Cover Settings::TwoFactorAuthenticationsController more (#3376)
parent
dde043f6cd
commit
0e4ca51951
|
@ -6,47 +6,70 @@ describe Settings::TwoFactorAuthenticationsController do
|
||||||
render_views
|
render_views
|
||||||
|
|
||||||
let(:user) { Fabricate(:user) }
|
let(:user) { Fabricate(:user) }
|
||||||
before do
|
|
||||||
sign_in user, scope: :user
|
|
||||||
end
|
|
||||||
|
|
||||||
describe 'GET #show' do
|
describe 'GET #show' do
|
||||||
describe 'when user requires otp for login already' do
|
context 'when signed in' do
|
||||||
it 'returns http success' do
|
before do
|
||||||
user.update(otp_required_for_login: true)
|
sign_in user, scope: :user
|
||||||
get :show
|
end
|
||||||
|
|
||||||
expect(response).to have_http_status(:success)
|
describe 'when user requires otp for login already' do
|
||||||
|
it 'returns http success' do
|
||||||
|
user.update(otp_required_for_login: true)
|
||||||
|
get :show
|
||||||
|
|
||||||
|
expect(response).to have_http_status(:success)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'when user does not require otp for login' do
|
||||||
|
it 'returns http success' do
|
||||||
|
user.update(otp_required_for_login: false)
|
||||||
|
get :show
|
||||||
|
|
||||||
|
expect(response).to have_http_status(:success)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'when user does not require otp for login' do
|
context 'when not signed in' do
|
||||||
it 'returns http success' do
|
it 'redirects' do
|
||||||
user.update(otp_required_for_login: false)
|
|
||||||
get :show
|
get :show
|
||||||
|
expect(response).to redirect_to '/auth/sign_in'
|
||||||
expect(response).to have_http_status(:success)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'POST #create' do
|
describe 'POST #create' do
|
||||||
describe 'when user requires otp for login already' do
|
context 'when signed in' do
|
||||||
it 'redirects to show page' do
|
before do
|
||||||
user.update(otp_required_for_login: true)
|
sign_in user, scope: :user
|
||||||
post :create
|
end
|
||||||
|
|
||||||
expect(response).to redirect_to(settings_two_factor_authentication_path)
|
describe 'when user requires otp for login already' do
|
||||||
|
it 'redirects to show page' do
|
||||||
|
user.update(otp_required_for_login: true)
|
||||||
|
post :create
|
||||||
|
|
||||||
|
expect(response).to redirect_to(settings_two_factor_authentication_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'when creation succeeds' do
|
||||||
|
it 'updates user secret' do
|
||||||
|
before = user.otp_secret
|
||||||
|
post :create
|
||||||
|
|
||||||
|
expect(user.reload.otp_secret).not_to eq(before)
|
||||||
|
expect(response).to redirect_to(new_settings_two_factor_authentication_confirmation_path)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'when creation succeeds' do
|
context 'when not signed in' do
|
||||||
it 'updates user secret' do
|
it 'redirects' do
|
||||||
before = user.otp_secret
|
get :show
|
||||||
post :create
|
expect(response).to redirect_to '/auth/sign_in'
|
||||||
|
|
||||||
expect(user.reload.otp_secret).not_to eq(before)
|
|
||||||
expect(response).to redirect_to(new_settings_two_factor_authentication_confirmation_path)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -55,12 +78,19 @@ describe Settings::TwoFactorAuthenticationsController do
|
||||||
before do
|
before do
|
||||||
user.update(otp_required_for_login: true)
|
user.update(otp_required_for_login: true)
|
||||||
end
|
end
|
||||||
it 'turns off otp requirement' do
|
|
||||||
|
it 'turns off otp requirement if signed in' do
|
||||||
|
sign_in user, scope: :user
|
||||||
post :destroy
|
post :destroy
|
||||||
|
|
||||||
expect(response).to redirect_to(settings_two_factor_authentication_path)
|
expect(response).to redirect_to(settings_two_factor_authentication_path)
|
||||||
user.reload
|
user.reload
|
||||||
expect(user.otp_required_for_login).to eq(false)
|
expect(user.otp_required_for_login).to eq(false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'redirects if not signed in' do
|
||||||
|
get :show
|
||||||
|
expect(response).to redirect_to '/auth/sign_in'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue