Make email-verification a config-gated policy instead of a hardcoded conditional.
Today handleSignupOrganization hardcodes if (mailer.isConfigured() && !user.emailVerified) to defer org provisioning. Wrap it in config.organizations.emailVerification {mode: 'strict' | 'off'}:
strict = current behavior (unverified β no membership β no abilities). Default.off = auto-provision regardless (identical to today's mailer-not-configured fallback). Reconcile off vs mailer-unconfigured so default-strict holds only when mailer is on.
Zero data-model change: derives from server-set emailVerified + createdAt. Keep emailVerified server-only (route the diff through the signup mass-assignment review). Coordinate with the emailVerified OAuth-annexation hardening item.
Created via /dev:issue
Make email-verification a config-gated policy instead of a hardcoded conditional.
Today
handleSignupOrganizationhardcodesif (mailer.isConfigured() && !user.emailVerified)to defer org provisioning. Wrap it inconfig.organizations.emailVerification {mode: 'strict' | 'off'}:strict= current behavior (unverified β no membership β no abilities). Default.off= auto-provision regardless (identical to today's mailer-not-configured fallback). Reconcileoffvs mailer-unconfigured so default-strict holds only when mailer is on.Zero data-model change: derives from server-set
emailVerified+createdAt. KeepemailVerifiedserver-only (route the diff through the signup mass-assignment review). Coordinate with the emailVerified OAuth-annexation hardening item.Created via /dev:issue