[rubygems/rubygems] Enable mfa on specific keys during gem signin

https://github.com/rubygems/rubygems/commit/e787f7f655

3 files changed, 64 insertions, 4 deletions

diff --git a/test/rubygems/test_gem_commands_push_command.rb b/test/rubygems/test_gem_commands_push_command.rb
index fa3968ffce..e219ae170e 100644
--- a/test/rubygems/test_gem_commands_push_command.rb
+++ b/test/rubygems/test_gem_commands_push_command.rb
@@ -435,6 +435,7 @@ class TestGemCommandsPushCommand < Gem::TestCase
 
     response_mfa_enabled = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success     = 'Successfully registered gem: freewill (1.0.0)'
+    response_profile     = {"mfa" => "disabled"}.to_json
 
     @fetcher.data["#{@host}/api/v1/gems"] = [
       [response_success, 200, "OK"],
@@ -445,6 +446,10 @@ class TestGemCommandsPushCommand < Gem::TestCase
       ["", 200, "OK"],
     ]
 
+    @fetcher.data["#{@host}/api/v1/profile"] = [
+      [response_profile, 200, "OK"],
+    ]
+
     @cmd.instance_variable_set :@scope, :push_rubygem
     @cmd.options[:args] = [@path]
     @cmd.options[:host] = @host
diff --git a/test/rubygems/test_gem_commands_signin_command.rb b/test/rubygems/test_gem_commands_signin_command.rb
index 0f856a53ba..b1493fb137 100644
--- a/test/rubygems/test_gem_commands_signin_command.rb
+++ b/test/rubygems/test_gem_commands_signin_command.rb
@@ -105,18 +105,71 @@ class TestGemCommandsSigninCommand < Gem::TestCase
     assert_equal api_key, credentials[:rubygems_api_key]
   end
 
+  def test_execute_with_key_name_scope_and_mfa
+    email     = 'you@example.com'
+    password  = 'secret'
+    api_key   = '1234'
+    fetcher   = Gem::RemoteFetcher.fetcher
+
+    key_name_ui = Gem::MockGemUi.new "#{email}\n#{password}\ntest-key\n\ny\n\n\n\n\n\ny"
+    util_capture_with_mfa_enabled(key_name_ui, nil, api_key, fetcher) { @cmd.execute }
+
+    user = ENV["USER"] || ENV["USERNAME"]
+
+    assert_match "API Key name [#{Socket.gethostname}-#{user}", key_name_ui.output
+    assert_match "index_rubygems [y/N]", key_name_ui.output
+    assert_match "push_rubygem [y/N]", key_name_ui.output
+    assert_match "yank_rubygem [y/N]", key_name_ui.output
+    assert_match "add_owner [y/N]", key_name_ui.output
+    assert_match "remove_owner [y/N]", key_name_ui.output
+    assert_match "access_webhooks [y/N]", key_name_ui.output
+    assert_match "show_dashboard [y/N]", key_name_ui.output
+    assert_match "Would you like to enable MFA for this key? [y/N]", key_name_ui.output
+    assert_equal "name=test-key&push_rubygem=true&mfa=true", fetcher.last_request.body
+
+    credentials = load_yaml_file Gem.configuration.credentials_path
+    assert_equal api_key, credentials[:rubygems_api_key]
+  end
+
   # Utility method to capture IO/UI within the block passed
 
   def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new)
-    api_key ||= 'a5fdbb6ba150cbb83aad2bb2fede64cf040453903'
-    response  = [api_key, 200, 'OK']
-    email     = 'you@example.com'
-    password  = 'secret'
+    api_key        ||= 'a5fdbb6ba150cbb83aad2bb2fede64cf040453903'
+    response         = [api_key, 200, 'OK']
+    profile_response =[{"mfa" => "disabled"}.to_json, 200, 'OK']
+    email            = 'you@example.com'
+    password         = 'secret'
+
+    # Set the expected response for the Web-API supplied
+    ENV['RUBYGEMS_HOST']       = host || Gem::DEFAULT_HOST
+    data_key                   = "#{ENV['RUBYGEMS_HOST']}/api/v1/api_key"
+    fetcher.data[data_key]     = response
+    profile                    = "#{ENV['RUBYGEMS_HOST']}/api/v1/profile"
+    fetcher.data[profile]      = profile_response
+    Gem::RemoteFetcher.fetcher = fetcher
+
+    sign_in_ui = ui_stub || Gem::MockGemUi.new("#{email}\n#{password}\n\n\n\n\n\n\n\n\n")
+
+    use_ui sign_in_ui do
+      yield
+    end
+
+    sign_in_ui
+  end
+
+  def util_capture_with_mfa_enabled(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new)
+    api_key        ||= 'a5fdbb6ba150cbb83aad2bb2fede64cf040453903'
+    response         = [api_key, 200, 'OK']
+    profile_response =[{"mfa" => "ui_only"}.to_json, 200, 'OK']
+    email            = 'you@example.com'
+    password         = 'secret'
 
     # Set the expected response for the Web-API supplied
     ENV['RUBYGEMS_HOST']       = host || Gem::DEFAULT_HOST
     data_key                   = "#{ENV['RUBYGEMS_HOST']}/api/v1/api_key"
     fetcher.data[data_key]     = response
+    profile                    = "#{ENV['RUBYGEMS_HOST']}/api/v1/profile"
+    fetcher.data[profile]      = profile_response
     Gem::RemoteFetcher.fetcher = fetcher
 
     sign_in_ui = ui_stub || Gem::MockGemUi.new("#{email}\n#{password}\n\n\n\n\n\n\n\n\n")
diff --git a/test/rubygems/test_gem_gemcutter_utilities.rb b/test/rubygems/test_gem_gemcutter_utilities.rb
index 0bcd1504e9..6eebea6ca7 100644
--- a/test/rubygems/test_gem_gemcutter_utilities.rb
+++ b/test/rubygems/test_gem_gemcutter_utilities.rb
@@ -229,6 +229,7 @@ class TestGemGemcutterUtilities < Gem::TestCase
   def util_sign_in(response, host = nil, args = [], extra_input = '')
     email    = 'you@example.com'
     password = 'secret'
+    profile_response =[{"mfa" => "disabled"}.to_json, 200, 'OK']
 
     if host
       ENV['RUBYGEMS_HOST'] = host
@@ -238,6 +239,7 @@ class TestGemGemcutterUtilities < Gem::TestCase
 
     @fetcher = Gem::FakeFetcher.new
     @fetcher.data["#{host}/api/v1/api_key"] = response
+    @fetcher.data["#{host}/api/v1/profile"] = profile_response
     Gem::RemoteFetcher.fetcher = @fetcher
 
     @sign_in_ui = Gem::MockGemUi.new("#{email}\n#{password}\n\n\n\n\n\n\n\n\n" + extra_input)