public void NonManagerUserCannotChangePasswordOfOtherUser()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
try
{
var newPassword = UserGenerator.GeneratePassword();
AssertStatusCode(
() => analystDataApiClient.ChangePassword(analyst2DataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.Unauthorized);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void UserCanChangeOwnPassword()
{
UserGenerator.RegisterAndLoginUserWithoutRoles(out var dataApiClient);
try
{
var newPassword = UserGenerator.GeneratePassword();
AssertStatusCode(
() => dataApiClient.ChangePassword(dataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.OK, "Change password");
AuthenticationResult authenticationResult = null;
AssertStatusCode(
() => authenticationResult = dataApiClient.Login(dataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.OK, "Login with new password");
Assert.That(authenticationResult.IsAuthenticated, Is.True);
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void CanRegisterLoginAndDeleteUser()
{
Assume.That(adminDataApiClient.IsAvailable(), "API not available");
var dataApiClient = new DataApiClient(ApiSetup.ApiConfiguration);
var username = UserGenerator.GenerateUsername();
var password = UserGenerator.GeneratePassword();
var email = $"{username}@example.org";
var firstName = "Jamie";
var lastName = "Doe";
Assert.That(() => dataApiClient.Register(username, firstName, lastName, password, email), Throws.Nothing);
AuthenticationResult authenticationResult = null;
Assert.That(() => authenticationResult = dataApiClient.Login(username, password), Throws.Nothing);
Assert.That(authenticationResult.IsAuthenticated, Is.True);
Assert.That(() => dataApiClient.DeleteUser(username), Throws.Nothing);
dataApiClient.Logout();
Assert.That(() => authenticationResult = dataApiClient.Login(username, password), Throws.Nothing);
Assert.That(authenticationResult.IsAuthenticated, Is.False);
}