public async Task Token_Can_Be_Invalidated_After_Creation()
{
//Arrange
var email = CreateEmail();
var userDto = ObjectCreateHelper.MakeSimpleApiUserDto(email, true);
var createdUserId = await HttpApi.CreateOdataUserAsync(userDto, OrganizationRole.User);
var loginDto = ObjectCreateHelper.MakeSimpleLoginDto(email, _defaultPassword);
var token = await HttpApi.GetTokenAsync(loginDto);
using (var requestResponse = await HttpApi.GetWithTokenAsync(TestEnvironment.CreateUrl("api/ItSystem/"), token.Token))
{
Assert.NotNull(requestResponse);
Assert.Equal(HttpStatusCode.OK, requestResponse.StatusCode);
};
//Act
await DisableApiAccessForUserAsync(userDto, createdUserId);
//Assert
using (var requestResponse = await HttpApi.GetWithTokenAsync(TestEnvironment.CreateUrl("api/ItSystem/"), token.Token))
{
Assert.NotNull(requestResponse);
Assert.Equal(HttpStatusCode.Forbidden, requestResponse.StatusCode);
};
await HttpApi.DeleteUserAsync(createdUserId);
}
