Merge pull request #15608 from edx/bexline/fix_auto_registration

ENT-550 Display only TOS for enterprise's configured to skip registration

lms/djangoapps/student_account/views.py

@@ -319,7 +319,8 @@ def _third_party_auth_context(request, redirect_to, tpa_hint=None):
     }
 
     if third_party_auth.is_enabled():
-        if not enterprise_customer_for_request(request):
+        enterprise_customer = enterprise_customer_for_request(request)
+        if not enterprise_customer:
             for enabled in third_party_auth.provider.Registry.displayed_for_login(tpa_hint=tpa_hint):
                 info = {
                     "id": enabled.provider_id,
@@ -348,8 +349,18 @@ def _third_party_auth_context(request, redirect_to, tpa_hint=None):
                 context["finishAuthUrl"] = pipeline.get_complete_url(current_provider.backend_name)
 
                 if current_provider.skip_registration_form:
-                    # As a reliable way of "skipping" the registration form, we just submit it automatically
-                    context["autoSubmitRegForm"] = True
+                    # For enterprise (and later for everyone), we need to get explicit consent to the
+                    # Terms of service instead of auto submitting the registration form outright.
+                    if not enterprise_customer:
+                        # As a reliable way of "skipping" the registration form, we just submit it automatically
+                        context["autoSubmitRegForm"] = True
+                    else:
+                        context["autoRegisterWelcomeMessage"] = (
+                            'Thank you for joining {}. '
+                            'Just a couple steps before you start learning!'
+                        ).format(
+                            configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME)
+                        )
 
         # Check for any error messages we may want to display:
         for msg in messages.get_messages(request):

lms/static/js/student_account/views/RegisterView.js

@@ -38,6 +38,7 @@
                     this.platformName = data.platformName;
                     this.autoSubmit = data.thirdPartyAuth.autoSubmitRegForm;
                     this.hideAuthWarnings = data.hideAuthWarnings;
+                    this.autoRegisterWelcomeMessage = data.thirdPartyAuth.autoRegisterWelcomeMessage || '';
 
                     this.listenTo(this.model, 'sync', this.saveSuccess);
                 },
@@ -55,7 +56,8 @@
                             currentProvider: this.currentProvider,
                             providers: this.providers,
                             hasSecondaryProviders: this.hasSecondaryProviders,
-                            platformName: this.platformName
+                            platformName: this.platformName,
+                            autoRegisterWelcomeMessage: this.autoRegisterWelcomeMessage
                         }
                     }));
 

lms/static/sass/views/_login-register.scss

@@ -224,6 +224,16 @@
         &:focus {
             outline: none;
         }
+
+        div[class*="hidden-"] {
+            margin: 0;
+            display: none;
+        }
+
+        .auto-register-message {
+            font-size: 1.1em;
+            line-height: 1.3em;
+        }
     }
 
     %bold-label {

lms/templates/student_account/register.underscore

@@ -45,6 +45,8 @@
                 </h3>
             </div>
         <% } %>
+    <% } else if (context.autoRegisterWelcomeMessage) { %>
+        <span class="auto-register-message"><%- context.autoRegisterWelcomeMessage %></span>
     <% } %>
 
     <%= context.fields %>

openedx/core/djangoapps/user_api/views.py

@@ -25,6 +25,7 @@ from edxmako.shortcuts import marketing_link
 from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
 from openedx.core.lib.api.authentication import SessionAuthenticationAllowInactiveUser
 from openedx.core.lib.api.permissions import ApiKeyHeaderPermission
+from openedx.features.enterprise_support.api import enterprise_customer_for_request
 from student.cookies import set_logged_in_cookies
 from student.forms import get_registration_extension_form
 from student.views import create_account_with_params
@@ -942,12 +943,29 @@ class RegistrationView(APIView):
                         running_pipeline.get('kwargs')
                     )
 
+                    # When the TPA Provider is configured to skip the registration form and we are in an
+                    # enterprise context, we need to hide all fields except for terms of service and
+                    # ensure that the user explicitly checks that field.
+                    hide_registration_fields_except_tos = (current_provider.skip_registration_form and
+                                                           enterprise_customer_for_request(request))
+
                     for field_name in self.DEFAULT_FIELDS + self.EXTRA_FIELDS:
                         if field_name in field_overrides:
                             form_desc.override_field_properties(
                                 field_name, default=field_overrides[field_name]
                             )
 
+                            if (field_name not in ['terms_of_service', 'honor_code']
+                                    and field_overrides[field_name]
+                                    and hide_registration_fields_except_tos):
+
+                                form_desc.override_field_properties(
+                                    field_name,
+                                    field_type="hidden",
+                                    label="",
+                                    instructions="",
+                                )
+
                     # Hide the password field
                     form_desc.override_field_properties(
                         "password",