public async Task GivenEmployeeAuth_WhenGetRequest_ThenReturnOkWithOwnLogs() { // Arrange var employeeAccount = _fixture.Context.Users.Last(); var employeeDetails = _fixture.Context.Employees.Where(m => m.IdentityId == employeeAccount.Id).First(); var admin = new LoginViewModel { UserName = employeeAccount.UserName, Password = DefaultAdmin.Password, }; // Act var request = new HttpRequestMessage(HttpMethod.Get, API_URL); await AuthExtensions.SetupRequestAuth(request, _fixture, admin); var response = await _fixture.Client.SendAsync(request); var result = await response.Content.ReadAsStringAsync(); var resultModel = JsonConvert.DeserializeObject <ListResponse <LogViewModel> >(result); // Assert response.EnsureSuccessStatusCode(); var totalList = _fixture.Context.Logs.Where(m => m.EmployeeId == employeeDetails.Id).Count(); Assert.Equal(totalList, resultModel.Meta.TotalItems); }
public async Task GivenValidAccountsPerRole_WhenPostChallenge_ThenReturnOk(string role) { // Arrange var userName = DefaultAdmin.UserName; if (role == "Employee") { var employee = _fixture.Context.Users.First(m => m.UserName != DefaultAdmin.UserName); userName = employee.UserName; } var credentials = new LoginViewModel { UserName = userName, Password = "******", }; // Act var request = new HttpRequestMessage(HttpMethod.Post, $"{API_URL}/challenge/{role}"); await AuthExtensions.SetupRequestAuth(request, _fixture, credentials); var response = await _fixture.Client.SendAsync(request); // Assert response.EnsureSuccessStatusCode(); }
public async Task GivenAuthByEmployee_WhenPutChangePasswordRequest_ThenReturnOk() { // Arrange const string NEW_PASSWORD = "******"; const string DEFAULT_PASSWORD = DefaultAdmin.Password; var model = _fixture.Context.Users.Last(); var viewModel = await Task.Run(() => JsonConvert.SerializeObject( new ChangePasswordViewModel { OldPassword = DEFAULT_PASSWORD, NewPassword = NEW_PASSWORD, } )); // Act var request = new HttpRequestMessage(HttpMethod.Put, $"{API_URL}/change-password"); request.Content = new StringContent(viewModel, Encoding.UTF8, "application/json"); // Send request as Employee await AuthExtensions.SetupRequestAuth( request, _fixture, new LoginViewModel { UserName = model.UserName, Password = DEFAULT_PASSWORD, } ); var response = await _fixture.Client.SendAsync(request); // Assert response.EnsureSuccessStatusCode(); var assertLogin = await AuthExtensions.GetJwt( _fixture, new LoginViewModel { UserName = model.UserName, Password = NEW_PASSWORD, } ); Assert.NotEmpty(assertLogin); }
public async Task GivenAuthAsEmployee_WhenRequestInAdminOnlyEndpoints_ThenReturnForbidden(HttpMethod method, string url) { // Arrange var employee = _fixture.Context.Users.First(m => m.UserName != DefaultAdmin.UserName); var credentials = new LoginViewModel { UserName = employee.UserName, Password = "******", }; // Act var request = new HttpRequestMessage(method, url); await AuthExtensions.SetupRequestAuth(request, _fixture, credentials); var response = await _fixture.Client.SendAsync(request); // Assert Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); }