From 5e2888abf7fba1c5eb2d0767175d6d92f80d4e11 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Sat, 3 Jan 2026 04:27:26 -0300
Subject: [PATCH] portal: handle legacy approved requests

---
 backend/atlas_portal/provisioning.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/backend/atlas_portal/provisioning.py b/backend/atlas_portal/provisioning.py
index 525fcf4..def1666 100644
--- a/backend/atlas_portal/provisioning.py
+++ b/backend/atlas_portal/provisioning.py
@@ -118,6 +118,13 @@ def provision_access_request(request_code: str) -> ProvisionResult:
             revealed_at = row.get("initial_password_revealed_at")
             attempted_at = row.get("provision_attempted_at")
 
+            if status == "approved":
+                conn.execute(
+                    "UPDATE access_requests SET status = 'accounts_building' WHERE request_code = %s AND status = 'approved'",
+                    (request_code,),
+                )
+                status = "accounts_building"
+
             if status not in {"accounts_building", "awaiting_onboarding", "ready"}:
                 return ProvisionResult(ok=False, status=status or "unknown")