4648

2026-02-24 08:51:11 -08:00
parent 13b3aed088
commit 17c647b4cd
19 changed files with 209 additions and 196 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@@ -0,0 +1,7 @@
 {
  "permissions": {
    "allow": [
      "Bash(dotnet test:*)"
    ]
  }
 }
--- a/Attachments/AttachmentTest.cs
+++ b/Attachments/AttachmentTest.cs
@@ -29,7 +29,7 @@ namespace raven_integration
            d.active = true;
            d.login = UniqueName;
            d.password = UniqueName;
-            d.roles = 2;//bizadminfull needs widget rights          
+            d.roles = 2;//BizAdmin needs widget rights          
            d.userType = 3;//non scheduleable
            //Required by form custom rules
@@ -131,8 +131,8 @@ namespace raven_integration
            file1.Headers.ContentDisposition.FileName = "test.png";
            formDataContent.Add(file1);
-            //ERROR CONDITION: BizAdminLimited user should not be able to attach a file to a widget
+            //ERROR CONDITION: BizAdminRestricted user should not be able to attach a file to a widget
-            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("BizAdminLimited"));
+            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("BizAdminRestricted"));
            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
@@ -159,7 +159,7 @@ namespace raven_integration
            file1.Headers.ContentDisposition = new ContentDispositionHeaderValue("form-data");
            file1.Headers.ContentDisposition.FileName = "test.png";
            formDataContent.Add(file1);
-            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("InventoryFull"));
+            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("Inventory"));
            //2203 unattachable object
            Util.ValidateErrorCodeResponse(a, 2203, 400);
@@ -186,7 +186,7 @@ namespace raven_integration
            file1.Headers.ContentDisposition = new ContentDispositionHeaderValue("form-data");
            file1.Headers.ContentDisposition.FileName = "test.png";
            formDataContent.Add(file1);
-            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("InventoryFull"));
+            ApiResponse a = await Util.PostFormDataAsync("attachment", formDataContent, await Util.GetTokenAsync("Inventory"));
            //2203 invalid attachment object
            Util.ValidateErrorCodeResponse(a, 2203, 400);
--- a/CredRepo.cs
+++ b/CredRepo.cs
@@ -22,6 +22,8 @@ namespace raven_integration
                    creds.login = login;
                    creds.password = password;
                    ApiResponse a = await Util.PostAsync("auth", null, creds.ToString());
                    if (a.ObjectResponse?["data"] == null)
                        throw new Exception($"Auth failed for '{login}' (HTTP {a.HttpResponse.StatusCode}): {a.ObjectResponse?.ToString() ?? "(no body)"}");
                    authDict[login] = a.ObjectResponse["data"]["token"].Value<string>();
                }
                return authDict[login];
--- a/DataList/DataListFiltering.cs
+++ b/DataList/DataListFiltering.cs
@@ -162,10 +162,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
@@ -250,10 +250,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -339,10 +339,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -422,10 +422,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -504,10 +504,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -586,10 +586,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -703,10 +703,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -810,7 +810,7 @@ same as the server does but in a central location here for all tests to use.
-                    a = await Util, await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+                    a = await Util, await Util.GetTokenAsync("BizAdmin"), d.ToString());
                    Util.ValidateDataReturnResponseOk(a);
                    long DataFilterId = a.ObjectResponse["data"]["id"].Value<long>();
@@ -839,15 +839,15 @@ same as the server does but in a central location here for all tests to use.
                    ExclusiveMatchCount.Should().Be(0);
                    //DELETE WIDGETS
-                    a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                    a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
                    Util.ValidateHTTPStatusCode(a, 204);
-                    a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                    a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
                    Util.ValidateHTTPStatusCode(a, 204);
                    //DELETE DATAFILTER
-                    a = await Util.DeleteAsync("DataListFilter/" + DataFilterId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                    a = await Util.DeleteAsync("DataListFilter/" + DataFilterId.ToString(), await Util.GetTokenAsync("BizAdmin"));
                    Util.ValidateHTTPStatusCode(a, 204);
                }
@@ -961,13 +961,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1066,13 +1066,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1170,13 +1170,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1273,13 +1273,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1377,13 +1377,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1480,13 +1480,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1583,13 +1583,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1687,13 +1687,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1789,13 +1789,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1891,13 +1891,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -1992,13 +1992,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -2095,13 +2095,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
@@ -2200,13 +2200,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
@@ -2299,10 +2299,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2379,10 +2379,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2459,10 +2459,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2541,10 +2541,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2622,10 +2622,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2703,10 +2703,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -2817,13 +2817,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in ActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in NotActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -2928,13 +2928,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in ActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in NotActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
@@ -3021,10 +3021,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3102,10 +3102,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3183,10 +3183,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3266,10 +3266,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3348,10 +3348,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3431,10 +3431,10 @@ same as the server does but in a central location here for all tests to use.
            ExclusiveMatchCount.Should().Be(0);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
-            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + ExcludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -3566,13 +3566,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -3688,13 +3688,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in InclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in ExclusiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -3747,7 +3747,7 @@ same as the server does but in a central location here for all tests to use.
            // v[0]["v"].Value<long>()
            //DELETE WIDGET
-            a = await Util.DeleteAsync("widget/" + Id.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + Id.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
@@ -3866,13 +3866,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in NullInCountWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in NotNullInCountWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
@@ -3975,13 +3975,13 @@ same as the server does but in a central location here for all tests to use.
