2021-09-30 18:11:31 +00:00
# frozen_string_literal: true
require 'spec_helper'
RSpec . describe 'Two factor auths' do
context 'when signed in' do
before do
2021-10-06 06:09:43 +00:00
sign_in ( user )
2021-09-30 18:11:31 +00:00
end
context 'when user has two-factor authentication disabled' do
2021-10-06 06:09:43 +00:00
let_it_be ( :user ) { create ( :user ) }
2021-09-30 18:11:31 +00:00
it 'requires the current password to set up two factor authentication' , :js do
visit profile_two_factor_auth_path
2021-10-06 06:09:43 +00:00
register_2fa ( user . current_otp , '123' )
2021-09-30 18:11:31 +00:00
expect ( page ) . to have_content ( 'You must provide a valid current password' )
register_2fa ( user . reload . current_otp , user . password )
expect ( page ) . to have_content ( 'Please copy, download, or print your recovery codes before proceeding.' )
click_button 'Copy codes'
click_link 'Proceed'
expect ( page ) . to have_content ( 'Status: Enabled' )
end
2021-10-06 06:09:43 +00:00
context 'when user authenticates with an external service' do
let_it_be ( :user ) { create ( :omniauth_user ) }
it 'does not require the current password to set up two factor authentication' , :js do
visit profile_two_factor_auth_path
2021-09-30 18:11:31 +00:00
2021-10-06 06:09:43 +00:00
fill_in 'pin_code' , with : user . current_otp
click_button 'Register with two-factor app'
expect ( page ) . to have_content ( 'Please copy, download, or print your recovery codes before proceeding.' )
click_button 'Copy codes'
click_link 'Proceed'
expect ( page ) . to have_content ( 'Status: Enabled' )
end
2021-09-30 18:11:31 +00:00
end
2021-11-16 09:13:21 +00:00
context 'when invalid pin is provided' do
let_it_be ( :user ) { create ( :omniauth_user ) }
it 'renders a error alert with a link to the troubleshooting section' do
visit profile_two_factor_auth_path
fill_in 'pin_code' , with : '123'
click_button 'Register with two-factor app'
expect ( page ) . to have_link ( 'Try the troubleshooting steps here.' , href : help_page_path ( 'user/profile/account/two_factor_authentication.md' , anchor : 'troubleshooting' ) )
end
end
2021-10-06 06:09:43 +00:00
end
context 'when user has two-factor authentication enabled' do
let_it_be ( :user ) { create ( :user , :two_factor ) }
2021-09-30 18:11:31 +00:00
it 'requires the current_password to disable two-factor authentication' , :js do
visit profile_two_factor_auth_path
fill_in 'current_password' , with : '123'
click_button 'Disable two-factor authentication'
2021-11-01 06:09:58 +00:00
page . within ( '[role="dialog"]' ) do
click_button 'Disable'
end
2021-09-30 18:11:31 +00:00
expect ( page ) . to have_content ( 'You must provide a valid current password' )
fill_in 'current_password' , with : user . password
click_button 'Disable two-factor authentication'
2021-11-01 06:09:58 +00:00
page . within ( '[role="dialog"]' ) do
click_button 'Disable'
end
2021-09-30 18:11:31 +00:00
expect ( page ) . to have_content ( 'Two-factor authentication has been disabled successfully!' )
expect ( page ) . to have_content ( 'Enable two-factor authentication' )
end
2021-10-06 06:09:43 +00:00
it 'requires the current_password to regenerate recovery codes' , :js do
2021-09-30 18:11:31 +00:00
visit profile_two_factor_auth_path
fill_in 'current_password' , with : '123'
click_button 'Regenerate recovery codes'
expect ( page ) . to have_content ( 'You must provide a valid current password' )
fill_in 'current_password' , with : user . password
click_button 'Regenerate recovery codes'
expect ( page ) . to have_content ( 'Please copy, download, or print your recovery codes before proceeding.' )
end
2021-10-06 06:09:43 +00:00
context 'when user authenticates with an external service' do
let_it_be ( :user ) { create ( :omniauth_user , :two_factor ) }
it 'does not require the current_password to disable two-factor authentication' , :js do
visit profile_two_factor_auth_path
click_button 'Disable two-factor authentication'
2021-11-01 06:09:58 +00:00
page . within ( '[role="dialog"]' ) do
click_button 'Disable'
end
2021-10-06 06:09:43 +00:00
expect ( page ) . to have_content ( 'Two-factor authentication has been disabled successfully!' )
expect ( page ) . to have_content ( 'Enable two-factor authentication' )
end
it 'does not require the current_password to regenerate recovery codes' , :js do
visit profile_two_factor_auth_path
click_button 'Regenerate recovery codes'
expect ( page ) . to have_content ( 'Please copy, download, or print your recovery codes before proceeding.' )
end
end
2021-09-30 18:11:31 +00:00
end
def register_2fa ( pin , password )
fill_in 'pin_code' , with : pin
fill_in 'current_password' , with : password
click_button 'Register with two-factor app'
end
end
end