I'm wondering how to change the sequence of email activation and admin approval when both are turned on. I'd like users to verify their email address FIRST. Then once they do that, their account also needs to be approved by an admin.

I'm running LT 6.x-1.7 with Drupal 6.16.

If I have selected "Visitors can create accounts but administrator approval is required" AND "Require e-mail verification when a visitor creates an account", the user immediately gets a verification email AND the admin also immediately gets the "(username) has applied for an account" email.

If the user visits the verification URL before the admin unblocks them, they see "Access denied. You may need to login below or register to access this page". Confusing.

Therefore, the admin has to activate/unblock them first. Unlikely (since the user is certainly at their computer right now).

Is there a way to have the user verify first? ie, not contact the admin for approval until after the new user has verified?

Thanks!!

-----
On a related topic, is there a way for the admin to see whether a user has verified their email or not?

Comments

hunmonk’s picture

hunmonk commented
Version: 6.x-1.7 » 7.x-1.x-dev
Category: support » feature

Is there a way to have the user verify first? ie, not contact the admin for approval until after the new user has verified?

no. this would require a substantial rewrite most likely, which is something i have no interest in doing. if a patch were to show up for the 7.x branch, i would look at it for inclusion.

On a related topic, is there a way for the admin to see whether a user has verified their email or not?

pretty sure you can filter users by the pre-auth role at the user admin page

silentway’s picture

silentway commented

Thanks for the quick response. In that case, here's my workaround:

I'll set up a "pre-auth" role with the same permissions as anonymous, and set it to "Require e-mail verification when a visitor creates an account", but "no administrator approval is required." The new user gets that role and are active as soon as they verify their email.

But they don't gain any greater access until the admin manually bumps them up to a next-level "authorized" role (with more permissions).

This achieves the goal of gaining users (but without giving them any permissions... at first).

----
And, /admin/user/user/list can filter by non-core (custom) roles but it can't filter by authorized. So folks, set up a role identical in permissions to anonymous, and make that the pre-auth role for easier filtering.

And /admin/user/user/list can't sort by roles. However it can bulk-add or bulk-remove roles from manually selected users. So, combined with filtering, that should work for now for this application.

1sp’s picture

1sp commented

Hi silentway,

interesting workaround.
in addition, you can use LoginTobogganRules to sent out an "admin approval required" email using Rules module, so that the user gets notified.

silentway’s picture

silentway commented

Thanks, will check out Rules module.

Also, /admin/user/user/list can only bulk-change non-core roles. ie, you can't bulk-remove the "authenticated" role from selected users. Yet another reason NOT to make the authenticated role the "pre-auth" role automatically granted by LT.

hunmonk’s picture

hunmonk commented
Status: Active » Closed (works as designed)

the anonymous and authenticated user roles are hardwired into core, and thus have many limitations as opposed to other roles -- so the suggestions above about not using the auth as pre-auth are dead on.

my feeling is that these suggestions solve the main issues raised in the issue.

ahaomar’s picture

ahaomar commented
Issue summary: View changes

Is any update or module available for above solution ?