public async Task DeleteAsync_RequestsDocDeletion()
{
// Before just removing the user docs from the database, first call IDocument<User>.DeleteAsync(). This way,
// clients can be notified of and handle the change. For example, redirecting a deleted user to a landing
// page.
var env = new TestEnvironment();
string curUserId = "user01";
string curUserSystemRole = SystemRole.User;
string userIdToDelete = "user01";
Assert.That(env.ContainsUser(userIdToDelete), Is.True);
// SUT
await env.Service.DeleteAsync(curUserId, curUserSystemRole, userIdToDelete);
Assert.That(env.ContainsUser(userIdToDelete), Is.False);
}
public async Task UpdateUserFromProfileAsync_NewUser()
{
var env = new TestEnvironment();
JObject userProfile = env.CreateUserProfile("user03", "auth03", env.IssuedAt);
await env.Service.UpdateUserFromProfileAsync("user03", userProfile.ToString());
Assert.That(env.ContainsUser("user03"), Is.True);
UserSecret userSecret = env.UserSecrets.Get("user03");
Assert.That(userSecret.ParatextTokens.RefreshToken, Is.EqualTo("new_refresh_token"));
}
public async Task DeleteAsync_SysAdminCanDeleteSelf()
{
var env = new TestEnvironment();
string curUserId = "user01";
string curUserSystemRole = SystemRole.SystemAdmin;
string userIdToDelete = "user01";
Assert.That(env.ContainsUser(userIdToDelete), Is.True);
// SUT
await env.Service.DeleteAsync(curUserId, curUserSystemRole, userIdToDelete);
Assert.That(env.RealtimeService.CallCountDeleteUserAsync, Is.EqualTo(1));
}
public void DeleteAsync_UserCannotDeleteAnotherUser()
{
var env = new TestEnvironment();
string curUserId = "user01";
// Role is not a system admin
string curUserSystemRole = SystemRole.User;
string userIdToDelete = "user02";
Assert.That(env.ContainsUser(userIdToDelete), Is.True);
// SUT
Assert.ThrowsAsync <ForbiddenException>(() =>
env.Service.DeleteAsync(curUserId, curUserSystemRole, userIdToDelete));
Assert.That(env.RealtimeService.CallCountDeleteUserAsync, Is.EqualTo(0));
}
