Merge branch 'rename-ci-commit' into rename-ci-commit-phase-2

2 files changed, 32 insertions, 8 deletions

diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
index 4fb1473c2d2..d08d0018b35 100644
--- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb
+++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
@@ -8,21 +8,21 @@ describe Profiles::TwoFactorAuthsController do
     allow(subject).to receive(:current_user).and_return(user)
   end
 
-  describe 'GET new' do
+  describe 'GET show' do
     let(:user) { create(:user) }
 
     it 'generates otp_secret for user' do
       expect(User).to receive(:generate_otp_secret).with(32).and_return('secret').once
 
-      get :new
-      get :new # Second hit shouldn't re-generate it
+      get :show
+      get :show # Second hit shouldn't re-generate it
     end
 
     it 'assigns qr_code' do
       code = double('qr code')
       expect(subject).to receive(:build_qr_code).and_return(code)
 
-      get :new
+      get :show
       expect(assigns[:qr_code]).to eq code
     end
   end
@@ -40,7 +40,7 @@ describe Profiles::TwoFactorAuthsController do
         expect(user).to receive(:validate_and_consume_otp!).with(pin).and_return(true)
       end
 
-      it 'sets two_factor_enabled' do
+      it 'enables 2fa for the user' do
         go
 
         user.reload
@@ -79,9 +79,9 @@ describe Profiles::TwoFactorAuthsController do
         expect(assigns[:qr_code]).to eq code
       end
 
-      it 'renders new' do
+      it 'renders show' do
         go
-        expect(response).to render_template(:new)
+        expect(response).to render_template(:show)
       end
     end
   end
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index 5dc8724fb50..4e9bfb0c69b 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -25,10 +25,15 @@ describe SessionsController do
           expect(response).to set_flash.to /Signed in successfully/
           expect(subject.current_user). to eq user
         end
+
+        it "creates an audit log record" do
+          expect { post(:create, user: { login: user.username, password: user.password }) }.to change { SecurityEvent.count }.by(1)
+          expect(SecurityEvent.last.details[:with]).to eq("standard")
+        end
       end
     end
 
-    context 'when using two-factor authentication' do
+    context 'when using two-factor authentication via OTP' do
       let(:user) { create(:user, :two_factor) }
 
       def authenticate_2fa(user_params)
@@ -117,6 +122,25 @@ describe SessionsController do
           end
         end
       end
+
+      it "creates an audit log record" do
+        expect { authenticate_2fa(login: user.username, otp_attempt: user.current_otp) }.to change { SecurityEvent.count }.by(1)
+        expect(SecurityEvent.last.details[:with]).to eq("two-factor")
+      end
+    end
+
+    context 'when using two-factor authentication via U2F device' do
+      let(:user) { create(:user, :two_factor) }
+
+      def authenticate_2fa_u2f(user_params)
+        post(:create, { user: user_params }, { otp_user_id: user.id })
+      end
+
+      it "creates an audit log record" do
+        allow(U2fRegistration).to receive(:authenticate).and_return(true)
+        expect { authenticate_2fa_u2f(login: user.username, device_response: "{}") }.to change { SecurityEvent.count }.by(1)
+        expect(SecurityEvent.last.details[:with]).to eq("two-factor-via-u2f-device")
+      end
     end
   end
 end