mirror of https://github.com/zulip/zulip.git
decorator: Add test case for unauthenticated 2fa.
This simulates the situation in which the user is not authenticated (as an AnonymousUser) and have 2FA enabled. Signed-off-by: Zixuan James Li <p359101898@gmail.com>
This commit is contained in:
Zixuan James Li
Tim Abbott
parent
eeaeb5a821
commit
3367839839
|
|
@ -1052,9 +1052,7 @@ def zulip_otp_required(
|
|||
|
||||
# This request is unauthenticated (logged-out) access; 2FA is
|
||||
# not required or possible.
|
||||
#
|
||||
# TODO: Add a test for 2FA-enabled with web-public views.
|
||||
if not user.is_authenticated: # nocoverage
|
||||
if not user.is_authenticated:
|
||||
return True
|
||||
|
||||
# If the user doesn't have 2FA set up, we can't enforce 2FA.
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ from zerver.decorator import (
|
|||
validate_api_key,
|
||||
webhook_view,
|
||||
zulip_login_required,
|
||||
zulip_otp_required,
|
||||
)
|
||||
from zerver.forms import OurAuthenticationForm
|
||||
from zerver.lib.cache import dict_to_items_tuple, ignore_unhashable_lru_cache, items_tuple_to_dict
|
||||
|
|
@ -1900,6 +1901,17 @@ class TestZulipLoginRequiredDecorator(ZulipTestCase):
|
|||
response = test_view(request)
|
||||
self.assertEqual(response.content.decode(), "Success")
|
||||
|
||||
def test_otp_not_authenticated(self) -> None:
|
||||
@zulip_otp_required()
|
||||
def test_view(request: HttpRequest) -> HttpResponse:
|
||||
return HttpResponse("Success")
|
||||
|
||||
with self.settings(TWO_FACTOR_AUTHENTICATION_ENABLED=True):
|
||||
user = AnonymousUser()
|
||||
request = HostRequestMock(user_profile=user)
|
||||
response = test_view(request)
|
||||
self.assertEqual(response.content.decode(), "Success")
|
||||
|
||||
|
||||
class TestRequireDecorators(ZulipTestCase):
|
||||
def test_require_server_admin_decorator(self) -> None:
|
||||
|
|
|
|||
Loading…
Reference in New Issue