Use a flag rather than a new route for the public policy

This also means that the template now has optional parameters, which will need to be documented somehow.

synapse/handlers/auth.py

@@ -471,7 +471,7 @@ class AuthHandler(BaseHandler):
             "policies": [{
                 "name": "Privacy Policy",
                 "version": self.hs.config.user_consent_version,
-                "url": "%s/_matrix/consent/public" % (self.hs.config.public_baseurl,),
+                "url": "%s/_matrix/consent?public=true" % (self.hs.config.public_baseurl,),
             }],
         }
 

synapse/rest/client/v2_alpha/auth.py

@@ -164,7 +164,7 @@ class AuthRestServlet(RestServlet):
 
             html = TERMS_TEMPLATE % {
                 'session': session,
-                'terms_url': "%s/_matrix/consent/public" % (
+                'terms_url': "%s/_matrix/consent?public=true" % (
                     self.hs.config.public_baseurl,
                 ),
                 'myurl': "%s/auth/%s/fallback/web" % (
@@ -244,7 +244,7 @@ class AuthRestServlet(RestServlet):
             else:
                 html = TERMS_TEMPLATE % {
                     'session': session,
-                    'terms_url': "%s/_matrix/consent/public" % (
+                    'terms_url': "%s/_matrix/consent?public=true" % (
                         self.hs.config.public_baseurl,
                     ),
                     'myurl': "%s/auth/%s/fallback/web" % (

synapse/rest/consent/consent_resource.py

@@ -30,7 +30,7 @@ from twisted.web.server import NOT_DONE_YET
 from synapse.api.errors import NotFoundError, StoreError, SynapseError
 from synapse.config import ConfigError
 from synapse.http.server import finish_request, wrap_html_request_handler
-from synapse.http.servlet import parse_string
+from synapse.http.servlet import parse_string, parse_boolean
 from synapse.types import UserID
 
 # language to use for the templates. TODO: figure this out from Accept-Language
@@ -137,27 +137,35 @@ class ConsentResource(Resource):
             request (twisted.web.http.Request):
         """
 
-        version = parse_string(request, "v",
+        public_version = parse_boolean(request, "public", default=False)
-                               default=self._default_consent_version)
-        username = parse_string(request, "u", required=True)
-        userhmac = parse_string(request, "h", required=True, encoding=None)
 
-        self._check_hash(username, userhmac)
+        version = self._default_consent_version
+        username = None
+        userhmac = None
+        has_consented = False
+        if not public_version:
+            version = parse_string(request, "v",
+                                default=self._default_consent_version)
+            username = parse_string(request, "u", required=True)
+            userhmac = parse_string(request, "h", required=True, encoding=None)
 
-        if username.startswith('@'):
+            self._check_hash(username, userhmac)
-            qualified_user_id = username
-        else:
-            qualified_user_id = UserID(username, self.hs.hostname).to_string()
 
-        u = yield self.store.get_user_by_id(qualified_user_id)
+            if username.startswith('@'):
-        if u is None:
+                qualified_user_id = username
-            raise NotFoundError("Unknown user")
+            else:
+                qualified_user_id = UserID(username, self.hs.hostname).to_string()
+
+            u = yield self.store.get_user_by_id(qualified_user_id)
+            if u is None:
+                raise NotFoundError("Unknown user")
+            has_consented = u["consent_version"] == version
 
         try:
             self._render_template(
                 request, "%s.html" % (version,),
                 user=username, userhmac=userhmac, version=version,
-                has_consented=(u["consent_version"] == version),
+                has_consented=has_consented, public_version=public_version,
             )
         except TemplateNotFound:
             raise NotFoundError("Unknown policy version")