From 30549bd7adce47a12f327d30e9e0e59f5318ead0 Mon Sep 17 00:00:00 2001
From: Will Daly <will@edx.org>
Date: Mon, 22 Dec 2014 09:39:16 -0500
Subject: [PATCH] Send the user to the login page if registering with a linked
 but inactive account

---
 common/djangoapps/third_party_auth/pipeline.py     |  9 +++++++++
 .../third_party_auth/tests/specs/base.py           | 14 +++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/common/djangoapps/third_party_auth/pipeline.py b/common/djangoapps/third_party_auth/pipeline.py
index 0a54701fbd..e46e34c994 100644
--- a/common/djangoapps/third_party_auth/pipeline.py
+++ b/common/djangoapps/third_party_auth/pipeline.py
@@ -536,6 +536,15 @@ def ensure_user_information(
     if is_register_2 and user_unset:
         return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_REGISTER_2], strategy))
 
+    # If the user has a linked account, but has not yet activated
+    # we should send them to the login page.  The login page
+    # will tell them that they need to activate their account.
+    if is_register and user_inactive:
+        return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_LOGIN], strategy))
+
+    if is_register_2 and user_inactive:
+        return redirect(_create_redirect_url(AUTH_DISPATCH_URLS[AUTH_ENTRY_LOGIN_2], strategy))
+
 
 def _create_redirect_url(url, strategy):
     """ Given a URL and a Strategy, construct the appropriate redirect URL.
diff --git a/common/djangoapps/third_party_auth/tests/specs/base.py b/common/djangoapps/third_party_auth/tests/specs/base.py
index 3c34754931..65eae44103 100644
--- a/common/djangoapps/third_party_auth/tests/specs/base.py
+++ b/common/djangoapps/third_party_auth/tests/specs/base.py
@@ -689,7 +689,19 @@ class IntegrationTest(testutil.TestCase, test.TestCase):
         # social auth.
         self.assert_social_auth_does_not_exist_for_user(created_user, strategy)
 
-        # We should be redirected back to the complete page, setting
+        # Since the user's account is not yet active, we should be redirected to /login
+        self.assert_redirect_to_login_looks_correct(
+            actions.do_complete(
+                request.social_strategy, social_views._do_login, request.user, None,  # pylint: disable-msg=protected-access
+                redirect_field_name=auth.REDIRECT_FIELD_NAME
+            )
+        )
+
+        # Activate the user's account
+        strategy.request.user.is_active = True
+        strategy.request.user.save()
+
+        # Try again.  This time, we should be redirected back to the complete page, setting
         # the "logged in" cookie for the marketing site.
         self.assert_logged_in_cookie_redirect(actions.do_complete(
             request.social_strategy, social_views._do_login, request.user, None,  # pylint: disable-msg=protected-access