John fix issue#274 (#275)

* <fixed privacy policy errors>

* <Fixed code style>

* <Robustness changes>

* <redirect to 404 page if terms are disabled>

* <patched validation of accepted terms>

* <relaunching scrutinizer>

app/controllers/rooms_controller.rb

@@ -180,6 +180,8 @@ class RoomsController < ApplicationController
   end
 
   def validate_accepted_terms
-    redirect_to terms_path unless current_user.accepted_terms
+    if current_user
+      redirect_to terms_path unless current_user.accepted_terms
+    end
   end
 end

app/controllers/users_controller.rb

@@ -99,6 +99,8 @@ class UsersController < ApplicationController
 
   # GET /terms
   def terms
+    redirect_to '/404' unless Rails.configuration.terms
+
     if params[:accept] == "true"
       current_user.update_attributes(accepted_terms: true)
       redirect_to current_user.main_room if current_user

app/models/user.rb

@@ -35,7 +35,8 @@ class User < ApplicationRecord
   validates :password, length: { minimum: 6 }, confirmation: true, if: :greenlight_account?, on: :create
 
   # Bypass validation if omniauth
-  validates :accepted_terms, acceptance: true, unless: proc { !greenlight_account? }
+  validates :accepted_terms, acceptance: true,
+                             unless: -> { !greenlight_account? || !Rails.configuration.terms }
 
   # We don't want to require password validations on all accounts.
   has_secure_password(validations: false)

app/views/users/new.html.erb

@@ -57,11 +57,13 @@
               <%= f.password_field :password_confirmation, class: "form-control #{form_is_invalid?(@user, :password_confirmation)}", placeholder: t("signup.password_confirm") %>
               <div class="invalid-feedback d-block"><%= @user.errors.full_messages_for(:password_confirmation).first %></div>
             </div>
-            <div class="form-inline">
-              <%= f.check_box :accepted_terms, class: "form-control #{form_is_invalid?(@user, :accepted_terms)}", placeholder: t("signup.password_confirm") %>
-              <%= f.label :accepted_terms, t("terms.accept", href: link_to(t("terms.title"), terms_path, target: "_blank", class: "ml-1 text-blue")).html_safe, class: "ml-1" %>
-              <div class="invalid-feedback d-block"><%= @user.errors.full_messages_for(:accepted_terms).first %></div>
-            </div>
+            <% if Rails.configuration.terms %>
+              <div class="form-inline">
+                <%= f.check_box :accepted_terms, class: "form-control #{form_is_invalid?(@user, :accepted_terms)}", placeholder: t("signup.password_confirm") %>
+                <%= f.label :accepted_terms, t("terms.accept", href: link_to(t("terms.title"), terms_path, target: "_blank", class: "ml-1 text-blue")).html_safe, class: "ml-1" %>
+                <div class="invalid-feedback d-block"><%= @user.errors.full_messages_for(:accepted_terms).first %></div>
+              </div>
+            <% end %>
             <div class="card-footer">
               <%= f.submit t("signup.title"), class: "btn btn-primary float-right ml-2" %>
               <%= link_to t("cancel"), root_path, class: "btn btn-secondary float-right ml-2" %>