require 'rails_helper'
|
|
require 'webauthn/fake_client'
|
|
|
|
describe Admin::TwoFactorAuthenticationsController do
|
|
render_views
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
before do
|
|
sign_in Fabricate(:user, admin: true), scope: :user
|
|
end
|
|
|
|
describe 'DELETE #destroy' do
|
|
context 'when user has OTP enabled' do
|
|
before do
|
|
user.update(otp_required_for_login: true)
|
|
end
|
|
|
|
it 'redirects to admin account page' do
|
|
delete :destroy, params: { user_id: user.id }
|
|
|
|
user.reload
|
|
expect(user.otp_enabled?).to eq false
|
|
expect(response).to redirect_to(admin_account_path(user.account_id))
|
|
end
|
|
end
|
|
|
|
context 'when user has OTP and WebAuthn enabled' do
|
|
let(:fake_client) { WebAuthn::FakeClient.new('http://test.host') }
|
|
|
|
before do
|
|
user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id)
|
|
|
|
public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
|
|
Fabricate(:webauthn_credential,
|
|
user_id: user.id,
|
|
external_id: public_key_credential.id,
|
|
public_key: public_key_credential.public_key,
|
|
nickname: 'Security Key')
|
|
end
|
|
|
|
it 'redirects to admin account page' do
|
|
delete :destroy, params: { user_id: user.id }
|
|
|
|
user.reload
|
|
expect(user.otp_enabled?).to eq false
|
|
expect(user.webauthn_enabled?).to eq false
|
|
expect(response).to redirect_to(admin_account_path(user.account_id))
|
|
end
|
|
end
|
|
end
|
|
end
|