From 298eb449f3365a8f753dc6c08b51e2a8cb6e972c Mon Sep 17 00:00:00 2001 From: Timothy Andrew Date: Tue, 14 Jun 2016 09:48:52 +0530 Subject: Update `u2f_spec` to cover U2F being disabled until authenticator is set up. --- spec/features/u2f_spec.rb | 57 +++++++++++++++++++---------------------------- 1 file changed, 23 insertions(+), 34 deletions(-) (limited to 'spec/features/u2f_spec.rb') diff --git a/spec/features/u2f_spec.rb b/spec/features/u2f_spec.rb index 366a90228b1..14613754f74 100644 --- a/spec/features/u2f_spec.rb +++ b/spec/features/u2f_spec.rb @@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: describe "registration" do let(:user) { create(:user) } - before { login_as(user) } - describe 'when 2FA via OTP is disabled' do - it 'allows registering a new device' do - visit profile_account_path - click_on 'Enable Two-Factor Authentication' - - register_u2f_device + before do + login_as(user) + user.update_attribute(:otp_required_for_login, true) + end - expect(page.body).to match('Your U2F device was registered') - end + describe 'when 2FA via OTP is disabled' do + before { user.update_attribute(:otp_required_for_login, false) } - it 'allows registering more than one device' do + it 'does not allow registering a new device' do visit profile_account_path - - # First device click_on 'Enable Two-Factor Authentication' - register_u2f_device - expect(page.body).to match('Your U2F device was registered') - - # Second device - click_on 'Manage Two-Factor Authentication' - register_u2f_device - expect(page.body).to match('Your U2F device was registered') - click_on 'Manage Two-Factor Authentication' - expect(page.body).to match('You have 2 U2F devices registered') + expect(page).to have_button('Setup New U2F Device', disabled: true) end end describe 'when 2FA via OTP is enabled' do - before { user.update_attributes(otp_required_for_login: true) } - it 'allows registering a new device' do visit profile_account_path click_on 'Manage Two-Factor Authentication' @@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: click_on 'Manage Two-Factor Authentication' register_u2f_device expect(page.body).to match('Your U2F device was registered') - click_on 'Manage Two-Factor Authentication' expect(page.body).to match('You have 2 U2F devices registered') end @@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: it 'allows the same device to be registered for multiple users' do # First user visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' u2f_device = register_u2f_device expect(page.body).to match('Your U2F device was registered') logout # Second user - login_as(:user) + user = login_as(:user) + user.update_attribute(:otp_required_for_login, true) visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' register_u2f_device(u2f_device) expect(page.body).to match('Your U2F device was registered') @@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: context "when there are form errors" do it "doesn't register the device if there are errors" do visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' # Have the "u2f device" respond with bad data page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };") @@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: it "allows retrying registration" do visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' # Failed registration page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };") @@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: before do # Register and logout login_as(user) + user.update_attribute(:otp_required_for_login, true) visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' @u2f_device = register_u2f_device logout end @@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: describe "when 2FA via OTP is enabled" do it "allows logging in with the U2F device" do - user.update_attributes(otp_required_for_login: true) + user.update_attribute(:otp_required_for_login, true) login_with(user) @u2f_device.respond_to_u2f_authentication @@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: it "does not allow logging in with that particular device" do # Register current user with the different U2F device current_user = login_as(:user) + current_user.update_attribute(:otp_required_for_login, true) visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' register_u2f_device logout @@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: it "allows logging in with that particular device" do # Register current user with the same U2F device current_user = login_as(:user) + current_user.update_attribute(:otp_required_for_login, true) visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' register_u2f_device(@u2f_device) logout @@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature: before do login_as(user) + user.update_attribute(:otp_required_for_login, true) visit profile_account_path - click_on 'Enable Two-Factor Authentication' + click_on 'Manage Two-Factor Authentication' register_u2f_device end -- cgit v1.2.3