From d405c5985f9940405f741b9629af5599e285a050 Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Thu, 7 Sep 2023 20:51:01 +0200
Subject: [PATCH 1/8] add new translations

---
 locales/de.json | 2 ++
 locales/en.json | 2 ++
 locales/es.json | 2 ++
 locales/uk.json | 2 ++
 4 files changed, 8 insertions(+)

diff --git a/locales/de.json b/locales/de.json
index c2fcaf7ca6..c88e30550b 100644
--- a/locales/de.json
+++ b/locales/de.json
@@ -1770,6 +1770,8 @@
 			"dataProtectionThr": "Datenschutzhinweise",
 			"dataProtectionFile": "Datenschutzerklärung der Schule",
 			"dataProtectionFileThr": "Datenschutzhinweise der Schule",
+			"termsOfUse": "Nutzungsordnung",
+			"termsOfUseFile": "Nutzungsordnung der Schule",
 			"emailDomainBlocked": "Dieser Mailprovider wird nicht mehr unterstützt. Bitte wende dich an deinen Schul-Admin.",
 			"errorChangingFilePermissions": "Problem beim Ändern der Berechtigungen",
 			"errorWhileLoadingPage": "Diese Seite konnte nicht geladen werden",
diff --git a/locales/en.json b/locales/en.json
index 0b4e8a38c5..09f278f67f 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -1770,6 +1770,8 @@
 			"dataProtectionThr": "Privacy Policy",
 			"dataProtectionFile": "Privacy Policy of School",
 			"dataProtectionFileThr": "Privacy Policy of School",
+			"termsOfUse": "Terms of Use",
+			"termsOfUseFile": "Terms of Use of School",
 			"emailDomainBlocked": "This mail provider is no longer supported. Please contact your school administrator.",
 			"errorChangingFilePermissions": "Problem changing permissions",
 			"errorWhileLoadingPage": "This page could not be loaded",
diff --git a/locales/es.json b/locales/es.json
index c5fcab5a68..b501f4ed66 100644
--- a/locales/es.json
+++ b/locales/es.json
@@ -1770,6 +1770,8 @@
 			"dataProtectionThr": "Política de Privacidad",
 			"dataProtectionFile": "Política de Privacidad de la Escuela",
 			"dataProtectionFileThr": "Política de Privacidad de la Escuela",
+			"termsOfUse": "Condiciones de Uso",
+			"termsOfUseFile": "Condiciones de Uso de la Escuela",
 			"emailDomainBlocked": "Este proveedor de correo ya no es compatible. Ponte en contacto con el administrador de tu escuela.",
 			"errorChangingFilePermissions": "Hay un problema para cambiar los permisos",
 			"errorWhileLoadingPage": "Esta página no se ha podido cargar",
diff --git a/locales/uk.json b/locales/uk.json
index ffec1c2f2d..599c947c37 100644
--- a/locales/uk.json
+++ b/locales/uk.json
@@ -130,6 +130,8 @@
 			"dataProtectionThr": "Політика конфіденційності",
 			"dataProtectionFile": "Політика конфіденційності школи",
 			"dataProtectionFileThr": "Політика конфіденційності школи",
+			"termsOfUse": "Умови використання",
+			"termsOfUseFile": "Умови використання школи",
 			"emailDomainBlocked": "Цей постачальник пошти більше не підтримується. Будь ласка, зв’яжіться з адміністратором школи.",
 			"errorChangingFilePermissions": "Проблема зі зміною дозволів",
 			"fileTooLarge": "Вкладені файли перевищують максимально дозволений розмір — {{ maxFileSizeInGb }} Гб!",

From 7e0d465cfb225ec4eb55ea1163f944f55955e46e Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Thu, 7 Sep 2023 20:51:27 +0200
Subject: [PATCH 2/8] add new /termsofuse controller and links

---
 controllers/dataprivacy.js    | 10 ++---
 controllers/index.js          |  1 +
 controllers/termsofuse.js     | 69 +++++++++++++++++++++++++++++++++++
 views/lib/extended_footer.hbs |  2 +-
 views/lib/footer.hbs          |  2 +-
 5 files changed, 76 insertions(+), 8 deletions(-)
 create mode 100644 controllers/termsofuse.js

diff --git a/controllers/dataprivacy.js b/controllers/dataprivacy.js
index d3d926d8fe..b9ef56daa9 100644
--- a/controllers/dataprivacy.js
+++ b/controllers/dataprivacy.js
@@ -7,9 +7,7 @@ const { specificFiles } = require('../config/documents');
 
 const router = express.Router();
 
-const privacyUrl = () => {
-	return new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`, DOCUMENT_BASE_DIR);
-};
+const privacyUrl = () => new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`, DOCUMENT_BASE_DIR);
 
 const downloadPolicyPdf = (res, fileData, fileTitle) => {
 	// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
@@ -39,7 +37,7 @@ router.get('/', async (req, res, next) => {
 		const isAuthenticated = await authHelper.isAuthenticated(req);
 		const qs = {
 			$limit: 1,
-			consentTypes: 'privacy',
+			consentTypes: ['privacy'],
 			$sort: {
 				publishedAt: -1,
 			},
@@ -54,7 +52,7 @@ router.get('/', async (req, res, next) => {
 		if (consentVersions.data.length) {
 			const fileId = consentVersions.data[0].consentDataId;
 			if (!fileId) {
-				res.redirect(privacyUrl());
+				res.redirect(privacyUrl().toString());
 			}
 
 			const fileTitle = res.locals.theme.name === 'thr'
@@ -63,7 +61,7 @@ router.get('/', async (req, res, next) => {
 
