- require 'rails_helper'
- require 'webauthn/fake_client'
-
- describe Admin::TwoFactorAuthenticationsController do
- render_views
-
- let(:user) { Fabricate(:user) }
- before do
- sign_in Fabricate(:user, admin: true), scope: :user
- end
-
- describe 'DELETE #destroy' do
- context 'when user has OTP enabled' do
- before do
- user.update(otp_required_for_login: true)
- end
-
- it 'redirects to admin account page' do
- delete :destroy, params: { user_id: user.id }
-
- user.reload
- expect(user.otp_enabled?).to eq false
- expect(response).to redirect_to(admin_account_path(user.account_id))
- end
- end
-
- context 'when user has OTP and WebAuthn enabled' do
- let(:fake_client) { WebAuthn::FakeClient.new('http://test.host') }
-
- before do
- user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id)
-
- public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
- Fabricate(:webauthn_credential,
- user_id: user.id,
- external_id: public_key_credential.id,
- public_key: public_key_credential.public_key,
- nickname: 'Security Key')
- end
-
- it 'redirects to admin account page' do
- delete :destroy, params: { user_id: user.id }
-
- user.reload
- expect(user.otp_enabled?).to eq false
- expect(user.webauthn_enabled?).to eq false
- expect(response).to redirect_to(admin_account_path(user.account_id))
- end
- end
- end
- end
|
