export: Don't turn non-consented deactivated users into mirror dummies.

As explained in the comment, if we turn a non-consented deactivated user
into a mirror dummy, this will violate the rule that a deactivated user
cannot restore their account by themselves after an export->import
cycle.
This commit is contained in:
Mateusz Mandera
2025-03-15 21:30:51 +08:00
committed by Tim Abbott
parent ff876d2df4
commit 39f1e1951b

View File

@@ -1216,10 +1216,16 @@ def custom_fetch_user_profile(response: TableData, context: Context) -> None:
if row["id"] in exportable_user_ids:
pass
else:
# Convert non-exportable users to
# inactive is_mirror_dummy users.
# Non-exportable users should be turned into mirror dummies, with the notable exception
# of users who were already deactivated. Mirror dummies can sign up with the matching email
# address to reactivate their account. However, deactivated users are specifically meant to
# be prevented from re-entering the organization with the deactivated account.
# In order to maintain that restriction through the export->import cycle, we need to keep
# deactivated accounts as just deactivated - without flipping is_mirror_dummy=True.
if row["is_active"]:
row["is_mirror_dummy"] = True
row["is_active"] = False
if row["email_address_visibility"] == UserProfile.EMAIL_ADDRESS_VISIBILITY_NOBODY:
# The user chose not to make their email address visible even to the realm administrators.
# Generate a dummy email address for them so that this preference can't be bypassed