 			await getBase64File(req, res, fileId, fileTitle);
 		} else {
-			res.redirect(privacyUrl());
+			res.redirect(privacyUrl().toString());
 		}
 	} catch (err) {
 		next(err);
diff --git a/controllers/index.js b/controllers/index.js
index b608184b85..33a15c0d05 100644
--- a/controllers/index.js
+++ b/controllers/index.js
@@ -34,6 +34,7 @@ router.use('/community/', require('./community'));
 router.use('/about/', require('./about'));
 router.use('/help/', require('./help'));
 router.use('/datenschutz/', require('./dataprivacy'));
+router.use('/termsofuse/', require('./termsofuse'));
 router.use('/my-material', require('./my-material'));
 router.use('/base64Files', require('./base64Files'));
 router.use('/logs', require('./logs'));
diff --git a/controllers/termsofuse.js b/controllers/termsofuse.js
new file mode 100644
index 0000000000..b48e1ef86e
--- /dev/null
+++ b/controllers/termsofuse.js
@@ -0,0 +1,69 @@
+const express = require('express');
+const { URL } = require('url');
+const api = require('../api');
+const authHelper = require('../helpers/authentication');
+const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
+const { specificFiles } = require('../config/documents');
+
+const router = express.Router();
+
+const termsUrl = () => new URL(`${SC_THEME}/${specificFiles.termsOfUseSchool}`, DOCUMENT_BASE_DIR);
+
+const downloadTermsPdf = (res, fileData, fileTitle) => {
+	// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
+	const encodedFileTitle = encodeURI(fileTitle);
+	const download = Buffer.from(fileData, 'base64');
+	res.writeHead(200, {
+		'Content-Type': 'application/pdf',
+		'Content-Disposition': `attachment; filename="${encodedFileTitle}.pdf"`,
+	}).end(download);
+};
+
+const getBase64File = async (req, res, fileId, fileTitle) => {
+	if (fileId) {
+		const base64File = await api(req).get(`/base64Files/${fileId}`);
+		if (base64File.data) {
+			const fileData = base64File.data.replace(
+				'data:application/pdf;base64,',
+				'',
+			);
+			downloadTermsPdf(res, fileData, fileTitle);
+		}
+	}
+};
+
+router.get('/', async (req, res, next) => {
+	try {
+		const isAuthenticated = await authHelper.isAuthenticated(req);
+		const qs = {
+			$limit: 1,
+			consentTypes: ['termsOfUse'],
+			$sort: {
+				publishedAt: -1,
+			},
+		};
+
+		if (isAuthenticated && res.locals.currentSchool) {
+			qs.schoolId = res.locals.currentSchool;
+		}
+
+		const consentVersions = await api(req).get('/consentVersions', { qs });
+
+		if (consentVersions.data.length) {
+			const fileId = consentVersions.data[0].consentDataId;
+			if (!fileId) {
+				res.redirect(termsUrl().toString());
+			}
+
+			const fileTitle = res.$t('global.text.termsOfUseFile');
+
+			await getBase64File(req, res, fileId, fileTitle);
+		} else {
+			res.redirect(termsUrl().toString());
+		}
+	} catch (err) {
+		next(err);
+	}
+});
+
+module.exports = router;
diff --git a/views/lib/extended_footer.hbs b/views/lib/extended_footer.hbs
index d64e55f393..9f2ad8050d 100644
--- a/views/lib/extended_footer.hbs
+++ b/views/lib/extended_footer.hbs
@@ -13,7 +13,7 @@
 				<h2 class="h4">{{$t "lib.extended_footer.headline.links"}}</h2>
 				<ul>
 					<li><a href="/imprint">{{$t "global.link.imprint" }}</a></li>
-					<li><a href="{{@root.theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" aria-label="{{{$t "lib.global.link.termsOfUse"}}} PDF {{$t "global.link.openInNewTabWarning"}}"
+					<li><a href="/termsofuse" target="_blank" aria-label="{{$t "lib.global.link.termsOfUse"}} PDF {{$t "global.link.openInNewTabWarning"}}"
 							rel="noopener">{{{$t "lib.global.link.termsOfUseHPI" }}}</a>
 					</li>
 					<li><a href="/datenschutz" target="_blank" aria-label="{{$t "global.text.dataProtection"}} PDF {{$t "global.link.openInNewTabWarning"}}"
diff --git a/views/lib/footer.hbs b/views/lib/footer.hbs
index 1a075c589b..89bdece47d 100644
--- a/views/lib/footer.hbs
+++ b/views/lib/footer.hbs
@@ -7,7 +7,7 @@
 						<a href="/imprint">{{$t "global.link.imprint" }}</a>
 					</li>
 					<li>
-						<a href="{{@root.theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.termsOfUseHPI"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.termsOfUseHPI"}}}</a>
+						<a href="/termsofuse"  target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.termsOfUseHPI"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.termsOfUseHPI"}}}</a>
 					</li>
 					<li>
 						<a href="/datenschutz" target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.dataProtectionDeclaration"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.dataProtectionDeclaration"}}}</a>

From d73ec5f78f80a081a8275364da25aa62a8c208f6 Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Thu, 7 Sep 2023 21:35:54 +0200
Subject: [PATCH 3/8] update terms of use links

---
 controllers/firstLogin.js                            | 11 ++++++++---
 locales/de.json                                      |  2 +-
 locales/en.json                                      |  2 +-
 locales/es.json                                      |  2 +-
 locales/uk.json                                      |  2 +-
 theme/brb/views/lib/extended_footer.hbs              |  2 +-
 theme/brb/views/lib/footer.hbs                       |  2 +-
 theme/n21/views/lib/extended_footer.hbs              |  2 +-
 theme/n21/views/lib/footer.hbs                       |  2 +-
 theme/thr/views/lib/extended_footer.hbs              |  2 +-
 theme/thr/views/lib/footer.hbs                       |  2 +-
 views/firstLogin/sections/consent_updates.hbs        |  2 +-
 views/registration/forms/einwilligungserklaerung.hbs |  6 +++++-
 13 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/controllers/firstLogin.js b/controllers/firstLogin.js
index 9140f9b838..5f532f7a96 100644
--- a/controllers/firstLogin.js
+++ b/controllers/firstLogin.js
@@ -29,10 +29,14 @@ const hasAccount = (req, res) => api(req).get('/consents', {
 	},
 });
 
