public async Task Add_ShouldReturnForbiddenWhenNotAdmin()
        {
            // Get JWT from Auth0
            var token = Auth0Helper.GetTestAccountToken();

            var request = new HttpRequestMessage(HttpMethod.Post, "api/items/add");

            request.Headers.Add("Authorization", $"Bearer {token}");
            var requestData = new Item
            {
                Name        = "Item1",
                Description = "Description1",
                Price       = 9.99,
                Quantity    = 10
            };
            var content = new StringContent(JsonConvert.SerializeObject(requestData), Encoding.UTF8, "application/json");

            request.Content = content;

            var response = await client.SendAsync(request);

            Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
        }
Esempio n. 2
0
 public TransactionControllerTest(TestServerFixture testServerFixture) : base(testServerFixture)
 {
     AdminToken = Auth0Helper.GetAdminAccountToken();
     TestToken  = Auth0Helper.GetTestAccountToken();
     Test2Token = Auth0Helper.GetTest2AccountToken();
 }