            //DELETE WIDGETS
            foreach (long l in NullInCountWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in NotNullInCountWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
--- a/DataList/DataListRights.cs
+++ b/DataList/DataListRights.cs
@@ -19,8 +19,8 @@ namespace raven_integration
            /*
            "{\"error\":{\"code\":\"2004\",\"message\":\"User not authorized for this resource operation (insufficient rights)\"}}"
            */
-            //ApiResponse a = await Util.GetAsync("data-list/list?DataListKey=TestWidgetDataList&Offset=0&Limit=3", await Util.GetTokenAsync("CustomerLimited"));
+            //ApiResponse a = await Util.GetAsync("data-list/list?DataListKey=TestWidgetDataList&Offset=0&Limit=3", await Util.GetTokenAsync("CustomerRestricted"));
-            ApiResponse a = await Util.PostAsync($"data-list", await Util.GetTokenAsync("CustomerLimited"), Util.BuildDataListRequestEx());
+            ApiResponse a = await Util.PostAsync($"data-list", await Util.GetTokenAsync("CustomerRestricted"), Util.BuildDataListRequestEx());
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }
--- a/DataList/DataListViewCrud.cs
+++ b/DataList/DataListViewCrud.cs
@@ -35,7 +35,7 @@ namespace raven_integration
              dListView.Add(Util.BuildSimpleFilterDataListViewColumn("widgetname", Util.OpStartsWith, "Generic"));
              d.listView=dListView.ToString(Newtonsoft.Json.Formatting.None);
-            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateDataReturnResponseOk(a);
            long Id = a.ObjectResponse["data"]["id"].Value<long>();
@@ -43,12 +43,12 @@ namespace raven_integration
            //RETRIEVE           
            //Get one
-            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            a.ObjectResponse["data"]["name"].Value<string>().Should().StartWith("Test DataListView");
            //Get as alternate user should work for public filter
-            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("SubContractorLimited"));
+            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("SubContractorRestricted"));
            Util.ValidateDataReturnResponseOk(a);
            a.ObjectResponse["data"]["name"].Value<string>().Should().StartWith("Test DataListView");
@@ -59,22 +59,22 @@ namespace raven_integration
            d["public"] = false;
            d.name = Util.Uniquify("Put - Test DataListView (privatized)");
            d.concurrency = a.ObjectResponse["data"]["concurrency"].Value<uint>();
-            a = await Util.PutAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            a = await Util.PutAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdmin"), d.ToString());
            Util.ValidateHTTPStatusCode(a, 200);
            //check PUT worked
-            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateNoErrorInResponse(a);
            a.ObjectResponse["data"]["name"].Value<string>().Should().Be(d.name.ToString());
            //FETCH DISALLOWED
            //Get as alternate user should fail for private filter
-            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("SubContractorLimited"));
+            a = await Util.GetAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("SubContractorRestricted"));
            Util.ValidateResponseNotFound(a);
            // //DELETE
-            ApiResponse DELETETestResponse = await Util.DeleteAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse DELETETestResponse = await Util.DeleteAsync("data-list-view/" + Id.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(DELETETestResponse, 204);
        }
@@ -102,7 +102,7 @@ namespace raven_integration
            // d.filter = dfilter.ToString();//it expects it to be a json string, not actual json
-            // ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            // ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString());
             dynamic dListView = new JArray();
            // dynamic df = new JObject();
@@ -114,7 +114,7 @@ namespace raven_integration
              dListView.Add(Util.BuildSimpleFilterDataListViewColumn("widgetname", Util.OpStartsWith, "Generic"));
              d.listView=dListView.ToString(Newtonsoft.Json.Formatting.None);
-            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "ListKey", "2203");
@@ -144,7 +144,7 @@ namespace raven_integration
            // d.filter = dfilter.ToString();//it expects it to be a json string, not actual json
-            // ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            // ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString());
             dynamic dListView = new JArray();
            // dynamic df = new JObject();
            // df.fld = "widgetname";
@@ -155,7 +155,7 @@ namespace raven_integration
              dListView.Add(Util.BuildSimpleFilterDataListViewColumn("doesntexist", Util.OpStartsWith, "Generic"));
              d.listView=dListView.ToString(Newtonsoft.Json.Formatting.None);
-            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "ListView", "2203");
@@ -188,7 +188,7 @@ namespace raven_integration
        //     d.filter = dfilter.ToString();//it expects it to be a json string, not actual json
-        //     ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+        //     ApiResponse a = await Util.PostAsync("data-list-view", await Util.GetTokenAsync("BizAdmin"), d.ToString());
        //     Util.ValidateErrorCodeResponse(a, 2200, 400);
        //     Util.ShouldContainValidationError(a, "Filter", "2203");
--- a/EventLog/EventLog.cs
+++ b/EventLog/EventLog.cs
@@ -34,11 +34,11 @@ namespace raven_integration
            w.usertype = 1;
            //*** CREATED
-            ApiResponse r2 = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), w.ToString());
+            ApiResponse r2 = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), w.ToString());
            Util.ValidateDataReturnResponseOk(r2);
            long w2Id = r2.ObjectResponse["data"]["id"].Value<long>();
-            ApiResponse EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(EventLogResponse, 200);
            ((JArray)EventLogResponse.ObjectResponse["data"]["events"]).Count.Should().Be(1);//only one event so far
@@ -52,13 +52,13 @@ namespace raven_integration
            //*** RETRIEVED
