ <%= _('We will not reveal your email address to anybody unless ' \ + 'you or the law tell us to.', + url: help_privacy_path) %> +
+ +

+ + + <%= password_field 'user_signup', 'password', size: 15, tabindex: 30, autocomplete: 'off' %> +

+ +
+ <%= _('12 characters minimum. 72 characters maximum.') %> +
+ +

+ + + <%= password_field 'user_signup', 'password_confirmation', size: 15, tabindex: 40, autocomplete: 'off' %> +

+ + <% if @request_from_foreign_country %> + <%= recaptcha_tags %> + <% end %> + +
+ <%= hidden_field_tag 'token', params[:token], id: 'signup_token' %> + <%= hidden_field_tag :modal, params[:modal], id: 'signup_modal' %> + + <%= submit_tag _('Sign up'), + tabindex: 50, + data: { disable_with: _('Sending...') } %> +
+ <% end %> +
From ac3d1d059ff37d18cf1b2ba64d1d6e41aa21c707 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 8 Oct 2024 17:38:22 +0100 Subject: [PATCH 2/4] Override user/rate_limited Taken from 770efa4db9662b79525b56d49a9e0eb75a2a9b5f. --- lib/views/user/rate_limited.html.erb | 44 ++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 lib/views/user/rate_limited.html.erb diff --git a/lib/views/user/rate_limited.html.erb b/lib/views/user/rate_limited.html.erb new file mode 100644 index 00000000..0c42f863 --- /dev/null +++ b/lib/views/user/rate_limited.html.erb @@ -0,0 +1,44 @@ +<% @title = _('Too many requests') %> + +

<%= @title %>

+ +

+ <%= _('You have hit the rate limit on new requests. Users are ordinarily ' \ + 'limited to {{max_requests_per_user_per_day}} requests in any ' \ + 'rolling 24-hour period. You will be able to make another request ' \ + 'in {{can_make_another_request}}.', + max_requests_per_user_per_day: AlaveteliConfiguration.max_requests_per_user_per_day, + can_make_another_request: distance_of_time_in_words(Time.zone.now, @next_request_permitted_at)) %> +

+ +

+ <%= _('There is a limit on the number of requests you can make in a day, ' \ + 'because we don’t want public authorities to be bombarded with ' \ + 'large numbers of inappropriate requests. If you feel you have a ' \ + 'good reason to ask for the limit to be lifted in your case, ' \ + 'please get in touch.', + help_contact_path: help_contact_path) %> +

+ +<% if feature_enabled?(:alaveteli_pro) %> +

+ <%= _('Journalist, Campaigner or Researcher? ' \ + '{{pro_site_link}} is an all-in-one FOI toolkit including ' \ + 'everything you need to keep on top of complex FOI-driven ' \ + 'investigations.', + pro_site_link: link_to(pro_site_name, account_request_index_path)) %> +

+<% end %> + +<% if @info_request %> +

+ <%= _('Here is the message you wrote, in case you would like to copy ' \ + 'the text and save it for later.') %> +

+ +
+
+ <%= @info_request.outgoing_messages[0].get_body_for_html_display %> +
+
+<% end %> From fbcc68209bacdb749736ff49bdd310af85717828 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 8 Oct 2024 18:22:47 +0100 Subject: [PATCH 3/4] Clarify house rules around automated limits Working around automated limits is equivalent to working around actions of human administrators. --- lib/views/help/house_rules.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/views/help/house_rules.html.erb b/lib/views/help/house_rules.html.erb index b6c6f5ee..9f44e508 100644 --- a/lib/views/help/house_rules.html.erb +++ b/lib/views/help/house_rules.html.erb @@ -22,7 +22,7 @@ guidance on this type of request.
  • Don't use WhatDoTheyKnow to ask for other people's personal information. Don't include this type of information in requests, comments or follow-ups, unless it's fair to do so.
    • -
  • Don't try to get around the actions of site administrators. For example, don't make new accounts to avoid a ban or limits on how many requests you can make. Don't repost things you know moderators have removed.
    • +
  • Don't try to get around the site limits or actions of site administrators. For example, don't make new accounts to avoid a ban or limits on how many requests you can make. Don't repost things you know moderators have removed.

    • If you break these rules, you could be banned from the site. We may also remove your requests or annotations. We'll usually contact you first to give advice on how to use the service better.

    From 479cbe5e213d175f7258d0c214b22883af05a81d Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 8 Oct 2024 18:23:23 +0100 Subject: [PATCH 4/4] Clarify position on commercial & for-profit use. Requires a Pro subscription. --- lib/views/alaveteli_pro/pages/_legal.html.erb | 6 ++++++ lib/views/help/house_rules.html.erb | 1 + lib/views/user/_signup.html.erb | 9 +++++++++ lib/views/user/rate_limited.html.erb | 6 ++++++ 4 files changed, 22 insertions(+) diff --git a/lib/views/alaveteli_pro/pages/_legal.html.erb b/lib/views/alaveteli_pro/pages/_legal.html.erb index 29af7aa7..2a543a68 100644 --- a/lib/views/alaveteli_pro/pages/_legal.html.erb +++ b/lib/views/alaveteli_pro/pages/_legal.html.erb @@ -38,6 +38,12 @@ Usage +

    + Commercial and for-profit use of WhatDoTheyKnow requires a + <%= link_to 'WhatDoTheyKnow Pro', account_request_index_path %> + subscription. +

    +

    We reserve the right to block, without warning, usage which violates any of our House Rules. diff --git a/lib/views/help/house_rules.html.erb b/lib/views/help/house_rules.html.erb index 9f44e508..77e6170a 100644 --- a/lib/views/help/house_rules.html.erb +++ b/lib/views/help/house_rules.html.erb @@ -23,6 +23,7 @@ guidance on this type of request.

  • Don't use WhatDoTheyKnow to ask for other people's personal information. Don't include this type of information in requests, comments or follow-ups, unless it's fair to do so.
  • Don't try to get around the site limits or actions of site administrators. For example, don't make new accounts to avoid a ban or limits on how many requests you can make. Don't repost things you know moderators have removed.
    • +
  • Commercial and for-profit use requires a <%= link_to 'WhatDoTheyKnow Pro', account_request_index_path %> subscription.

    • If you break these rules, you could be banned from the site. We may also remove your requests or annotations. We'll usually contact you first to give advice on how to use the service better.

    diff --git a/lib/views/user/_signup.html.erb b/lib/views/user/_signup.html.erb index 6d34134a..7d483f4b 100644 --- a/lib/views/user/_signup.html.erb +++ b/lib/views/user/_signup.html.erb @@ -65,5 +65,14 @@ tabindex: 50, data: { disable_with: _('Sending...') } %> + +
    + <%= _('By signing up you agree to our ' \ + 'house rules. Commercial and ' \ + 'for-profit use requires a ' \ + 'WhatDoTheyKnow Pro subscription.', + house_rules_url: help_house_rules_path, + pro_url: account_request_index_path) %> +
    <% end %> diff --git a/lib/views/user/rate_limited.html.erb b/lib/views/user/rate_limited.html.erb index 0c42f863..5d89db2c 100644 --- a/lib/views/user/rate_limited.html.erb +++ b/lib/views/user/rate_limited.html.erb @@ -28,6 +28,12 @@ 'investigations.', pro_site_link: link_to(pro_site_name, account_request_index_path)) %>

    + +

    + <%= _('Commercial and for-profit use requires a ' \ + '{{pro_site_link}} subscription.', + pro_site_link: link_to(pro_site_name, account_request_index_path)) %> +

    <% end %> <% if @info_request %>