public void Delete_DeleteForbidden_ReturnsForbidden()
{
// Arrange
var readOnlyController = new AnyReadOnlyController(_repository, _logger);
string id = ObjectId.GenerateNewId().ToString();
// Act
var result = readOnlyController.Delete(id) as ObjectResult;
// Assert
result.Should().NotBeNull();
result.StatusCode.Should().Be(403);
A.CallTo(() => _repository.Remove(id)).MustNotHaveHappened();
}
public void Delete_DeleteForbidden_ReturnsForbidden()
{
// Arrange
var restrictedController = new AnyReadOnlyController(repository, logger);
int id = 1;
// Act
var result = restrictedController.Delete(id) as ObjectResult;
// Assert
result.Should().NotBeNull();
result.StatusCode.Should().Be(403);
A.CallTo(() => repository.Delete(id)).MustNotHaveHappened();
}
public void Create_CreateForbidden_ReturnsForbidden()
{
// Arrange
var readOnlyController = new AnyReadOnlyController(_repository, _logger);
var model = new AnyModel();
// Act
var result = readOnlyController.Create(model) as ObjectResult;
// Assert
result.Should().NotBeNull();
result.StatusCode.Should().Be(403);
A.CallTo(() => _repository.Create(model)).MustNotHaveHappened();
}
public void Create_CreateForbidden_ReturnsForbidden()
{
// Arrange
var restrictedController = new AnyReadOnlyController(repository, logger);
var entity = new AnyEntity();
// Act
var result = restrictedController.Create(entity) as ObjectResult;
// Assert
result.Should().NotBeNull();
result.StatusCode.Should().Be(403);
A.CallTo(() => repository.Create(entity)).MustNotHaveHappened();
}
