From d983315e6c159b33d6523e999b1a88fc0d48213d Mon Sep 17 00:00:00 2001
From: Michael Harrison <volo@rice.edu>
Date: Fri, 1 Dec 2023 15:15:03 -0600
Subject: [PATCH] slight modification to showing privacy notice updates

---
 app/controllers/newflow/login_controller.rb | 10 +++++-----
 app/controllers/terms_controller.rb         |  9 +++++++--
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/app/controllers/newflow/login_controller.rb b/app/controllers/newflow/login_controller.rb
index c3ce8c13f..e59f55306 100644
--- a/app/controllers/newflow/login_controller.rb
+++ b/app/controllers/newflow/login_controller.rb
@@ -6,14 +6,13 @@ class LoginController < BaseController
     GO_TO_STUDENT_SIGNUP = 'student_signup'
     GO_TO_SIGNUP = 'signup'
 
-    prepend_before_action :did_sign_privacy_notice, if: -> { signed_in? }, only: :login_form
     fine_print_skip :general_terms_of_use, :privacy_policy, except: :profile_newflow
 
     before_action :cache_client_app, only: :login_form
     before_action :known_signup_role_redirect, only: :login_form
     before_action :cache_alternate_signup_url, only: :login_form
     before_action :redirect_to_signup_if_go_param_present, only: :login_form
-    before_action :redirect_back, if: -> { signed_in? }, only: :login_form
+    before_action :redirect_back, if: -> { signed_in? && did_sign_recent_privacy_notice? }, only: :login_form
 
     def login
       handle_with(
@@ -37,7 +36,7 @@ def login
           sign_in!(user, security_log_data: {'email': @handler_result.outputs.email})
 
           if current_user.student? || !current_user.is_newflow? || (edu_newflow_activated? && decorated_user.can_do?('redirect_back_upon_login'))
-            redirect_back # back to `r`edirect parameter. See `before_action :save_redirect`.
+            redirect_back
           else
             redirect_to(decorated_user.next_step)
           end
@@ -88,11 +87,12 @@ def cache_alternate_signup_url
       set_alternate_signup_url(params[:signup_at])
     end
 
-    def did_sign_privacy_notice
+    def did_sign_recent_privacy_notice?
       contract = FinePrint.get_contract(:privacy_policy)
       unless contract.signed_by?(current_user)
-        redirect_to pose_term_url(name: contract.name, params: request.params)
+        false
       end
+      true
     end
   end
 end
diff --git a/app/controllers/terms_controller.rb b/app/controllers/terms_controller.rb
index 8a5da87d1..def962e68 100644
--- a/app/controllers/terms_controller.rb
+++ b/app/controllers/terms_controller.rb
@@ -45,8 +45,13 @@ def pose_by_name
   def agree
     handle_with(
       TermsAgree, complete: -> do
-        params[:r].present? && Host.trusted?(params[:r]) ?
-          redirect_to(params[:r]) : fine_print_return
+        if params[:r].present? && Host.trusted?(params[:r])
+            redirect_to(params[:r])
+        elsif !session[:return_to].nil? && Host.trusted?(session[:return_to])
+          redirect_to(session[:return_to])
+        else
+          fine_print_return
+        end
       end
     )
   end