add2fa_permission_spec.rb 2.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. # Later migration changes structure of Permission model
  4. # This adds a field that is now missing to check if old migration still works for upgrades from older systems
  5. Permission.attr_accessor :note
  6. RSpec.describe Add2faPermission, type: :db_migration do
  7. let(:role) { create(:role, permission_names:) }
  8. before do
  9. Permission.find(fa_permission_id).destroy!
  10. role
  11. end
  12. context 'when role has no user preferences permissions' do
  13. let(:permission_names) { %w[report] }
  14. it 'does not add two_factor_authentication permission' do
  15. expect { migrate }
  16. .not_to change { role.reload.permission_ids.include? fa_permission_id }
  17. end
  18. end
  19. context 'when role has whole user_preferences permission' do
  20. let(:permission_names) { %w[user_preferences] }
  21. it 'does not add two_factor_authentication permission' do
  22. expect { migrate }
  23. .not_to change { role.reload.permission_ids.include? fa_permission_id }
  24. end
  25. end
  26. context 'when role has specifically user_preferences.password' do
  27. let(:permission_names) { %w[user_preferences.password] }
  28. it 'adds two_factor_authentication permission' do
  29. expect { migrate }
  30. .to change { role.reload.permission_ids.include? fa_permission_id }
  31. .to be_truthy
  32. end
  33. end
  34. context 'when role has other user_preferences.something permission' do
  35. let(:permission_names) { %w[user_preferences.calendar] }
  36. it 'does not add two_factor_authentication permission' do
  37. expect { migrate }
  38. .not_to change { role.reload.permission_ids.include? fa_permission_id }
  39. end
  40. end
  41. # This cannot be a let block since permission does not exist before migration
  42. # Later migration changes structure of Permission model so it's safer to use ID only
  43. def fa_permission_id
  44. Permission
  45. .where(name: 'user_preferences.two_factor_authentication')
  46. .pick(:id)
  47. end
  48. end