diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py index 6f690be85..11a74420c 100644 --- a/tests/app/main/views/test_manage_users.py +++ b/tests/app/main/views/test_manage_users.py @@ -453,8 +453,11 @@ def test_invite_user_allows_to_choose_auth( service_one['permissions'].append('email_auth') page = client_request.get('main.invite_user', service_id=SERVICE_ONE_ID) - sms_auth_radio_button = page.select_one('input[value="sms_auth"]') - assert sms_auth_radio_button.has_attr("disabled") is False + radio_buttons = page.select("input[name=login_authentication]") + values = {button["value"] for button in radio_buttons} + + assert values == {'sms_auth', 'email_auth'} + assert not any(button.has_attr("disabled") for button in radio_buttons) def test_invite_user_has_correct_email_field( @@ -794,6 +797,48 @@ def test_edit_user_permissions_including_authentication_with_email_auth_service( ) +def test_edit_user_permissions_shows_authentication_for_email_auth_service( + client_request, + service_one, + mock_get_users_by_service, + mock_get_template_folders, + active_user_with_permissions, +): + service_one['permissions'].append('email_auth') + + page = client_request.get( + 'main.edit_user_permissions', + service_id=SERVICE_ONE_ID, + user_id=active_user_with_permissions['id'], + ) + + radio_buttons = page.select("input[name=login_authentication]") + values = {button["value"] for button in radio_buttons} + + assert values == {'sms_auth', 'email_auth'} + assert not any(button.has_attr("disabled") for button in radio_buttons) + + +def test_edit_user_permissions_hides_authentication_for_webauthn_user( + client_request, + service_one, + mock_get_users_by_service, + mock_get_template_folders, + active_user_with_permissions, +): + active_user_with_permissions['auth_type'] = 'webauthn_auth' + service_one['permissions'].append('email_auth') + + page = client_request.get( + 'main.edit_user_permissions', + service_id=SERVICE_ONE_ID, + user_id=active_user_with_permissions['id'], + ) + + assert 'This user will login with a security key' in str(page) + assert page.select_one('#login_authentication') is None + + @pytest.mark.parametrize('new_auth_type', ['sms_auth', 'email_auth']) def test_edit_user_permissions_preserves_auth_type_for_webauthn_user( client_request,