+ describe('getAdminSettings', function () {
+ it('covers success', async function () {
+ manager.db.authenticationGet.resolves({});
+ await manager.getAdminSettings(res, ctx);
+ assert(!ctx.errors.length);
+ });
+ it('covers no user', async function () {
+ manager.db.authenticationGet.resolves();
+ await manager.getAdminSettings(res, ctx);
+ assert(ctx.errors.length);
+ });
+ it('covers db failure', async function () {
+ manager.db.authenticationGet.throws();
+ await manager.getAdminSettings(res, ctx);
+ assert(ctx.errors.length);
+ });
+ }); // getAdminSettings
+
+ describe('postAdminSettings', function () {
+ let authData;
+ beforeEach(function () {
+ authData = {
+ identifier: 'user',
+ credential: 'password',
+ otpKey: '12345678901234567890123456789012',
+ };
+ manager.db.authenticationGet.resolves(authData);
+ sinon.stub(manager, '_credentialUpdate');
+ sinon.stub(manager, '_otpEnable');
+ sinon.stub(manager, '_otpConfirm');
+ sinon.stub(manager, '_otpDisable');
+ });
+ it('covers no action', async function () {
+ await manager.postAdminSettings(res, ctx);
+ assert(!ctx.errors.length);
+ });
+ it('covers db empty', async function () {
+ manager.db.authenticationGet.resolves();
+ await manager.postAdminSettings(res, ctx);
+ assert(ctx.errors.length);
+ });
+ it('covers db error', async function () {
+ manager.db.authenticationGet.throws();
+ await manager.postAdminSettings(res, ctx);
+ assert(ctx.errors.length);
+ });
+ it('covers credential update', async function () {
+ ctx.parsedBody.credential = 'update';
+ await manager.postAdminSettings(res, ctx);
+ assert(manager._credentialUpdate.called);
+ });
+ it('covers otp enabling', async function () {
+ ctx.parsedBody.otp = 'enable';
+ await manager.postAdminSettings(res, ctx);
+ assert(manager._otpEnable.called);
+ });
+ it('covers otp confirmation', async function () {
+ ctx.parsedBody.otp = 'confirm';
+ await manager.postAdminSettings(res, ctx);
+ assert(manager._otpConfirm.called);
+ });
+ it('covers otp disabling', async function () {
+ ctx.parsedBody.otp = 'disable';
+ await manager.postAdminSettings(res, ctx);
+ assert(manager._otpDisable.called);
+ });
+ }); // postAdminSettings
+
+ describe('_otpDisable', function () {
+ let dbCtx, authData;
+ beforeEach(function () {
+ ctx.otpKey = '12345678901234567890123456789012';
+ dbCtx = {};
+ authData = {
+ otpKey: '12345678901234567890123456789012',
+ };
+ });
+ it('covers success', async function () {
+ await manager._otpDisable(dbCtx, ctx, authData);
+ assert(!ctx.otpKey);
+ assert(!authData.otpKey);
+ assert(manager.db.authenticationUpdateOTPKey.called);
+ assert(ctx.notifications.length);
+ assert(!ctx.errors.length);
+ });
+ it('covers db failure', async function () {
+ manager.db.authenticationUpdateOTPKey.throws();
+ await manager._otpDisable(dbCtx, ctx, authData);
+ assert(!ctx.notifications.length);
+ assert(ctx.errors.length);
+ });
+ }); // _otpDisable
+
+ describe('_otpEnsable', function () {
+ it('covers success', async function () {
+ await manager._otpEnable(ctx);
+ assert('otpConfirmKey' in ctx);
+ assert('otpConfirmBox' in ctx);
+ assert(!ctx.errors.length);
+ });
+ it('covers failure', async function () {
+ sinon.stub(manager.mysteryBox, 'pack').throws();
+ await manager._otpEnable(ctx);
