闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

124 lines
3.2 KiB

  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. describe Settings::TwoFactorAuthenticationsController do
  4. render_views
  5. let(:user) { Fabricate(:user) }
  6. describe 'GET #show' do
  7. context 'when signed in' do
  8. before do
  9. sign_in user, scope: :user
  10. end
  11. describe 'when user requires otp for login already' do
  12. it 'returns http success' do
  13. user.update(otp_required_for_login: true)
  14. get :show
  15. expect(response).to have_http_status(:success)
  16. end
  17. end
  18. describe 'when user does not require otp for login' do
  19. it 'returns http success' do
  20. user.update(otp_required_for_login: false)
  21. get :show
  22. expect(response).to have_http_status(:success)
  23. end
  24. end
  25. end
  26. context 'when not signed in' do
  27. it 'redirects' do
  28. get :show
  29. expect(response).to redirect_to '/auth/sign_in'
  30. end
  31. end
  32. end
  33. describe 'POST #create' do
  34. context 'when signed in' do
  35. before do
  36. sign_in user, scope: :user
  37. end
  38. describe 'when user requires otp for login already' do
  39. it 'redirects to show page' do
  40. user.update(otp_required_for_login: true)
  41. post :create
  42. expect(response).to redirect_to(settings_two_factor_authentication_path)
  43. end
  44. end
  45. describe 'when creation succeeds' do
  46. it 'updates user secret' do
  47. before = user.otp_secret
  48. post :create
  49. expect(user.reload.otp_secret).not_to eq(before)
  50. expect(response).to redirect_to(new_settings_two_factor_authentication_confirmation_path)
  51. end
  52. end
  53. end
  54. context 'when not signed in' do
  55. it 'redirects' do
  56. get :show
  57. expect(response).to redirect_to '/auth/sign_in'
  58. end
  59. end
  60. end
  61. describe 'POST #destroy' do
  62. before do
  63. user.update(otp_required_for_login: true)
  64. end
  65. context 'when signed in' do
  66. before do
  67. sign_in user, scope: :user
  68. end
  69. it 'turns off otp requirement with correct code' do
  70. expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg|
  71. expect(value).to eq user
  72. expect(arg).to eq '123456'
  73. true
  74. end
  75. post :destroy, params: { form_two_factor_confirmation: { code: '123456' } }
  76. expect(response).to redirect_to(settings_two_factor_authentication_path)
  77. user.reload
  78. expect(user.otp_required_for_login).to eq(false)
  79. end
  80. it 'does not turn off otp if code is incorrect' do
  81. expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg|
  82. expect(value).to eq user
  83. expect(arg).to eq '057772'
  84. false
  85. end
  86. post :destroy, params: { form_two_factor_confirmation: { code: '057772' } }
  87. user.reload
  88. expect(user.otp_required_for_login).to eq(true)
  89. end
  90. it 'raises ActionController::ParameterMissing if code is missing' do
  91. expect { post :destroy }.to raise_error(ActionController::ParameterMissing)
  92. end
  93. end
  94. it 'redirects if not signed in' do
  95. get :show
  96. expect(response).to redirect_to '/auth/sign_in'
  97. end
  98. end
  99. end