It may be a much more complex change depending on how the guardian is involved in the different elements of this process but another option, which would also depend on 3, is:
- Add a boolean property to the invites themselves for bypassing user approval. This property would be default off and only exposed in the create invite UI when
must_approve_usersis enabled
Edit: Actually looking again at the code David referenced, I guess the guardian isn’t involved at all in deciding whether an invited user needs to be approved. It looks like that part of it would be a straightforward replacement of invite.invited_by.staff? with something like invite.bypass_approval?