Closed buffstop closed 6 years ago
We have quite some duplicate registrations. Might become more prio
related: upstream has 5817ba4, which I think helps in a lot of cases. Clarification needed: should only confirmed mail block new registration on said mail? If not, Attackers can DOS + if there's happened some mistake on the first try, the user has no way to recover on his own.
maybe we should rather hide everyone without confirmed email address by default in the dashboard and maybe also hide / grey out in the duplicate warning of "make member"
@buffstop, what do you think?
upstream has 5817ba4, which I think helps in a lot of cases.
If that was the root of the doubled registrations, thats fine with me.
Clarification needed: should only confirmed mail block new registration on said mail? If not, Attackers can DOS + if there's happened some mistake on the first try, the user has no way to recover on his own. maybe we should rather hide everyone without confirmed email address by default in the dashboard and maybe also hide / grey out in the duplicate warning of "make member"
We do not need to make any changes imo. if the root of the doubled registration is fixed. I consider it as ok and less error prone (and less work for you) to handle seldom doubled registrations manually after receiving the AFM paperwork.
Feel free to close this ticket.
upstream 5817ba4 is cherry-picked into pep-customization
PRIO2 It should not be possible to register two persons using the same email address.
Repro:
Expected: Alert for user: Email is already registered.
Actual: You can register using the same address multiple times.
Depends to #35