feat(safety): add manual approval process for accounts #165

Merged

chartgerink merged 9 commits from add/pending-accounts into main 2026-05-13 21:07:41 +00:00

Conversation 0 Commits 9 Files changed 11 +727 -32

chartgerink commented 2026-05-13 09:56:38 +00:00

Owner

Copy link

• migrate default global_role from regular -> pending
• add middleware to prevent publishing when global_role == "pending"
• add mailer for account approval process (init, approve, deny) - triggered upon email verification
• add mailer for invited authors who register account upon invite
• add admin endpoints for listing, approving, denying, and re-review accounts
• add tests for admin endpoints

This partially adds "safety by design" measures COMP27, COMP23, and COMP12.

- migrate default `global_role` from `regular -> pending` - add middleware to prevent publishing when `global_role == "pending"` - add mailer for account approval process (init, approve, deny) - triggered upon email verification - add mailer for invited authors who register account upon invite - add admin endpoints for listing, approving, denying, and re-review accounts - add tests for admin endpoints This partially adds ["safety by design" measures](https://sbd-taxonomy.vercel.app/) `COMP27`, `COMP23`, and `COMP12`.

chartgerink added 7 commits 2026-05-13 09:56:38 +00:00

migrate global role to default to pending upon registration 1b0ad2bced

add emails, handlers, and middleware for approval process 56d28574ac

only list approved accounts, add admin routes and docs 8266d17aba

ensure invited clients also require approval 0461a118d2

add re-review procedure for admins (with email notification) 9459753265

update tests to manage global role updates 6a8d48cf68

add tests for admin user approval endpoints 6b8ce59b67

chartgerink added 1 commit 2026-05-13 15:39:40 +00:00

update email copy for both signup and quarantine a1caad1884

chartgerink added 1 commit 2026-05-13 20:51:17 +00:00

final copy update 79c50fb461

chartgerink merged commit 52646b2dcf into main 2026-05-13 21:07:41 +00:00

chartgerink deleted branch add/pending-accounts 2026-05-13 21:07:41 +00:00

chartgerink referenced this pull request from a commit 2026-05-13 21:07:43 +00:00

feat(safety): add manual approval process for accounts (#165)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something is not working

  

critical

issues that are blocking other work, high importance + urgent

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

future

Not on the docket right now. Keeping the issue for future work.

  

help wanted

Need some help

  

invalid

Something is wrong

  

MAJOR

  

MINOR

  

PATCH

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

critical

duplicate

enhancement

future

help wanted

invalid

MAJOR

MINOR

PATCH

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

researchequals/api!165

No description provided.