From 112b1fa265f650c01eef2578e286214e3d82dcac Mon Sep 17 00:00:00 2001
From: Aboobacker MK <aboobacker@redpanthers.co>
Date: Sun, 21 Jan 2018 17:51:28 +0530
Subject: Redirect to 2FA creation page when otp_secret is not available
 (#6314)

---
 .../two_factor_authentication/confirmations_controller_spec.rb     | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'spec/controllers/settings')

diff --git a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
index 0676d6161..aee82a3d8 100644
--- a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
@@ -6,6 +6,7 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
   render_views
 
   let(:user) { Fabricate(:user, email: 'local-part@domain', otp_secret: 'thisisasecretforthespecofnewview') }
+  let(:user_without_otp_secret) { Fabricate(:user, email: 'local-part@domain') }
 
   shared_examples 'renders :new' do
     it 'renders the new view' do
@@ -33,6 +34,12 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
       get :new
       expect(response).to redirect_to('/auth/sign_in')
     end
+
+    it 'redirects if user do not have otp_secret' do
+      sign_in user_without_otp_secret, scope: :user
+      get :new
+      expect(response).to redirect_to('/settings/two_factor_authentication')
+    end
   end
 
   describe 'POST #create' do
-- 
cgit