-const getSchoolPrivacy = async (req, res) => {
+const getSchoolConsentVersionByType = async (req, res, consentType) => {
+	if (consentType !== 'privacy' || consentType !== 'termsOfUse') {
+		return undefined;
+	}
+
 	const qs = {
 		schoolId: res.locals.currentUser.schoolId,
-		consentTypes: ['privacy'],
+		consentTypes: [consentType],
 		consentDataId: { $exists: true },
 		$limit: 1,
 		$sort: {
@@ -249,7 +253,8 @@ router.get('/', async (req, res, next) => {
 		sso: !!(res.locals.currentPayload || {}).systemId,
 		now: Date.now(),
 		sections: sections.map((name) => `firstLogin/sections/${name}`),
-		schoolPrivacyLink: await getSchoolPrivacy(req, res),
+		schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
+		schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
 		schoolPrivacyName: res.$t('global.text.dataProtection'),
 		submitPageIndex,
 		userConsent,
diff --git a/locales/de.json b/locales/de.json
index c88e30550b..ca31789daf 100644
--- a/locales/de.json
+++ b/locales/de.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "Wenn du zwischen 14 und {{age}} Jahre alt bist, bestätige bitte zusätzlich die Einverständniserklärung, damit du die {{title}} nutzen kannst.",
-			"agreeTermsOfUse": "Ich habe die <a href=\"{{link}}\" target=\"_blank\" rel=\"noopener\">Nutzungsordnung der {{title}}</a> gelesen und stimme ihr zu.",
+			"agreeTermsOfUse": "Ich habe die <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Nutzungsordnung der {{title}}</a> gelesen und stimme ihr zu.",
 			"andAuthorisedToRepresent": "und berechtigt, den anderen Elternteil bei den nachfolgenden Erklärungen zu vertreten.",
 			"iAgreeThatThepersonalData": "Ich erkläre mich damit einverstanden, dass die personenbezogenen Daten meines Kindes entsprechend der",
 			"invalidLink": "Der Link ist leider nicht mehr gültig. Fordere einen neuen Link von deiner Lehrkraft oder dem Schul-Admin an.",
diff --git a/locales/en.json b/locales/en.json
index 09f278f67f..3fb5a5dc45 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "If you are between 14 and {{age}} years old, please also confirm the declaration of consent so that you can use the {{title}}.",
-			"agreeTermsOfUse": "I have read and agree to the <a href=\"{{link}}\" target=\"_blank\" rel=\"noopener\">Terms of Use of the {{title}}</a>.",
+			"agreeTermsOfUse": "I have read and agree to the <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Terms of Use of the {{title}}</a>.",
 			"andAuthorisedToRepresent": "and entitled to represent the other parent in the following declarations.",
 			"iAgreeThatThepersonalData": "I consent to my child's personal data being processed in accordance with the",
 			"invalidLink": "Unfortunately the link is no longer valid. Request a new link from your teacher or school administrator.",
diff --git a/locales/es.json b/locales/es.json
index b501f4ed66..41a5647519 100644
--- a/locales/es.json
+++ b/locales/es.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "Si tienes entre 14 y {{age}} años, confirma también la declaración de consentimiento para que puedas utilizar {{title}}.",
-			"agreeTermsOfUse": "He leído y acepto las <a href=\"{{link}}\" target=\"_blank\" rel=\"noopener\">Condiciones de uso de {{title}}</a>.",
+			"agreeTermsOfUse": "He leído y acepto las <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Condiciones de uso de {{title}}</a>.",
 			"andAuthorisedToRepresent": "y con derecho a representar al otro padre en las siguientes declaraciones.",
 			"iAgreeThatThepersonalData": "Doy mi consentimiento para que los datos personales de mi hijo sean procesados de acuerdo con la",
 			"invalidLink": "Desafortunadamente el enlace ya no es válido. Solicita un nuevo enlace a tu profesor o al administrador de la escuela.",
diff --git a/locales/uk.json b/locales/uk.json
index 599c947c37..a0fb5fc54a 100644
--- a/locales/uk.json
+++ b/locales/uk.json
@@ -2448,7 +2448,7 @@
 			"unknownError": "Ой, сталася невідома помилка. Спробуйте ще раз.",
 			"welcomeMailSubject": "Ласкаво просимо до {{title}}!",
 			"welcomeMailText": "Вітаємо, {{firstName}}!\n Ви можете ввійти до {{title}}, використовуючи такі дані для входу в систему:\n  Адреса: {{address}}\n  Електронна пошта: {{email}}\n  {{password}}\n  {{infotext}}\n  Ваша\n  команда {{shortTitle}} бажає вам веселощів та гарного початку",
-			"agreeTermsOfUse": "Я прочитав і погоджуюся з <a href=\"{{link}}\" target=\"_blank\" rel=\"noopener\">Умовами використання{{title}}</a>.",
+			"agreeTermsOfUse": "Я прочитав і погоджуюся з <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Умовами використання{{title}}</a>.",
 			"invalidLink": "На жаль, посилання більше не дійсне. Попросіть нове посилання у свого викладача або адміністратора школи.",
 			"invalidLinkEmbeddedWebsite": "Шкільна хмара була вбудована у веб-сайт. Щоби продовжити ",
 			"invalidLinkOpenWebsite": "Відкрийте цю сторінку в окремому вікні"
diff --git a/theme/brb/views/lib/extended_footer.hbs b/theme/brb/views/lib/extended_footer.hbs
index c81bfe073b..521f43f55d 100644
--- a/theme/brb/views/lib/extended_footer.hbs
+++ b/theme/brb/views/lib/extended_footer.hbs
@@ -26,7 +26,7 @@
 				<h2 class="h4">{{$t "lib.extended_footer.headline.links"}}</h2>
 				<ul>
 					<li><a href="/imprint" aria-label="{{$t "global.link.imprint" }}">{{$t "global.link.imprint" }}</a></li>
-					<li><a href="{{@root.theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" rel="noopener"
+					<li><a href="/termsofuse" target="_blank" rel="noopener"
 							aria-label="{{{$t "lib.global.link.termsOfUse"}}} PDF {{$t "global.link.openInNewTabWarning"}}">
 							{{$t "lib.global.link.termsOfUseHPI" }}</a>
 					</li>
diff --git a/theme/brb/views/lib/footer.hbs b/theme/brb/views/lib/footer.hbs
index da8f7d01af..3f8c3ece7d 100644
--- a/theme/brb/views/lib/footer.hbs
+++ b/theme/brb/views/lib/footer.hbs
@@ -10,7 +10,7 @@
 					<span> - </span>
 				</li>
 				<li>
-					<a href="{{theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Schul-Cloud Brandenburg PDF {{$t "global.link.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
+					<a href="/termsofuse" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Schul-Cloud Brandenburg PDF {{$t "global.link.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
 					<span> - </span>
 				</li>
 				<li>
diff --git a/theme/n21/views/lib/extended_footer.hbs b/theme/n21/views/lib/extended_footer.hbs
index e9610d6043..78bb2ef9ff 100644
--- a/theme/n21/views/lib/extended_footer.hbs
+++ b/theme/n21/views/lib/extended_footer.hbs
@@ -19,7 +19,7 @@
 				<ul>
 					<li><a href="/imprint" aria-label="{{$t "global.link.imprint"}}">{{$t "global.link.imprint" }}</a></li>
 					<li>
-						<a href="{{theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" rel="noopener"
+						<a href="/termsofuse" target="_blank" rel="noopener"
 							aria-label="{{$t "login.headline.onlyTermsOfUse"}} {{$t "global.openInNewTabWarning"}}">
 							{{$t "login.headline.onlyTermsOfUse"}}</a>
 					</li>
diff --git a/theme/n21/views/lib/footer.hbs b/theme/n21/views/lib/footer.hbs
index bae4a67390..6cbad07005 100644
--- a/theme/n21/views/lib/footer.hbs
+++ b/theme/n21/views/lib/footer.hbs
@@ -10,7 +10,7 @@
 						<span> - </span>
 					</li>
                     <li>
-                        <a href="{{theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
+                        <a href="/termsofuse" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
 						<span> - </span>
                     </li>
                     <li>
diff --git a/theme/thr/views/lib/extended_footer.hbs b/theme/thr/views/lib/extended_footer.hbs
index 1225fd88ae..fbc31c287b 100644
--- a/theme/thr/views/lib/extended_footer.hbs
+++ b/theme/thr/views/lib/extended_footer.hbs
@@ -17,7 +17,7 @@
 				<h2 class="h4">{{$t "lib.extended_footer.headline.links"}}</h2>
 				<ul>
 					<li><a href="/imprint" aria-label="{{$t "global.link.imprint"}}">{{$t "global.link.imprint" }}</a></li>
-					<li><a href="{{@root.theme.documents.specificFiles.termsOfUseSchool}}" target="_blank"
+					<li><a href="/termsofuse" target="_blank"
 							rel="noopener" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud PDF {{$t "global.link.openInNewTabWarning"}}">{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud</a>
 					</li>
 					<li><a href="/datenschutz" target="_blank"
diff --git a/theme/thr/views/lib/footer.hbs b/theme/thr/views/lib/footer.hbs
index 87d5cc4be7..5d411319df 100644
--- a/theme/thr/views/lib/footer.hbs
+++ b/theme/thr/views/lib/footer.hbs
@@ -10,7 +10,7 @@
 						<span> - </span>
 					</li>
 					<li>
-						<a href="{{theme.documents.specificFiles.termsOfUseSchool}}" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud PDF {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
+						<a href="/termsofuse" target="_blank" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud PDF {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "login.headline.onlyTermsOfUse"}}</a>
 						<span> - </span>
 					</li>
 					<li>
diff --git a/views/firstLogin/sections/consent_updates.hbs b/views/firstLogin/sections/consent_updates.hbs
index e01ee5da01..4a735a52bf 100644
--- a/views/firstLogin/sections/consent_updates.hbs
+++ b/views/firstLogin/sections/consent_updates.hbs
@@ -1,7 +1,7 @@
 <section data-panel="section-{{section-nr}}" {{#if submit-page}}class="submit-page" {{/if}}>
   <h2 class="h4">{{$t "firstLogin.consent.headline.importantInformation" }} {{#ifCond @root.updatedConsents.total '>' 1}}en{{/ifCond}}</h2>
   <a style="margin-bottom: 20px;">{{$t "firstLogin.consent.text.forAnEvenBetterLearningExperience" (dict "title" @root.theme.title)}}
-    {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}} {{$t "firstLogin.consent.text.the" }} <a href="{{@root.theme.documents.specificFiles.termsOfUseExemplary}}" target="_blank">{{$t "firstLogin.consent.text.termsOfUse" }}</a>{{/ifCond}}
+    {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}} {{$t "firstLogin.consent.text.the" }} <a href="/termsofuse" target="_blank">{{$t "firstLogin.consent.text.termsOfUse" }}</a>{{/ifCond}}
     {{#ifCond @root.updatedConsents.privacy.total '>' 0}}
     {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}}
     {{$t "firstLogin.consent.text.and" }}
diff --git a/views/registration/forms/einwilligungserklaerung.hbs b/views/registration/forms/einwilligungserklaerung.hbs
index 17e3ff568a..213df5a899 100644
--- a/views/registration/forms/einwilligungserklaerung.hbs
+++ b/views/registration/forms/einwilligungserklaerung.hbs
@@ -28,5 +28,9 @@
 
