FIX: Allow half-merged user to be accessed

lib/guardian/user_guardian.rb

@@ -74,7 +74,7 @@ def can_delete_user?(user)
   end
 
   def can_anonymize_user?(user)
-    is_staff? && !user.nil? && !user.staff? && !user.email.ends_with?(UserAnonymizer::EMAIL_SUFFIX)
+    is_staff? && !user.nil? && !user.staff? && !user.email&.ends_with?(UserAnonymizer::EMAIL_SUFFIX)
   end
 
   def can_merge_user?(user)

spec/lib/guardian_spec.rb

@@ -2777,10 +2777,16 @@
       expect(Guardian.new(user).can_anonymize_user?(user)).to be_falsey
     end
 
-    it "it false for an anonymized user" do
+    it "is false for an anonymized user" do
       expect(Guardian.new(user).can_anonymize_user?(anonymous_user)).to be_falsey
     end
 
+    it "is true for a user with no email" do
+      bad_state_user = Fabricate.build(:user, email: nil)
+      bad_state_user.skip_email_validation = true
+      expect(Guardian.new(moderator).can_anonymize_user?(bad_state_user)).to eq(true)
+    end
+
     it "is true for admin anonymizing a regular user" do
       expect(Guardian.new(admin).can_anonymize_user?(user)).to eq(true)
     end