Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
fa3aa0c5
Commit
fa3aa0c5
authored
May 22, 2019
by
Kartikey Tanna
Committed by
James Lopez
May 22, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
#61441 Allow user to set email ID before setting up 2FA
parent
6d495d65
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
24 additions
and
4 deletions
+24
-4
app/controllers/concerns/enforces_two_factor_authentication.rb
...ontrollers/concerns/enforces_two_factor_authentication.rb
+1
-1
changelogs/unreleased/61441.yml
changelogs/unreleased/61441.yml
+5
-0
spec/controllers/application_controller_spec.rb
spec/controllers/application_controller_spec.rb
+18
-3
No files found.
app/controllers/concerns/enforces_two_factor_authentication.rb
View file @
fa3aa0c5
...
@@ -16,7 +16,7 @@ module EnforcesTwoFactorAuthentication
...
@@ -16,7 +16,7 @@ module EnforcesTwoFactorAuthentication
end
end
def
check_two_factor_requirement
def
check_two_factor_requirement
if
two_factor_authentication_required?
&&
current_user
&&
!
current_user
.
two_factor_enabled?
&&
!
skip_two_factor?
if
two_factor_authentication_required?
&&
current_user
&&
!
current_user
.
t
emp_oauth_email?
&&
!
current_user
.
t
wo_factor_enabled?
&&
!
skip_two_factor?
redirect_to
profile_two_factor_auth_path
redirect_to
profile_two_factor_auth_path
end
end
end
end
...
...
changelogs/unreleased/61441.yml
0 → 100644
View file @
fa3aa0c5
---
title
:
Allow user to set primary email first when 2FA is required
merge_request
:
28097
author
:
Kartikey Tanna
type
:
fixed
spec/controllers/application_controller_spec.rb
View file @
fa3aa0c5
...
@@ -206,8 +206,19 @@ describe ApplicationController do
...
@@ -206,8 +206,19 @@ describe ApplicationController do
describe
'#check_two_factor_requirement'
do
describe
'#check_two_factor_requirement'
do
subject
{
controller
.
send
:check_two_factor_requirement
}
subject
{
controller
.
send
:check_two_factor_requirement
}
it
'does not redirect if user has temporary oauth email'
do
oauth_user
=
create
(
:user
,
email:
'temp-email-for-oauth@email.com'
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:current_user
).
and_return
(
oauth_user
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
subject
end
it
'does not redirect if 2FA is not required'
do
it
'does not redirect if 2FA is not required'
do
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
false
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
false
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
subject
subject
...
@@ -216,6 +227,7 @@ describe ApplicationController do
...
@@ -216,6 +227,7 @@ describe ApplicationController do
it
'does not redirect if user is not logged in'
do
it
'does not redirect if user is not logged in'
do
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:current_user
).
and_return
(
nil
)
allow
(
controller
).
to
receive
(
:current_user
).
and_return
(
nil
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
subject
subject
...
@@ -223,8 +235,9 @@ describe ApplicationController do
...
@@ -223,8 +235,9 @@ describe ApplicationController do
it
'does not redirect if user has 2FA enabled'
do
it
'does not redirect if user has 2FA enabled'
do
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:current_user
).
t
w
ice
.
and_return
(
user
)
allow
(
controller
).
to
receive
(
:current_user
).
t
hr
ice
.
and_return
(
user
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
true
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
true
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
subject
subject
...
@@ -232,9 +245,10 @@ describe ApplicationController do
...
@@ -232,9 +245,10 @@ describe ApplicationController do
it
'does not redirect if 2FA setup can be skipped'
do
it
'does not redirect if 2FA setup can be skipped'
do
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:current_user
).
t
w
ice
.
and_return
(
user
)
allow
(
controller
).
to
receive
(
:current_user
).
t
hr
ice
.
and_return
(
user
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
false
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
false
)
allow
(
controller
).
to
receive
(
:skip_two_factor?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:skip_two_factor?
).
and_return
(
true
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
expect
(
controller
).
not_to
receive
(
:redirect_to
)
subject
subject
...
@@ -242,10 +256,11 @@ describe ApplicationController do
...
@@ -242,10 +256,11 @@ describe ApplicationController do
it
'redirects to 2FA setup otherwise'
do
it
'redirects to 2FA setup otherwise'
do
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:two_factor_authentication_required?
).
and_return
(
true
)
allow
(
controller
).
to
receive
(
:current_user
).
t
w
ice
.
and_return
(
user
)
allow
(
controller
).
to
receive
(
:current_user
).
t
hr
ice
.
and_return
(
user
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
false
)
allow
(
user
).
to
receive
(
:two_factor_enabled?
).
and_return
(
false
)
allow
(
controller
).
to
receive
(
:skip_two_factor?
).
and_return
(
false
)
allow
(
controller
).
to
receive
(
:skip_two_factor?
).
and_return
(
false
)
allow
(
controller
).
to
receive
(
:profile_two_factor_auth_path
)
allow
(
controller
).
to
receive
(
:profile_two_factor_auth_path
)
expect
(
controller
).
to
receive
(
:redirect_to
)
expect
(
controller
).
to
receive
(
:redirect_to
)
subject
subject
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment