| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- # frozen_string_literal: true
- require 'rails_helper'
- describe Settings::TwoFactorAuthenticationMethodsController do
- render_views
- context 'when not signed in' do
- describe 'GET to #index' do
- it 'redirects' do
- get :index
- expect(response).to redirect_to '/auth/sign_in'
- end
- end
- end
- context 'when signed in' do
- let(:user) { Fabricate(:user) }
- before do
- sign_in user, scope: :user
- end
- describe 'GET #index' do
- describe 'when user has enabled otp' do
- before do
- user.update(otp_required_for_login: true)
- get :index
- end
- it 'returns http success' do
- expect(response).to have_http_status(200)
- end
- it 'returns private cache control headers' do
- expect(response.headers['Cache-Control']).to include('private, no-store')
- end
- end
- describe 'when user has not enabled otp' do
- before do
- user.update(otp_required_for_login: false)
- get :index
- end
- it 'redirects to enable otp' do
- expect(response).to redirect_to(settings_otp_authentication_path)
- end
- end
- end
- describe 'POST to #disable' do
- before do
- user.update(otp_required_for_login: true)
- end
- context 'when user has not passed challenge' do
- it 'renders challenge page' do
- post :disable
- expect(response).to have_http_status(200)
- expect(response).to render_template('auth/challenges/new')
- end
- end
- context 'when user has passed challenge' do
- before do
- mailer = instance_double(ApplicationMailer::MessageDelivery, deliver_later!: true)
- allow(UserMailer).to receive(:two_factor_disabled).with(user).and_return(mailer)
- end
- it 'redirects to settings page' do
- post :disable, session: { challenge_passed_at: 10.minutes.ago }
- expect(UserMailer).to have_received(:two_factor_disabled).with(user)
- expect(response).to redirect_to(settings_otp_authentication_path)
- end
- end
- end
- end
- end
|
