diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 18:35:06 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 18:35:06 +0300 |
commit | 012cbda407a30ab14e57ece581d720b22b47fe5a (patch) | |
tree | 62a559d2a0843d2d9700af1bb01a15cbfcee2190 /spec/features | |
parent | 92acfb1b8a9019b3fa3c817d251b2624d55da26d (diff) |
Add latest changes from gitlab-org/gitlab@14-3-stable-ee
Diffstat (limited to 'spec/features')
-rw-r--r-- | spec/features/profiles/two_factor_auths_spec.rb | 59 |
1 files changed, 46 insertions, 13 deletions
diff --git a/spec/features/profiles/two_factor_auths_spec.rb b/spec/features/profiles/two_factor_auths_spec.rb index e1feca5031a..7f3ce617846 100644 --- a/spec/features/profiles/two_factor_auths_spec.rb +++ b/spec/features/profiles/two_factor_auths_spec.rb @@ -5,20 +5,16 @@ require 'spec_helper' RSpec.describe 'Two factor auths' do context 'when signed in' do before do - allow(Gitlab).to receive(:com?) { true } + sign_in(user) end context 'when user has two-factor authentication disabled' do - let(:user) { create(:user ) } - - before do - sign_in(user) - end + let_it_be(:user) { create(:user ) } it 'requires the current password to set up two factor authentication', :js do visit profile_two_factor_auth_path - register_2fa(user.reload.current_otp, '123') + register_2fa(user.current_otp, '123') expect(page).to have_content('You must provide a valid current password') @@ -31,14 +27,28 @@ RSpec.describe 'Two factor auths' do expect(page).to have_content('Status: Enabled') end - end - context 'when user has two-factor authentication enabled' do - let(:user) { create(:user, :two_factor) } + context 'when user authenticates with an external service' do + let_it_be(:user) { create(:omniauth_user, password_automatically_set: true) } + + it 'does not require the current password to set up two factor authentication', :js do + visit profile_two_factor_auth_path - before do - sign_in(user) + fill_in 'pin_code', with: user.current_otp + click_button 'Register with two-factor app' + + expect(page).to have_content('Please copy, download, or print your recovery codes before proceeding.') + + click_button 'Copy codes' + click_link 'Proceed' + + expect(page).to have_content('Status: Enabled') + end end + end + + context 'when user has two-factor authentication enabled' do + let_it_be(:user) { create(:user, :two_factor) } it 'requires the current_password to disable two-factor authentication', :js do visit profile_two_factor_auth_path @@ -61,7 +71,7 @@ RSpec.describe 'Two factor auths' do expect(page).to have_content('Enable two-factor authentication') end - it 'requires the current_password to regernate recovery codes', :js do + it 'requires the current_password to regenerate recovery codes', :js do visit profile_two_factor_auth_path fill_in 'current_password', with: '123' @@ -76,6 +86,29 @@ RSpec.describe 'Two factor auths' do expect(page).to have_content('Please copy, download, or print your recovery codes before proceeding.') end + + context 'when user authenticates with an external service' do + let_it_be(:user) { create(:omniauth_user, :two_factor, password_automatically_set: true) } + + it 'does not require the current_password to disable two-factor authentication', :js do + visit profile_two_factor_auth_path + + click_button 'Disable two-factor authentication' + + page.accept_alert + + expect(page).to have_content('Two-factor authentication has been disabled successfully!') + expect(page).to have_content('Enable two-factor authentication') + end + + it 'does not require the current_password to regenerate recovery codes', :js do + visit profile_two_factor_auth_path + + click_button 'Regenerate recovery codes' + + expect(page).to have_content('Please copy, download, or print your recovery codes before proceeding.') + end + end end def register_2fa(pin, password) |