            //Get one
-            ApiResponse r3 = await Util.GetAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("InventoryFull"));
+            ApiResponse r3 = await Util.GetAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("Inventory"));
            Util.ValidateDataReturnResponseOk(r3);
            r3.ObjectResponse["data"]["name"].Value<string>().Should().Be(w.name.ToString());
            w = r3.ObjectResponse["data"];
-            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdminFull"));
+            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(EventLogResponse, 200);
            //confirm event count, type and sort order (descending by date most recent first)
            ((JArray)EventLogResponse.ObjectResponse["data"]["events"]).Count.Should().Be(2);
@@ -73,17 +73,17 @@ namespace raven_integration
            w.name = Util.Uniquify("UPDATED VIA PUT EVENTLOG TEST WIDGET");
            w.UserId = 1;
            w.concurrency = r2.ObjectResponse["data"]["concurrency"].Value<uint>();
-            ApiResponse PUTTestResponse = await Util.PutAsync("widget", await Util.GetTokenAsync("InventoryFull"), w.ToString());
+            ApiResponse PUTTestResponse = await Util.PutAsync("widget", await Util.GetTokenAsync("Inventory"), w.ToString());
            Util.ValidateHTTPStatusCode(PUTTestResponse, 200);
            //*** RETRIEVED
            //check PUT worked
-            ApiResponse checkPUTWorked = await Util.GetAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("InventoryFull"));
+            ApiResponse checkPUTWorked = await Util.GetAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("Inventory"));
            Util.ValidateNoErrorInResponse(checkPUTWorked);
            checkPUTWorked.ObjectResponse["data"]["name"].Value<string>().Should().Be(w.name.ToString());
            uint concurrency = PUTTestResponse.ObjectResponse["data"]["concurrency"].Value<uint>();
-            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdminFull"));
+            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(EventLogResponse, 200);
            ((JArray)EventLogResponse.ObjectResponse["data"]["events"]).Count.Should().Be(4);
            //put op is the second item in the list, top item is the recent fetch
@@ -94,18 +94,18 @@ namespace raven_integration
            //Check user log for basic accessibility userlog?UserId=7
-            EventLogResponse = await Util.GetAsync($"event-log/userlog?UserId={CurrentUserId}", await Util.GetTokenAsync("BizAdminFull"));
+            EventLogResponse = await Util.GetAsync($"event-log/userlog?UserId={CurrentUserId}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(EventLogResponse, 200);
            ((JArray)EventLogResponse.ObjectResponse["data"]["events"]).Count.Should().BeGreaterOrEqualTo(4);//just one run of the above will be 4 events plus any others from other tests
            //Not sure of any easy way to assert the User log is correct other than the count as other tests running concurrently could easily skew this
            //DELETE
-            ApiResponse DELETETestResponse = await Util.DeleteAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("InventoryFull"));
+            ApiResponse DELETETestResponse = await Util.DeleteAsync("widget/" + w2Id.ToString(), await Util.GetTokenAsync("Inventory"));
            Util.ValidateHTTPStatusCode(DELETETestResponse, 204);
            //All events should be cleared up on deletion with the sole exception of the deleted event
-            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdminFull"));
+            EventLogResponse = await Util.GetAsync($"event-log/objectlog?AyaType=2&AyId={w2Id}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(EventLogResponse, 200);
            ((JArray)EventLogResponse.ObjectResponse["data"]["events"]).Count.Should().Be(1);
            EventLogResponse.ObjectResponse["data"]["events"][0]["date"].Value<DateTime>().Should().BeLessThan(new TimeSpan(1, 0, 0)).Before(DateTime.UtcNow);//should be less than one hour before now
@@ -123,7 +123,7 @@ namespace raven_integration
        public async Task UserLogWorks()
        {
            //get admin log, sb lots of shit
-            ApiResponse a = await Util.GetAsync($"event-log/userlog?UserId=1&Offset=0&Limit=999", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync($"event-log/userlog?UserId=1&Offset=0&Limit=999", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            ((JArray)a.ObjectResponse["data"]["events"]).Count.Should().BeGreaterThan(90);
        }
@@ -145,7 +145,7 @@ namespace raven_integration
            d.active = true;
            d.login = UniqueName;
            d.password = UniqueName;
-            d.roles = 2;//bizadminfull needs widget rights          
+            d.roles = 2;//BizAdmin needs widget rights          
            d.userType = 3;//non scheduleable
            //Required by form custom rules
@@ -171,7 +171,7 @@ namespace raven_integration
                Util.ValidateDataReturnResponseOk(a);
            }
-            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=0&Limit=9", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=0&Limit=9", await Util.GetTokenAsync("BizAdmin"));
            ((JArray)a.ObjectResponse["data"]["events"]).Count.Should().Be(9);
            //capture events, then compare to paged ones
            var eventList = ((JArray)a.ObjectResponse["data"]["events"]);
@@ -183,7 +183,7 @@ namespace raven_integration
                );
            }
-            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=0&Limit=3", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=0&Limit=3", await Util.GetTokenAsync("BizAdmin"));
            ((JArray)a.ObjectResponse["data"]["events"]).Count.Should().Be(3);
            var pageEventList = ((JArray)a.ObjectResponse["data"]["events"]);
            foreach (JObject o in pageEventList)
@@ -193,7 +193,7 @@ namespace raven_integration
                );
            }
-            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=1&Limit=3", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=1&Limit=3", await Util.GetTokenAsync("BizAdmin"));
            ((JArray)a.ObjectResponse["data"]["events"]).Count.Should().Be(3);
            pageEventList = ((JArray)a.ObjectResponse["data"]["events"]);
            foreach (JObject o in pageEventList)
@@ -204,7 +204,7 @@ namespace raven_integration
            }
-            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=2&Limit=3", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"event-log/userlog?UserId={UserId}&Offset=2&Limit=3", await Util.GetTokenAsync("BizAdmin"));
            ((JArray)a.ObjectResponse["data"]["events"]).Count.Should().Be(3);
            pageEventList = ((JArray)a.ObjectResponse["data"]["events"]);
            foreach (JObject o in pageEventList)
--- a/FormCustom/FormCustom.cs
+++ b/FormCustom/FormCustom.cs
@@ -69,23 +69,23 @@ namespace raven_integration
            //RETRIEVE           
            //Get the current one (server will create if non-existent)
-            ApiResponse a = await Util.GetAsync("form-custom/User", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-custom/User", await Util.GetTokenAsync("BizAdmin"));
            //Update
            d.concurrency = a.ObjectResponse["data"]["concurrency"].Value<uint>();
-            a = await Util.PutAsync("form-custom/User", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            a = await Util.PutAsync("form-custom/User", await Util.GetTokenAsync("BizAdmin"), d.ToString());
            Util.ValidateHTTPStatusCode(a, 200);
            //check the concurrency token cache scheme
            uint token = a.ObjectResponse["data"]["concurrency"].Value<uint>();
            //This should return a 304 not modified
-            a = await Util.GetAsync($"form-custom/User?concurrency={token}", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"form-custom/User?concurrency={token}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 304);
            //and this should return the whole object
            token--;//make the token not match
            //This should return a 200 and the whole object
-            a = await Util.GetAsync($"form-custom/User?concurrency={token}", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync($"form-custom/User?concurrency={token}", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
        }
@@ -153,11 +153,11 @@ namespace raven_integration
            //RETRIEVE           
            //Get the current one (server will create if non-existent)
-            ApiResponse a = await Util.GetAsync("form-custom/User", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-custom/User", await Util.GetTokenAsync("BizAdmin"));
            //Update
            d.concurrency = a.ObjectResponse["data"]["concurrency"].Value<uint>();
-            a = await Util.PutAsync("form-custom/User", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            a = await Util.PutAsync("form-custom/User", await Util.GetTokenAsync("BizAdmin"), d.ToString());
            Util.ValidateHTTPStatusCode(a, 400);
            Util.ShouldContainValidationError(a, "Template", "2201", "Template array item 0, \"fld\" property exists but is empty, a value is required");
            Util.ShouldContainValidationError(a, "Template", "2203", "Template array item 0, fld property value \"\" is not a valid form field value for formKey specified");
@@ -189,7 +189,7 @@ namespace raven_integration
        [Fact]
        public async Task InvalidObjectFieldsFormKeyShouldFail()
        {
-            ApiResponse a = await Util.GetAsync("form-field-definition/nonexistent", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-field-definition/nonexistent", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateErrorCodeResponse(a, 2010, 404);
        }
@@ -200,7 +200,7 @@ namespace raven_integration
        [Fact]
        public async Task ObjectFieldsWorks()
        {
-            ApiResponse a = await Util.GetAsync("form-field-definition/Widget", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-field-definition/Widget", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            ((JArray)a.ObjectResponse["data"]).Count.Should().BeGreaterThan(25);
        }
@@ -212,7 +212,7 @@ namespace raven_integration
        [Fact]
        public async Task AvailableCustomizableFormKeysWorks()
        {
-            ApiResponse a = await Util.GetAsync("form-custom/availablecustomizableformkeys", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-custom/availablecustomizableformkeys", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            ((JArray)a.ObjectResponse["data"]).Count.Should().BeGreaterThan(1);//is 2 as of writing (widget,user)
        }
@@ -225,7 +225,7 @@ namespace raven_integration
        [Fact]
        public async Task AvailableCustomTypesWorks()
        {
-            ApiResponse a = await Util.GetAsync("form-custom/availablecustomtypes", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("form-custom/availablecustomtypes", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            ((JArray)a.ObjectResponse["data"]).Count.Should().BeGreaterThan(4);
        }
--- a/Global/GlobalAll.cs
+++ b/Global/GlobalAll.cs
@@ -14,12 +14,12 @@ namespace raven_integration
            //excercise the fetch and update routes but no actual changes because making a change of any kind to global will likely break other tests
            //and we just need to see the routes are active really
-            ApiResponse a = await Util.GetAsync("global-biz-setting", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("global-biz-setting", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            a.ObjectResponse["data"]["searchCaseSensitiveOnly"].Should().NotBeNull();
            var g = a.ObjectResponse["data"];        
-            a = await Util.PutAsync("global-biz-setting", await Util.GetTokenAsync("BizAdminFull"), g.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PutAsync("global-biz-setting", await Util.GetTokenAsync("BizAdmin"), g.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateHTTPStatusCode(a, 200); 
        }
--- a/LogFiles/LogFiles.cs
+++ b/LogFiles/LogFiles.cs
@@ -15,7 +15,7 @@ namespace raven_integration
        [Fact]
        public async Task MostRecentLogShouldFetch()
        {
-            ApiTextResponse t = await Util.GetTextResultAsync("log-file/log-ayanova.txt", await Util.GetTokenAsync("OpsAdminFull"));
+            ApiTextResponse t = await Util.GetTextResultAsync("log-file/log-ayanova.txt", await Util.GetTokenAsync("OpsAdmin"));
            Util.ValidateHTTPStatusCode(t, 200);
