using Xunit;
using Newtonsoft.Json.Linq;

namespace raven_integration
{
    // [Collection("APICOLLECTION")]
    public class AuthRights
    {
       

        /// <summary>
        /// Test not authorized error return
        /// </summary>       
        [Fact]
        public async Task ServerShouldNotAllowUnauthenticatedAccess()
        {
            ApiResponse a = await Util.GetAsync("project/list");
            Util.ValidateHTTPStatusCode(a, 401);
        }

        /// <summary>
        /// Test insufficient read rights error return
        /// </summary>       
        [Fact]
        public async Task ServerShouldNotAllowReadUnauthorizedAccess()
        {
            ApiResponse a = await Util.GetAsync("project/listprojects", await Util.GetTokenAsync( "OpsAdmin"));
            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }



        /// <summary>
        /// Test insufficient create rights error return
        /// </summary>       
        [Fact]
        public async Task ServerShouldNotAllowCreateUnauthorizedAccess()
        {
            //CREATE
            dynamic d = new JObject();
            d.name = Util.Uniquify("ServerShouldNotAllowCreateUnauthorizedAccess TEST PROJECT");
            d.created = DateTime.Now.ToString();
            d.dollarAmount = 1.11m;
            d.active = true;
            d.usertype = 1;

            //BizAdminRestricted user should not be able to create a project, only read them
            ApiResponse a = await Util.PostAsync("project", await Util.GetTokenAsync( "BizAdminRestricted"), d.ToString());

            //2004 unauthorized
            Util.ValidateErrorCodeResponse(a, 2004, 403);
        }





 





       








        //==================================================

    }//eoc
}//eons