btcpayserver/BTCPayServer.Tests/GreenfieldAPITests.cs

using System;
using System.Linq;
using System.Net.Http;
using System.Threading.Tasks;
using BTCPayServer.Client;
using BTCPayServer.Client.Models;
using BTCPayServer.Controllers;
using BTCPayServer.Controllers.RestApi.Users;
using BTCPayServer.Services;
using BTCPayServer.Tests.Logging;
using Microsoft.AspNet.SignalR.Client;
using Microsoft.AspNetCore.Mvc;
using Xunit;
using Xunit.Abstractions;
using CreateApplicationUserRequest = BTCPayServer.Client.Models.CreateApplicationUserRequest;

namespace BTCPayServer.Tests
{
    public class GreenfieldAPITests
    {
        public const int TestTimeout = TestUtils.TestTimeout;

        public const string TestApiPath = "api/test/apikey";

        public GreenfieldAPITests(ITestOutputHelper helper)
        {
            Logs.Tester = new XUnitLog(helper) { Name = "Tests" };
            Logs.LogProvider = new XUnitLogProvider(helper);
        }

        [Fact(Timeout = TestTimeout)]
        [Trait("Integration", "Integration")]
        public async Task ApiKeysControllerTests()
        {
            using (var tester = ServerTester.Create())
            {
                await tester.StartAsync();
                var user = tester.NewAccount();
                user.GrantAccess();
                await user.MakeAdmin();
                var client = await user.CreateClient(Policies.CanModifyServerSettings, Policies.CanModifyStoreSettings);
                //Get current api key 
                var apiKeyData = await client.GetCurrentAPIKeyInfo();
                Assert.NotNull(apiKeyData);
                Assert.Equal(client.APIKey, apiKeyData.ApiKey);
                Assert.Equal(user.UserId, apiKeyData.UserId);
                Assert.Equal(2, apiKeyData.Permissions.Length);

                //revoke current api key
                await client.RevokeCurrentAPIKeyInfo();
                await Assert.ThrowsAsync<HttpRequestException>(async () =>
                {
                    await client.GetCurrentAPIKeyInfo();
                });
            }
        }

        [Fact(Timeout = TestTimeout)]
        [Trait("Integration", "Integration")]
        public async Task CanCreateUsersViaAPI()
        {
            using (var tester = ServerTester.Create(newDb: true))
            {
                tester.PayTester.DisableRegistration = true;
                await tester.StartAsync();
                var unauthClient = new BTCPayServerClient(tester.PayTester.ServerUri);
                await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest()));
                await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test@gmail.com" }));
                // Pass too simple
                await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "a" }));

                // We have no admin, so it should work
                var user1 = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test@gmail.com", Password = "abceudhqw" });
                // We have no admin, so it should work
                var user2 = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" });

                // Duplicate email
                await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" }));

                // Let's make an admin
                var admin = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin@gmail.com", Password = "abceudhqw", IsAdministrator = true });

                // Creating a new user without proper creds is now impossible (unauthorized) 
                // Because if registration are locked and that an admin exists, we don't accept unauthenticated connection
                await AssertHttpError(401, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "afewfoiewiou" }));


                // But should be ok with subscriptions unlocked
                var settings = tester.PayTester.GetService<SettingsRepository>();
                await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = false });
                await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "afewfoiewiou" });

                // But it should be forbidden to create an admin without being authenticated
                await AssertHttpError(403, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin2@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));
                await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = true });

                var adminAcc = tester.NewAccount();
                adminAcc.UserId = admin.Id;
                adminAcc.IsAdmin = true;
                var adminClient = await adminAcc.CreateClient(Policies.CanModifyProfile);

                // We should be forbidden to create a new user without proper admin permissions
                await AssertHttpError(403, async () => await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou" }));
                await AssertHttpError(403, async () => await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));

