Particularly for Maniphest, we should allow installs to permit non-users to interact with tasks over email. This is a request from @davidreuss and an obvious good for onboarding/penetration.
The trouble comes when those users eventually sign up for accounts. But it would probably be reasonable to do this:
- Introduce a new user-app object called "ExternalUser" or similar, which has a PHID and some external identifier (like an email address).
- Add Handle support.
- Auto-create them for unknown inbound email.
- When they eventually sign up, weakly associate the ExternalUser to the real user (e.g., when a user confirms an email tied to an ExternalUser, we know it's them) if/when we can.
- Add a script like "reconcile_external.php" which goes through app-by-app and replaces "PHID-XUSR-..." PHIDs with "PHID-USER-..." PHIDs for external users who are now associated with real users. Administrators can run this periodically if they care. It's probably perfectly fine to leave these users unreconciled in most cases -- not a big deal if a 3-month-old comment says it's from "firstname.lastname@example.org" vs "epriestley".
So this probably isn't actually that hard, since we can just do all the hard stuff offline and add zero logic for it at runtime.