github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 07:53:49 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Don't check for second factor when switching to anonymous account (#7803)

Browse Source
This commit is contained in:
Ralph Rooding
2019-06-28 00:01:27 +02:00
committed by Jeff Wong
parent 7f14e185cc
commit 4ba35472e6
4 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/assets/javascripts/discourse/routes/preferences-second-factor.js.es6
View File

@ -43,6 +43,7 @@ export default RestrictedUserRoute.extend({
if ( if (
transition.targetName === "preferences.second-factor" || transition.targetName === "preferences.second-factor" ||
!user || !user ||
(settings.allow_anonymous_posting && user.is_anonymous) ||
user.second_factor_enabled || user.second_factor_enabled ||
(settings.enforce_second_factor === "staff" && !user.staff) || (settings.enforce_second_factor === "staff" && !user.staff) ||
settings.enforce_second_factor === "no" settings.enforce_second_factor === "no"

1
app/controllers/application_controller.rb
View File

@ -745,6 +745,7 @@ class ApplicationController < ActionController::Base
check_totp = current_user && check_totp = current_user &&
!request.format.json? && !request.format.json? &&
!is_api? && !is_api? &&
!(SiteSetting.allow_anonymous_posting && current_user.anonymous?) &&
((SiteSetting.enforce_second_factor == 'staff' && current_user.staff?) || ((SiteSetting.enforce_second_factor == 'staff' && current_user.staff?) ||
SiteSetting.enforce_second_factor == 'all') && SiteSetting.enforce_second_factor == 'all') &&
!current_user.totp_enabled? !current_user.totp_enabled?

12
spec/requests/application_controller_spec.rb
View File

@ -46,6 +46,18 @@ RSpec.describe ApplicationController do
expect(response).to redirect_to("/u/#{user.username}/preferences/second-factor") expect(response).to redirect_to("/u/#{user.username}/preferences/second-factor")
end end
it "should not redirect anonymous users when enforce_second_factor is 'all'" do
SiteSetting.enforce_second_factor = "all"
SiteSetting.allow_anonymous_posting = true
sign_in(user)
post "/u/toggle-anon.json"
expect(response.status).to eq(200)
get "/"
expect(response.status).to eq(200)
end
it "should redirect admins when enforce_second_factor is 'staff'" do it "should redirect admins when enforce_second_factor is 'staff'" do
SiteSetting.enforce_second_factor = "staff" SiteSetting.enforce_second_factor = "staff"
sign_in(admin) sign_in(admin)

25
test/javascripts/acceptance/enforce-second-factor-test.js.es6
View File

@ -57,3 +57,28 @@ QUnit.test("as a user", async assert => {
"it stays at second-factor preferences" "it stays at second-factor preferences"
); );
}); });
QUnit.test("as an anonymous user", async assert => {
updateCurrentUser({ staff: false, admin: false, is_anonymous: true });
await visit("/u/eviltrout/preferences/second-factor");
Discourse.SiteSettings.enforce_second_factor = "all";
Discourse.SiteSettings.allow_anonymous_posting = true;
await visit("/u/eviltrout/summary");
assert.notEqual(
find(".control-label").text(),
"Password",
"it will transition from second-factor preferences"
);
await click("#toggle-hamburger-menu");
await click("a.about-link");
assert.notEqual(
find(".control-label").text(),
"Password",
"it is possible to navigate to other pages"
);
});