public void CreateUser()
{
unitOfWork.Data = new MockData
{
Users = new List <User>
{
new User
{
id = 1,
email = "user",
customer_code = "c1",
Roles = new List <Role>
{
new Role {
id = Role.Admin
}
}
},
new User
{
id = 2,
username = "******",
Roles = new List <Role>
{
new Role {
id = Role.User
}
}
},
new User
{
id = 3,
username = "******",
customer_code = "c0",
Roles = new List <Role>
{
new Role {
id = Role.BranchAdmin
}
}
},
new User
{
id = 4,
username = "******",
customer_code = "c2",
Roles = new List <Role>
{
new Role {
id = Role.BranchAdmin
}
}
}
},
Customers = new List <Customer>
{
new Customer {
code = "c0"
},
new Customer {
code = "c1", invoice_customer = "c0"
},
new Customer {
code = "c2"
}
}
};
var user = new User
{
id = 0,
name = "name"
};
//Try as regular user
controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "2");
var result = controller.Create(user);
Assert.IsInstanceOfType(result, typeof(HttpResponseMessage));
var message = result as HttpResponseMessage;
Assert.AreEqual(HttpStatusCode.Unauthorized, message?.StatusCode);
//admin, should get validation error
controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "1");
result = controller.Create(user);
Assert.IsInstanceOfType(result, typeof(HttpResponseMessage));
message = result as HttpResponseMessage;
Assert.IsNotNull(message);
Assert.AreEqual(HttpStatusCode.BadRequest, message?.StatusCode);
var text = message.Content.ReadAsStringAsync().Result;
Assert.IsTrue(text.Contains("Name"));
//Duplicate email or username
user.lastname = "last";
user.email = "user"; //duplicate
user.username = "******";
user.customer_code = "c0";
result = controller.Create(user);
Assert.IsInstanceOfType(result, typeof(HttpResponseMessage));
message = result as HttpResponseMessage;
Assert.IsNotNull(message);
Assert.AreEqual(HttpStatusCode.BadRequest, message?.StatusCode);
text = message.Content.ReadAsStringAsync().Result;
Assert.IsTrue(text.Contains("already exists"));
//Customer doesn't exist
user.email = "email";
user.customer_code = "xxx";
result = controller.Create(user);
Assert.IsInstanceOfType(result, typeof(HttpResponseMessage));
message = result as HttpResponseMessage;
Assert.IsNotNull(message);
Assert.AreEqual(HttpStatusCode.BadRequest, message?.StatusCode);
text = message.Content.ReadAsStringAsync().Result;
Assert.IsTrue(text.Contains("No customer"));
//Customer not allowed
controller.Request.Headers.Authorization = new AuthenticationHeaderValue("jwt", "3");
user.customer_code = "c2";
result = controller.Create(user);
Assert.IsInstanceOfType(result, typeof(HttpResponseMessage));
message = result as HttpResponseMessage;
Assert.IsNotNull(message);
Assert.AreEqual(HttpStatusCode.BadRequest, message?.StatusCode);
text = message.Content.ReadAsStringAsync().Result;
Assert.IsTrue(text.Contains("You are not allowed to"));
//Correct
user.customer_code = "c0";
result = controller.Create(user);
Assert.IsNotNull(result);
Assert.IsNotInstanceOfType(result, typeof(HttpResponseMessage));
Assert.AreEqual(5, unitOfWork.Data.Users.Count);
Assert.IsTrue(unitOfWork.Saved);
string[] properties =
{
"id", "name", "address", "password", "email", "customer_code", "token", "isInternal", "lastname",
"lastLogin", "phone", "username"
};
CompareObjects(user, result, properties);
}
