public async Task GivenEmployeeAuth_WhenGetRequest_ThenReturnOkWithOwnLogs()
{
// Arrange
var employeeAccount = _fixture.Context.Users.Last();
var employeeDetails = _fixture.Context.Employees.Where(m => m.IdentityId == employeeAccount.Id).First();
var admin = new LoginViewModel
{
UserName = employeeAccount.UserName,
Password = DefaultAdmin.Password,
};
// Act
var request = new HttpRequestMessage(HttpMethod.Get, API_URL);
await AuthExtensions.SetupRequestAuth(request, _fixture, admin);
var response = await _fixture.Client.SendAsync(request);
var result = await response.Content.ReadAsStringAsync();
var resultModel = JsonConvert.DeserializeObject <ListResponse <LogViewModel> >(result);
// Assert
response.EnsureSuccessStatusCode();
var totalList = _fixture.Context.Logs.Where(m => m.EmployeeId == employeeDetails.Id).Count();
Assert.Equal(totalList, resultModel.Meta.TotalItems);
}
public async Task GivenValidAccountsPerRole_WhenPostChallenge_ThenReturnOk(string role)
{
// Arrange
var userName = DefaultAdmin.UserName;
if (role == "Employee")
{
var employee = _fixture.Context.Users.First(m => m.UserName != DefaultAdmin.UserName);
userName = employee.UserName;
}
var credentials = new LoginViewModel
{
UserName = userName,
Password = "******",
};
// Act
var request = new HttpRequestMessage(HttpMethod.Post, $"{API_URL}/challenge/{role}");
await AuthExtensions.SetupRequestAuth(request, _fixture, credentials);
var response = await _fixture.Client.SendAsync(request);
// Assert
response.EnsureSuccessStatusCode();
}
public async Task GivenAuthByEmployee_WhenPutChangePasswordRequest_ThenReturnOk()
{
// Arrange
const string NEW_PASSWORD = "******";
const string DEFAULT_PASSWORD = DefaultAdmin.Password;
var model = _fixture.Context.Users.Last();
var viewModel = await Task.Run(() => JsonConvert.SerializeObject(
new ChangePasswordViewModel
{
OldPassword = DEFAULT_PASSWORD,
NewPassword = NEW_PASSWORD,
}
));
// Act
var request = new HttpRequestMessage(HttpMethod.Put, $"{API_URL}/change-password");
request.Content = new StringContent(viewModel, Encoding.UTF8, "application/json");
// Send request as Employee
await AuthExtensions.SetupRequestAuth(
request,
_fixture,
new LoginViewModel
{
UserName = model.UserName,
Password = DEFAULT_PASSWORD,
}
);
var response = await _fixture.Client.SendAsync(request);
// Assert
response.EnsureSuccessStatusCode();
var assertLogin = await AuthExtensions.GetJwt(
_fixture,
new LoginViewModel
{
UserName = model.UserName,
Password = NEW_PASSWORD,
}
);
Assert.NotEmpty(assertLogin);
}
public async Task GivenAuthAsEmployee_WhenRequestInAdminOnlyEndpoints_ThenReturnForbidden(HttpMethod method, string url)
{
// Arrange
var employee = _fixture.Context.Users.First(m => m.UserName != DefaultAdmin.UserName);
var credentials = new LoginViewModel
{
UserName = employee.UserName,
Password = "******",
};
// Act
var request = new HttpRequestMessage(method, url);
await AuthExtensions.SetupRequestAuth(request, _fixture, credentials);
var response = await _fixture.Client.SendAsync(request);
// Assert
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
}
