Implement forum age restriction #11380
Conversation
There was a problem hiding this comment.
I don't really care about the I18N key (ie it's fine by me).
The much less trivial change about this feature is that we now require users to have an associated WCA ID in order to use the forums. Otherwise we don't have any (verified) DOB information. Details are in my inline code comments.
app/models/user.rb
Outdated
| def banned? | ||
| group_member?(UserGroup.banned_competitors.first) | ||
| def age_in_years | ||
| age = Date.today.year - dob.year |
There was a problem hiding this comment.
dob is not necessarily set. Users who "just" sign up without ever having competed before are not required to enter their DOB.
This value is only "backfilled" as part of the "Claim WCA ID" process. Note that users can claim a WCA ID directly while signing up/creating their account, but that doesn't change the fact that this field is only filled if a WCA ID has been claimed.
There was a problem hiding this comment.
Hmm, interesting. Obviously I need to add nil support, but more deeply we need to get a clear set of requirements from WCT on how to handle this - requested via email
app/models/user.rb
Outdated
| group_member?(UserGroup.banned_competitors.first) | ||
| def age_in_years | ||
| age = Date.today.year - dob.year | ||
| age -= 1 if Date.today < dob.advance(years: age) |
There was a problem hiding this comment.
Restructured to make it easier to grok - originally, this was advancing the dob to the current year to compare the current date to the user's date of birth. New version makes that more explicit
| def banned? | ||
| group_member?(UserGroup.banned_competitors.first) | ||
| end | ||
|
|
There was a problem hiding this comment.
This is just moving around the method, so that the two forum-related methods are adjacent to each other - ie, banned? moved below forum_banned?
|
Setting this to draft until the issues around WCA IDs have been resolved. |
|
Thank you, this unfortunately makes the implementation a bit more tricky because we currently don't store DOBs for users who have never competed before. It's not rocket science to add this feature, and the Board is also strongly in favor of prioritizing this PR/feature, but it will still take a non-trivial amount of time to figure this one out. |
|
Marked as blocked until we come to consensus on:
|
|
Unblocked per Callum's email in "Adding Age Requirement to WCA Forum". My latest commit redirects the user to the Edit Profile if their Tested locally to make sure that:
|
|
Implementation looks good code-wise. Do we really want to redirect people to the edit form if they don't have a DOB set? That's like inviting them to cheat and fill in a fantasy value. |
|
At the point of redirecting them, we aren't telling them that there's an age restriction - only that they need a dob, and I think redirecting them to the edit panel is nice QOL in that context. Only once they have a dob, do we then tell them that they can't access the forum - and that message redirects them to a new session, not to the edit page. |
In the email thread "Adding Age Requirement to WCA Forum", WCT has requested that we implement an age requirement of 13 years old for signing up to the forum - this will align us with COPPA. From a data protection perspective, WRT confirmed that we can use age data to enforce this type of restriction.
This PR blocks SSO if the user's age is below 13, following a similar pattern to how we prevent banned users from registering. Importantly, this PR also adds a
misccategory for i18n keys - I couldn't see a better category to put a one-off forum key in.