Retrospring/spec/controllers/user_controller_spec.rb

156 lines
4.2 KiB
Ruby
Raw Normal View History

2020-05-21 13:25:43 -07:00
# frozen_string_literal: true
require "rails_helper"
describe UserController, type: :controller do
2020-10-21 04:44:00 -07:00
let(:user) { FactoryBot.create :user, otp_module: :disabled }
2020-05-21 13:25:43 -07:00
describe "#edit" do
subject { get :edit }
context "user signed in" do
before(:each) { sign_in user }
it "renders the edit_profile_picture template" do
subject
expect(response).to render_template("user/edit")
end
end
end
describe "#update" do
subject { patch :update, params: { user: avatar_params } }
let(:avatar_params) do
{
profile_picture: fixture_file_upload("files/banana_racc.jpg", "image/jpeg")
}
end
context "user signed in" do
before(:each) { sign_in user }
it "enqueues a Sidekiq job to process the uploaded profile picture" do
subject
expect(::CarrierWave::Workers::ProcessAsset).to have_enqueued_sidekiq_job("User", user.id.to_s, "profile_picture")
end
it "redirects to the edit_user_profile page" do
subject
expect(response).to redirect_to(:edit_user_profile)
end
end
end
describe "#update" do
subject { patch :update, params: { user: header_params } }
let(:header_params) do
{
profile_header: fixture_file_upload("files/banana_racc.jpg", "image/jpeg")
}
end
context "user signed in" do
before(:each) { sign_in user }
it "enqueues a Sidekiq job to process the uploaded profile header" do
subject
expect(::CarrierWave::Workers::ProcessAsset).to have_enqueued_sidekiq_job("User", user.id.to_s, "profile_header")
end
it "redirects to the edit_user_profile page" do
subject
expect(response).to redirect_to(:edit_user_profile)
end
end
end
2020-10-21 04:44:00 -07:00
describe "#edit_security" do
subject { get :edit_security }
context "user signed in" do
before(:each) { sign_in user }
render_views
it "shows a setup form for users who don't have 2FA enabled" do
subject
expect(response).to have_rendered(:edit_security)
expect(response).to have_rendered(partial: 'settings/security/_totp_setup')
2020-10-21 04:44:00 -07:00
end
it "shows the option to disable 2FA for users who have 2FA already enabled" do
user.otp_module = :enabled
user.save
subject
expect(response).to have_rendered(:edit_security)
expect(response).to have_rendered(partial: 'settings/security/_totp_enabled')
2020-10-21 04:44:00 -07:00
end
end
end
2020-10-21 07:47:07 -07:00
describe "#update_2fa" do
subject { post :update_2fa, params: update_params }
context "user signed in" do
before(:each) { sign_in user }
context "user enters the incorrect code" do
let(:update_params) do
{
user: { otp_secret_key: 'EJFNIJPYXXTCQSRTQY6AG7XQLAT2IDG5H7NGLJE3',
otp_validation: 123456 }
}
end
it "shows an error if the user enters the incorrect code" do
Timecop.freeze(Time.at(1603290888)) do
subject
expect(response).to redirect_to :edit_user_security
end
end
end
context "user enters the correct code" do
let(:update_params) do
{
user: { otp_secret_key: 'EJFNIJPYXXTCQSRTQY6AG7XQLAT2IDG5H7NGLJE3',
otp_validation: 187894 }
}
end
it "enables 2FA for the logged in user" do
Timecop.freeze(Time.at(1603290888)) do
subject
expect(response).to redirect_to :edit_user_security
end
end
it "shows an error if the user attempts to use the code once it has expired" do
Timecop.freeze(Time.at(1603290910)) do
subject
2020-10-21 07:52:59 -07:00
expect(flash[:error]).to eq('The code you entered was invalid.')
2020-10-21 07:47:07 -07:00
end
end
end
end
end
2020-10-21 07:52:59 -07:00
describe "#destroy_2fa" do
subject { delete :destroy_2fa }
context "user signed in" do
before(:each) do
user.otp_module = :enabled
user.save
sign_in user
end
it "disables 2FA for the logged in user" do
subject
user.reload
expect(user.otp_module_enabled?).to be_falsey
end
end
end
2020-05-21 13:25:43 -07:00
end