From 8f1b41622bfce44d65fb4755b65b638291ce0ad9 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 13 Feb 2025 05:50:04 -0500 Subject: [PATCH] Convert `settings/two_factor_authentication_methods` spec controller->system/request (#33914) --- ..._authentication_methods_controller_spec.rb | 79 ------------------- .../two_factor_authentication_methods_spec.rb | 35 ++++++++ .../two_factor_authentication_methods_spec.rb | 41 ++++++++++ 3 files changed, 76 insertions(+), 79 deletions(-) delete mode 100644 spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb create mode 100644 spec/requests/settings/two_factor_authentication_methods_spec.rb create mode 100644 spec/system/settings/two_factor_authentication_methods_spec.rb diff --git a/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb b/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb deleted file mode 100644 index c55f113d4d..0000000000 --- a/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb +++ /dev/null @@ -1,79 +0,0 @@ -# frozen_string_literal: true - -require 'rails_helper' - -RSpec.describe Settings::TwoFactorAuthenticationMethodsController do - render_views - - context 'when not signed in' do - describe 'GET to #index' do - it 'redirects' do - get :index - - expect(response).to redirect_to '/auth/sign_in' - end - end - end - - context 'when signed in' do - let(:user) { Fabricate(:user) } - - before do - sign_in user, scope: :user - end - - describe 'GET #index' do - describe 'when user has enabled otp' do - before do - user.update(otp_required_for_login: true) - get :index - end - - it 'returns http success with private cache control headers', :aggregate_failures do - expect(response).to have_http_status(200) - expect(response.headers['Cache-Control']).to include('private, no-store') - end - end - - describe 'when user has not enabled otp' do - before do - user.update(otp_required_for_login: false) - get :index - end - - it 'redirects to enable otp' do - expect(response).to redirect_to(settings_otp_authentication_path) - end - end - end - - describe 'POST to #disable' do - before do - user.update(otp_required_for_login: true) - end - - context 'when user has not passed challenge' do - it 'renders challenge page' do - post :disable - - expect(response).to have_http_status(200) - expect(response).to render_template('auth/challenges/new') - end - end - - context 'when user has passed challenge' do - before do - mailer = instance_double(ApplicationMailer::MessageDelivery, deliver_later!: true) - allow(UserMailer).to receive(:two_factor_disabled).with(user).and_return(mailer) - end - - it 'redirects to settings page' do - post :disable, session: { challenge_passed_at: 10.minutes.ago } - - expect(UserMailer).to have_received(:two_factor_disabled).with(user) - expect(response).to redirect_to(settings_otp_authentication_path) - end - end - end - end -end diff --git a/spec/requests/settings/two_factor_authentication_methods_spec.rb b/spec/requests/settings/two_factor_authentication_methods_spec.rb new file mode 100644 index 0000000000..2fda5ce919 --- /dev/null +++ b/spec/requests/settings/two_factor_authentication_methods_spec.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Settings TwoFactorAuthenticationMethods' do + context 'when not signed in' do + describe 'GET to /settings/two_factor_authentication_methods' do + it 'redirects to sign in page' do + get settings_two_factor_authentication_methods_path + + expect(response) + .to redirect_to(new_user_session_path) + end + end + end + + context 'when signed in' do + let(:user) { Fabricate(:user) } + + before { sign_in user } + + describe 'GET to /settings/two_factor_authentication_methods' do + describe 'when user has not enabled otp' do + before { user.update(otp_required_for_login: false) } + + it 'redirects to enable otp' do + get settings_two_factor_authentication_methods_path + + expect(response) + .to redirect_to(settings_otp_authentication_path) + end + end + end + end +end diff --git a/spec/system/settings/two_factor_authentication_methods_spec.rb b/spec/system/settings/two_factor_authentication_methods_spec.rb new file mode 100644 index 0000000000..bed226deb5 --- /dev/null +++ b/spec/system/settings/two_factor_authentication_methods_spec.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Settings TwoFactorAuthenticationMethods' do + context 'when signed in' do + let(:user) { Fabricate(:user) } + + before { sign_in user } + + describe 'Managing 2FA methods' do + before { user.update(otp_required_for_login: true) } + + it 'disables 2FA with challenge confirmation', :inline_jobs do + visit settings_two_factor_authentication_methods_path + expect(page) + .to have_content(I18n.t('settings.two_factor_authentication')) + .and have_private_cache_control + + # Attempt to disable + click_on I18n.t('two_factor_authentication.disable') + expect(page) + .to have_title(I18n.t('challenge.prompt')) + + # Fill in challenge form + fill_in 'form_challenge_current_password', with: user.password + emails = capture_emails do + expect { click_on I18n.t('challenge.confirm') } + .to change { user.reload.otp_required_for_login }.to(false) + end + + expect(page) + .to have_content(I18n.t('two_factor_authentication.disabled_success')) + expect(emails.first) + .to be_present + .and(deliver_to(user.email)) + .and(have_subject(I18n.t('devise.mailer.two_factor_disabled.subject'))) + end + end + end +end