+ assert(!('otpConfirmKey' in ctx));
+ assert(!('otpConfirmBox' in ctx));
+ assert(ctx.errors.length);
+ });
+ }); // _otpEnsable
+
+ describe('_otpConfirm', function () {
+ let dbCtx, otpState;
+ beforeEach(function () {
+ sinon.stub(Date, 'now').returns(1710435655000);
+ dbCtx = {};
+ ctx.parsedBody = {
+ 'otp-box': 'xxxBoxedStatexxx',
+ 'otp-token': '350876',
+ };
+ otpState = {
+ otpKey: 'CDBGB3U3B2ILECQORMINGGSZN7LXY565',
+ otpAttempt: 0,
+ otpInitiatedMs: 1710434052084,
+ };
+ sinon.stub(manager.mysteryBox, 'unpack').resolves(otpState);
+ });
+ it('covers success', async function () {
+ await manager._otpConfirm(dbCtx, ctx);
+ assert(manager.db.authenticationUpdateOTPKey.called);
+ assert(ctx.notifications.length);
+ assert(!ctx.errors.length);
+ });
+ it('covers bad state', async function () {
+ manager.mysteryBox.unpack.throws();
+ await manager._otpConfirm(dbCtx, ctx);
+ assert(ctx.errors.length);
+ assert(manager.db.authenticationUpdateOTPKey.notCalled);
+ });
+ it('covers no token entered', async function () {
+ ctx.parsedBody['otp-token'] = '';
+ await manager._otpConfirm(dbCtx, ctx);
+ assert(!ctx.errors.length);
+ assert(manager.db.authenticationUpdateOTPKey.notCalled);
+ });
+ it('covers bad token entered', async function () {
+ ctx.parsedBody['otp-token'] = '123456';
+ await manager._otpConfirm(dbCtx, ctx);
+ assert(ctx.errors.length);
+ assert(manager.db.authenticationUpdateOTPKey.notCalled);
+ });
+ it('covers db error', async function () {
+ manager.db.authenticationUpdateOTPKey.throws();
+ await manager._otpConfirm(dbCtx, ctx);
+ assert(ctx.errors.length);
+ });
+ }); // _otpConfirm
+
+ describe('_credentialUpdate', function () {
+ let dbCtx, authData;
+ beforeEach(function () {
+ ctx.parsedBody = {
+ 'credential-new': 'abc',
+ 'credential-new-2': 'abc',
+ 'credential-current': '123',
+ };
+ authData = {};
+ manager.authenticator._validateAuthDataCredential.resolves(true);
+ });
+ it('covers success', async function () {
+ await manager._credentialUpdate(dbCtx, ctx, authData);
+ assert(ctx.notifications.length);
+ assert(!ctx.errors.length);
+ });
+ it('covers invalid current password', async function () {
+ manager.authenticator._validateAuthDataCredential.resolves(false);
+ await manager._credentialUpdate(dbCtx, ctx, authData);
+ assert(!ctx.notifications.length);
+ assert(ctx.errors.length);
+ });
+ it('covers empty new password', async function () {
+ delete ctx.parsedBody['credential-new'];
+ manager.authenticator._validateAuthDataCredential.resolves(false);
+ await manager._credentialUpdate(dbCtx, ctx, authData);
+ assert(!ctx.notifications.length);
+ assert(ctx.errors.length);
+ });
+ it('covers mismatched new password', async function () {
+ ctx.parsedBody['credential-new'] = 'cde';
+ manager.authenticator._validateAuthDataCredential.resolves(false);
+ await manager._credentialUpdate(dbCtx, ctx, authData);
+ assert(!ctx.notifications.length);
+ assert(ctx.errors.length);
+ });
+ it('covers db failure', async function () {
+ manager.authenticator.updateCredential.throws();
+ await manager._credentialUpdate(dbCtx, ctx, authData);
+ assert(!ctx.notifications.length);
+ assert(ctx.errors.length);
+ assert(manager.logger.error.called);
+ });
+ }); // _credentialUpdate
+
+}); // SessionManager