| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- # Later migration changes structure of Permission model
- # This adds a field that is now missing to check if old migration still works for upgrades from older systems
- Permission.attr_accessor :note
- RSpec.describe Add2faPermission, type: :db_migration do
- let(:role) { create(:role, permission_names:) }
- before do
- Permission.find(fa_permission_id).destroy!
- role
- end
- context 'when role has no user preferences permissions' do
- let(:permission_names) { %w[report] }
- it 'does not add two_factor_authentication permission' do
- expect { migrate }
- .not_to change { role.reload.permission_ids.include? fa_permission_id }
- end
- end
- context 'when role has whole user_preferences permission' do
- let(:permission_names) { %w[user_preferences] }
- it 'does not add two_factor_authentication permission' do
- expect { migrate }
- .not_to change { role.reload.permission_ids.include? fa_permission_id }
- end
- end
- context 'when role has specifically user_preferences.password' do
- let(:permission_names) { %w[user_preferences.password] }
- it 'adds two_factor_authentication permission' do
- expect { migrate }
- .to change { role.reload.permission_ids.include? fa_permission_id }
- .to be_truthy
- end
- end
- context 'when role has other user_preferences.something permission' do
- let(:permission_names) { %w[user_preferences.calendar] }
- it 'does not add two_factor_authentication permission' do
- expect { migrate }
- .not_to change { role.reload.permission_ids.include? fa_permission_id }
- end
- end
- # This cannot be a let block since permission does not exist before migration
- # Later migration changes structure of Permission model so it's safer to use ID only
- def fa_permission_id
- Permission
- .where(name: 'user_preferences.two_factor_authentication')
- .pick(:id)
- end
- end
|