            string[] ExpectedLogItems = {"|INFO|","|ERROR|","|FATAL|", "|WARN|"};//assumes any log will have at least one of these items in it
            t.TextResponse.Should().ContainAny(ExpectedLogItems);
--- a/Metrics/Metrics.cs
+++ b/Metrics/Metrics.cs
@@ -44,11 +44,11 @@ namespace raven_integration
-            ApiResponse a = await Util.GetAsync($"server-metric/memcpu?tsStart={tsStart}&tsEnd={tsEnd}", await Util.GetTokenAsync("OpsAdminFull"));
+            ApiResponse a = await Util.GetAsync($"server-metric/memcpu?tsStart={tsStart}&tsEnd={tsEnd}", await Util.GetTokenAsync("OpsAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            a.ObjectResponse["data"].Should().NotBeNull();//can't get more detailed as there might not be any data here to see
-            a = await Util.GetAsync($"server-metric/storage?tsStart={tsStart}&tsEnd={tsEnd}", await Util.GetTokenAsync("OpsAdminFull"));
+            a = await Util.GetAsync($"server-metric/storage?tsStart={tsStart}&tsEnd={tsEnd}", await Util.GetTokenAsync("OpsAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            a.ObjectResponse["data"].Should().NotBeNull();//can't get more detailed as there might not be any data here to see
--- a/PickList/PickListAllTests.cs
+++ b/PickList/PickListAllTests.cs
@@ -33,13 +33,13 @@ namespace raven_integration
            d.Template = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
            //replace the User template at the server
-            ApiResponse a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            ApiResponse a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateHTTPStatusCode(a, 204);
            //RETRIEVE           
            //Get one
-            a = await Util.GetAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains ONE record ONLY and it's the one we set
            var templateArray = JArray.Parse(a.ObjectResponse["data"]["template"].Value<string>());
@@ -85,7 +85,7 @@ namespace raven_integration
            //GET PICKLIST FOR unique phrase query sb only employee number due to custom template
-            a = await Util.GetAsync("pick-list/list?ayaType=3&query=" + UniquePhrase, await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=3&query=" + UniquePhrase, await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            var pickList = ((JArray)a.ObjectResponse["data"]);
            pickList.Count.Should().Be(1);
@@ -101,11 +101,11 @@ namespace raven_integration
            d.Template = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
            //replace the User template at the server
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateHTTPStatusCode(a, 204);
            //GET PICKLIST FOR unique phrase query sb only user name field due to custom template
-            a = await Util.GetAsync("pick-list/list?ayaType=3&query=" + UniquePhrase, await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=3&query=" + UniquePhrase, await Util.GetTokenAsync("BizAdmin"));
            //"select auser.id as plId, auser.active as plActive, concat_ws(' ', auser.name) as plname from auser where auser.active = true and ((auser.name like '%pick1584556347748%')) order by auser.name limit 100"
            Util.ValidateDataReturnResponseOk(a);
            pickList = ((JArray)a.ObjectResponse["data"]);
@@ -121,12 +121,12 @@ namespace raven_integration
            // RESET TEMPLATE TO DEFAULT
-            a = await Util.DeleteAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
            //RETRIEVE (Confirm it's back to default)
            //Get one
-            a = await Util.GetAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/template/3/", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains default template record ONLY and it's the one we set
            templateArray = JArray.Parse(a.ObjectResponse["data"]["template"].Value<string>());
@@ -144,7 +144,7 @@ namespace raven_integration
            df.fld = "DOES_NOT_EXIST";//<-- ERROR BAD FIELD NAME
            dTemplateArray.Add(df);
            d.Template = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            //"{\"error\":{\"code\":\"2200\",\"details\":[{\"message\":\"Template array item 0, fld property value \\\"DOES_NOT_EXIST\\\" is not a valid value for AyaType specified\",\"target\":\"Template\",\"error\":\"2203\"}],\"message\":\"Object did not pass validation\"}}"
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "Template", "2203");
@@ -159,13 +159,13 @@ namespace raven_integration
            dTemplateArray.Add(df);
            d.Template = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
            //replace the User template at the server
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            //"{\"error\":{\"code\":\"2200\",\"details\":[{\"message\":\"Template array item 0, fld property value \\\"DOES_NOT_EXIST\\\" is not a valid value for AyaType specified\",\"target\":\"Template\",\"error\":\"2203\"}],\"message\":\"Object did not pass validation\"}}"
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "ayaType", "2203");
            //RIGHTS ISSUE, 
-            //currently only bizadminfull can change a picklist template
+            //currently only BizAdmin can change a picklist template
            d = new JObject();
            d.Id = 3;//User
            //template, simple test, nothing fancy
@@ -175,7 +175,7 @@ namespace raven_integration
            dTemplateArray.Add(df);
            d.Template = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
            //ERROR NO RIGHTS USER
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("CustomerLimited"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("CustomerRestricted"), d.ToString(Newtonsoft.Json.Formatting.None));
            //"{\"error\":{\"code\":\"2004\",\"message\":\"User not authorized for this resource operation (insufficient rights)\"}}"
            Util.ValidateErrorCodeResponse(a, 2004, 403);
@@ -183,7 +183,7 @@ namespace raven_integration
            d = new JObject();
            d.Id = 3;//User           
            d.Template = "";//<-- ERROR no template
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "Template", "2201");
@@ -197,7 +197,7 @@ namespace raven_integration
            dTemplateArray.Add(df);
            string sTemplate = dTemplateArray.ToString(Newtonsoft.Json.Formatting.None);
