Convert `settings/two_factor_authentication_methods` spec controller->system/request (#33914)

2025-02-13 05:50:04 -05:00 · 2025-02-13 05:50:04 -05:00 · 8f1b41622b
parent 62dc303d3c
commit 8f1b41622b
3 changed files with 76 additions and 79 deletions
--- a/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb
@ -1,79 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Settings::TwoFactorAuthenticationMethodsController do
-  render_views
-
-  context 'when not signed in' do
-    describe 'GET to #index' do
-      it 'redirects' do
-        get :index
-
-        expect(response).to redirect_to '/auth/sign_in'
-      end
-    end
-  end
-
-  context 'when signed in' do
-    let(:user) { Fabricate(:user) }
-
-    before do
-      sign_in user, scope: :user
-    end
-
-    describe 'GET #index' do
-      describe 'when user has enabled otp' do
-        before do
-          user.update(otp_required_for_login: true)
-          get :index
-        end
-
-        it 'returns http success with private cache control headers', :aggregate_failures do
-          expect(response).to have_http_status(200)
-          expect(response.headers['Cache-Control']).to include('private, no-store')
-        end
-      end
-
-      describe 'when user has not enabled otp' do
-        before do
-          user.update(otp_required_for_login: false)
-          get :index
-        end
-
-        it 'redirects to enable otp' do
-          expect(response).to redirect_to(settings_otp_authentication_path)
-        end
-      end
-    end
-
-    describe 'POST to #disable' do
-      before do
-        user.update(otp_required_for_login: true)
-      end
-
-      context 'when user has not passed challenge' do
-        it 'renders challenge page' do
-          post :disable
-
-          expect(response).to have_http_status(200)
-          expect(response).to render_template('auth/challenges/new')
-        end
-      end
-
-      context 'when user has passed challenge' do
-        before do
-          mailer = instance_double(ApplicationMailer::MessageDelivery, deliver_later!: true)
-          allow(UserMailer).to receive(:two_factor_disabled).with(user).and_return(mailer)
-        end
-
-        it 'redirects to settings page' do
-          post :disable, session: { challenge_passed_at: 10.minutes.ago }
-
-          expect(UserMailer).to have_received(:two_factor_disabled).with(user)
-          expect(response).to redirect_to(settings_otp_authentication_path)
-        end
-      end
-    end
-  end
-end
--- a/spec/requests/settings/two_factor_authentication_methods_spec.rb
+++ b/spec/requests/settings/two_factor_authentication_methods_spec.rb
@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Settings TwoFactorAuthenticationMethods' do
+  context 'when not signed in' do
+    describe 'GET to /settings/two_factor_authentication_methods' do
+      it 'redirects to sign in page' do
+        get settings_two_factor_authentication_methods_path
+
+        expect(response)
+          .to redirect_to(new_user_session_path)
+      end
+    end
+  end
+
+  context 'when signed in' do
+    let(:user) { Fabricate(:user) }
+
+    before { sign_in user }
+
+    describe 'GET to /settings/two_factor_authentication_methods' do
+      describe 'when user has not enabled otp' do
+        before { user.update(otp_required_for_login: false) }
+
+        it 'redirects to enable otp' do
+          get settings_two_factor_authentication_methods_path
+
+          expect(response)
+            .to redirect_to(settings_otp_authentication_path)
+        end
+      end
+    end
+  end
+end
--- a/spec/system/settings/two_factor_authentication_methods_spec.rb
+++ b/spec/system/settings/two_factor_authentication_methods_spec.rb
@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Settings TwoFactorAuthenticationMethods' do
+  context 'when signed in' do
+    let(:user) { Fabricate(:user) }
+
+    before { sign_in user }
+
+    describe 'Managing 2FA methods' do
+      before { user.update(otp_required_for_login: true) }
+
+      it 'disables 2FA with challenge confirmation', :inline_jobs do
+        visit settings_two_factor_authentication_methods_path
+        expect(page)
+          .to have_content(I18n.t('settings.two_factor_authentication'))
+          .and have_private_cache_control
+
+        # Attempt to disable
+        click_on I18n.t('two_factor_authentication.disable')
+        expect(page)
+          .to have_title(I18n.t('challenge.prompt'))
+
+        # Fill in challenge form
+        fill_in 'form_challenge_current_password', with: user.password
+        emails = capture_emails do
+          expect { click_on I18n.t('challenge.confirm') }
+            .to change { user.reload.otp_required_for_login }.to(false)
+        end
+
+        expect(page)
+          .to have_content(I18n.t('two_factor_authentication.disabled_success'))
+        expect(emails.first)
+          .to be_present
+          .and(deliver_to(user.email))
+          .and(have_subject(I18n.t('devise.mailer.two_factor_disabled.subject')))
+      end
+    end
+  end
+end