FIX: Admin user list not showing 2FA icon for only security keys enabled (#8839)

If someone only had security keys enabled, the icon to say they had 2FA enabled would not show in the admin staff user list. It would only show if they had TOTP enabled.
This commit is contained in:
Martin Brennan 2020-02-03 14:37:46 +10:00 committed by GitHub
parent 9a199be279
commit dd3a7f4825
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 5 deletions

View File

@ -109,7 +109,7 @@ class AdminUserListSerializer < BasicUserSerializer
def include_second_factor_enabled? def include_second_factor_enabled?
!SiteSetting.enable_sso && !SiteSetting.enable_sso &&
SiteSetting.enable_local_logins && SiteSetting.enable_local_logins &&
object.totps.present? object.has_any_second_factor_methods_enabled?
end end
def second_factor_enabled def second_factor_enabled

View File

@ -3,7 +3,7 @@
require 'rails_helper' require 'rails_helper'
describe AdminUserListSerializer do describe AdminUserListSerializer do
fab!(:user) { Fabricate(:user_second_factor_totp).user } fab!(:user) { Fabricate(:user) }
fab!(:admin) { Fabricate(:admin) } fab!(:admin) { Fabricate(:admin) }
let(:guardian) { Guardian.new(admin) } let(:guardian) { Guardian.new(admin) }
@ -11,10 +11,26 @@ describe AdminUserListSerializer do
AdminUserListSerializer.new(user, scope: guardian, root: false) AdminUserListSerializer.new(user, scope: guardian, root: false)
end end
it "returns the right values when user has second factor totp enabled" do context "when totp enabled" do
json = serializer.as_json before do
Fabricate(:user_second_factor_totp, user: user)
end
it "returns the right values" do
json = serializer.as_json
expect(json[:second_factor_enabled]).to eq(true) expect(json[:second_factor_enabled]).to eq(true)
end
end
context "when security keys enabled" do
before do
Fabricate(:user_security_key, user: user)
end
it "returns the right values" do
json = serializer.as_json
expect(json[:second_factor_enabled]).to eq(true)
end
end end
context "emails" do context "emails" do