            d.Template = sTemplate.Substring(2);//<-- ERROR missing first two characters of json template array      
-            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdminFull"), d.ToString(Newtonsoft.Json.Formatting.None));
+            a = await Util.PostAsync("pick-list/template", await Util.GetTokenAsync("BizAdmin"), d.ToString(Newtonsoft.Json.Formatting.None));
            //"{\"error\":{\"code\":\"2200\",\"details\":[{\"message\":\"Template is not valid JSON string: Error reading JArray from JsonReader. Current JsonReader item is not an array: String. Path '', line 1, position 5.\",\"target\":\"Template\",\"error\":\"2203\"}],\"message\":\"Object did not pass validation\"}}"
            Util.ValidateErrorCodeResponse(a, 2200, 400);
            Util.ShouldContainValidationError(a, "Template", "2203");
@@ -211,7 +211,7 @@ namespace raven_integration
        public async Task PickListTemplateList()
        {
            //RETRIEVE    
-            ApiResponse a = await Util.GetAsync("pick-list/template/list", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("pick-list/template/list", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains at least two records (as we only have two at time of writing this test)
            var templateList = ((JArray)a.ObjectResponse["data"]);
@@ -221,18 +221,18 @@ namespace raven_integration
        /// <summary>
-        /// test get picklist fields list for widget template
+        /// test get picklist fields list for User template
        /// </summary>
        [Fact]
-        public async Task WidgetPickListTemplateFieldList()
+        public async Task UserPickListTemplateFieldList()
        {
-            //RETRIEVE WIDGET PICKLIST FIELDS
+            //RETRIEVE USER PICKLIST FIELDS
-            ApiResponse a = await Util.GetAsync("pick-list/template/ListFields/2", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("pick-list/template/ListFields/3", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains at least two records (as we only have two at time of writing this test)
            var templateList = ((JArray)a.ObjectResponse["data"]);
-            templateList.Count.Should().BeGreaterThan(4);
+            templateList.Count.Should().BeGreaterThan(3);
-            templateList[0]["fieldKey"].Value<string>().Should().Be("widgetactive");//first one should be a widgetactive field
+            templateList[0]["fieldKey"].Value<string>().Should().Be("useractive");//first one should be a useractive field
        }
@@ -243,7 +243,7 @@ namespace raven_integration
        public async Task FetchWidgetPickListNoQuery()
        {
            //RETRIEVE WIDGET PICKLIST no filter
-            ApiResponse a = await Util.GetAsync("pick-list/list?ayaType=2", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("pick-list/list?ayaType=2", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains 100 records (current picklist maximum count)
            var pickList = ((JArray)a.ObjectResponse["data"]);
@@ -258,7 +258,7 @@ namespace raven_integration
        public async Task FetchWidgetPickListPreDefined()
        {
            //fetch the SuperUser account which always exists
-            ApiResponse a = await Util.GetAsync("pick-list/list?ayaType=3&preId=1", await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse a = await Util.GetAsync("pick-list/list?ayaType=3&preId=1", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            //assert contains 1 record
            var pickList = ((JArray)a.ObjectResponse["data"]);
@@ -295,7 +295,7 @@ namespace raven_integration
            //RETRIEVE WIDGET PICKLIST with name filter
-            a = await Util.GetAsync("pick-list/list?ayaType=2&query=a1b2c3", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=2&query=a1b2c3", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            var pickList = ((JArray)a.ObjectResponse["data"]);
@@ -303,7 +303,7 @@ namespace raven_integration
            pickList[0]["name"].Value<string>().Should().Contain("_a1b2c3");
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -339,7 +339,7 @@ namespace raven_integration
            //RETRIEVE WIDGET PICKLIST with name filter
-            a = await Util.GetAsync("pick-list/list?ayaType=2&query=..lblu", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=2&query=..lblu", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            var pickList = ((JArray)a.ObjectResponse["data"]);
@@ -347,7 +347,7 @@ namespace raven_integration
            pickList[0]["id"].Value<long>().Should().Be(IncludedWidgetId);
            //DELETE WIDGETS
-            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("widget/" + IncludedWidgetId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
        }
@@ -406,7 +406,7 @@ namespace raven_integration
            //CONFIRM BOTH INACTIVE AND ACTIVE 
-            a = await Util.GetAsync("pick-list/list?ayaType=2&query=ickListInactiveAct&inactive=true", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=2&query=ickListInactiveAct&inactive=true", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            var pickList = ((JArray)a.ObjectResponse["data"]);
            //assert contains at least two records
@@ -425,7 +425,7 @@ namespace raven_integration
            //CONFIRM ACTIVE ONLY
-            a = await Util.GetAsync("pick-list/list?ayaType=2&query=ickListInactiveAct", await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.GetAsync("pick-list/list?ayaType=2&query=ickListInactiveAct", await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            pickList = ((JArray)a.ObjectResponse["data"]);
            //assert contains at least two records
@@ -445,13 +445,13 @@ namespace raven_integration
            //DELETE WIDGETS
            foreach (long l in ActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
            foreach (long l in NotActiveWidgetIdList)
            {
-                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+                a = await Util.DeleteAsync("widget/" + l.ToString(), await Util.GetTokenAsync("BizAdmin"));
                Util.ValidateHTTPStatusCode(a, 204);
            }
        }
--- a/Search/SearchOps.cs
+++ b/Search/SearchOps.cs
@@ -134,7 +134,7 @@ namespace raven_integration
            //Only BizAdmin* roles can read a full user record 
