From c48d895ea72451d40d5c1fdc91a1fd3bdb50335c Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Sun, 16 Feb 2020 12:56:53 +0100
Subject: Fix sign-ups without checked user agreement being accepted through
 the web form (#13088)

* Fix user agreement not being verified

* Fix tests

* Fix up agreement field being dismissed
---
 app/controllers/auth/registrations_controller.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'app/controllers/auth')

diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 745b91d46..78feb1631 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -41,7 +41,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
     resource.locale             = I18n.locale
     resource.invite_code        = params[:invite_code] if resource.invite_code.blank?
-    resource.agreement          = true
     resource.current_sign_in_ip = request.remote_ip
 
     resource.build_account if resource.account.nil?
@@ -49,7 +48,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   def configure_sign_up_params
     devise_parameter_sanitizer.permit(:sign_up) do |u|
-      u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code)
+      u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement)
     end
   end
 
-- 
cgit