From 6fda7a9f56af4f66a00bf1386cfcdf148fa09517 Mon Sep 17 00:00:00 2001 From: Fredys Fonseca Date: Wed, 23 Jul 2025 04:15:15 +0000 Subject: [PATCH] feature/require-mfa-by-admin - Using ClimateControl --- app/controllers/concerns/mfa_force_concern.rb | 2 +- app/helpers/flashes_helper.rb | 2 +- .../concerns/mfa_force_concern_spec.rb | 70 +++++++++++-------- spec/helpers/flashes_helper_spec.rb | 4 +- 4 files changed, 45 insertions(+), 33 deletions(-) diff --git a/app/controllers/concerns/mfa_force_concern.rb b/app/controllers/concerns/mfa_force_concern.rb index 15d4661a91b..18b2f659a93 100644 --- a/app/controllers/concerns/mfa_force_concern.rb +++ b/app/controllers/concerns/mfa_force_concern.rb @@ -14,7 +14,7 @@ module MfaForceConcern return if current_user.otp_enabled? return if mfa_setup_allowed_paths? - flash[:warning] = I18n.t('require_multi_factor_auth.required_message') + flash[:alert] = I18n.t('require_multi_factor_auth.required_message') redirect_to settings_otp_authentication_path end diff --git a/app/helpers/flashes_helper.rb b/app/helpers/flashes_helper.rb index ccae52f353e..6c5e9370980 100644 --- a/app/helpers/flashes_helper.rb +++ b/app/helpers/flashes_helper.rb @@ -2,6 +2,6 @@ module FlashesHelper def user_facing_flashes - flash.to_hash.slice('alert', 'error', 'notice', 'success', 'warning') + flash.to_hash.slice('alert', 'error', 'notice', 'success') end end diff --git a/spec/controllers/concerns/mfa_force_concern_spec.rb b/spec/controllers/concerns/mfa_force_concern_spec.rb index f1d33fa9e07..4181f5d8c19 100644 --- a/spec/controllers/concerns/mfa_force_concern_spec.rb +++ b/spec/controllers/concerns/mfa_force_concern_spec.rb @@ -18,8 +18,9 @@ RSpec.describe MfaForceConcern do describe 'MFA force functionality' do context 'when REQUIRE_MULTI_FACTOR_AUTH is enabled' do before do - allow(ENV).to receive(:[]).with('REQUIRE_MULTI_FACTOR_AUTH').and_return('true') - sign_in user, scope: :user + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + sign_in user, scope: :user + end end context 'when user has MFA enabled' do @@ -28,8 +29,10 @@ RSpec.describe MfaForceConcern do end it 'allows access to normal pages' do - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + get :index + expect(response).to have_http_status(200) + end end end @@ -39,32 +42,42 @@ RSpec.describe MfaForceConcern do end it 'redirects to MFA setup page' do - get :index - expect(response).to redirect_to(settings_otp_authentication_path) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + get :index + expect(response).to redirect_to(settings_otp_authentication_path) + end end it 'shows the required message' do - get :index - expect(flash[:warning]).to eq(I18n.t('require_multi_factor_auth.required_message')) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + get :index + expect(flash[:alert]).to eq(I18n.t('require_multi_factor_auth.required_message')) + end end context 'when accessing MFA setup pages' do it 'allows access to OTP authentication page' do - allow(controller.request).to receive(:path).and_return('/settings/otp_authentication') - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + allow(controller.request).to receive(:path).and_return('/settings/otp_authentication') + get :index + expect(response).to have_http_status(200) + end end it 'allows access to MFA confirmation page' do - allow(controller.request).to receive(:path).and_return('/settings/two_factor_authentication/confirmation') - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + allow(controller.request).to receive(:path).and_return('/settings/two_factor_authentication/confirmation') + get :index + expect(response).to have_http_status(200) + end end it 'allows access to logout' do - allow(controller.request).to receive(:path).and_return('/auth/sign_out') - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + allow(controller.request).to receive(:path).and_return('/auth/sign_out') + get :index + expect(response).to have_http_status(200) + end end end end @@ -72,25 +85,26 @@ RSpec.describe MfaForceConcern do context 'when REQUIRE_MULTI_FACTOR_AUTH is disabled' do before do - allow(ENV).to receive(:[]).with('REQUIRE_MULTI_FACTOR_AUTH').and_return('false') - sign_in user, scope: :user - user.update(otp_required_for_login: false) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'false') do + sign_in user, scope: :user + user.update(otp_required_for_login: false) + end end it 'allows access to normal pages' do - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'false') do + get :index + expect(response).to have_http_status(200) + end end end context 'when user is not signed in' do - before do - allow(ENV).to receive(:[]).with('REQUIRE_MULTI_FACTOR_AUTH').and_return('true') - end - it 'allows access to normal pages' do - get :index - expect(response).to have_http_status(200) + ClimateControl.modify(REQUIRE_MULTI_FACTOR_AUTH: 'true') do + get :index + expect(response).to have_http_status(200) + end end end end diff --git a/spec/helpers/flashes_helper_spec.rb b/spec/helpers/flashes_helper_spec.rb index c911c6829f1..aaef7ab1443 100644 --- a/spec/helpers/flashes_helper_spec.rb +++ b/spec/helpers/flashes_helper_spec.rb @@ -10,7 +10,6 @@ RSpec.describe FlashesHelper do flash[:error] = 'an error' flash[:notice] = 'a notice' flash[:success] = 'a success' - flash[:warning] = 'a warning' flash[:not_user_facing] = 'a not user facing flash' # rubocop:enable Rails/I18nLocaleTexts end @@ -20,8 +19,7 @@ RSpec.describe FlashesHelper do 'alert' => 'an alert', 'error' => 'an error', 'notice' => 'a notice', - 'success' => 'a success', - 'warning' => 'a warning' + 'success' => 'a success' ) end end