/
user_second_factor_spec.rb
83 lines (73 loc) · 2.7 KB
/
user_second_factor_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# frozen_string_literal: true
RSpec.describe UserSecondFactor do
fab!(:user)
describe ".methods" do
it "should retain the right order" do
expect(described_class.methods[:totp]).to eq(1)
expect(described_class.methods[:backup_codes]).to eq(2)
end
end
describe "name length validation" do
it "allows the name to be nil" do
Fabricate(:user_second_factor_totp, user: user, name: nil)
end
it "doesn't allow the name to be longer than the limit" do
expect do
Fabricate(
:user_second_factor_totp,
user: user,
name: "a" * (described_class::MAX_NAME_LENGTH + 1),
)
end.to raise_error(ActiveRecord::RecordInvalid) do |error|
expect(error.message).to include(
I18n.t("activerecord.errors.messages.too_long", count: described_class::MAX_NAME_LENGTH),
)
end
end
it "allows a name that is equal to or less than the limit" do
expect do
Fabricate(
:user_second_factor_totp,
user: user,
name: "a" * described_class::MAX_NAME_LENGTH,
)
end.not_to raise_error
end
end
describe "per-user count validation" do
it "doesn't allow a user to have more authenticators than the limit allows" do
stub_const(UserSecondFactor, "MAX_TOTPS_PER_USER", 1) do
Fabricate(:user_second_factor_totp, user: user)
expect do Fabricate(:user_second_factor_totp, user: user) end.to raise_error(
ActiveRecord::RecordInvalid,
) do |error|
expect(error.message).to include(I18n.t("login.too_many_authenticators"))
end
end
end
it "doesn't count backup codes in the authenticators limit" do
user.generate_backup_codes
expect(user.user_second_factors.backup_codes.count).to eq(10)
stub_const(UserSecondFactor, "MAX_TOTPS_PER_USER", 1) do
Fabricate(:user_second_factor_totp, user: user)
expect do Fabricate(:user_second_factor_totp, user: user) end.to raise_error(
ActiveRecord::RecordInvalid,
) do |error|
expect(error.message).to include(I18n.t("login.too_many_authenticators"))
end
end
end
it "doesn't count authenticators from other users" do
another_user = Fabricate(:user)
Fabricate(:user_second_factor_totp, user: another_user)
stub_const(UserSecondFactor, "MAX_TOTPS_PER_USER", 1) do
Fabricate(:user_second_factor_totp, user: user)
expect do Fabricate(:user_second_factor_totp, user: user) end.to raise_error(
ActiveRecord::RecordInvalid,
) do |error|
expect(error.message).to include(I18n.t("login.too_many_authenticators"))
end
end
end
end
end