                // However, should be ok with the server management permissions
                adminClient = await adminAcc.CreateClient(Policies.CanModifyServerSettings);
                await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou" });
                // Even creating new admin should be ok
                await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin4@gmail.com", Password = "afewfoiewiou", IsAdministrator = true });

                var user1Acc = tester.NewAccount();
                user1Acc.UserId = user1.Id;
                user1Acc.IsAdmin = false;
                var user1Client = await user1Acc.CreateClient(Policies.CanModifyServerSettings);
                // User1 trying to get server management would still fail to create user
                await AssertHttpError(403, async () => await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "test8@gmail.com", Password = "afewfoiewiou" }));

                // User1 should be able to create user if subscription unlocked
                await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = false });
                await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "test8@gmail.com", Password = "afewfoiewiou" });
                // But not an admin
                await AssertHttpError(403, async () => await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "admin8@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));
            }
        }

        private async Task AssertHttpError(int code, Func<Task> act)
        {
            var ex = await Assert.ThrowsAsync<HttpRequestException>(act);
            Assert.Contains(code.ToString(), ex.Message);
        }

        [Fact(Timeout = TestTimeout)]
        [Trait("Integration", "Integration")]
        public async Task UsersControllerTests()
        {
            using (var tester = ServerTester.Create(newDb: true))
            {
                tester.PayTester.DisableRegistration = true;
                await tester.StartAsync();
                var user = tester.NewAccount();
                user.GrantAccess();
                await user.MakeAdmin();
                var clientProfile = await user.CreateClient(Policies.CanModifyProfile);
                var clientServer = await user.CreateClient(Policies.CanModifyServerSettings, Policies.CanViewProfile);
                var clientInsufficient = await user.CreateClient(Policies.CanModifyStoreSettings);


                var apiKeyProfileUserData = await clientProfile.GetCurrentUser();
                Assert.NotNull(apiKeyProfileUserData);
                Assert.Equal(apiKeyProfileUserData.Id, user.UserId);
                Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email);

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());
                await clientServer.GetCurrentUser();
                await clientProfile.GetCurrentUser();

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest()
                {
                    Email = $"{Guid.NewGuid()}@g.com",
                    Password = Guid.NewGuid().ToString()
                }));

                var newUser = await clientServer.CreateUser(new CreateApplicationUserRequest()
                {
                    Email = $"{Guid.NewGuid()}@g.com",
                    Password = Guid.NewGuid().ToString()
                });
                Assert.NotNull(newUser);

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()
                {
                    Email = $"{Guid.NewGuid()}",
                    Password = Guid.NewGuid().ToString()
                }));

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()
                {
                    Email = $"{Guid.NewGuid()}@g.com",
                }));

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()
                {
                    Password = Guid.NewGuid().ToString()
                }));

            }
        }
    }
}
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`using System;`
Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`using System.Linq;`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`using System.Net.Http;`
			`using System.Threading.Tasks;`
BTCPayServer.Client library + Revoke API Key 2020-03-02 16:50:28 +01:00			`using BTCPayServer.Client;`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`using BTCPayServer.Client.Models;`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`using BTCPayServer.Controllers;`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`using BTCPayServer.Controllers.RestApi.Users;`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`using BTCPayServer.Services;`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`using BTCPayServer.Tests.Logging;`
BTCPayServer.Client library + Revoke API Key 2020-03-02 16:50:28 +01:00			`using Microsoft.AspNet.SignalR.Client;`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`using Microsoft.AspNetCore.Mvc;`
			`using Xunit;`
			`using Xunit.Abstractions;`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`using CreateApplicationUserRequest = BTCPayServer.Client.Models.CreateApplicationUserRequest;`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00
			`namespace BTCPayServer.Tests`
			`{`
			`public class GreenfieldAPITests`
			`{`
			`public const int TestTimeout = TestUtils.TestTimeout;`

			`public const string TestApiPath = "api/test/apikey";`

			`public GreenfieldAPITests(ITestOutputHelper helper)`
			`{`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`Logs.Tester = new XUnitLog(helper) { Name = "Tests" };`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`Logs.LogProvider = new XUnitLogProvider(helper);`
			`}`

Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`[Fact(Timeout = TestTimeout)]`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`[Trait("Integration", "Integration")]`
			`public async Task ApiKeysControllerTests()`
			`{`
			`using (var tester = ServerTester.Create())`
			`{`
			`await tester.StartAsync();`
			`var user = tester.NewAccount();`
			`user.GrantAccess();`
			`await user.MakeAdmin();`
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 05:41:47 +01:00			`var client = await user.CreateClient(Policies.CanModifyServerSettings, Policies.CanModifyStoreSettings);`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`//Get current api key`
BTCPayServer.Client library + Revoke API Key 2020-03-02 16:50:28 +01:00			`var apiKeyData = await client.GetCurrentAPIKeyInfo();`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`Assert.NotNull(apiKeyData);`
Refactor tests for greenfield 2020-03-16 08:36:55 +01:00			`Assert.Equal(client.APIKey, apiKeyData.ApiKey);`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`Assert.Equal(user.UserId, apiKeyData.UserId);`
			`Assert.Equal(2, apiKeyData.Permissions.Length);`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00
BTCPayServer.Client library + Revoke API Key 2020-03-02 16:50:28 +01:00			`//revoke current api key`
			`await client.RevokeCurrentAPIKeyInfo();`
			`await Assert.ThrowsAsync<HttpRequestException>(async () =>`
			`{`
			`await client.GetCurrentAPIKeyInfo();`
			`});`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`}`
			`}`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00
			`[Fact(Timeout = TestTimeout)]`
			`[Trait("Integration", "Integration")]`
			`public async Task CanCreateUsersViaAPI()`
			`{`
			`using (var tester = ServerTester.Create(newDb: true))`
			`{`
Make sure the create user is respecting the disable-registration settings 2020-03-19 05:30:53 +01:00			`tester.PayTester.DisableRegistration = true;`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`await tester.StartAsync();`
			`var unauthClient = new BTCPayServerClient(tester.PayTester.ServerUri);`
			`await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest()));`
			`await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test@gmail.com" }));`
			`// Pass too simple`
			`await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "a" }));`

			`// We have no admin, so it should work`
			`var user1 = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test@gmail.com", Password = "abceudhqw" });`
			`// We have no admin, so it should work`
			`var user2 = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" });`

			`// Duplicate email`
			`await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" }));`

			`// Let's make an admin`
			`var admin = await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin@gmail.com", Password = "abceudhqw", IsAdministrator = true });`

			`// Creating a new user without proper creds is now impossible (unauthorized)`
			`// Because if registration are locked and that an admin exists, we don't accept unauthenticated connection`
			`await AssertHttpError(401, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "afewfoiewiou" }));`


			`// But should be ok with subscriptions unlocked`
			`var settings = tester.PayTester.GetService<SettingsRepository>();`
			`await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = false });`
			`await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "test3@gmail.com", Password = "afewfoiewiou" });`

			`// But it should be forbidden to create an admin without being authenticated`
			`await AssertHttpError(403, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin2@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));`
			`await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = true });`

			`var adminAcc = tester.NewAccount();`
			`adminAcc.UserId = admin.Id;`
			`adminAcc.IsAdmin = true;`
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 05:41:47 +01:00			`var adminClient = await adminAcc.CreateClient(Policies.CanModifyProfile);`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00
			`// We should be forbidden to create a new user without proper admin permissions`
			`await AssertHttpError(403, async () => await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou" }));`
			`await AssertHttpError(403, async () => await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));`

			`// However, should be ok with the server management permissions`
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 05:41:47 +01:00			`adminClient = await adminAcc.CreateClient(Policies.CanModifyServerSettings);`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "test4@gmail.com", Password = "afewfoiewiou" });`
			`// Even creating new admin should be ok`
			`await adminClient.CreateUser(new CreateApplicationUserRequest() { Email = "admin4@gmail.com", Password = "afewfoiewiou", IsAdministrator = true });`

			`var user1Acc = tester.NewAccount();`
			`user1Acc.UserId = user1.Id;`
			`user1Acc.IsAdmin = false;`
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 05:41:47 +01:00			`var user1Client = await user1Acc.CreateClient(Policies.CanModifyServerSettings);`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`// User1 trying to get server management would still fail to create user`
			`await AssertHttpError(403, async () => await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "test8@gmail.com", Password = "afewfoiewiou" }));`

