Commit 3105d07e authored by Andy Soiron's avatar Andy Soiron

Merge branch '343061-remove-2fa-password-requirement-when-password-auth-disabled' into 'master'

Fix 2FA setup for LDAP users

See merge request gitlab-org/gitlab!73538
parents b090066a c29aca2e
...@@ -147,7 +147,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController ...@@ -147,7 +147,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end end
def current_password_required? def current_password_required?
!current_user.password_automatically_set? !current_user.password_automatically_set? && current_user.allow_password_authentication_for_web?
end end
def build_qr_code def build_qr_code
......
...@@ -62,6 +62,32 @@ RSpec.describe Profiles::TwoFactorAuthsController do ...@@ -62,6 +62,32 @@ RSpec.describe Profiles::TwoFactorAuthsController do
expect(flash[:alert]).to be_nil expect(flash[:alert]).to be_nil
end end
end end
context 'when password authentication is disabled' do
before do
stub_application_setting(password_authentication_enabled_for_web: false)
end
it 'does not require the current password', :aggregate_failures do
go
expect(response).not_to redirect_to(redirect_path)
expect(flash[:alert]).to be_nil
end
end
context 'when the user is an LDAP user' do
before do
allow(user).to receive(:ldap_user?).and_return(true)
end
it 'does not require the current password', :aggregate_failures do
go
expect(response).not_to redirect_to(redirect_path)
expect(flash[:alert]).to be_nil
end
end
end end
describe 'GET show' do describe 'GET show' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment