public IActionResult AddUser(string token, User user) { var accessLevel = _authRepo.GetAccessType(token); if (accessLevel < AccessType.Admin) { return(Unauthorized()); } if (!ModelState.IsValid) { return(BadRequest()); } _userRepo.AddUser(user); return(Ok()); }
public void TestAccessLevelUnauthorized() { _authRepo.GetAccessType(string.Empty).Should().Be(AccessType.Basic); }