bug: fix renable totpAllowed = true after disable

Signed-off-by: Sarah Funkhouser <[email protected]>
theopenlane · Jan 28, 2025 · 0507f1a · 0507f1a
1 parent d0b1069
commit 0507f1a
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/internal/ent/hooks/tfasettings.go b/internal/ent/hooks/tfasettings.go
@@ -94,8 +94,8 @@ func HookVerifyTFA() ent.Hook {
 			if ok && !totpAllowed {
 				// if TOTP is not allowed, clear the TFA settings
 				m.SetVerified(false)
-				m.SetRecoveryCodes(nil)
-				m.SetTfaSecret("")
+				m.ClearRecoveryCodes()
+				m.ClearTfaSecret()
 
 				// disable TFA on the user settings
 				if err := setUserTFASetting(ctx, m, false); err != nil {

diff --git a/internal/graphapi/tfasetting_test.go b/internal/graphapi/tfasetting_test.go
@@ -227,7 +227,7 @@ func (suite *GraphTestSuite) TestMutationUpdateTFASetting() {
 				TotpAllowed: lo.ToPtr(true),
 			},
 			client: suite.client.api,
-			ctx:    testUser2.UserCtx,
+			ctx:    testUser1.UserCtx,
 		},
 	}
 
@@ -272,6 +272,9 @@ func (suite *GraphTestSuite) TestMutationUpdateTFASetting() {
 			} else if !*tc.input.TotpAllowed { // settings were cleared
 				assert.Empty(t, resp.UpdateTFASetting.QRCode)
 				assert.Empty(t, resp.UpdateTFASetting.TfaSecret)
+				assert.Empty(t, resp.UpdateTFASetting.RecoveryCodes)
+				assert.False(t, resp.UpdateTFASetting.TfaSetting.Verified)
+				assert.False(t, *resp.UpdateTFASetting.TfaSetting.TotpAllowed)
 			}
 
 			// make sure user setting is updated correctly