wireapp · MangoIV · Jun 24, 2024 · Jun 24, 2024 · Jun 24, 2024 · Jun 24, 2024
diff --git a/changelog.d/3-bug-fixes/WPB-9685 b/changelog.d/3-bug-fixes/WPB-9685
@@ -0,0 +1 @@
+Disabling legalhold before user's approval doesn't result in an error 
diff --git a/integration/test/Test/LegalHold.hs b/integration/test/Test/LegalHold.hs
@@ -873,8 +873,8 @@ testLHCannotCreateGroupWithUsersInConflict = do
     postConversation bob defProteus {qualifiedUsers = [debora, alice], newUsersRole = "wire_member", team = Just tidAlice}
       >>= assertLabel 403 "missing-legalhold-consent"
 
-testNoConsentCannotBeInvited :: (HasCallStack) => App ()
-testNoConsentCannotBeInvited = do
+testLHNoConsentCannotBeInvited :: (HasCallStack) => App ()
+testLHNoConsentCannotBeInvited = do
   -- team that is legalhold whitelisted
   (legalholder, tidLH, userLHNotActivated : _) <- createTeam OwnDomain 2
   legalholdWhitelistTeam tidLH legalholder >>= assertStatus 200
@@ -904,3 +904,21 @@ testNoConsentCannotBeInvited = do
       resp.json %. "status" `shouldMatch` "enabled"
 
     addMembers userLHNotActivated cid (def {users = [peer3]}) >>= assertLabel 403 "not-connected"
+
+testLHDisableBeforeApproval :: (HasCallStack) => App ()
+testLHDisableBeforeApproval = do
+  (alice, tid, [bob]) <- createTeam OwnDomain 2
+  legalholdWhitelistTeam tid alice >>= assertStatus 200
+
+  withMockServer def lhMockApp \lhDomAndPort _chan -> do
+    postLegalHoldSettings tid alice (mkLegalHoldSettings lhDomAndPort) >>= assertStatus 201
+
+    -- alice requests a legalhold device for bob and sets his status to "pending"
+    requestLegalHoldDevice tid alice bob >>= assertSuccess
+    let getBob'sStatus = (getUser bob bob >>= getJSON 200) %. "legalhold_status" & asString
+    getBob'sStatus `shouldMatch` "pending"
+
+    -- alice disables legalhold. the status for bob should now not be pending anymore
+    disableLegalHold tid alice bob defPassword
+      >>= assertStatus 200
+    getBob'sStatus `shouldMatch` "disabled"
diff --git a/services/galley/src/Galley/API/LegalHold.hs b/services/galley/src/Galley/API/LegalHold.hs
@@ -581,9 +581,18 @@ disableForUser lzusr tid uid (Public.DisableLegalHoldForUserRequest mPassword) =
 
   userLHStatus <-
     maybe defUserLegalHoldStatus (view legalHoldStatus) <$> getTeamMember tid (tUnqualified luid)
-  if not $ userLHEnabled userLHStatus
-    then pure DisableLegalHoldWasNotEnabled
-    else disableLH (tUnqualified lzusr) luid userLHStatus $> DisableLegalHoldSuccess
+
+  let doDisable = disableLH (tUnqualified lzusr) luid userLHStatus $> DisableLegalHoldSuccess
+  case userLHStatus of
+    -- no state change necessary
+    UserLegalHoldDisabled -> pure DisableLegalHoldWasNotEnabled
+    UserLegalHoldNoConsent ->
+      -- no state change allowed
+      -- we cannot go to disabled because that would subsume consent
+      pure DisableLegalHoldWasNotEnabled
+    -- LH is enabled or pending, we can disable (change state) without issue
+    UserLegalHoldEnabled -> doDisable
+    UserLegalHoldPending -> doDisable
   where
     disableLH :: UserId -> Local UserId -> UserLegalHoldStatus -> Sem r ()
     disableLH zusr luid userLHStatus = do