Review Changes for f4f8a293e7.

2025-05-22 07:53:49 +08:00 · 2018-02-20 14:44:51 +08:00
parent f4f8a293e7
commit 14f3594f9f
47 changed files with 843 additions and 492 deletions
--- a/spec/requests/admin/users_controller_spec.rb
+++ b/spec/requests/admin/users_controller_spec.rb
@ -0,0 +1,50 @@
+require 'rails_helper'
+
+RSpec.describe Admin::UsersController do
+  let(:admin) { Fabricate(:admin) }
+  let(:user) { Fabricate(:user) }
+
+  describe '#disable_second_factor' do
+    let(:second_factor) { user.create_totp }
+
+    describe 'as an admin' do
+      before do
+        sign_in(admin)
+        second_factor
+        expect(user.reload.user_second_factor).to eq(second_factor)
+      end
+
+      it 'should able to disable the second factor for another user' do
+        SiteSetting.queue_jobs = true
+
+        expect do
+          put "/admin/users/#{user.id}/disable_second_factor.json"
+        end.to change { Jobs::CriticalUserEmail.jobs.length }.by(1)
+
+        expect(response.status).to eq(200)
+        expect(user.reload.user_second_factor).to eq(nil)
+
+        job_args = Jobs::CriticalUserEmail.jobs.first["args"].first
+
+        expect(job_args["user_id"]).to eq(user.id)
+        expect(job_args["type"]).to eq('account_second_factor_disabled')
+      end
+
+      it 'should not be able to disable the second factor for the current user' do
+        put "/admin/users/#{admin.id}/disable_second_factor.json"
+
+        expect(response.status).to eq(403)
+      end
+
+      describe 'when user does not have second factor enabled' do
+        it 'should raise the right error' do
+          user.user_second_factor.destroy!
+
+          put "/admin/users/#{user.id}/disable_second_factor.json"
+
+          expect(response.status).to eq(400)
+        end
+      end
+    end
+  end
+end