Un-nest contexts in `settings/2fa/webauthn` spec (#28359)

This commit is contained in:
Matt Jankowski 2023-12-14 05:46:43 -05:00 committed by GitHub
parent adbfd40a1b
commit ef9797a395
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 42 additions and 55 deletions

View File

@ -194,60 +194,49 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
add_webauthn_credential(user) add_webauthn_credential(user)
end end
context 'when creation succeeds' do it 'adds a new credential to user credentials and does not change webauthn_id when creation succeeds', :aggregate_failures do
it 'adds a new credential to user credentials and does not change webauthn_id', :aggregate_failures do controller.session[:webauthn_challenge] = challenge
controller.session[:webauthn_challenge] = challenge
expect do
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
end.to change { user.webauthn_credentials.count }.by(1)
.and not_change(user, :webauthn_id)
expect(response).to have_http_status(200)
end
end
context 'when the nickname is already used' do
it 'fails' do
controller.session[:webauthn_challenge] = challenge
post :create, params: { credential: new_webauthn_credential, nickname: 'USB Key' }
expect(response).to have_http_status(422)
expect(flash[:error]).to be_present
end
end
context 'when the credential already exists' do
before do
user2 = Fabricate(:user)
public_key_credential = WebAuthn::Credential.from_create(new_webauthn_credential)
Fabricate(:webauthn_credential,
user_id: user2.id,
external_id: public_key_credential.id,
public_key: public_key_credential.public_key)
end
it 'fails' do
controller.session[:webauthn_challenge] = challenge
expect do
post :create, params: { credential: new_webauthn_credential, nickname: nickname } post :create, params: { credential: new_webauthn_credential, nickname: nickname }
end.to change { user.webauthn_credentials.count }.by(1)
.and not_change(user, :webauthn_id)
expect(response).to have_http_status(422) expect(response).to have_http_status(200)
expect(flash[:error]).to be_present end
end
it 'fails when the nickname is already used' do
controller.session[:webauthn_challenge] = challenge
post :create, params: { credential: new_webauthn_credential, nickname: 'USB Key' }
expect(response).to have_http_status(422)
expect(flash[:error]).to be_present
end
it 'fails when the credential already exists' do
public_key_credential = WebAuthn::Credential.from_create(new_webauthn_credential)
Fabricate(:webauthn_credential,
user_id: Fabricate(:user).id,
external_id: public_key_credential.id,
public_key: public_key_credential.public_key)
controller.session[:webauthn_challenge] = challenge
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
expect(response).to have_http_status(422)
expect(flash[:error]).to be_present
end end
end end
context 'when user have not enabled webauthn' do context 'when user have not enabled webauthn and creation succeeds' do
context 'when creation succeeds' do it 'creates a webauthn credential' do
it 'creates a webauthn credential' do controller.session[:webauthn_challenge] = challenge
controller.session[:webauthn_challenge] = challenge
expect do expect do
post :create, params: { credential: new_webauthn_credential, nickname: nickname } post :create, params: { credential: new_webauthn_credential, nickname: nickname }
end.to change { user.webauthn_credentials.count }.by(1) end.to change { user.webauthn_credentials.count }.by(1)
end
end end
end end
end end
@ -292,15 +281,13 @@ describe Settings::TwoFactorAuthentication::WebauthnCredentialsController do
add_webauthn_credential(user) add_webauthn_credential(user)
end end
context 'when deletion succeeds' do it 'redirects to 2FA methods list and shows flash success and deletes the credential when deletion succeeds', :aggregate_failures do
it 'redirects to 2FA methods list and shows flash success and deletes the credential', :aggregate_failures do expect do
expect do delete :destroy, params: { id: user.webauthn_credentials.take.id }
delete :destroy, params: { id: user.webauthn_credentials.take.id } end.to change { user.webauthn_credentials.count }.by(-1)
end.to change { user.webauthn_credentials.count }.by(-1)
expect(response).to redirect_to settings_two_factor_authentication_methods_path expect(response).to redirect_to settings_two_factor_authentication_methods_path
expect(flash[:success]).to be_present expect(flash[:success]).to be_present
end
end end
end end