diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index afd5305304..384f80923f 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -47,9 +47,6 @@ RSpec/ExampleLength: RSpec/LetSetup: Exclude: - - 'spec/controllers/auth/confirmations_controller_spec.rb' - - 'spec/controllers/auth/passwords_controller_spec.rb' - - 'spec/controllers/auth/sessions_controller_spec.rb' - 'spec/models/account_statuses_cleanup_policy_spec.rb' - 'spec/models/status_spec.rb' - 'spec/services/activitypub/fetch_featured_collection_service_spec.rb' diff --git a/spec/controllers/auth/confirmations_controller_spec.rb b/spec/controllers/auth/confirmations_controller_spec.rb index 58bc38f548..15403e8ea1 100644 --- a/spec/controllers/auth/confirmations_controller_spec.rb +++ b/spec/controllers/auth/confirmations_controller_spec.rb @@ -41,8 +41,9 @@ describe Auth::ConfirmationsController do get :show, params: { confirmation_token: 'foobar' } end - it 'redirects to login' do + it 'redirects to login and confirms user' do expect(response).to redirect_to(new_user_session_path) + expect(user.reload.confirmed_at).to_not be_nil end end @@ -87,8 +88,9 @@ describe Auth::ConfirmationsController do get :show, params: { confirmation_token: 'foobar' } end - it 'redirects to login' do + it 'redirects to login and confirms email' do expect(response).to redirect_to(new_user_session_path) + expect(user.reload.unconfirmed_email).to be_nil end it 'does not queue up bootstrapping of home timeline' do diff --git a/spec/controllers/auth/passwords_controller_spec.rb b/spec/controllers/auth/passwords_controller_spec.rb index e7f7ab4676..d70490abcf 100644 --- a/spec/controllers/auth/passwords_controller_spec.rb +++ b/spec/controllers/auth/passwords_controller_spec.rb @@ -70,6 +70,7 @@ describe Auth::PasswordsController do it 'deactivates all sessions' do expect(user.session_activations.count).to eq 0 + expect { session_activation.reload }.to raise_error(ActiveRecord::RecordNotFound) end it 'revokes all access tokens' do @@ -78,6 +79,7 @@ describe Auth::PasswordsController do it 'removes push subscriptions' do expect(Web::PushSubscription.where(user: user).or(Web::PushSubscription.where(access_token: access_token)).count).to eq 0 + expect { web_push_subscription.reload }.to raise_error(ActiveRecord::RecordNotFound) end end diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb index f341d75b79..212cc4d5e5 100644 --- a/spec/controllers/auth/sessions_controller_spec.rb +++ b/spec/controllers/auth/sessions_controller_spec.rb @@ -123,9 +123,8 @@ RSpec.describe Auth::SessionsController do let(:previous_ip) { '1.2.3.4' } let(:current_ip) { '4.3.2.1' } - let!(:previous_login) { Fabricate(:login_activity, user: user, ip: previous_ip) } - before do + Fabricate(:login_activity, user: user, ip: previous_ip) allow(controller.request).to receive(:remote_ip).and_return(current_ip) user.update(current_sign_in_at: 1.month.ago) post :create, params: { user: { email: user.email, password: user.password } } @@ -328,12 +327,6 @@ RSpec.describe Auth::SessionsController do Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret(32)) end - let!(:recovery_codes) do - codes = user.generate_otp_backup_codes! - user.save - return codes - end - let!(:webauthn_credential) do user.update(webauthn_id: WebAuthn.generate_user_id) public_key_credential = WebAuthn::Credential.from_create(fake_client.create) @@ -356,6 +349,11 @@ RSpec.describe Auth::SessionsController do let(:fake_credential) { fake_client.get(challenge: challenge, sign_count: sign_count) } + before do + user.generate_otp_backup_codes! + user.save + end + context 'when using email and password' do before do post :create, params: { user: { email: user.email, password: user.password } }