![:speech_balloon:](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="64" height="64"><rect fill-opacity="0"/></svg> ":speech_balloon:"){kind=small}
When a user has an unverified email address, deny write permissions
When a new user has not verified their email address, any ACL that requires write access should raise a 403 forbidden error
This error message will be used to control user access on the front end and mobile by prompting them to validate their email address
Note, this needs to not effect existing users who have not verified their email address until we can roll out proper messaging
Unverified users should not be able to:
- Create a post
- Comment on a post
- Vote up or down
- Create group
- Create blog
- Upload images
- Upload movies
- unit tests
changed milestone to %Sprint::01/15 - Youthful Yabby
added scoped labels
changed weight to 6
changed time estimate to 6h
added to epic &102
marked this issue as related to front#2428
marked this issue as related to mobile-native#1702
Please register or sign in to reply