diff options
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 8 | ||||
| -rw-r--r-- | app/models/user.rb | 10 | ||||
| -rw-r--r-- | spec/controllers/profiles/two_factor_auths_controller_spec.rb | 13 | ||||
| -rw-r--r-- | spec/factories.rb | 1 | ||||
| -rw-r--r-- | spec/models/user_spec.rb | 18 |
5 files changed, 33 insertions, 17 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 03845f1e1ec..f9af0871cf1 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end def destroy - current_user.update_attributes({ - two_factor_enabled: false, - encrypted_otp_secret: nil, - encrypted_otp_secret_iv: nil, - encrypted_otp_secret_salt: nil, - otp_backup_codes: nil - }) + current_user.disable_two_factor! redirect_to profile_account_path end diff --git a/app/models/user.rb b/app/models/user.rb index dc84f5141d8..317257a2500 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -322,6 +322,16 @@ class User < ActiveRecord::Base @reset_token end + def disable_two_factor! + update_attributes( + two_factor_enabled: false, + encrypted_otp_secret: nil, + encrypted_otp_secret_iv: nil, + encrypted_otp_secret_salt: nil, + otp_backup_codes: nil + ) + end + def namespace_uniq namespace_name = self.username existing_namespace = Namespace.by_path(namespace_name) diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb index aa09f1a758d..f54706e3aa3 100644 --- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb +++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb @@ -105,19 +105,12 @@ describe Profiles::TwoFactorAuthsController do end describe 'DELETE destroy' do - let(:user) { create(:user, :two_factor) } - let!(:codes) { user.generate_otp_backup_codes! } + let(:user) { create(:user, :two_factor) } - it 'clears all 2FA-related fields' do - expect(user).to be_two_factor_enabled - expect(user.otp_backup_codes).not_to be_nil - expect(user.encrypted_otp_secret).not_to be_nil + it 'disables two factor' do + expect(user).to receive(:disable_two_factor!) delete :destroy - - expect(user).not_to be_two_factor_enabled - expect(user.otp_backup_codes).to be_nil - expect(user.encrypted_otp_secret).to be_nil end it 'redirects to profile_account_path' do diff --git a/spec/factories.rb b/spec/factories.rb index 578a2e4dc69..05e3211d551 100644 --- a/spec/factories.rb +++ b/spec/factories.rb @@ -32,6 +32,7 @@ FactoryGirl.define do before(:create) do |user| user.two_factor_enabled = true user.otp_secret = User.generate_otp_secret(32) + user.generate_otp_backup_codes! end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 6d2423ae27a..16902317f10 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -217,6 +217,24 @@ describe User do end end + describe '#disable_two_factor!' do + it 'clears all 2FA-related fields' do + user = create(:user, :two_factor) + + expect(user).to be_two_factor_enabled + expect(user.encrypted_otp_secret).not_to be_nil + expect(user.otp_backup_codes).not_to be_nil + + user.disable_two_factor! + + expect(user).not_to be_two_factor_enabled + expect(user.encrypted_otp_secret).to be_nil + expect(user.encrypted_otp_secret_iv).to be_nil + expect(user.encrypted_otp_secret_salt).to be_nil + expect(user.otp_backup_codes).to be_nil + end + end + describe 'projects' do before do @user = create :user |