 <label>
     <input name="{{prefix}}termsOfUseConsent" type="checkbox" value="true" required/>
-    <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.theme.documents.specificFiles.termsOfUseExemplary "title" @root.theme.title)}}}</span>
+    {{#if @root.schoolTermsLink}}
+        <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.schoolTermsLink "title" @root.theme.title "class" "base64File-download-btn")}}} </span>
+    {{else}}
+        <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.theme.documents.specificFiles.termsOfUseExemplary "title" @root.theme.title)}}}</span>
+    {{/if}}
 </label>

From f48184aa159c4989face9a88f1d6017381da9977 Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Thu, 7 Sep 2023 22:53:37 +0200
Subject: [PATCH 4/8] update other terms of use links

---
 controllers/firstLogin.js                     |  2 +-
 controllers/registration.js                   | 28 ++++++++++++-------
 locales/de.json                               |  2 +-
 locales/en.json                               |  2 +-
 locales/es.json                               |  2 +-
 locales/uk.json                               |  2 +-
 .../forms/einwilligungserklaerung.hbs         |  2 +-
 7 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/controllers/firstLogin.js b/controllers/firstLogin.js
index 5f532f7a96..89e79bb008 100644
--- a/controllers/firstLogin.js
+++ b/controllers/firstLogin.js
@@ -30,7 +30,7 @@ const hasAccount = (req, res) => api(req).get('/consents', {
 });
 
 const getSchoolConsentVersionByType = async (req, res, consentType) => {
-	if (consentType !== 'privacy' || consentType !== 'termsOfUse') {
+	if (consentType !== 'privacy' && consentType !== 'termsOfUse') {
 		return undefined;
 	}
 
diff --git a/controllers/registration.js b/controllers/registration.js
index 722a58cb1a..2fa0dfdbed 100644
--- a/controllers/registration.js
+++ b/controllers/registration.js
@@ -49,11 +49,11 @@ const checkValidRegistration = async (req) => {
  */
 router.get(['/register', '/register/*'], (req, res, next) => res.render('registration/deprecated_warning'));
 
-const getSchoolPrivacy = async (req, res) => {
+const getSchoolConsentVersionByType = async (req, res, consentType) => {
 	const importHash = getImportHash(req);
 
