public void Only_Word_Owner_Can_Delete_Words_In_Collection()
{
// Get collection Id
var collectionId = 1;
// Spoof an authenticated user by generating a ClaimsPrincipal
var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.NameIdentifier, "FIREBASE_USER2"),
}, "TestAuthentication"));
// Spoof UserController
var controller = new WordController(_fakeUserRepo.Object, _fakeWordRepo.Object);
controller.ControllerContext = new ControllerContext(); // Required to create the controller
controller.ControllerContext.HttpContext = new DefaultHttpContext {
User = user
}; // Pretend the user is making a request to the controller
// Attempt to Get single word
var response = controller.DeleteAllWordsInCollection(collectionId);
// Returns Ok
Assert.IsType <BadRequestResult>(response);
_fakeWordRepo.Verify(r => r.DeleteAllWordsInCollection(It.IsAny <List <Word> >()), Times.Never());
}