2024-10-15 18:11:29 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
RSpec.describe "tasks/users" do
|
|
|
|
describe "users:disable_2fa" do
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
it "should remove all 2fa methods for user with given username" do
|
|
|
|
Fabricate(:user_second_factor_totp, user: user, name: "TOTP", enabled: true)
|
|
|
|
Fabricate(:user_second_factor_totp, user: user, name: "TOTP2", enabled: true)
|
|
|
|
Fabricate(
|
|
|
|
:user_security_key_with_random_credential,
|
|
|
|
user: user,
|
|
|
|
name: "YubiKey",
|
|
|
|
enabled: true,
|
|
|
|
)
|
|
|
|
Fabricate(:passkey_with_random_credential, user: user) # This should not be removed
|
|
|
|
|
|
|
|
backup_codes = user.generate_backup_codes
|
|
|
|
|
|
|
|
expect(backup_codes.length).to be 10
|
|
|
|
expect(user.user_second_factors.backup_codes).to be_present
|
|
|
|
expect(user.user_second_factors.totps.count).to eq(2)
|
|
|
|
expect(user.second_factor_security_keys.count).to eq(1)
|
|
|
|
|
2024-11-19 23:17:36 -05:00
|
|
|
stdout = capture_stdout { invoke_rake_task("users:disable_2fa", user.username) }
|
2024-10-15 18:11:29 -04:00
|
|
|
user.reload
|
|
|
|
|
|
|
|
expect(stdout.chomp).to eq("2FA disabled for #{user.username}")
|
|
|
|
expect(user.user_second_factors.totps.count).to eq(0)
|
|
|
|
expect(user.second_factor_security_keys.count).to eq(0)
|
|
|
|
expect(user.user_second_factors.backup_codes.count).to eq(0)
|
|
|
|
expect(user.passkey_credential_ids.count).to eq(1)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|