From a518626a85748d927850f1af50c64358f700c2a3 Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Thu, 21 Nov 2013 12:58:58 -0800
Subject: [PATCH] Slightly improve behavior for unverified + unapproved users

Summary: Ref T4140. Allow unapproved users to verify their email addresses. Currently, unapproved blocks email verification, but should not.

Test Plan: Clicked email verification link as an unapproved user, got email verified.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7618
---
 .../PhabricatorAuthNeedsApprovalController.php       |  4 ++++
 .../PhabricatorEmailVerificationController.php       | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/src/applications/auth/controller/PhabricatorAuthNeedsApprovalController.php b/src/applications/auth/controller/PhabricatorAuthNeedsApprovalController.php
index 88565243c3..d0ff45b38c 100644
--- a/src/applications/auth/controller/PhabricatorAuthNeedsApprovalController.php
+++ b/src/applications/auth/controller/PhabricatorAuthNeedsApprovalController.php
@@ -11,6 +11,10 @@ final class PhabricatorAuthNeedsApprovalController
     return false;
   }
 
+  public function shouldRequireEnabledUser() {
+    return false;
+  }
+
   public function processRequest() {
     $request = $this->getRequest();
     $user = $request->getUser();
diff --git a/src/applications/auth/controller/PhabricatorEmailVerificationController.php b/src/applications/auth/controller/PhabricatorEmailVerificationController.php
index 091575309e..87c9c746f1 100644
--- a/src/applications/auth/controller/PhabricatorEmailVerificationController.php
+++ b/src/applications/auth/controller/PhabricatorEmailVerificationController.php
@@ -15,10 +15,22 @@ final class PhabricatorEmailVerificationController
     return false;
   }
 
+  public function shouldRequireEnabledUser() {
+    // Unapproved users are allowed to verify their email addresses. We'll kick
+    // disabled users out later.
+    return false;
+  }
+
   public function processRequest() {
     $request = $this->getRequest();
     $user = $request->getUser();
 
+    if ($user->getIsDisabled()) {
+      // We allowed unapproved and disabled users to hit this controller, but
+      // want to kick out disabled users now.
+      return new Aphront400Response();
+    }
+
     $email = id(new PhabricatorUserEmail())->loadOneWhere(
       'userPHID = %s AND verificationCode = %s',
       $user->getPHID(),