Пример #1
0
        public async Task Token_Can_Be_Invalidated_After_Creation()
        {
            //Arrange
            var email         = CreateEmail();
            var userDto       = ObjectCreateHelper.MakeSimpleApiUserDto(email, true);
            var createdUserId = await HttpApi.CreateOdataUserAsync(userDto, OrganizationRole.User);

            var loginDto = ObjectCreateHelper.MakeSimpleLoginDto(email, _defaultPassword);
            var token    = await HttpApi.GetTokenAsync(loginDto);

            using (var requestResponse = await HttpApi.GetWithTokenAsync(TestEnvironment.CreateUrl("api/ItSystem/"), token.Token))
            {
                Assert.NotNull(requestResponse);
                Assert.Equal(HttpStatusCode.OK, requestResponse.StatusCode);
            };

            //Act
            await DisableApiAccessForUserAsync(userDto, createdUserId);

            //Assert
            using (var requestResponse = await HttpApi.GetWithTokenAsync(TestEnvironment.CreateUrl("api/ItSystem/"), token.Token))
            {
                Assert.NotNull(requestResponse);
                Assert.Equal(HttpStatusCode.Forbidden, requestResponse.StatusCode);
            };
            await HttpApi.DeleteUserAsync(createdUserId);
        }