2 files changed, 16 insertions, 1 deletions

diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index 579775ff..596a4447 100644
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -14,8 +14,10 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+
 import logging
 import wtforms
+from sqlalchemy import or_
 
 from mediagoblin import mg_globals
 from mediagoblin.tools.crypto import get_timed_signer_url
@@ -161,6 +163,14 @@ def register_user(request, register_form):
         # Create the user
         user = auth.create_user(register_form)
 
+        # give the user the default privileges
+        default_privileges = [ 
+            Privilege.query.filter(Privilege.privilege_name==u'commenter').first(),
+            Privilege.query.filter(Privilege.privilege_name==u'uploader').first(),
+            Privilege.query.filter(Privilege.privilege_name==u'reporter').first()]
+        user.all_privileges += default_privileges
+        user.save()
+        
         # log the user in
         request.session['user_id'] = unicode(user.id)
         request.session.save()
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index dd71d5c1..7d95b81a 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -17,7 +17,7 @@
 from itsdangerous import BadSignature
 
 from mediagoblin import messages, mg_globals
-from mediagoblin.db.models import User
+from mediagoblin.db.models import User, Privilege
 from mediagoblin.tools.crypto import get_timed_signer_url
 from mediagoblin.decorators import auth_enabled, allow_registration
 from mediagoblin.tools.response import render_to_response, redirect, render_404
@@ -153,6 +153,11 @@ def verify_email(request):
     if user and user.email_verified is False:
         user.status = u'active'
         user.email_verified = True
+        user.verification_key = None
+        user.all_privileges.append(
+            Privilege.query.filter(
+            Privilege.privilege_name==u'active').first())
+
         user.save()
 
         messages.add_message(