 	try {
-		const consentVersion = await api(req).get(`/registration/consent/${importHash}`);
+		const consentVersion = await api(req).get(`/registration/consent/${importHash}?consentType=${consentType}`);
 		if (consentVersion) {
 			const { consentDataId } = consentVersion;
 			return consentDataId ? `/base64Files/${consentDataId}` : undefined;
@@ -251,8 +251,10 @@ router.get(['/registration/:classOrSchoolId/byparent', '/registration/:classOrSc
 			hideMenu: true,
 			user,
 			needConsent,
-			schoolPrivacyLink: await getSchoolPrivacy(req, res),
-			schoolPrivacyName: res.$t('global.text.dataProtection'),
+			schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
+			schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
+			schoolPrivacyName: res.$t('global.text.dataProtectionFile'),
+			schoolTermsName: res.$t('global.text.termsOfUseFile'),
 			sectionNumber,
 			CONSENT_WITHOUT_PARENTS_MIN_AGE_YEARS,
 			invalid,
@@ -317,8 +319,10 @@ router.get(['/registration/:classOrSchoolId/bystudent', '/registration/:classOrS
 			user,
 			needConsent,
 			sectionNumber,
-			schoolPrivacyLink: await getSchoolPrivacy(req, res),
-			schoolPrivacyName: res.$t('global.text.dataProtection'),
+			schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
+			schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
+			schoolPrivacyName: res.$t('global.text.dataProtectionFile'),
+			schoolTermsName: res.$t('global.text.termsOfUseFile'),
 			CONSENT_WITHOUT_PARENTS_MIN_AGE_YEARS,
 			invalid,
 			secure,
@@ -393,8 +397,10 @@ router.get(['/registration/:classOrSchoolId/:byRole'], async (req, res) => {
 		user,
 		needConsent,
 		sectionNumber,
-		schoolPrivacyLink: await getSchoolPrivacy(req, res),
-		schoolPrivacyName: res.$t('global.text.dataProtection'),
+		schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
+		schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
+		schoolPrivacyName: res.$t('global.text.dataProtectionFile'),
+		schoolTermsName: res.$t('global.text.termsOfUseFile'),
 		invalid,
 		secure,
 		correctID,
@@ -432,8 +438,10 @@ router.get(['/registration/:classOrSchoolId', '/registration/:classOrSchoolId/:s
 			sso: req.params.sso === 'sso',
 			account: req.params.accountId || '',
 			CONSENT_WITHOUT_PARENTS_MIN_AGE_YEARS,
-			schoolPrivacyLink: await getSchoolPrivacy(req, res),
-			schoolPrivacyName: res.$t('global.text.dataProtection'),
+			schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
+			schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
+			schoolPrivacyName: res.$t('global.text.dataProtectionFile'),
+			schoolTermsName: res.$t('global.text.termsOfUseFile'),
 			invalid,
 			secure,
 			correctID,
diff --git a/locales/de.json b/locales/de.json
index ca31789daf..1867dd840c 100644
--- a/locales/de.json
+++ b/locales/de.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "Wenn du zwischen 14 und {{age}} Jahre alt bist, bestätige bitte zusätzlich die Einverständniserklärung, damit du die {{title}} nutzen kannst.",
-			"agreeTermsOfUse": "Ich habe die <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Nutzungsordnung der {{title}}</a> gelesen und stimme ihr zu.",
+			"agreeTermsOfUse": "Ich habe die <a href=\"{{link}}\" title=\"{{name}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Nutzungsordnung</a> der {{title}} gelesen und stimme ihr zu.",
 			"andAuthorisedToRepresent": "und berechtigt, den anderen Elternteil bei den nachfolgenden Erklärungen zu vertreten.",
 			"iAgreeThatThepersonalData": "Ich erkläre mich damit einverstanden, dass die personenbezogenen Daten meines Kindes entsprechend der",
 			"invalidLink": "Der Link ist leider nicht mehr gültig. Fordere einen neuen Link von deiner Lehrkraft oder dem Schul-Admin an.",
diff --git a/locales/en.json b/locales/en.json
index 3fb5a5dc45..99e08ee436 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "If you are between 14 and {{age}} years old, please also confirm the declaration of consent so that you can use the {{title}}.",
-			"agreeTermsOfUse": "I have read and agree to the <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Terms of Use of the {{title}}</a>.",
+			"agreeTermsOfUse": "I have read and agree with the school's <a href=\"{{link}}\" title=\"{{name}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Terms of Use</a> of the {{title}}.",
 			"andAuthorisedToRepresent": "and entitled to represent the other parent in the following declarations.",
 			"iAgreeThatThepersonalData": "I consent to my child's personal data being processed in accordance with the",
 			"invalidLink": "Unfortunately the link is no longer valid. Request a new link from your teacher or school administrator.",
diff --git a/locales/es.json b/locales/es.json
index 41a5647519..628b9b2f5b 100644
--- a/locales/es.json
+++ b/locales/es.json
@@ -2862,7 +2862,7 @@
 		},
 		"text": {
 			"acceptConsentWithoutParents": "Si tienes entre 14 y {{age}} años, confirma también la declaración de consentimiento para que puedas utilizar {{title}}.",
-			"agreeTermsOfUse": "He leído y acepto las <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Condiciones de uso de {{title}}</a>.",
+			"agreeTermsOfUse": "He leído y acepto las <a href=\"{{link}}\" title=\"{{name}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Condiciones de Uso</a> de {{title}}.",
 			"andAuthorisedToRepresent": "y con derecho a representar al otro padre en las siguientes declaraciones.",
 			"iAgreeThatThepersonalData": "Doy mi consentimiento para que los datos personales de mi hijo sean procesados de acuerdo con la",
 			"invalidLink": "Desafortunadamente el enlace ya no es válido. Solicita un nuevo enlace a tu profesor o al administrador de la escuela.",
diff --git a/locales/uk.json b/locales/uk.json
index a0fb5fc54a..a10e01f783 100644
--- a/locales/uk.json
+++ b/locales/uk.json
@@ -2448,7 +2448,7 @@
 			"unknownError": "Ой, сталася невідома помилка. Спробуйте ще раз.",
 			"welcomeMailSubject": "Ласкаво просимо до {{title}}!",
 			"welcomeMailText": "Вітаємо, {{firstName}}!\n Ви можете ввійти до {{title}}, використовуючи такі дані для входу в систему:\n  Адреса: {{address}}\n  Електронна пошта: {{email}}\n  {{password}}\n  {{infotext}}\n  Ваша\n  команда {{shortTitle}} бажає вам веселощів та гарного початку",
-			"agreeTermsOfUse": "Я прочитав і погоджуюся з <a href=\"{{link}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Умовами використання{{title}}</a>.",
+			"agreeTermsOfUse": "Я прочитав і погоджуюся з <a href=\"{{link}}\" title=\"{{name}}\" class=\"{{class}}\" target=\"_blank\" rel=\"noopener\">Умовами використання</a> школи {{title}}.",
 			"invalidLink": "На жаль, посилання більше не дійсне. Попросіть нове посилання у свого викладача або адміністратора школи.",
 			"invalidLinkEmbeddedWebsite": "Шкільна хмара була вбудована у веб-сайт. Щоби продовжити ",
 			"invalidLinkOpenWebsite": "Відкрийте цю сторінку в окремому вікні"
diff --git a/views/registration/forms/einwilligungserklaerung.hbs b/views/registration/forms/einwilligungserklaerung.hbs
index 213df5a899..3e7d16af4b 100644
--- a/views/registration/forms/einwilligungserklaerung.hbs
+++ b/views/registration/forms/einwilligungserklaerung.hbs
@@ -29,7 +29,7 @@
 <label>
     <input name="{{prefix}}termsOfUseConsent" type="checkbox" value="true" required/>
     {{#if @root.schoolTermsLink}}
-        <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.schoolTermsLink "title" @root.theme.title "class" "base64File-download-btn")}}} </span>
+        <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.schoolTermsLink "name" @root.schoolTermsName "title" @root.theme.title "class" "base64File-download-btn")}}} </span>
     {{else}}
         <span>{{{$t "registration.text.agreeTermsOfUse" (dict "link" @root.theme.documents.specificFiles.termsOfUseExemplary "title" @root.theme.title)}}}</span>
     {{/if}}

From 9515726093bcc370285c66fda4b704cfca8efa61 Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Thu, 7 Sep 2023 23:00:37 +0200
Subject: [PATCH 5/8] change /datenschutz to /privacypolicy

