150 lines
4.2 KiB
Ruby
150 lines
4.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
describe Admin::SessionsController, :do_not_mock_admin_mode do
|
|
include_context 'custom session'
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
before do
|
|
sign_in(user)
|
|
end
|
|
|
|
describe '#new' do
|
|
context 'for regular users' do
|
|
it 'shows error page' do
|
|
get :new
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
end
|
|
|
|
context 'for admin users' do
|
|
let(:user) { create(:admin) }
|
|
|
|
it 'renders a password form' do
|
|
get :new
|
|
|
|
expect(response).to render_template :new
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
|
|
context 'already in admin mode' do
|
|
before do
|
|
controller.current_user_mode.request_admin_mode!
|
|
controller.current_user_mode.enable_admin_mode!(password: user.password)
|
|
end
|
|
|
|
it 'redirects to original location' do
|
|
get :new
|
|
|
|
expect(response).to redirect_to(admin_root_path)
|
|
expect(controller.current_user_mode.admin_mode?).to be(true)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#create' do
|
|
context 'for regular users' do
|
|
it 'shows error page' do
|
|
post :create
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
end
|
|
|
|
context 'for admin users' do
|
|
let(:user) { create(:admin) }
|
|
|
|
it 'sets admin mode with a valid password' do
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
|
|
controller.store_location_for(:redirect, admin_root_path)
|
|
|
|
# triggering the auth form will request admin mode
|
|
get :new
|
|
|
|
post :create, params: { password: user.password }
|
|
|
|
expect(response).to redirect_to admin_root_path
|
|
expect(controller.current_user_mode.admin_mode?).to be(true)
|
|
end
|
|
|
|
it 'fails with an invalid password' do
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
|
|
controller.store_location_for(:redirect, admin_root_path)
|
|
|
|
# triggering the auth form will request admin mode
|
|
get :new
|
|
|
|
post :create, params: { password: '' }
|
|
|
|
expect(response).to render_template :new
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
|
|
it 'fails if not requested first' do
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
|
|
controller.store_location_for(:redirect, admin_root_path)
|
|
|
|
# do not trigger the auth form
|
|
|
|
post :create, params: { password: user.password }
|
|
|
|
expect(response).to redirect_to(new_admin_session_path)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
|
|
it 'fails if request period expired' do
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
|
|
controller.store_location_for(:redirect, admin_root_path)
|
|
|
|
# triggering the auth form will request admin mode
|
|
get :new
|
|
|
|
Timecop.freeze(Gitlab::Auth::CurrentUserMode::ADMIN_MODE_REQUESTED_GRACE_PERIOD.from_now) do
|
|
post :create, params: { password: user.password }
|
|
|
|
expect(response).to redirect_to(new_admin_session_path)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#destroy' do
|
|
context 'for regular users' do
|
|
it 'shows error page' do
|
|
get :destroy
|
|
|
|
expect(response).to have_gitlab_http_status(404)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
end
|
|
|
|
context 'for admin users' do
|
|
let(:user) { create(:admin) }
|
|
|
|
it 'disables admin mode and redirects to main page' do
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
|
|
get :new
|
|
post :create, params: { password: user.password }
|
|
expect(controller.current_user_mode.admin_mode?).to be(true)
|
|
|
|
get :destroy
|
|
|
|
expect(response).to have_gitlab_http_status(:found)
|
|
expect(response).to redirect_to(root_path)
|
|
expect(controller.current_user_mode.admin_mode?).to be(false)
|
|
end
|
|
end
|
|
end
|
|
end
|