diff options
author | Chocobozzz <me@florianbigard.com> | 2022-10-07 14:23:42 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2022-10-07 14:28:35 +0200 |
commit | 2166c058f34dff6f91566930d12448805d829de7 (patch) | |
tree | 2b9100b8eccbac287d1105c765901f966a354986 /server/tests/api/check-params | |
parent | d12b40fb96d56786a96c06a621f3d8e0a0d24f4a (diff) | |
download | PeerTube-2166c058f34dff6f91566930d12448805d829de7.tar.gz PeerTube-2166c058f34dff6f91566930d12448805d829de7.tar.zst PeerTube-2166c058f34dff6f91566930d12448805d829de7.zip |
Allow admins to disable two factor auth
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r-- | server/tests/api/check-params/two-factor.ts | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/server/tests/api/check-params/two-factor.ts b/server/tests/api/check-params/two-factor.ts index e7ca5490c..f8365f1b5 100644 --- a/server/tests/api/check-params/two-factor.ts +++ b/server/tests/api/check-params/two-factor.ts | |||
@@ -86,6 +86,15 @@ describe('Test two factor API validators', function () { | |||
86 | }) | 86 | }) |
87 | }) | 87 | }) |
88 | 88 | ||
89 | it('Should succeed to request two factor without a password when targeting a remote user with an admin account', async function () { | ||
90 | await server.twoFactor.request({ userId }) | ||
91 | }) | ||
92 | |||
93 | it('Should fail to request two factor without a password when targeting myself with an admin account', async function () { | ||
94 | await server.twoFactor.request({ userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | ||
95 | await server.twoFactor.request({ userId: rootId, currentPassword: 'bad', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
96 | }) | ||
97 | |||
89 | it('Should succeed to request my two factor auth', async function () { | 98 | it('Should succeed to request my two factor auth', async function () { |
90 | { | 99 | { |
91 | const { otpRequest } = await server.twoFactor.request({ userId, token: userToken, currentPassword: userPassword }) | 100 | const { otpRequest } = await server.twoFactor.request({ userId, token: userToken, currentPassword: userPassword }) |
@@ -234,7 +243,7 @@ describe('Test two factor API validators', function () { | |||
234 | }) | 243 | }) |
235 | }) | 244 | }) |
236 | 245 | ||
237 | it('Should fail to disabled two factor with an incorrect password', async function () { | 246 | it('Should fail to disable two factor with an incorrect password', async function () { |
238 | await server.twoFactor.disable({ | 247 | await server.twoFactor.disable({ |
239 | userId, | 248 | userId, |
240 | token: userToken, | 249 | token: userToken, |
@@ -243,16 +252,20 @@ describe('Test two factor API validators', function () { | |||
243 | }) | 252 | }) |
244 | }) | 253 | }) |
245 | 254 | ||
255 | it('Should succeed to disable two factor without a password when targeting a remote user with an admin account', async function () { | ||
256 | await server.twoFactor.disable({ userId }) | ||
257 | await server.twoFactor.requestAndConfirm({ userId }) | ||
258 | }) | ||
259 | |||
260 | it('Should fail to disable two factor without a password when targeting myself with an admin account', async function () { | ||
261 | await server.twoFactor.disable({ userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | ||
262 | await server.twoFactor.disable({ userId: rootId, currentPassword: 'bad', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
263 | }) | ||
264 | |||
246 | it('Should succeed to disable another user two factor with the appropriate rights', async function () { | 265 | it('Should succeed to disable another user two factor with the appropriate rights', async function () { |
247 | await server.twoFactor.disable({ userId, currentPassword: rootPassword }) | 266 | await server.twoFactor.disable({ userId, currentPassword: rootPassword }) |
248 | 267 | ||
249 | // Reinit | 268 | await server.twoFactor.requestAndConfirm({ userId }) |
250 | const { otpRequest } = await server.twoFactor.request({ userId, currentPassword: rootPassword }) | ||
251 | await server.twoFactor.confirmRequest({ | ||
252 | userId, | ||
253 | requestToken: otpRequest.requestToken, | ||
254 | otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate() | ||
255 | }) | ||
256 | }) | 269 | }) |
257 | 270 | ||
258 | it('Should succeed to update my two factor auth', async function () { | 271 | it('Should succeed to update my two factor auth', async function () { |