Admins who haven't been approved can log in when must_approve_users is enabled

spec/controllers/session_controller_spec.rb

@@ -107,6 +107,17 @@ describe SessionController do
             )
           end
         end
+
+        context "with an unapproved user who is an admin" do
+          before do
+            User.any_instance.stubs(:admin?).returns(true)
+            xhr :post, :create, login: user.email, password: 'myawesomepassword'
+          end
+
+          it 'sets a session id' do
+            session[:current_user_id].should == user.id
+          end
+        end
       end
     end