require 'rails_helper' RSpec.describe Admin::UsersController do let(:admin) { Fabricate(:admin) } let(:user) { Fabricate(:user) } describe '#disable_second_factor' do let(:second_factor) { user.create_totp } describe 'as an admin' do before do sign_in(admin) second_factor expect(user.reload.user_second_factor).to eq(second_factor) end it 'should able to disable the second factor for another user' do SiteSetting.queue_jobs = true expect do put "/admin/users/#{user.id}/disable_second_factor.json" end.to change { Jobs::CriticalUserEmail.jobs.length }.by(1) expect(response.status).to eq(200) expect(user.reload.user_second_factor).to eq(nil) job_args = Jobs::CriticalUserEmail.jobs.first["args"].first expect(job_args["user_id"]).to eq(user.id) expect(job_args["type"]).to eq('account_second_factor_disabled') end it 'should not be able to disable the second factor for the current user' do put "/admin/users/#{admin.id}/disable_second_factor.json" expect(response.status).to eq(403) end describe 'when user does not have second factor enabled' do it 'should raise the right error' do user.user_second_factor.destroy! put "/admin/users/#{user.id}/disable_second_factor.json" expect(response.status).to eq(400) end end end end end