diff options
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/FixMyStreet.pm | 6 | ||||
| -rw-r--r-- | t/app/controller/admin/reportextrafields.t | 2 | ||||
| -rw-r--r-- | t/app/controller/dashboard.t | 18 | ||||
| -rw-r--r-- | t/cobrand/fixmystreet.t | 22 |
4 files changed, 38 insertions, 10 deletions
diff --git a/perllib/FixMyStreet/Cobrand/FixMyStreet.pm b/perllib/FixMyStreet/Cobrand/FixMyStreet.pm index e830b10b2..c69156c64 100644 --- a/perllib/FixMyStreet/Cobrand/FixMyStreet.pm +++ b/perllib/FixMyStreet/Cobrand/FixMyStreet.pm @@ -310,4 +310,10 @@ sub suppress_reporter_alerts { return 0; } +sub must_have_2fa { + my ($self, $user) = @_; + return 1 if $user->is_superuser; + return 0; +} + 1; diff --git a/t/app/controller/admin/reportextrafields.t b/t/app/controller/admin/reportextrafields.t index 1714e8521..1aa4c6a42 100644 --- a/t/app/controller/admin/reportextrafields.t +++ b/t/app/controller/admin/reportextrafields.t @@ -9,6 +9,8 @@ sub allow_report_extra_fields { 1 } sub area_types { [ 'UTA' ] } +sub must_have_2fa { 0 } + package FixMyStreet::Cobrand::SecondTester; diff --git a/t/app/controller/dashboard.t b/t/app/controller/dashboard.t index 061809aaf..15c718c74 100644 --- a/t/app/controller/dashboard.t +++ b/t/app/controller/dashboard.t @@ -1,5 +1,9 @@ use Test::MockTime ':all'; +package FixMyStreet::Cobrand::No2FA; +use parent 'FixMyStreet::Cobrand::FixMyStreet'; +sub must_have_2fa { 0 } + package FixMyStreet::Cobrand::Tester; use parent 'FixMyStreet::Cobrand::Default'; # Allow access if CSV export for a body, otherwise deny @@ -38,13 +42,13 @@ my $area_id = '60705'; my $alt_area_id = '62883'; my $last_month = DateTime->now->subtract(months => 2); -$mech->create_problems_for_body(2, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Potholes', cobrand => 'fixmystreet' }); -$mech->create_problems_for_body(3, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'fixmystreet', dt => $last_month }); -$mech->create_problems_for_body(1, $body->id, 'Title', { areas => ",$alt_area_id,2651,", category => 'Litter', cobrand => 'fixmystreet' }); +$mech->create_problems_for_body(2, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Potholes', cobrand => 'no2fat' }); +$mech->create_problems_for_body(3, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'no2fa', dt => $last_month }); +$mech->create_problems_for_body(1, $body->id, 'Title', { areas => ",$alt_area_id,2651,", category => 'Litter', cobrand => 'no2fa' }); -my @scheduled_problems = $mech->create_problems_for_body(7, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'fixmystreet' }); -my @fixed_problems = $mech->create_problems_for_body(4, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Potholes', cobrand => 'fixmystreet' }); -my @closed_problems = $mech->create_problems_for_body(3, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'fixmystreet' }); +my @scheduled_problems = $mech->create_problems_for_body(7, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'no2fa' }); +my @fixed_problems = $mech->create_problems_for_body(4, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Potholes', cobrand => 'no2fa' }); +my @closed_problems = $mech->create_problems_for_body(3, $body->id, 'Title', { areas => ",$area_id,2651,", category => 'Traffic lights', cobrand => 'no2fa' }); my $first_problem_id; my $first_update_id; @@ -73,7 +77,7 @@ my $categories = scraper { }; FixMyStreet::override_config { - ALLOWED_COBRANDS => [ { fixmystreet => '.' } ], + ALLOWED_COBRANDS => 'no2fa', MAPIT_URL => 'http://mapit.uk/', }, sub { diff --git a/t/cobrand/fixmystreet.t b/t/cobrand/fixmystreet.t index 6095aee2a..fedb06f40 100644 --- a/t/cobrand/fixmystreet.t +++ b/t/cobrand/fixmystreet.t @@ -107,6 +107,22 @@ FixMyStreet::override_config { }; }; -END { - done_testing(); -} +FixMyStreet::override_config { + ALLOWED_COBRANDS => 'fixmystreet', +}, sub { + subtest 'test enforced 2FA for superusers' => sub { + my $test_email = 'test@example.com'; + my $user = FixMyStreet::DB->resultset('User')->find_or_create({ email => $test_email }); + $user->password('password'); + $user->is_superuser(1); + $user->update; + + $mech->get_ok('/auth'); + $mech->submit_form_ok( + { with_fields => { username => $test_email, password_sign_in => 'password' } }, + "sign in using form" ); + $mech->content_contains('requires two-factor'); + }; +}; + +done_testing(); |