From 671817e186d4f2c6209b8499f381068443a61793 Mon Sep 17 00:00:00 2001 From: crupest Date: Mon, 11 Apr 2022 19:50:03 +0800 Subject: ... --- .../IntegratedTests2/TimelineBookmarkTest.cs | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'BackEnd/Timeline.Tests/IntegratedTests2/TimelineBookmarkTest.cs') diff --git a/BackEnd/Timeline.Tests/IntegratedTests2/TimelineBookmarkTest.cs b/BackEnd/Timeline.Tests/IntegratedTests2/TimelineBookmarkTest.cs index f708381f..903175c3 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests2/TimelineBookmarkTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests2/TimelineBookmarkTest.cs @@ -106,6 +106,42 @@ namespace Timeline.Tests.IntegratedTests2 TimelineName = "hello" }, expectedStatusCode: HttpStatusCode.UnprocessableEntity); } + + [Fact] + public async Task AnonymousCreateUnauthorized() + { + using var client = CreateDefaultClient(); + + await client.TestJsonSendAsync(HttpMethod.Post, "v2/users/user/bookmarks", new HttpTimelineBookmarkCreateRequest + { + TimelineOwner = "user", + TimelineName = "hello" + }, expectedStatusCode: HttpStatusCode.Unauthorized); + } + + [Fact] + public async Task OtherCreateForbid() + { + using var client = CreateClientAsUser(); + + await client.TestJsonSendAsync(HttpMethod.Post, "v2/users/admin/bookmarks", new HttpTimelineBookmarkCreateRequest + { + TimelineOwner = "user", + TimelineName = "hello" + }, expectedStatusCode: HttpStatusCode.Forbidden); + } + + [Fact] + public async Task AdminCanCreate() + { + using var client = CreateClientAsAdmin(); + + await client.TestJsonSendAsync(HttpMethod.Post, "v2/users/user/bookmarks", new HttpTimelineBookmarkCreateRequest + { + TimelineOwner = "user", + TimelineName = "hello" + }); + } } } -- cgit v1.2.3