PrivacyAgreement refactor

[annekainicUSDS]

Right now, the way the privacy agreement is included in the library is through both a separate component, PrivacyAgreement, that resides within the platform code on Vets.gov, which then redirects the user to a new page with the privacy agreement language.

In order for this to be made generally usable by the library, we probably want to do a few things:

1. Include a component in the library for the privacy agreement - DONE
2. Include an option in the config to hide the privacy agreement (default it to "on")
3. Enable the language around the privacy agreement to be customizable --> not sure how this will work with the way Vets.gov currently handles the privacy agreement language, which has been just to build a completely separate page for it. It doesn't seem like a good idea to require each user of the library to build a separate privacy agreement page in order for things to work properly. Perhaps showing it as a modal so that it can be handled within the library is the best way to go.

[jcmeloni-usds]

I like the ideas; let's also get you and Dave working on this together as a way to integrate him into the team.

[annekainicUSDS]

Great idea!

[jcmeloni-usds]

I thought I saw some chatter between @annekainicUSDS and @dmethvin-gov about this -- can we make sure that we're chattering in the issues please, for transparency?

Also, if I'm completely wrong and I dreamed that, my bad!

[dmethvin-gov]

I can see a strong case for having an independent page for the privacy agreement, so that it can be linked to and read outside of the form. Otherwise there's no way to reference it unless you're actually filling out the form, and there may be other constraints (such as user login) on getting to the form.

As I understand it, the privacy agreement isn't really special. It's just a "mandatory" checkbox with label wording like "I have read and understand the privacy agreement" that includes a link to the privacy agreement text. That link can open a new window so it won't leave the form. As with all mandatory checkboxes, the form can't be submitted until it is checked, and the error message wording can emphasize that.

If possible we should just use generic capabilities rather than creating a special case in the code. If we really want to enforce the need for a privacy agreement at the library level, we can look for a specifically named field, e.g. acceptedPrivacyAgreement, and refuse to process the form unless it's been added.

[annekainicUSDS]

Things a user might want to customize:

1. The url for the link to the privacy agreement
2. The complete text for the privacy agreement
3. Whether or not the privacy agreement is shown