Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: 1563f7edd6
Branches Tags
zammad
/
spec
/
lib
/
auth
/
two_factor
/
recovery_codes_spec.rb

recovery_codes_spec.rb 3.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. RSpec.describe Auth::TwoFactor::RecoveryCodes, current_user_id: 1 do
    6. 

  6.   subject(:instance) { described_class.new(user) }
    7. 

  7. 

  8.   let(:user) { create(:user) }
    9. 

  9. 

  10.   shared_examples 'responding to provided instance method' do |method|
    11. 

  11.     it "responds to '.#{method}'" do
    12. 

  12.       expect(instance).to respond_to(method)
    13. 

  13.     end
    14. 

  14.   end
    15. 

  15. 

  16.   it_behaves_like 'responding to provided instance method', :verify
    17. 

  17.   it_behaves_like 'responding to provided instance method', :generate
    18. 

  18.   it_behaves_like 'responding to provided instance method', :exists?
    19. 

  19.   it_behaves_like 'responding to provided instance method', :enabled?
    20. 

  20.   it_behaves_like 'responding to provided instance method', :method_name
    21. 

  21.   it_behaves_like 'responding to provided instance method', :related_setting_name
    22. 

  22.   it_behaves_like 'responding to provided instance method', :create_user_config
    23. 

  23.   it_behaves_like 'responding to provided instance method', :destroy_user_config
    24. 

  24. 

  25.   describe '#verify' do
    26. 

  26.     let(:current_codes) { instance.generate }
    27. 

  27.     let(:current_hashed_codes) { user.reload.two_factor_preferences.recovery_codes.configuration[:codes] }
    28. 

  28.     let(:code)                 { current_codes.first }
    29. 

  29. 

  30.     before do
    31. 

  31.       current_codes
    32. 

  32.       current_hashed_codes
    33. 

  33.     end
    34. 

  34. 

  35.     context 'when code is correct' do
    36. 

  36.       it 'returns true' do
    37. 

  37.         expect(instance.verify(code)[:verified]).to be(true)
    38. 

  38.       end
    39. 

  39. 

  40.       it 'removes code from list' do
    41. 

  41.         verify_result = instance.verify(code)
    42. 

  42.         expect(verify_result['codes']).not_to include(code)
    43. 

  43.       end
    44. 

  44.     end
    45. 

  45. 

  46.     context 'when code is incorrect' do
    47. 

  47.       let(:code) { 'incorrect' }
    48. 

  48. 

  49.       before do
    50. 

  50.         current_codes
    51. 

  51.         current_hashed_codes
    52. 

  52.       end
    53. 

  53. 

  54.       it 'returns false' do
    55. 

  55.         expect(instance.verify(code)[:verified]).to be(false)
    56. 

  56.       end
    57. 

  57. 

  58.       it 'current code list is untouched' do
    59. 

  59.         instance.verify(code)
    60. 

  60. 

  61.         expect(user.reload.two_factor_preferences.recovery_codes.configuration[:codes]).to eq(current_hashed_codes)
    62. 

  62.       end
    63. 

  63.     end
    64. 

  64.   end
    65. 

  65. 

  66.   describe '#generate' do
    67. 

  67.     it 'codes will be generated' do
    68. 

  68.       expect(instance.generate.length).to eq(described_class.const_get(:NUMBER_OF_CODES))
    69. 

  69.     end
    70. 

  70. 

  71.     it 'codes have the correct length' do
    72. 

  72.       expect(instance.generate.first.length).to eq(described_class.const_get(:CODE_LENGTH))
    73. 

  73.     end
    74. 

  74. 

  75.     it 'codes are saved in two factor preferences' do
    76. 

  76.       instance.generate
    77. 

  77. 

  78.       expect(user.reload.two_factor_preferences.recovery_codes.configuration[:codes].length).to eq(described_class.const_get(:NUMBER_OF_CODES))
    79. 

  79.     end
    80. 

  80. 

  81.     context 'when codes already exist' do
    82. 

  82.       let(:current_codes)        { instance.generate }
    83. 

  83.       let(:current_hashed_codes) { user.reload.two_factor_preferences.recovery_codes.configuration[:codes] }
    84. 

  84. 

  85.       before do
    86. 

  86.         current_codes
    87. 

  87.         current_hashed_codes
    88. 

  88.       end
    89. 

  89. 

  90.       it 'codes are saved in two factor preferences' do
    91. 

  91.         instance.generate
    92. 

  92. 

  93.         expect(user.reload.two_factor_preferences.recovery_codes.configuration[:codes]).not_to be(current_hashed_codes)
    94. 

  94.       end
    95. 

  95.     end
    96. 

  96.   end
    97. 

  97. 

  98.   describe '#exists?' do
    99. 

  99.     let(:two_factor_pref_recovery_codes) do
    100. 

  100.       create(:user_two_factor_preference, :authenticator_app,
    101. 

  101.              user:          user,
    102. 

  102.              method:        'recovery_codes',
    103. 

  103.              configuration: {})
    104. 

  104.     end
    105. 

  105. 

  106.     context 'when recovery codes are present' do
    107. 

  107.       before { two_factor_pref_recovery_codes }
    108. 

  108. 

  109.       it 'returns true' do
    110. 

  110.         expect(instance.exists?).to be(true)
    111. 

  111.       end
    112. 

  112.     end
    113. 

  113. 

  114.     context 'when recovery codes are not present' do
    115. 

  115.       it 'returns false' do
    116. 

  116.         expect(instance.exists?).to be(false)
    117. 

  117.       end
    118. 

  118.     end
    119. 

  119.   end
    120. 

  120. end
    121.