Convert admin/users/two_factor_authentications spec controller->system (#34216)

2025-03-21 03:41:38 -04:00
parent 469cfc5430
commit a2981a0997
2 changed files with 58 additions and 54 deletions
--- a/spec/controllers/admin/users/two_factor_authentications_controller_spec.rb
+++ b/spec/controllers/admin/users/two_factor_authentications_controller_spec.rb
@@ -1,54 +0,0 @@
 # frozen_string_literal: true
 require 'rails_helper'
 require 'webauthn/fake_client'
 RSpec.describe Admin::Users::TwoFactorAuthenticationsController do
  render_views
  let(:user) { Fabricate(:user) }
  before do
    sign_in Fabricate(:admin_user), scope: :user
  end
  describe 'DELETE #destroy' do
    context 'when user has OTP enabled' do
      before do
        user.update(otp_required_for_login: true)
      end
      it 'redirects to admin account page' do
        delete :destroy, params: { user_id: user.id }
        user.reload
        expect(user.otp_enabled?).to be false
        expect(response).to redirect_to(admin_account_path(user.account_id))
      end
    end
    context 'when user has OTP and WebAuthn enabled' do
      let(:fake_client) { WebAuthn::FakeClient.new('http://test.host') }
      before do
        user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id)
        public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
        Fabricate(:webauthn_credential,
                  user_id: user.id,
                  external_id: public_key_credential.id,
                  public_key: public_key_credential.public_key,
                  nickname: 'Security Key')
      end
      it 'redirects to admin account page' do
        delete :destroy, params: { user_id: user.id }
        user.reload
        expect(user.otp_enabled?).to be false
        expect(user.webauthn_enabled?).to be false
        expect(response).to redirect_to(admin_account_path(user.account_id))
      end
    end
  end
 end
--- a/spec/system/admin/users/two_factor_authentications_spec.rb
+++ b/spec/system/admin/users/two_factor_authentications_spec.rb
@@ -0,0 +1,58 @@
 # frozen_string_literal: true
 require 'rails_helper'
 require 'webauthn/fake_client'
 RSpec.describe 'Admin Users TwoFactorAuthentications' do
  let(:user) { Fabricate(:user) }
  before { sign_in Fabricate(:admin_user) }
  describe 'Disabling 2FA for users' do
    before { stub_webauthn_credential }
    let(:fake_client) { WebAuthn::FakeClient.new('http://test.host') }
    context 'when user has OTP enabled' do
      before { user.update(otp_required_for_login: true) }
      it 'disables OTP and redirects to admin account page' do
        visit admin_account_path(user.account.id)
        expect { disable_two_factor }
          .to change { user.reload.otp_enabled? }.to(false)
        expect(page)
          .to have_title(user.account.pretty_acct)
      end
    end
    context 'when user has OTP and WebAuthn enabled' do
      before { user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id) }
      it 'disables OTP and webauthn and redirects to admin account page' do
        visit admin_account_path(user.account.id)
        expect { disable_two_factor }
          .to change { user.reload.otp_enabled? }.to(false)
          .and(change { user.reload.webauthn_enabled? }.to(false))
        expect(page)
          .to have_title(user.account.pretty_acct)
      end
    end
    def disable_two_factor
      click_on I18n.t('admin.accounts.disable_two_factor_authentication')
    end
    def stub_webauthn_credential
      public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
      Fabricate(
        :webauthn_credential,
        external_id: public_key_credential.id,
        nickname: 'Security Key',
        public_key: public_key_credential.public_key,
        user_id: user.id
      )
    end
  end
 end