---
 .../templates/client-configmap-files.yml.j2                     | 2 +-
 config/http-headers.js                                          | 2 +-
 controllers/index.js                                            | 2 +-
 theme/brb/views/lib/extended_footer.hbs                         | 2 +-
 theme/brb/views/lib/footer.hbs                                  | 2 +-
 theme/n21/views/lib/extended_footer.hbs                         | 2 +-
 theme/n21/views/lib/footer.hbs                                  | 2 +-
 theme/thr/views/lib/extended_footer.hbs                         | 2 +-
 theme/thr/views/lib/footer.hbs                                  | 2 +-
 views/firstLogin/sections/consent_updates.hbs                   | 2 +-
 views/lib/extended_footer.hbs                                   | 2 +-
 views/lib/footer.hbs                                            | 2 +-
 12 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/ansible/roles/schulcloud-client-core/templates/client-configmap-files.yml.j2 b/ansible/roles/schulcloud-client-core/templates/client-configmap-files.yml.j2
index e3743bfbbe..14ced4a1e3 100644
--- a/ansible/roles/schulcloud-client-core/templates/client-configmap-files.yml.j2
+++ b/ansible/roles/schulcloud-client-core/templates/client-configmap-files.yml.j2
@@ -97,7 +97,7 @@ data:
             },
             '^/impressum': {
             },
-            '^/datenschutz': {
+            '^/privacypolicy': {
             }, */
             '^/about': {
                 defaultSrc: 'https://www10-fms.hpi.uni-potsdam.de https://cloud-instances.s3.hidrive.strato.com https://s3.hidrive.strato.com',
diff --git a/config/http-headers.js b/config/http-headers.js
index 0961d28c82..95d2e360a6 100644
--- a/config/http-headers.js
+++ b/config/http-headers.js
@@ -80,7 +80,7 @@ const config = {
 			},
 			'^/impressum': {
 			},
-			'^/datenschutz': {
+			'^/privacypolicy': {
 			}, */
 			'^/about': {
 				defaultSrc: 'https://www10-fms.hpi.uni-potsdam.de https://cloud-instances.s3.hidrive.strato.com',
diff --git a/controllers/index.js b/controllers/index.js
index 33a15c0d05..c885f5e596 100644
--- a/controllers/index.js
+++ b/controllers/index.js
@@ -33,7 +33,7 @@ router.use('/partner/', require('./partner'));
 router.use('/community/', require('./community'));
 router.use('/about/', require('./about'));
 router.use('/help/', require('./help'));
-router.use('/datenschutz/', require('./dataprivacy'));
+router.use('/privacypolicy/', require('./dataprivacy'));
 router.use('/termsofuse/', require('./termsofuse'));
 router.use('/my-material', require('./my-material'));
 router.use('/base64Files', require('./base64Files'));
diff --git a/theme/brb/views/lib/extended_footer.hbs b/theme/brb/views/lib/extended_footer.hbs
index 521f43f55d..d960afabae 100644
--- a/theme/brb/views/lib/extended_footer.hbs
+++ b/theme/brb/views/lib/extended_footer.hbs
@@ -30,7 +30,7 @@
 							aria-label="{{{$t "lib.global.link.termsOfUse"}}} PDF {{$t "global.link.openInNewTabWarning"}}">
 							{{$t "lib.global.link.termsOfUseHPI" }}</a>
 					</li>
-					<li><a href="/datenschutz" target="_blank" rel="noopener"
+					<li><a href="/privacypolicy" target="_blank" rel="noopener"
 							aria-label="{{$t "global.text.dataProtection"}} PDF {{$t "global.link.openInNewTabWarning"}}">
 							{{{$t "lib.global.link.dataProtectionDeclaration" }}}</a>
 					</li>
diff --git a/theme/brb/views/lib/footer.hbs b/theme/brb/views/lib/footer.hbs
index 3f8c3ece7d..bf6a946992 100644
--- a/theme/brb/views/lib/footer.hbs
+++ b/theme/brb/views/lib/footer.hbs
@@ -14,7 +14,7 @@
 					<span> - </span>
 				</li>
 				<li>
-					<a href="/datenschutz" target="_blank" aria-label="{{$t "global.text.dataProtection"}} Schul-Cloud Brandenburg PDF {{$t "global.link.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtection"}}</a>
+					<a href="/privacypolicy" target="_blank" aria-label="{{$t "global.text.dataProtection"}} Schul-Cloud Brandenburg PDF {{$t "global.link.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtection"}}</a>
 					<span> - </span>
 				</li>
 				<li>
diff --git a/theme/n21/views/lib/extended_footer.hbs b/theme/n21/views/lib/extended_footer.hbs
index 78bb2ef9ff..0a6c9c57f3 100644
--- a/theme/n21/views/lib/extended_footer.hbs
+++ b/theme/n21/views/lib/extended_footer.hbs
@@ -24,7 +24,7 @@
 							{{$t "login.headline.onlyTermsOfUse"}}</a>
 					</li>
 					<li>
-						<a href="/datenschutz" target="_blank" rel="noopener"
+						<a href="/privacypolicy" target="_blank" rel="noopener"
 							aria-label="{{$t "global.text.dataProtection"}} {{$t "global.openInNewTabWarning"}}">
 							{{$t "global.text.dataProtection"}}</a>
 					</li>
diff --git a/theme/n21/views/lib/footer.hbs b/theme/n21/views/lib/footer.hbs
index 6cbad07005..9b649bf43a 100644
--- a/theme/n21/views/lib/footer.hbs
+++ b/theme/n21/views/lib/footer.hbs
@@ -14,7 +14,7 @@
 						<span> - </span>
                     </li>
                     <li>
-                       <a href="/datenschutz" target="_blank" aria-label="{{$t "global.text.dataProtection"}} {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtection"}}</a>
+                       <a href="/privacypolicy" target="_blank" aria-label="{{$t "global.text.dataProtection"}} {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtection"}}</a>
 						<span> - </span>
 					</li>
 					<li>
diff --git a/theme/thr/views/lib/extended_footer.hbs b/theme/thr/views/lib/extended_footer.hbs
index fbc31c287b..f528e3a5d4 100644
--- a/theme/thr/views/lib/extended_footer.hbs
+++ b/theme/thr/views/lib/extended_footer.hbs
@@ -20,7 +20,7 @@
 					<li><a href="/termsofuse" target="_blank"
 							rel="noopener" aria-label="{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud PDF {{$t "global.link.openInNewTabWarning"}}">{{$t "login.headline.onlyTermsOfUse"}} Thüringer Schulcloud</a>
 					</li>
-					<li><a href="/datenschutz" target="_blank"
+					<li><a href="/privacypolicy" target="_blank"
 							rel="noopener" aria-label="{{$t "global.text.dataProtectionThr"}} Thüringer Schulcloud PDF {{$t "global.link.openInNewTabWarning"}}">{{$t "global.text.dataProtectionThr"}} Thüringer Schulcloud</a>
 					</li>
 					<li><a href="/about">Über die Thüringer Schulcloud</a></li>
diff --git a/theme/thr/views/lib/footer.hbs b/theme/thr/views/lib/footer.hbs
index 5d411319df..2956a9d3a8 100644
--- a/theme/thr/views/lib/footer.hbs
+++ b/theme/thr/views/lib/footer.hbs
@@ -14,7 +14,7 @@
 						<span> - </span>
 					</li>
 					<li>
-						<a href="/datenschutz" target="_blank" aria-label="{{$t "global.text.dataProtectionThr"}} Thüringer Schulcloud PDF {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtectionThr"}}</a>
+						<a href="/privacypolicy" target="_blank" aria-label="{{$t "global.text.dataProtectionThr"}} Thüringer Schulcloud PDF {{$t "global.openInNewTabWarning"}}" rel="noopener">{{$t "global.text.dataProtectionThr"}}</a>
 						<span> - </span>
 					</li>
 					<li>
diff --git a/views/firstLogin/sections/consent_updates.hbs b/views/firstLogin/sections/consent_updates.hbs
index 4a735a52bf..8ef49e465d 100644
--- a/views/firstLogin/sections/consent_updates.hbs
+++ b/views/firstLogin/sections/consent_updates.hbs
@@ -6,7 +6,7 @@
     {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}}
     {{$t "firstLogin.consent.text.and" }}
     {{/ifCond}}
-    {{$t "firstLogin.consent.text.the" }} <a href="/datenschutz" id="privacy-link" target="_blank">{{$t "global.text.dataProtection" }}</a>
+    {{$t "firstLogin.consent.text.the" }} <a href="/privacypolicy" id="privacy-link" target="_blank">{{$t "global.text.dataProtection" }}</a>
     {{/ifCond}}
     {{$t "firstLogin.consent.text.expanded" }}
   </p>
diff --git a/views/lib/extended_footer.hbs b/views/lib/extended_footer.hbs
index 9f2ad8050d..d2d39b2fa7 100644
--- a/views/lib/extended_footer.hbs
+++ b/views/lib/extended_footer.hbs
@@ -16,7 +16,7 @@
 					<li><a href="/termsofuse" target="_blank" aria-label="{{$t "lib.global.link.termsOfUse"}} PDF {{$t "global.link.openInNewTabWarning"}}"
 							rel="noopener">{{{$t "lib.global.link.termsOfUseHPI" }}}</a>
 					</li>
-					<li><a href="/datenschutz" target="_blank" aria-label="{{$t "global.text.dataProtection"}} PDF {{$t "global.link.openInNewTabWarning"}}"
+					<li><a href="/privacypolicy" target="_blank" aria-label="{{$t "global.text.dataProtection"}} PDF {{$t "global.link.openInNewTabWarning"}}"
 							rel="noopener">{{{$t "lib.global.link.dataProtectionDeclaration" }}}</a>
 					</li>
 					<li><a href="https://github.com/hpi-schul-cloud/" target="_blank" rel="noopener" aria-label="{{$t "lib.global.link.github"}} {{$t "global.link.openInNewTabWarning"}}">{{$t "lib.global.link.github"}}</a></li>
diff --git a/views/lib/footer.hbs b/views/lib/footer.hbs
index 89bdece47d..fc870303d0 100644
--- a/views/lib/footer.hbs
+++ b/views/lib/footer.hbs
@@ -10,7 +10,7 @@
 						<a href="/termsofuse"  target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.termsOfUseHPI"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.termsOfUseHPI"}}}</a>
 					</li>
 					<li>
-						<a href="/datenschutz" target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.dataProtectionDeclaration"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.dataProtectionDeclaration"}}}</a>
+						<a href="/privacypolicy" target="_blank" rel="noopener" aria-label="{{{$t "lib.global.link.dataProtectionDeclaration"}}} PDF {{$t "global.link.openInNewTabWarning"}}">{{{$t "lib.global.link.dataProtectionDeclaration"}}}</a>
 					</li>
 					<li>
 						<a href="mailto:{{getConfig "SC_CONTACT_EMAIL"}}?subject=dBildungscloud%20Anfrage" target="_blank" rel="noopener" aria-label="{{$t "global.link.contact"}} {{$t "global.link.openInNewTabWarning"}}">{{$t "global.link.contact"}}</a>

