Clean up two_factor_authentication/confirmations controller spec (#28128)

This commit is contained in:
Matt Jankowski 2023-11-30 06:44:42 -05:00 committed by GitHub
parent e6fd9a59e6
commit ce78a9c9ac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -20,37 +20,30 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
[true, false].each do |with_otp_secret| [true, false].each do |with_otp_secret|
let(:user) { Fabricate(:user, email: 'local-part@domain', otp_secret: with_otp_secret ? 'oldotpsecret' : nil) } let(:user) { Fabricate(:user, email: 'local-part@domain', otp_secret: with_otp_secret ? 'oldotpsecret' : nil) }
context 'when signed in' do
before { sign_in user, scope: :user }
describe 'GET #new' do describe 'GET #new' do
context 'when signed in and a new otp secret has been set in the session' do context 'when a new otp secret has been set in the session' do
subject do subject do
sign_in user, scope: :user
get :new, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' } get :new, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' }
end end
include_examples 'renders :new' include_examples 'renders :new'
end end
it 'redirects if not signed in' do
get :new
expect(response).to redirect_to('/auth/sign_in')
end
it 'redirects if a new otp_secret has not been set in the session' do it 'redirects if a new otp_secret has not been set in the session' do
sign_in user, scope: :user
get :new, session: { challenge_passed_at: Time.now.utc } get :new, session: { challenge_passed_at: Time.now.utc }
expect(response).to redirect_to('/settings/otp_authentication') expect(response).to redirect_to('/settings/otp_authentication')
end end
end end
describe 'POST #create' do describe 'POST #create' do
context 'when signed in' do
before do
sign_in user, scope: :user
end
describe 'when form_two_factor_confirmation parameter is not provided' do describe 'when form_two_factor_confirmation parameter is not provided' do
it 'raises ActionController::ParameterMissing' do it 'raises ActionController::ParameterMissing' do
post :create, params: {}, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' } post :create, params: {}, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' }
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
end end
@ -58,22 +51,49 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
describe 'when creation succeeds' do describe 'when creation succeeds' do
let!(:otp_backup_codes) { user.generate_otp_backup_codes! } let!(:otp_backup_codes) { user.generate_otp_backup_codes! }
it 'renders page with success' do before do
prepare_user_otp_generation prepare_user_otp_generation
prepare_user_otp_consumption prepare_user_otp_consumption_response(true)
allow(controller).to receive(:current_user).and_return(user) allow(controller).to receive(:current_user).and_return(user)
end
expect do it 'renders page with success' do
post :create, expect { post_create_with_options }
params: { form_two_factor_confirmation: { otp_attempt: '123456' } }, .to change { user.reload.otp_secret }.to 'thisisasecretforthespecofnewview'
session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' }
end.to change { user.reload.otp_secret }.to 'thisisasecretforthespecofnewview'
expect(assigns(:recovery_codes)).to eq otp_backup_codes expect(assigns(:recovery_codes)).to eq otp_backup_codes
expect(flash[:notice]).to eq 'Two-factor authentication successfully enabled' expect(flash[:notice]).to eq 'Two-factor authentication successfully enabled'
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
expect(response).to render_template('settings/two_factor_authentication/recovery_codes/index') expect(response).to render_template('settings/two_factor_authentication/recovery_codes/index')
end end
end
describe 'when creation fails' do
subject do
expect { post_create_with_options }
.to(not_change { user.reload.otp_secret })
end
before do
prepare_user_otp_consumption_response(false)
allow(controller).to receive(:current_user).and_return(user)
end
it 'renders page with error message' do
subject
expect(response.body).to include 'The entered code was invalid! Are server time and device time correct?'
end
include_examples 'renders :new'
end
private
def post_create_with_options
post :create,
params: { form_two_factor_confirmation: { otp_attempt: '123456' } },
session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' }
end
def prepare_user_otp_generation def prepare_user_otp_generation
allow(user) allow(user)
@ -81,46 +101,28 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
.and_return(otp_backup_codes) .and_return(otp_backup_codes)
end end
def prepare_user_otp_consumption def prepare_user_otp_consumption_response(result)
options = { otp_secret: 'thisisasecretforthespecofnewview' } options = { otp_secret: 'thisisasecretforthespecofnewview' }
allow(user) allow(user)
.to receive(:validate_and_consume_otp!) .to receive(:validate_and_consume_otp!)
.with('123456', options) .with('123456', options)
.and_return(true) .and_return(result)
end end
end end
describe 'when creation fails' do
subject do
options = { otp_secret: 'thisisasecretforthespecofnewview' }
allow(user)
.to receive(:validate_and_consume_otp!)
.with('123456', options)
.and_return(false)
allow(controller).to receive(:current_user).and_return(user)
expect do
post :create,
params: { form_two_factor_confirmation: { otp_attempt: '123456' } },
session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' }
end.to(not_change { user.reload.otp_secret })
end
it 'renders the new view' do
subject
expect(response.body).to include 'The entered code was invalid! Are server time and device time correct?'
end
include_examples 'renders :new'
end end
end end
context 'when not signed in' do context 'when not signed in' do
it 'redirects if not signed in' do it 'redirects on POST to create' do
post :create, params: { form_two_factor_confirmation: { otp_attempt: '123456' } } post :create, params: { form_two_factor_confirmation: { otp_attempt: '123456' } }
expect(response).to redirect_to('/auth/sign_in')
end
it 'redirects on GET to new' do
get :new
expect(response).to redirect_to('/auth/sign_in') expect(response).to redirect_to('/auth/sign_in')
end end
end end
end
end
end end