using System;
using Xunit;
using Newtonsoft.Json.Linq;
using FluentAssertions;
using System.Collections.Generic;
using System.Collections.Concurrent;

namespace raven_integration
{
    // [Collection("APICOLLECTION")]
    public class WidgetRights
    {
       

        /// <summary>
        /// Test not authorized error return
        /// </summary>       
        [Fact]
        public async void ServerShouldNotAllowUnauthenticatedAccess()
        {
            ApiResponse a = await Util.GetAsync("widget/list");
            Util.ValidateHTTPStatusCode(a, 401);
        }

        /// <summary>
        /// Test insufficient read rights error return
        /// </summary>       
        [Fact]
        public async void ServerShouldNotAllowReadUnauthorizedAccess()
        {
            ApiResponse a = await Util.GetAsync("widget/listwidgets", await Util.GetTokenAsync( "OpsAdminFull"));
            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }



        /// <summary>
        /// Test insufficient create rights error return
        /// </summary>       
        [Fact]
        public async void ServerShouldNotAllowCreateUnauthorizedAccess()
        {
            //CREATE
            dynamic d = new JObject();
            d.name = Util.Uniquify("ServerShouldNotAllowCreateUnauthorizedAccess TEST WIDGET");
            d.created = DateTime.Now.ToString();
            d.dollarAmount = 1.11m;
            d.active = true;
            d.usertype = 1;

            //BizAdminLimited user should not be able to create a widget, only read them
            ApiResponse a = await Util.PostAsync("widget", await Util.GetTokenAsync( "BizAdminLimited"), d.ToString());

            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }





 





       








        //==================================================

    }//eoc
}//eons