public IActionResult AddUser(string token, User user)
{
var accessLevel = _authRepo.GetAccessType(token);
if (accessLevel < AccessType.Admin)
{
return(Unauthorized());
}
if (!ModelState.IsValid)
{
return(BadRequest());
}
_userRepo.AddUser(user);
return(Ok());
}
public void TestAccessLevelUnauthorized()
{
_authRepo.GetAccessType(string.Empty).Should().Be(AccessType.Basic);
}