            //This search should return zero items
-            a = await Util.PostAsync("search", await Util.GetTokenAsync("SubContractorLimited"), SearchParameters.ToString());
+            a = await Util.PostAsync("search", await Util.GetTokenAsync("SubContractorRestricted"), SearchParameters.ToString());
            Util.ValidateDataReturnResponseOk(a);
            ((JArray)a.ObjectResponse["data"]["searchResults"]).Count.Should().Be(0, "User with no rights should not see any results in body search");
--- a/ServerJob/JobOperations.cs
+++ b/ServerJob/JobOperations.cs
@@ -17,7 +17,7 @@ namespace raven_integration
        [Fact]
        public async Task TestJobShouldSubmit()
        {
-            ApiResponse a = await Util.PostAsync("job-operations/test-job", await Util.GetTokenAsync("OpsAdminFull"));
+            ApiResponse a = await Util.PostAsync("job-operations/test-job", await Util.GetTokenAsync("OpsAdmin"));
            //Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 202);
            //should return something like this:
@@ -30,7 +30,7 @@ namespace raven_integration
            String jobId = a.ObjectResponse["jobId"].Value<String>();
            //Get a list of operations
-            a = await Util.GetAsync("job-operations", await Util.GetTokenAsync("OpsAdminFull"));
+            a = await Util.GetAsync("job-operations", await Util.GetTokenAsync("OpsAdmin"));
            Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 200);
--- a/Translation/RequestedTranslationKeys.cs
+++ b/Translation/RequestedTranslationKeys.cs
@@ -18,7 +18,7 @@ namespace raven_integration
        {
            //First determine if there is a requested key route because it's debug build dependent
            //And doesn't exists if server was not debug built
-            ApiResponse a = await Util.GetAsync("build-mode", await Util.GetTokenAsync("CustomerLimited"));
+            ApiResponse a = await Util.GetAsync("build-mode", await Util.GetTokenAsync("CustomerRestricted"));
            Util.ValidateDataReturnResponseOk(a);
            var BuildMode = a.ObjectResponse["data"]["buildMode"].Value<string>();
            BuildMode.Should().BeOneOf((new string[] { "DEBUG", "RELEASE" }));
@@ -34,14 +34,14 @@ namespace raven_integration
                d = JToken.FromObject(keys);
                //Fetch the values to force RAVEN to track at least these two
-                a = await Util.PostAsync("translation/subset", await Util.GetTokenAsync("CustomerLimited"), d.ToString());
+                a = await Util.PostAsync("translation/subset", await Util.GetTokenAsync("CustomerRestricted"), d.ToString());
                Util.ValidateDataReturnResponseOk(a);
                Util.ValidateHTTPStatusCode(a, 200);
                //there should be dozens of keys but at times there might only be a few during development so at least verify there is more than one
                ((JArray)a.ObjectResponse["data"]).Count.Should().Be(2);
                //Now ensure there are at least two keys in the fetched keys array
-                a = await Util.GetAsync("translation/TranslationKeyCoverage", await Util.GetTokenAsync("CustomerLimited"));
+                a = await Util.GetAsync("translation/TranslationKeyCoverage", await Util.GetTokenAsync("CustomerRestricted"));
                Util.ValidateDataReturnResponseOk(a);
                Util.ValidateHTTPStatusCode(a, 200);
--- a/Translation/Translation.cs
+++ b/Translation/Translation.cs
@@ -23,7 +23,7 @@ namespace raven_integration
        public async Task TranslationListWorks()
        {
            //Get all
-            ApiResponse a = await Util.GetAsync("translation/list", await Util.GetTokenAsync("CustomerLimited"));//lowest level test user because there are no limits on this route except to be authenticated
+            ApiResponse a = await Util.GetAsync("translation/list", await Util.GetTokenAsync("CustomerRestricted"));//lowest level test user because there are no limits on this route except to be authenticated
            Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 200);
            //there should be at least 4 of them as there are 4 stock translations
@@ -35,7 +35,7 @@ namespace raven_integration
        public async Task GetFullTranslationWorks()
        {
            //Get all
-            ApiResponse a = await Util.GetAsync("translation/1", await Util.GetTokenAsync("CustomerLimited"));//lowest level test user because there are no limits on this route except to be authenticated
+            ApiResponse a = await Util.GetAsync("translation/1", await Util.GetTokenAsync("CustomerRestricted"));//lowest level test user because there are no limits on this route except to be authenticated
            Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 200);
            //there should be dozens of keys but at times there might only be a few during development so at least verify there is more than one
@@ -54,7 +54,7 @@ namespace raven_integration
            d = JToken.FromObject(keys);
-            ApiResponse a = await Util.PostAsync("translation/subset", await Util.GetTokenAsync("CustomerLimited"), d.ToString());
+            ApiResponse a = await Util.PostAsync("translation/subset", await Util.GetTokenAsync("CustomerRestricted"), d.ToString());
            Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 200);
            //there should be dozens of keys but at times there might only be a few during development so at least verify there is more than one
@@ -71,7 +71,7 @@ namespace raven_integration
            d.id = 1;
            d.name = Util.Uniquify("INTEGRATION-TEST-LOCALE");
-            ApiResponse a = await Util.PostAsync("translation/Duplicate", await Util.GetTokenAsync("BizAdminFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("translation/Duplicate", await Util.GetTokenAsync("BizAdmin"), d.ToString());
            Util.ValidateDataReturnResponseOk(a);
            Util.ValidateHTTPStatusCode(a, 201);
            //verify the object returned is as expected
@@ -90,11 +90,11 @@ namespace raven_integration
            d2.id = NewId;
            d2.newText = Util.Uniquify("INTEGRATION-TEST-LOCALE NAME UPDATE");
            d2.concurrency = a.ObjectResponse["data"]["concurrency"].Value<uint>();
