public async Task Add_ShouldReturnForbiddenWhenNotAdmin()
{
// Get JWT from Auth0
var token = Auth0Helper.GetTestAccountToken();
var request = new HttpRequestMessage(HttpMethod.Post, "api/items/add");
request.Headers.Add("Authorization", $"Bearer {token}");
var requestData = new Item
{
Name = "Item1",
Description = "Description1",
Price = 9.99,
Quantity = 10
};
var content = new StringContent(JsonConvert.SerializeObject(requestData), Encoding.UTF8, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
}
public TransactionControllerTest(TestServerFixture testServerFixture) : base(testServerFixture)
{
AdminToken = Auth0Helper.GetAdminAccountToken();
TestToken = Auth0Helper.GetTestAccountToken();
Test2Token = Auth0Helper.GetTest2AccountToken();
}