diff options
Diffstat (limited to 'spec/services/two_factor/destroy_service_spec.rb')
-rw-r--r-- | spec/services/two_factor/destroy_service_spec.rb | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/spec/services/two_factor/destroy_service_spec.rb b/spec/services/two_factor/destroy_service_spec.rb new file mode 100644 index 00000000000..3df4d1593c6 --- /dev/null +++ b/spec/services/two_factor/destroy_service_spec.rb @@ -0,0 +1,97 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe TwoFactor::DestroyService do + let_it_be(:current_user) { create(:user) } + + subject { described_class.new(current_user, user: user).execute } + + context 'disabling two-factor authentication' do + shared_examples_for 'does not send notification email' do + context 'notification', :mailer do + it 'does not send a notification' do + perform_enqueued_jobs do + subject + end + + should_not_email(user) + end + end + end + + context 'when the user does not have two-factor authentication enabled' do + let(:user) { current_user } + + it 'returns error' do + expect(subject).to eq( + { + status: :error, + message: 'Two-factor authentication is not enabled for this user' + } + ) + end + + it_behaves_like 'does not send notification email' + end + + context 'when the user has two-factor authentication enabled' do + context 'when the executor is not authorized to disable two-factor authentication' do + context 'disabling the two-factor authentication of another user' do + let(:user) { create(:user, :two_factor) } + + it 'returns error' do + expect(subject).to eq( + { + status: :error, + message: 'You are not authorized to perform this action' + } + ) + end + + it 'does not disable two-factor authentication' do + expect { subject }.not_to change { user.reload.two_factor_enabled? }.from(true) + end + + it_behaves_like 'does not send notification email' + end + end + + context 'when the executor is authorized to disable two-factor authentication' do + shared_examples_for 'disables two-factor authentication' do + it 'returns success' do + expect(subject).to eq({ status: :success }) + end + + it 'disables the two-factor authentication of the user' do + expect { subject }.to change { user.reload.two_factor_enabled? }.from(true).to(false) + end + + context 'notification', :mailer do + it 'sends a notification' do + perform_enqueued_jobs do + subject + end + + should_email(user) + end + end + end + + context 'disabling their own two-factor authentication' do + let(:current_user) { create(:user, :two_factor) } + let(:user) { current_user } + + it_behaves_like 'disables two-factor authentication' + end + + context 'admin disables the two-factor authentication of another user' do + let(:current_user) { create(:admin) } + let(:user) { create(:user, :two_factor) } + + it_behaves_like 'disables two-factor authentication' + end + end + end + end +end |