-            ApiResponse PUTTestResponse = await Util.PutAsync("translation/UpdateTranslationName", await Util.GetTokenAsync("BizAdminFull"), d2.ToString());
+            ApiResponse PUTTestResponse = await Util.PutAsync("translation/UpdateTranslationName", await Util.GetTokenAsync("BizAdmin"), d2.ToString());
            Util.ValidateHTTPStatusCode(PUTTestResponse, 200);
-            ApiResponse checkPUTWorked = await Util.GetAsync("translation/" + NewId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            ApiResponse checkPUTWorked = await Util.GetAsync("translation/" + NewId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateNoErrorInResponse(checkPUTWorked);
            checkPUTWorked.ObjectResponse["data"]["name"].Value<string>().Should().Be(d2.newText.ToString());
            //uint concurrency = PUTTestResponse.ObjectResponse["data"]["concurrency"].Value<uint>();
@@ -109,7 +109,7 @@ namespace raven_integration
            string UpdatedTranslationKey = FirstTranslationKey["key"].Value<string>();
-            PUTTestResponse = await Util.PutAsync("translation/UpdateTranslationItemDisplayText", await Util.GetTokenAsync("BizAdminFull"), d2.ToString());
+            PUTTestResponse = await Util.PutAsync("translation/UpdateTranslationItemDisplayText", await Util.GetTokenAsync("BizAdmin"), d2.ToString());
            Util.ValidateHTTPStatusCode(PUTTestResponse, 200);
            //create user that is set to new translation so can use getSubset            
@@ -174,7 +174,7 @@ namespace raven_integration
            Util.ValidateHTTPStatusCode(a, 204);
            //DELETE TEMP LOCALE
-            a = await Util.DeleteAsync("translation/" + NewId.ToString(), await Util.GetTokenAsync("BizAdminFull"));
+            a = await Util.DeleteAsync("translation/" + NewId.ToString(), await Util.GetTokenAsync("BizAdmin"));
            Util.ValidateHTTPStatusCode(a, 204);
--- a/Widget/WidgetRights.cs
+++ b/Widget/WidgetRights.cs
@@ -28,7 +28,7 @@ namespace raven_integration
        [Fact]
        public async Task ServerShouldNotAllowReadUnauthorizedAccess()
        {
-            ApiResponse a = await Util.GetAsync("widget/listwidgets", await Util.GetTokenAsync( "OpsAdminFull"));
+            ApiResponse a = await Util.GetAsync("widget/listwidgets", await Util.GetTokenAsync( "OpsAdmin"));
            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }
@@ -49,8 +49,8 @@ namespace raven_integration
            d.active = true;
            d.usertype = 1;
-            //BizAdminLimited user should not be able to create a widget, only read them
+            //BizAdminRestricted user should not be able to create a widget, only read them
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync( "BizAdminLimited"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync( "BizAdminRestricted"), d.ToString());
            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
--- a/Widget/WidgetValidationTests.cs
+++ b/Widget/WidgetValidationTests.cs
@@ -26,7 +26,7 @@ namespace raven_integration
        //     d.usertype = 1;
        //     //create via inventory full test user
-        //     ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+        //     ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
        //     Util.ValidateErrorCodeResponse(a, 2200, 400);
        //     Util.ShouldContainValidationError(a, "Active", "2203");
@@ -53,11 +53,11 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            Util.ValidateDataReturnResponseOk(a);
            //Now try to create again with same name
-            a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
            Util.ValidateErrorCodeResponse(a, 2200, 400);
@@ -82,7 +82,7 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
@@ -108,7 +108,7 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
@@ -137,7 +137,7 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
@@ -165,7 +165,7 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
@@ -193,7 +193,7 @@ namespace raven_integration
            d.usertype = 1;
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
@@ -224,7 +224,7 @@ namespace raven_integration
            //create via inventory full test user
-            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("InventoryFull"), d.ToString());
+            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync("Inventory"), d.ToString());
            //2002 in-valid expected
--- a/util.cs
+++ b/util.cs
@@ -28,8 +28,8 @@ namespace raven_integration
    public static class Util
    {
        //#######################################################################################################
-        //public static string API_BASE_URL = "http://localhost:7575/api/v8/";
+        public static string API_BASE_URL = "http://localhost:7575/api/v8/";
-         public static string API_BASE_URL = "https://devtest.ayanova.com/api/v8.0/";
+         //public static string API_BASE_URL = "https://devtest.onayanova.com/api/v8.0/";
        public static string TEST_DATA_FOLDER = @"..\..\..\testdata\";
        //#######################################################################################################
@@ -107,16 +107,20 @@ namespace raven_integration
-        static bool bInitialized = false;
+        static volatile bool bInitialized = false;
        private static readonly object _initLock = new object();
        private static void init()
        {
            if (bInitialized) return;
-            if (!System.IO.Directory.Exists(TEST_DATA_FOLDER))
+            lock (_initLock)
-                throw new ArgumentOutOfRangeException($"Test data folder {TEST_DATA_FOLDER} not found, current folder is {System.AppDomain.CurrentDomain.BaseDirectory}");
+            {
-
+                if (bInitialized) return;
-            client.DefaultRequestHeaders.Accept.Clear();
+                if (!System.IO.Directory.Exists(TEST_DATA_FOLDER))
-            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+                    throw new ArgumentOutOfRangeException($"Test data folder {TEST_DATA_FOLDER} not found, current folder is {System.AppDomain.CurrentDomain.BaseDirectory}");
-            bInitialized = true;
+                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                bInitialized = true;
            }
        }
        public static string CleanApiRoute(string route)