diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 18:35:06 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 18:35:06 +0300 |
commit | 012cbda407a30ab14e57ece581d720b22b47fe5a (patch) | |
tree | 62a559d2a0843d2d9700af1bb01a15cbfcee2190 /spec/controllers | |
parent | 92acfb1b8a9019b3fa3c817d251b2624d55da26d (diff) |
Add latest changes from gitlab-org/gitlab@14-3-stable-ee
Diffstat (limited to 'spec/controllers')
-rw-r--r-- | spec/controllers/profiles/two_factor_auths_controller_spec.rb | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb index a0e2cf671af..ca63760d988 100644 --- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb +++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb @@ -37,11 +37,12 @@ RSpec.describe Profiles::TwoFactorAuthsController do shared_examples 'user must enter a valid current password' do let(:current_password) { '123' } + let(:redirect_path) { profile_two_factor_auth_path } it 'requires the current password', :aggregate_failures do go - expect(response).to redirect_to(profile_two_factor_auth_path) + expect(response).to redirect_to(redirect_path) expect(flash[:alert]).to eq(_('You must provide a valid current password')) end @@ -54,6 +55,19 @@ RSpec.describe Profiles::TwoFactorAuthsController do expect(user.reload).to be_access_locked end end + + context 'when user authenticates with an external service' do + before do + allow(user).to receive(:password_automatically_set?).and_return(true) + end + + it 'does not require the current password', :aggregate_failures do + go + + expect(response).not_to redirect_to(redirect_path) + expect(flash[:alert]).to be_nil + end + end end describe 'GET show' do @@ -194,7 +208,9 @@ RSpec.describe Profiles::TwoFactorAuthsController do end describe 'DELETE destroy' do - subject { delete :destroy, params: { current_password: current_password } } + def go + delete :destroy, params: { current_password: current_password } + end let(:current_password) { user.password } @@ -202,40 +218,38 @@ RSpec.describe Profiles::TwoFactorAuthsController do let_it_be_with_reload(:user) { create(:user, :two_factor) } it 'disables two factor' do - subject + go expect(user.reload.two_factor_enabled?).to eq(false) end it 'redirects to profile_account_path' do - subject + go expect(response).to redirect_to(profile_account_path) end it 'displays a notice on success' do - subject + go expect(flash[:notice]) .to eq _('Two-factor authentication has been disabled successfully!') end - it_behaves_like 'user must enter a valid current password' do - let(:go) { delete :destroy, params: { current_password: current_password } } - end + it_behaves_like 'user must enter a valid current password' end context 'for a user that does not have 2FA enabled' do let_it_be_with_reload(:user) { create(:user) } it 'redirects to profile_account_path' do - subject + go expect(response).to redirect_to(profile_account_path) end it 'displays an alert on failure' do - subject + go expect(flash[:alert]) .to eq _('Two-factor authentication is not enabled for this user') |