From 4c26c4d9bcf8a16c245e69a7a1998e47e3c0d193 Mon Sep 17 00:00:00 2001
From: Paul Kaplan <paul@inventables.com>
Date: Fri, 15 May 2015 12:00:34 -0500
Subject: [PATCH] Add a SiteSetting to not trust sso emails by default

---
 app/models/discourse_single_sign_on.rb       |  2 +-
 config/locales/server.en.yml                 |  1 +
 config/site_settings.yml                     |  1 +
 spec/models/discourse_single_sign_on_spec.rb | 23 ++++++++++++++++++++
 4 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/app/models/discourse_single_sign_on.rb b/app/models/discourse_single_sign_on.rb
index db2387923..8eae077d8 100644
--- a/app/models/discourse_single_sign_on.rb
+++ b/app/models/discourse_single_sign_on.rb
@@ -57,7 +57,7 @@ class DiscourseSingleSignOn < SingleSignOn
       change_external_attributes_and_override(sso_record, user)
     end
 
-    if sso_record && (user = sso_record.user) && !user.active
+    if sso_record && (user = sso_record.user) && !user.active && SiteSetting.sso_trusts_email
       user.active = true
       user.save!
       user.enqueue_welcome_message('welcome_user') unless suppress_welcome_message
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 28c064ccf..4f22b37f1 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -885,6 +885,7 @@ en:
     enable_sso_provider: "Implement Discourse SSO provider protocol at the /session/sso_provider endpoint, requires sso_secret to be set"
     sso_url: "URL of single sign on endpoint"
     sso_secret: "Secret string used to cryptographically authenticate SSO information, be sure it is 10 characters or longer"
+    sso_trusts_email: "Allow SSO accounts to skip email verification"
     sso_overrides_email: "Overrides local email with external site email from SSO payload (WARNING: discrepancies can occur due to normalization of local emails)"
     sso_overrides_username: "Overrides local username with external site username from SSO payload (WARNING: discrepancies can occur due to differences in username length/requirements)"
     sso_overrides_name: "Overrides local full name with external site full name from SSO payload"
diff --git a/config/site_settings.yml b/config/site_settings.yml
index c53d526ee..94e21c864 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -234,6 +234,7 @@ login:
   enable_sso_provider: false
   sso_url: ''
   sso_secret: ''
+  sso_trusts_email: true
   sso_overrides_email: false
   sso_overrides_username: false
   sso_overrides_name: false
diff --git a/spec/models/discourse_single_sign_on_spec.rb b/spec/models/discourse_single_sign_on_spec.rb
index d102e291c..2430e3176 100644
--- a/spec/models/discourse_single_sign_on_spec.rb
+++ b/spec/models/discourse_single_sign_on_spec.rb
@@ -140,6 +140,29 @@ describe DiscourseSingleSignOn do
     expect(sso.nonce).to_not be_nil
   end
 
+  context 'trusting emails' do
+    let(:sso) {
+      sso = DiscourseSingleSignOn.new
+      sso.username = "test"
+      sso.name = "test"
+      sso.email = "test@example.com"
+      sso.external_id = "A"
+      sso
+    }
+
+    it 'activates users by default' do
+      user = sso.lookup_or_create_user(ip_address)
+      expect(user.active).to eq(true)
+    end
+
+    it 'does not activate user when asked to' do
+      SiteSetting.sso_trusts_email = false
+      user = sso.lookup_or_create_user(ip_address)
+      expect(user.active).to eq(false)
+    end
+
+  end
+
   context 'welcome emails' do
     let(:sso) {
       sso = DiscourseSingleSignOn.new