From 7880671f3527b80de891053beaeae4a8a22c8c58 Mon Sep 17 00:00:00 2001 From: Kaylee Date: Tue, 2 May 2017 20:07:12 +0100 Subject: Add option to disable two factor auth in admin accounts panel. (#2584) * Add option to disable two factor auth in admin accounts panel. Closes #2578 * Add @mjankowski's suggestions. * Moves destroy actions behind User#disable_two_factor! * Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor! --- .../admin/two_factor_authentications_controller_spec.rb | 17 +++++++++++++++++ spec/models/user_spec.rb | 14 ++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 spec/controllers/admin/two_factor_authentications_controller_spec.rb (limited to 'spec') diff --git a/spec/controllers/admin/two_factor_authentications_controller_spec.rb b/spec/controllers/admin/two_factor_authentications_controller_spec.rb new file mode 100644 index 000000000..69f26039a --- /dev/null +++ b/spec/controllers/admin/two_factor_authentications_controller_spec.rb @@ -0,0 +1,17 @@ +require 'rails_helper' + +describe Admin::TwoFactorAuthenticationsController do + render_views + + let(:user) { Fabricate(:user) } + before do + sign_in Fabricate(:user, admin: true), scope: :user + end + + describe 'DELETE #destroy' do + it 'redirects to admin accounts page' do + delete :destroy, params: { user_id: user.id } + expect(response).to redirect_to(admin_accounts_path) + end + end +end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index a86bf4ece..fffd92e3d 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -126,6 +126,20 @@ RSpec.describe User, type: :model do end end + describe '#disable_two_factor!' do + it 'sets otp_required_for_login to false' do + user = Fabricate.build(:user, otp_required_for_login: true) + user.disable_two_factor! + expect(user.otp_required_for_login).to be false + end + + it 'clears otp_backup_codes' do + user = Fabricate.build(:user, otp_backup_codes: %w[dummy dummy]) + user.disable_two_factor! + expect(user.otp_backup_codes.empty?).to be true + end + end + describe 'whitelist' do around(:each) do |example| old_whitelist = Rails.configuration.x.email_whitelist -- cgit