could alternatively scope must_approve_users with a must_approve_local_users
but this would remove a possibility of disabling initial page that re-directs to /login as a side effect of solving this security vulnerability.
could alternatively scope must_approve_users with a must_approve_local_users
but this would remove a possibility of disabling initial page that re-directs to /login as a side effect of solving this security vulnerability.