1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe Gql::Mutations::AdminPasswordAuthVerify, type: :graphql do
- context 'when verifying' do
- let(:query) do
- <<~QUERY
- mutation adminPasswordAuthVerify($token: String!) {
- adminPasswordAuthVerify(token: $token) {
- login
- }
- }
- QUERY
- end
- let(:variables) { { token: token } }
- before do
- setup if defined?(setup)
- gql.execute(query, variables: variables)
- end
- context 'with enabled password login' do
- let(:setup) do
- Setting.set('user_show_password_login', true)
- end
- let(:token) { 'valid-token' }
- it 'raises an error' do
- expect(gql.result.error_message).to eq 'This feature is not enabled.'
- end
- end
- context 'with disabled password login' do
- context 'when no third-party authenticator is enabled' do
- let(:setup) do
- Setting.set('user_show_password_login', false)
- end
- let(:token) { 'dummy' }
- it 'raises an error' do
- expect(gql.result.error_message).to eq 'This feature is not enabled.'
- end
- end
- context 'when any third-party authenticator is enabled' do
- let(:setup) do
- Setting.set('user_show_password_login', false)
- Setting.set('auth_saml', true)
- user = create(:admin)
- Token.create(action: 'AdminAuth', user_id: user.id, persistent: false)
- end
- context 'with invalid token' do
- let(:token) { 'invalid' }
- it 'raises an error' do
- expect(gql.result.error_message).to eq 'The login is not possible.'
- end
- end
- context 'with valid token' do
- let(:token) { Token.last.token }
- it 'returns the login' do
- expect(gql.result.data[:login]).to eq User.last.login
- end
- end
- end
- end
- end
- end
|