Add private label otp enabled for user

openware · May 22, 2020 · 0400aa7 · 0400aa7
1 parent 6456c74
commit 0400aa7
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 0 deletions.
diff --git a/app/api/v2/admin/users.rb b/app/api/v2/admin/users.rb
@@ -104,6 +104,8 @@ def search(field, value)
             unless target_user.update(update_param_key => update_param_value)
               code_error!(target_user.errors.details, 422)
             end
+
+            target_user.labels.find_by(key: :otp, scope: :private).delete if target_user.labels.find_by(key: :otp, scope: :private) && update_param_key == 'otp'
             status 200
           end
 

diff --git a/app/api/v2/resource/otp.rb b/app/api/v2/resource/otp.rb
@@ -58,6 +58,7 @@ def otp_error!(options = {})
               user: current_user.id, action: 'enable 2FA')
           end
 
+          current_user.labels.create(key: :otp, value: :enabled, scope: :private) unless current_user.labels.find_by(key: :otp, scope: :private)
           activity_record(user: current_user.id, action: 'enable 2FA', result: 'succeed', topic: 'otp')
           200
         end
@@ -91,6 +92,7 @@ def otp_error!(options = {})
               user: current_user.id, action: 'disable 2FA')
           end
 
+          current_user.labels.find_by(key: :otp, scope: :private).delete if current_user.labels.find_by(key: :otp, scope: :private)
           activity_record(user: current_user.id, action: 'disable 2FA', result: 'succeed', topic: 'otp')
 
           status 200

diff --git a/spec/api/v2/admin/users_spec.rb b/spec/api/v2/admin/users_spec.rb
@@ -235,12 +235,14 @@ def validate_fields(user)
 
       it 'sets otp to false' do
         experimental_user.update(otp: 'true')
+        experimental_user.labels.create(key: :otp, value: :enabled, scope: :private)
         put '/api/v2/admin/users', headers: auth_header, params: {
           uid: experimental_user.uid,
           otp: 'false'
         }
         expect(response.status).to eq 200
         expect(experimental_user.reload.otp).to eq false
+        expect(experimental_user.reload.labels.find_by(key: :otp, scope: :private).to eq nil
       end
 
       it 'sets role to admin' do

diff --git a/spec/api/v2/resource/otp_spec.rb b/spec/api/v2/resource/otp_spec.rb
@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+describe 'Api::V2::Resource::Otp' do
+  include_context 'bearer authentication'
+  let!(:create_member_permission) do
+    create :permission,
+           role: 'member'
+  end
+  let(:do_request) { post '/api/v2/resource/otp/enable', headers: auth_header }
+  let(:otp_code) { '111111' }
+
+  context 'valid request' do
+    before do
+      allow(TOTPService).to receive(:validate?)
+      .with(test_user.uid, otp_code) { true }
+    end
+
+    it 'user enables 2fa successfully' do
+      post '/api/v2/resource/otp/enable', headers: auth_header, params: {
+        code: otp_code
+      }
+
+      expect(response.status).to eq 201
+      expect(test_user.reload.otp).to eq true
+      expect(test_user.reload.labels.find_by(key: :otp, scope: :private)).not_to eq nil
+    end
+  end
+
+  context 'incomplete request' do
+    it 'user receives error' do
+      post '/api/v2/resource/otp/enable', headers: auth_header, params: {
+        code: otp_code
+      }
+
+      expect(response.status).to eq 422
+      expect(test_user.reload.otp).to eq false
+      expect(test_user.reload.labels.find_by(key: :otp, scope: :private)).to eq nil
+    end
+  end
+end