59 lines
1.7 KiB
Ruby
59 lines
1.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'rails_helper'
|
|
require 'webauthn/fake_client'
|
|
|
|
RSpec.describe 'Admin Users TwoFactorAuthentications' do
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
before { sign_in Fabricate(:admin_user) }
|
|
|
|
describe 'Disabling 2FA for users' do
|
|
before { stub_webauthn_credential }
|
|
|
|
let(:fake_client) { WebAuthn::FakeClient.new('http://test.host') }
|
|
|
|
context 'when user has OTP enabled' do
|
|
before { user.update(otp_required_for_login: true) }
|
|
|
|
it 'disables OTP and redirects to admin account page' do
|
|
visit admin_account_path(user.account.id)
|
|
|
|
expect { disable_two_factor }
|
|
.to change { user.reload.otp_enabled? }.to(false)
|
|
expect(page)
|
|
.to have_title(user.account.pretty_acct)
|
|
end
|
|
end
|
|
|
|
context 'when user has OTP and WebAuthn enabled' do
|
|
before { user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id) }
|
|
|
|
it 'disables OTP and webauthn and redirects to admin account page' do
|
|
visit admin_account_path(user.account.id)
|
|
|
|
expect { disable_two_factor }
|
|
.to change { user.reload.otp_enabled? }.to(false)
|
|
.and(change { user.reload.webauthn_enabled? }.to(false))
|
|
expect(page)
|
|
.to have_title(user.account.pretty_acct)
|
|
end
|
|
end
|
|
|
|
def disable_two_factor
|
|
click_on I18n.t('admin.accounts.disable_two_factor_authentication')
|
|
end
|
|
|
|
def stub_webauthn_credential
|
|
public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
|
|
Fabricate(
|
|
:webauthn_credential,
|
|
external_id: public_key_credential.id,
|
|
nickname: 'Security Key',
|
|
public_key: public_key_credential.public_key,
|
|
user_id: user.id
|
|
)
|
|
end
|
|
end
|
|
end
|