From 74a1145a0b45ee1940a64ddcf0cfc1cf23566175 Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Wed, 26 Feb 2014 10:27:39 +1100
Subject: [PATCH] BUGFIX: sso to respect must_approve_users

---
 app/controllers/session_controller.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/session_controller.rb b/app/controllers/session_controller.rb
index b98e38dff6a..b276578c61c 100644
--- a/app/controllers/session_controller.rb
+++ b/app/controllers/session_controller.rb
@@ -31,7 +31,11 @@ class SessionController < ApplicationController
     sso.expire_nonce!
 
     if user = sso.lookup_or_create_user
-      log_on_user user
+      if SiteSetting.must_approve_users? && !user.approved?
+        # TODO: need an awaiting approval message here
+      else
+        log_on_user user
+      end
       redirect_to return_path
     else
       render text: "unable to log on user", status: 500