Add m.login.terms to the registration flow #4004
Conversation
This also means that the template now has optional parameters, which will need to be documented somehow.
neilisfragile
added this to To Do
in Superceded by https://github.com/orgs/matrix-org/projects/8
via automation
neilisfragile
moved this from To Do
to In Progress: Operational/bug fixes
in Superceded by https://github.com/orgs/matrix-org/projects/8
also general cleanup
|
It got lost somewhere in the commits, but thank you to @hawkowl for helping fix the tests :) |
|
@richvdh should be ready for a final look, hopefully. If not, I might lose more of my hair. |
neilisfragile
moved this from In Progress: Operational/bug fixes
to Review
in Superceded by https://github.com/orgs/matrix-org/projects/8
| <p> | ||
| Please click the button below if you agree to the | ||
| <a href="%(terms_url)s">privacy policy of this homeserver.</a> | ||
| </p> |
There was a problem hiding this comment.
This should have been "Please click the button below if you have read the privacy policy of this homeserver."
Because if you have a button to "Agree" you also need a workflow to "disagree" later on, which we don't want to provide.
see #4185
There was a problem hiding this comment.
Correct. The average home server doesn't have any consent to track because there should be nothing you have to consent to. Art. 7 1 b "Processing shall be lawful only if ... processing is necessary for the performance of a contract to which the data subject is party". Everything that is technically necessary to provide the service needs just information, not consent.
Consent needs to be freely given and can be retracted at any time - without terminating the service (Art. 7 GDPR and Recital 43). We are not Facebook or Google, we do not force the user to consent to anything. We can't help the technical necessities though and about them we INFORM.
"Consent" and "agree" implies that you store data that is not technically necessary to supply the service, which - I hope - no homeserver does. (Except: Consent to statistics/piwik is tracked in the settings which is correct. Consent to bots - which I personally think needs consent - should be in the settings too but that's not the topic here.)
Features -------- - Include flags to optionally add `m.login.terms` to the registration flow when consent tracking is enabled. ([\#4004](#4004), [\#4133](#4133), [\#4142](#4142), [\#4184](#4184)) - Support for replacing rooms with new ones ([\#4091](#4091), [\#4099](#4099), [\#4100](#4100), [\#4101](#4101)) Bugfixes -------- - Fix exceptions when using the email mailer on Python 3. ([\#4095](#4095)) - Fix e2e key backup with more than 9 backup versions ([\#4113](#4113)) - Searches that request profile info now no longer fail with a 500. ([\#4122](#4122)) - fix return code of empty key backups ([\#4123](#4123)) - If the typing stream ID goes backwards (as on a worker when the master restarts), the worker's typing handler will no longer erroneously report rooms containing new typing events. ([\#4127](#4127)) - Fix table lock of device_lists_remote_cache which could freeze the application ([\#4132](#4132)) - Fix exception when using state res v2 algorithm ([\#4135](#4135)) - Generating the user consent URI no longer fails on Python 3. ([\#4140](#4140), [\#4163](#4163)) - Loading URL previews from the DB cache on Postgres will no longer cause Unicode type errors when responding to the request, and URL previews will no longer fail if the remote server returns a Content-Type header with the chartype in quotes. ([\#4157](#4157)) - The hash_password script now works on Python 3. ([\#4161](#4161)) - Fix noop checks when updating device keys, reducing spurious device list update notifications. ([\#4164](#4164)) Deprecations and Removals ------------------------- - The disused and un-specced identicon generator has been removed. ([\#4106](#4106)) - The obsolete and non-functional /pull federation endpoint has been removed. ([\#4118](#4118)) - The deprecated v1 key exchange endpoints have been removed. ([\#4119](#4119)) - Synapse will no longer fetch keys using the fallback deprecated v1 key exchange method and will now always use v2. ([\#4120](#4120)) Internal Changes ---------------- - Fix build of Docker image with docker-compose ([\#3778](#3778)) - Delete unreferenced state groups during history purge ([\#4006](#4006)) - The "Received rdata" log messages on workers is now logged at DEBUG, not INFO. ([\#4108](#4108)) - Reduce replication traffic for device lists ([\#4109](#4109)) - Fix `synapse_replication_tcp_protocol_*_commands` metric label to be full command name, rather than just the first character ([\#4110](#4110)) - Log some bits about room creation ([\#4121](#4121)) - Fix `tox` failure on old systems ([\#4124](#4124)) - Add STATE_V2_TEST room version ([\#4128](#4128)) - Clean up event accesses and tests ([\#4137](#4137)) - The default logging config will now set an explicit log file encoding of UTF-8. ([\#4138](#4138)) - Add helpers functions for getting prev and auth events of an event ([\#4139](#4139)) - Add some tests for the HTTP pusher. ([\#4149](#4149)) - add purge_history.sh and purge_remote_media.sh scripts to contrib/ ([\#4155](#4155)) - HTTP tests have been refactored to contain less boilerplate. ([\#4156](#4156)) - Drop incoming events from federation for unknown rooms ([\#4165](#4165))
This is an intentionally-limited implementation of this: matrix-org/matrix-spec-proposals#1692
Addresses part of element-hq/element-web#7168
This allows the user to accept the privacy policy before they get a user ID, fixing several UX issues in Riot. Because this makes modifications to the UI auth mechanics, fallback auth is also included which means that not-Riot (or old-Riot) clients should be fine.
I've opened this for review to make sure I'm on the right track. Applicable tests will be written after initial review.