			`// User1 should be able to create user if subscription unlocked`
			`await settings.UpdateSetting<PoliciesSettings>(new PoliciesSettings() { LockSubscription = false });`
			`await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "test8@gmail.com", Password = "afewfoiewiou" });`
			`// But not an admin`
			`await AssertHttpError(403, async () => await user1Client.CreateUser(new CreateApplicationUserRequest() { Email = "admin8@gmail.com", Password = "afewfoiewiou", IsAdministrator = true }));`
			`}`
			`}`

			`private async Task AssertHttpError(int code, Func<Task> act)`
			`{`
			`var ex = await Assert.ThrowsAsync<HttpRequestException>(act);`
			`Assert.Contains(code.ToString(), ex.Message);`
			`}`

Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`[Fact(Timeout = TestTimeout)]`
			`[Trait("Integration", "Integration")]`
			`public async Task UsersControllerTests()`
			`{`
Make sure the create user is respecting the disable-registration settings 2020-03-19 05:30:53 +01:00			`using (var tester = ServerTester.Create(newDb: true))`
Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`{`
Make sure the create user is respecting the disable-registration settings 2020-03-19 05:30:53 +01:00			`tester.PayTester.DisableRegistration = true;`
Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`await tester.StartAsync();`
			`var user = tester.NewAccount();`
			`user.GrantAccess();`
			`await user.MakeAdmin();`
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 05:41:47 +01:00			`var clientProfile = await user.CreateClient(Policies.CanModifyProfile);`
			`var clientServer = await user.CreateClient(Policies.CanModifyServerSettings, Policies.CanViewProfile);`
			`var clientInsufficient = await user.CreateClient(Policies.CanModifyStoreSettings);`
Refactor tests for greenfield 2020-03-16 08:36:55 +01:00

Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`var apiKeyProfileUserData = await clientProfile.GetCurrentUser();`
			`Assert.NotNull(apiKeyProfileUserData);`
			`Assert.Equal(apiKeyProfileUserData.Id, user.UserId);`
			`Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email);`

			`await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());`
Greenfield API: God Mode When the `ServerManagement` permission is granted, you should be able to do everything in the system. Maybe I should rename it to GodMode as a permission to not have any confusion with managing server settings (currently `ServerManagement`)? 2020-03-12 18:43:57 +01:00			`await clientServer.GetCurrentUser();`
Refactor permissions of GreenField 2020-03-19 11:11:15 +01:00			`await clientProfile.GetCurrentUser();`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00
Make sure the create user is respecting the disable-registration settings 2020-03-19 05:30:53 +01:00			`await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest()`
			`{`
			`Email = $"{Guid.NewGuid()}@g.com",`
			`Password = Guid.NewGuid().ToString()`
			`}));`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00
			`var newUser = await clientServer.CreateUser(new CreateApplicationUserRequest()`
			`{`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`Email = $"{Guid.NewGuid()}@g.com",`
			`Password = Guid.NewGuid().ToString()`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`});`
			`Assert.NotNull(newUser);`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()`
			`{`
			`Email = $"{Guid.NewGuid()}",`
			`Password = Guid.NewGuid().ToString()`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`}));`

Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()`
			`{`
			`Email = $"{Guid.NewGuid()}@g.com",`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`}));`

Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00			`await Assert.ThrowsAsync<HttpRequestException>(async () => await clientServer.CreateUser(new CreateApplicationUserRequest()`
			`{`
			`Password = Guid.NewGuid().ToString()`
Can create user without authentication if there is no admin 2020-03-18 15:10:15 +01:00			`}));`
Greenfield API: Create User Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one. 2020-03-13 11:47:22 +01:00
Greenfield API: Get current User Builds on #1368 This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later) It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later) 2020-03-12 14:59:24 +01:00			`}`
			`}`
GreenField API #1: Get current API Key info 2020-02-24 18:43:28 +01:00			`}`
			`}`