From 98b42665c6a3a433c25478de0d17ed8c74507664 Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Mon, 11 Sep 2023 13:57:21 +0200
Subject: [PATCH 6/8] remove duplicate i18n key

---
 locales/de.json                               | 1 -
 locales/en.json                               | 1 -
 locales/es.json                               | 1 -
 locales/uk.json                               | 1 -
 views/firstLogin/sections/consent_updates.hbs | 2 +-
 5 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/locales/de.json b/locales/de.json
index 837af16616..a921a0acce 100644
--- a/locales/de.json
+++ b/locales/de.json
@@ -1458,7 +1458,6 @@
 				"i": "Ich,",
 				"pleaseClickOnRead": "Bitte nimm mit Klick auf „Gelesen” diese Informationen zur Kenntnis, um mit der Nutzung fortzufahren.",
 				"pleaseConfirmTheFollowingDeclarationOfConsent": "Bitte bestätige folgende Einwilligungserklärungen, damit du die {{title}} nutzen kannst.",
-				"termsOfUse": "Nutzungsordnung",
 				"the": "die"
 			}
 		},
diff --git a/locales/en.json b/locales/en.json
index a42d372ae1..4af8129adf 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -1458,7 +1458,6 @@
 				"i": "I,",
 				"pleaseClickOnRead": "Please acknowledge this information by clicking on „Read” in order to proceed with the use.",
 				"pleaseConfirmTheFollowingDeclarationOfConsent": "Please confirm the following declarations of consent so that you can use the {{title}}.",
-				"termsOfUse": "Terms of Use",
 				"the": "the"
 			}
 		},
diff --git a/locales/es.json b/locales/es.json
index fcbe077116..4d3dc8d397 100644
--- a/locales/es.json
+++ b/locales/es.json
@@ -1458,7 +1458,6 @@
 				"i": "Yo,",
 				"pleaseClickOnRead": "Acepta esta información haciendo clic en \"Leer\" para continuar con el uso.",
 				"pleaseConfirmTheFollowingDeclarationOfConsent": "Confirma las siguientes declaraciones de consentimiento para que puedas utilizar {{title}}.",
-				"termsOfUse": "Condiciones de uso",
 				"the": "el"
 			}
 		},
diff --git a/locales/uk.json b/locales/uk.json
index 90c744a3fe..859b3c1c5d 100644
--- a/locales/uk.json
+++ b/locales/uk.json
@@ -3041,7 +3041,6 @@
 				"i": "Я,",
 				"pleaseClickOnRead": "Підтвердьте цю інформацію, натиснувши «Прочитати», щоб продовжити використання.",
 				"pleaseConfirmTheFollowingDeclarationOfConsent": "Підтвердьте наведені нижче заяви про згоду, щоб ви могли використовувати {{title}}.",
-				"termsOfUse": "Умови використання",
 				"the": "це"
 			},
 			"headline": {
diff --git a/views/firstLogin/sections/consent_updates.hbs b/views/firstLogin/sections/consent_updates.hbs
index 8ef49e465d..86b44cac2a 100644
--- a/views/firstLogin/sections/consent_updates.hbs
+++ b/views/firstLogin/sections/consent_updates.hbs
@@ -1,7 +1,7 @@
 <section data-panel="section-{{section-nr}}" {{#if submit-page}}class="submit-page" {{/if}}>
   <h2 class="h4">{{$t "firstLogin.consent.headline.importantInformation" }} {{#ifCond @root.updatedConsents.total '>' 1}}en{{/ifCond}}</h2>
   <a style="margin-bottom: 20px;">{{$t "firstLogin.consent.text.forAnEvenBetterLearningExperience" (dict "title" @root.theme.title)}}
-    {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}} {{$t "firstLogin.consent.text.the" }} <a href="/termsofuse" target="_blank">{{$t "firstLogin.consent.text.termsOfUse" }}</a>{{/ifCond}}
+    {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}} {{$t "firstLogin.consent.text.the" }} <a href="/termsofuse" target="_blank">{{$t "global.text.termsOfUse" }}</a>{{/ifCond}}
     {{#ifCond @root.updatedConsents.privacy.total '>' 0}}
     {{#ifCond @root.updatedConsents.termsOfUse.total '>' 0}}
     {{$t "firstLogin.consent.text.and" }}

From 5cfb190790db67f56f6e7a8ba734bdb62ef2004b Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Mon, 11 Sep 2023 16:35:55 +0200
Subject: [PATCH 7/8] move functions into helper file

---
 controllers/dataprivacy.js | 24 +-----------------------
 controllers/termsofuse.js  | 24 +-----------------------
 helpers/fileHelper.js      | 28 ++++++++++++++++++++++++++++
 3 files changed, 30 insertions(+), 46 deletions(-)
 create mode 100644 helpers/fileHelper.js

diff --git a/controllers/dataprivacy.js b/controllers/dataprivacy.js
index b9ef56daa9..07685a02e5 100644
--- a/controllers/dataprivacy.js
+++ b/controllers/dataprivacy.js
@@ -4,34 +4,12 @@ const api = require('../api');
 const authHelper = require('../helpers/authentication');
 const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
 const { specificFiles } = require('../config/documents');
+const { getBase64File } = require('../helpers/fileHelper');
 
 const router = express.Router();
 
 const privacyUrl = () => new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`, DOCUMENT_BASE_DIR);
 
