diff options
| author | beatrix-bitrot <beatrix.bitrot@gmail.com> | 2017-06-27 20:46:13 +0000 |
|---|---|---|
| committer | beatrix-bitrot <beatrix.bitrot@gmail.com> | 2017-06-27 20:46:13 +0000 |
| commit | ddafde942ca53816c19b0ea0cb40bb1b46cf5668 (patch) | |
| tree | c0ac2138fe994c4c2a15c23b47d4155f75148945 /spec/controllers/settings/two_factor_authentications_controller_spec.rb | |
| parent | e6300de1421d28d173658e61601b9e016c3d0a6d (diff) | |
| parent | da42bfadb58888e3a18afd66395f0f3edc2fa622 (diff) | |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'spec/controllers/settings/two_factor_authentications_controller_spec.rb')
| -rw-r--r-- | spec/controllers/settings/two_factor_authentications_controller_spec.rb | 40 |
1 files changed, 34 insertions, 6 deletions
diff --git a/spec/controllers/settings/two_factor_authentications_controller_spec.rb b/spec/controllers/settings/two_factor_authentications_controller_spec.rb index 4d1a01fcf..6c49f6f0d 100644 --- a/spec/controllers/settings/two_factor_authentications_controller_spec.rb +++ b/spec/controllers/settings/two_factor_authentications_controller_spec.rb @@ -79,13 +79,41 @@ describe Settings::TwoFactorAuthenticationsController do user.update(otp_required_for_login: true) end - it 'turns off otp requirement if signed in' do - sign_in user, scope: :user - post :destroy + context 'when signed in' do + before do + sign_in user, scope: :user + end - expect(response).to redirect_to(settings_two_factor_authentication_path) - user.reload - expect(user.otp_required_for_login).to eq(false) + it 'turns off otp requirement with correct code' do + expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg| + expect(value).to eq user + expect(arg).to eq '123456' + true + end + + post :destroy, params: { form_two_factor_confirmation: { code: '123456' } } + + expect(response).to redirect_to(settings_two_factor_authentication_path) + user.reload + expect(user.otp_required_for_login).to eq(false) + end + + it 'does not turn off otp if code is incorrect' do + expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, arg| + expect(value).to eq user + expect(arg).to eq '057772' + false + end + + post :destroy, params: { form_two_factor_confirmation: { code: '057772' } } + + user.reload + expect(user.otp_required_for_login).to eq(true) + end + + it 'raises ActionController::ParameterMissing if code is missing' do + expect { post :destroy }.to raise_error(ActionController::ParameterMissing) + end end it 'redirects if not signed in' do |