Un-nest contexts in `settings/2fa/webauthn` spec (#28359)

remotes/1723507292310805857/main
Matt Jankowski 2023-12-14 05:46:43 -05:00 committed by GitHub
parent adbfd40a1b
commit ef9797a395
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 42 additions and 55 deletions

View File

@ -194,8 +194,7 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
add_webauthn_credential(user) add_webauthn_credential(user)
end end
context 'when creation succeeds' do it 'adds a new credential to user credentials and does not change webauthn_id when creation succeeds', :aggregate_failures do
it 'adds a new credential to user credentials and does not change webauthn_id', :aggregate_failures do
controller.session[:webauthn_challenge] = challenge controller.session[:webauthn_challenge] = challenge
expect do expect do
@ -205,10 +204,8 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
end end
end
context 'when the nickname is already used' do it 'fails when the nickname is already used' do
it 'fails' do
controller.session[:webauthn_challenge] = challenge controller.session[:webauthn_challenge] = challenge
post :create, params: { credential: new_webauthn_credential, nickname: 'USB Key' } post :create, params: { credential: new_webauthn_credential, nickname: 'USB Key' }
@ -216,19 +213,14 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
expect(response).to have_http_status(422) expect(response).to have_http_status(422)
expect(flash[:error]).to be_present expect(flash[:error]).to be_present
end end
end
context 'when the credential already exists' do it 'fails when the credential already exists' do
before do
user2 = Fabricate(:user)
public_key_credential = WebAuthn::Credential.from_create(new_webauthn_credential) public_key_credential = WebAuthn::Credential.from_create(new_webauthn_credential)
Fabricate(:webauthn_credential, Fabricate(:webauthn_credential,
user_id: user2.id, user_id: Fabricate(:user).id,
external_id: public_key_credential.id, external_id: public_key_credential.id,
public_key: public_key_credential.public_key) public_key: public_key_credential.public_key)
end
it 'fails' do
controller.session[:webauthn_challenge] = challenge controller.session[:webauthn_challenge] = challenge
post :create, params: { credential: new_webauthn_credential, nickname: nickname } post :create, params: { credential: new_webauthn_credential, nickname: nickname }
@ -237,10 +229,8 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
expect(flash[:error]).to be_present expect(flash[:error]).to be_present
end end
end end
end
context 'when user have not enabled webauthn' do context 'when user have not enabled webauthn and creation succeeds' do
context 'when creation succeeds' do
it 'creates a webauthn credential' do it 'creates a webauthn credential' do
controller.session[:webauthn_challenge] = challenge controller.session[:webauthn_challenge] = challenge
@ -250,7 +240,6 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
end end
end end
end end
end
context 'when user has not enabled otp' do context 'when user has not enabled otp' do
before do before do
@ -292,8 +281,7 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
add_webauthn_credential(user) add_webauthn_credential(user)
end end
context 'when deletion succeeds' do it 'redirects to 2FA methods list and shows flash success and deletes the credential when deletion succeeds', :aggregate_failures do
it 'redirects to 2FA methods list and shows flash success and deletes the credential', :aggregate_failures do
expect do expect do
delete :destroy, params: { id: user.webauthn_credentials.take.id } delete :destroy, params: { id: user.webauthn_credentials.take.id }
end.to change { user.webauthn_credentials.count }.by(-1) end.to change { user.webauthn_credentials.count }.by(-1)
@ -302,7 +290,6 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
expect(flash[:success]).to be_present expect(flash[:success]).to be_present
end end
end end
end
context 'when user does not have webauthn enabled' do context 'when user does not have webauthn enabled' do
it 'redirects to 2FA methods list and shows flash error' do it 'redirects to 2FA methods list and shows flash error' do