-const downloadPolicyPdf = (res, fileData, fileTitle) => {
-	// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
-	const encodedFileTitle = encodeURI(fileTitle);
-	const download = Buffer.from(fileData, 'base64');
-	res.writeHead(200, {
-		'Content-Type': 'application/pdf',
-		'Content-Disposition': `attachment; filename="${encodedFileTitle}.pdf"`,
-	}).end(download);
-};
-
-const getBase64File = async (req, res, fileId, fileTitle) => {
-	if (fileId) {
-		const base64File = await api(req).get(`/base64Files/${fileId}`);
-		if (base64File.data) {
-			const fileData = base64File.data.replace(
-				'data:application/pdf;base64,',
-				'',
-			);
-			downloadPolicyPdf(res, fileData, fileTitle);
-		}
-	}
-};
-
 router.get('/', async (req, res, next) => {
 	try {
 		const isAuthenticated = await authHelper.isAuthenticated(req);
diff --git a/controllers/termsofuse.js b/controllers/termsofuse.js
index b48e1ef86e..bed7820a2d 100644
--- a/controllers/termsofuse.js
+++ b/controllers/termsofuse.js
@@ -4,34 +4,12 @@ const api = require('../api');
 const authHelper = require('../helpers/authentication');
 const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
 const { specificFiles } = require('../config/documents');
+const { getBase64File } = require('../helpers/fileHelper');
 
 const router = express.Router();
 
 const termsUrl = () => new URL(`${SC_THEME}/${specificFiles.termsOfUseSchool}`, DOCUMENT_BASE_DIR);
 
-const downloadTermsPdf = (res, fileData, fileTitle) => {
-	// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
-	const encodedFileTitle = encodeURI(fileTitle);
-	const download = Buffer.from(fileData, 'base64');
-	res.writeHead(200, {
-		'Content-Type': 'application/pdf',
-		'Content-Disposition': `attachment; filename="${encodedFileTitle}.pdf"`,
-	}).end(download);
-};
-
-const getBase64File = async (req, res, fileId, fileTitle) => {
-	if (fileId) {
-		const base64File = await api(req).get(`/base64Files/${fileId}`);
-		if (base64File.data) {
-			const fileData = base64File.data.replace(
-				'data:application/pdf;base64,',
-				'',
-			);
-			downloadTermsPdf(res, fileData, fileTitle);
-		}
-	}
-};
-
 router.get('/', async (req, res, next) => {
 	try {
 		const isAuthenticated = await authHelper.isAuthenticated(req);
diff --git a/helpers/fileHelper.js b/helpers/fileHelper.js
new file mode 100644
index 0000000000..924b2e49cb
--- /dev/null
+++ b/helpers/fileHelper.js
@@ -0,0 +1,28 @@
+const api = require('../api');
+
+const downloadAsPdf = (res, fileData, fileTitle) => {
+	// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
+	const encodedFileTitle = encodeURI(fileTitle);
+	const download = Buffer.from(fileData, 'base64');
+	res.writeHead(200, {
+		'Content-Type': 'application/pdf',
+		'Content-Disposition': `attachment; filename="${encodedFileTitle}.pdf"`,
+	}).end(download);
+};
+
+const getBase64File = async (req, res, fileId, fileTitle) => {
+	if (fileId) {
+		const base64File = await api(req).get(`/base64Files/${fileId}`);
+		if (base64File.data) {
+			const fileData = base64File.data.replace(
+				'data:application/pdf;base64,',
+				'',
+			);
+			downloadAsPdf(res, fileData, fileTitle);
+		}
+	}
+};
+
+module.exports = {
+	getBase64File,
+};

From 687a7635c9559f8efc28ad0f85f4ef27804db51c Mon Sep 17 00:00:00 2001
From: davwas <daw.wasik@gmail.com>
Date: Mon, 11 Sep 2023 16:58:10 +0200
Subject: [PATCH 8/8] refactor controllers

---
 controllers/dataprivacy.js      | 18 ++----------------
 controllers/termsofuse.js       | 18 ++----------------
 helpers/consentVersionHelper.js | 24 ++++++++++++++++++++++++
 3 files changed, 28 insertions(+), 32 deletions(-)
 create mode 100644 helpers/consentVersionHelper.js

diff --git a/controllers/dataprivacy.js b/controllers/dataprivacy.js
index 07685a02e5..562e5813c0 100644
--- a/controllers/dataprivacy.js
+++ b/controllers/dataprivacy.js
@@ -1,10 +1,9 @@
 const express = require('express');
 const { URL } = require('url');
-const api = require('../api');
-const authHelper = require('../helpers/authentication');
 const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
 const { specificFiles } = require('../config/documents');
 const { getBase64File } = require('../helpers/fileHelper');
+const { getConsentVersion } = require('../helpers/consentVersionHelper');
 
 const router = express.Router();
 
@@ -12,20 +11,7 @@ const privacyUrl = () => new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`
 
 router.get('/', async (req, res, next) => {
 	try {
-		const isAuthenticated = await authHelper.isAuthenticated(req);
-		const qs = {
-			$limit: 1,
-			consentTypes: ['privacy'],
-			$sort: {
-				publishedAt: -1,
-			},
-		};
-
-		if (isAuthenticated && res.locals.currentSchool) {
-			qs.schoolId = res.locals.currentSchool;
-		}
-
-		const consentVersions = await api(req).get('/consentVersions', { qs });
+		const consentVersions = await getConsentVersion(req, res, 'privacy');
 
 		if (consentVersions.data.length) {
 			const fileId = consentVersions.data[0].consentDataId;
diff --git a/controllers/termsofuse.js b/controllers/termsofuse.js
index bed7820a2d..4060a1435f 100644
--- a/controllers/termsofuse.js
+++ b/controllers/termsofuse.js
@@ -1,10 +1,9 @@
 const express = require('express');
 const { URL } = require('url');
-const api = require('../api');
-const authHelper = require('../helpers/authentication');
 const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
 const { specificFiles } = require('../config/documents');
 const { getBase64File } = require('../helpers/fileHelper');
+const { getConsentVersion } = require('../helpers/consentVersionHelper');
 
 const router = express.Router();
 
@@ -12,20 +11,7 @@ const termsUrl = () => new URL(`${SC_THEME}/${specificFiles.termsOfUseSchool}`,
 
 router.get('/', async (req, res, next) => {
 	try {
-		const isAuthenticated = await authHelper.isAuthenticated(req);
-		const qs = {
-			$limit: 1,
-			consentTypes: ['termsOfUse'],
-			$sort: {
-				publishedAt: -1,
-			},
-		};
-
-		if (isAuthenticated && res.locals.currentSchool) {
-			qs.schoolId = res.locals.currentSchool;
-		}
-
-		const consentVersions = await api(req).get('/consentVersions', { qs });
+		const consentVersions = await getConsentVersion(req, res, 'termsOfUse');
 
 		if (consentVersions.data.length) {
 			const fileId = consentVersions.data[0].consentDataId;
diff --git a/helpers/consentVersionHelper.js b/helpers/consentVersionHelper.js
new file mode 100644
index 0000000000..42683c07e4
--- /dev/null
+++ b/helpers/consentVersionHelper.js
@@ -0,0 +1,24 @@
+const api = require('../api');
+const authHelper = require('./authentication');
+
+const getConsentVersion = async (req, res, consentType) => {
+	const isAuthenticated = await authHelper.isAuthenticated(req);
+	const qs = {
+		$limit: 1,
+		consentTypes: [consentType],
+		$sort: {
+			publishedAt: -1,
+		},
+	};
+
+	if (isAuthenticated && res.locals.currentSchool) {
+		qs.schoolId = res.locals.currentSchool;
+	}
+
+	const consentVersion = await api(req).get('/consentVersions', { qs });
+	return consentVersion;
+};
+
+module.exports = {
+	getConsentVersion,
+};