-
Notifications
You must be signed in to change notification settings - Fork 13.7k
fix: 2FA check flashing for mandatory roles #35340
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 6 commits
Commits
Show all changes
32 commits
Select commit
Hold shift + click to select a range
eeb1e54
fix: ensure user services object is loaded before loading is complete
yash-rajpal 06ae4f7
add ui tests
yash-rajpal 7b2b26e
fix unused var
yash-rajpal ce613d1
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal 4406b2f
refactor
yash-rajpal eaa1b58
add cs
yash-rajpal d6a3ef8
fix review
yash-rajpal e58a694
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal 376b317
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
scuciatto 9f7a0b0
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] ad21e9d
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] d71a88d
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] 1ec98ef
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] 61c3e09
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
scuciatto df8bced
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] 7103f72
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
scuciatto f11a2e3
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal c909656
fix for microservices
yash-rajpal bbef593
remove getBaseUserFields from app
yash-rajpal 1b375c7
refactor
yash-rajpal fd3fc82
refactor
yash-rajpal a92032d
Update apps/meteor/app/authentication/server/startup/index.js
yash-rajpal c88587e
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal 35c7ebf
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
scuciatto 3c662ba
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal 93b03cd
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
yash-rajpal 82b0c48
don't move getUserFields function to package
yash-rajpal 4f323af
oops
yash-rajpal a1ffdfb
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
scuciatto d5f498b
Merge branch 'develop' into fix/2FA-mandatory-check-flashing
kodiakhq[bot] faa89ac
review
ggazzo d06ded3
lint
ggazzo File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| --- | ||
| '@rocket.chat/meteor': patch | ||
| --- | ||
|
|
||
| Fixes an issue where account security page was flashing sometimes for users with mandatory two factor configured. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| import { IS_EE } from './config/constants'; | ||
| import { Users } from './fixtures/userStates'; | ||
| import { HomeChannel, AccountProfile } from './page-objects'; | ||
| import { createCustomRole, deleteCustomRole } from './utils/custom-role'; | ||
| import { test, expect } from './utils/test'; | ||
|
|
||
| test.use({ storageState: Users.admin.state }); | ||
|
|
||
| test.describe('enforce two factor authentication', () => { | ||
| test.skip(!IS_EE, 'Enterprise Only'); | ||
|
|
||
| let poHomeChannel: HomeChannel; | ||
| let poAccountProfile: AccountProfile; | ||
| let customRoleId = ''; | ||
| test.beforeEach(async ({ page }) => { | ||
| poHomeChannel = new HomeChannel(page); | ||
| poAccountProfile = new AccountProfile(page); | ||
| }); | ||
|
|
||
| test.beforeAll(async ({ api }) => { | ||
| const roleResponse = await createCustomRole(api, { name: 'enforce-2FA', mandatory2fa: true }); | ||
| expect(roleResponse.status()).toBe(200); | ||
| const { role } = await roleResponse.json(); | ||
| customRoleId = role._id; | ||
|
|
||
| const userUpdateRes = await api.post('/users.update', { | ||
| data: { roles: ['user', customRoleId, 'admin'] }, | ||
| userId: 'rocketchat.internal.admin.test', | ||
| }); | ||
| expect(userUpdateRes.status()).toBe(200); | ||
|
|
||
| const disableEmail2FA = await api.post('/users.2fa.disableEmail', {}); | ||
| expect(disableEmail2FA.status()).toBe(200); | ||
| }); | ||
|
|
||
| test.afterAll(async ({ api }) => { | ||
| const userUpdateRes = await api.post('/users.update', { | ||
| data: { roles: ['user', 'admin'] }, | ||
| userId: 'rocketchat.internal.admin.test', | ||
| }); | ||
| expect(userUpdateRes.status()).toBe(200); | ||
|
|
||
| const deleteRole = await deleteCustomRole(api, 'enforce-2FA'); | ||
| expect(deleteRole.status()).toBe(200); | ||
|
|
||
| const enableEmail2FA = await api.post('/users.2fa.enableEmail', {}); | ||
| expect(enableEmail2FA.status()).toBe(200); | ||
| }); | ||
|
|
||
| test('should redirect to 2FA setup page and setup email 2FA', async ({ page }) => { | ||
| await page.goto('/home'); | ||
| await expect(poHomeChannel.sidenav.sidebarHomeAction).not.toBeVisible(); | ||
| await expect(poAccountProfile.securityHeader).toBeVisible(); | ||
|
|
||
| await poAccountProfile.security2FASection.click(); | ||
| await expect(poAccountProfile.enableEmail2FAButton).toBeVisible(); | ||
| await poAccountProfile.enableEmail2FAButton.click(); | ||
|
|
||
| await expect(poHomeChannel.toastSuccess).toBeVisible(); | ||
| await expect(poHomeChannel.sidenav.sidebarHomeAction).toBeVisible(); | ||
| await expect(poAccountProfile.securityHeader).not.toBeVisible(); | ||
| }); | ||
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.