From 800df45db2dd9f3baf8377896ecde8a917901fe6 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Fri, 10 Jul 2015 17:11:18 -0400
Subject: Add disable_two_factor route for Admin::Users

---
 app/controllers/admin/users_controller.rb       |  6 ++++++
 config/routes.rb                                |  1 +
 spec/controllers/admin/users_controller_spec.rb | 28 +++++++++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 7a683098df3..770fe00af51 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -55,6 +55,12 @@ class Admin::UsersController < Admin::ApplicationController
     end
   end
 
+  def disable_two_factor
+    user.disable_two_factor!
+    redirect_to admin_user_path(user),
+      notice: 'Two-factor Authentication has been disabled for this user'
+  end
+
   def create
     opts = {
       force_random_password: true,
diff --git a/config/routes.rb b/config/routes.rb
index fd04d7b2f54..055d59a0c93 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -159,6 +159,7 @@ Gitlab::Application.routes.draw do
         put :block
         put :unblock
         put :unlock
+        patch :disable_two_factor
         delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
       end
     end
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index 550a91a79e2..6f4c8987637 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -36,4 +36,32 @@ describe Admin::UsersController do
       expect(user.access_locked?).to be_falsey
     end
   end
+
+  describe 'PATCH disable_two_factor' do
+    let(:user) { create(:user) }
+
+    it 'disables 2FA for the user' do
+      expect(user).to receive(:disable_two_factor!)
+      allow(subject).to receive(:user).and_return(user)
+
+      go
+    end
+
+    it 'redirects back' do
+      go
+
+      expect(response).to redirect_to(admin_user_path(user))
+    end
+
+    it 'displays an alert' do
+      go
+
+      expect(flash[:notice]).
+        to eq 'Two-factor Authentication has been disabled for this user'
+    end
+
+    def go
+      patch :disable_two_factor, id: user.to_param
+    end
+  end
 end
-- 
cgit v1.2.1