Add authN/authZ tests

LeaderboardBackend.Test/Leaderboards.cs

@@ -383,6 +383,41 @@ public async Task RestoreLeaderboard_OK()
         res.DeletedAt.Should().BeNull();
     }
 
+    [Test]
+    public async Task RestoreLeaderboard_Unauthenticated()
+    {
+        Func<Task<LeaderboardViewModel>> act = async () => await _apiClient.Put<LeaderboardViewModel>($"/leaderboard/100/restore", new()
+        {
+            Jwt = ""
+        });
+
+        await act.Should().ThrowAsync<RequestFailureException>().Where(e => e.Response.StatusCode == HttpStatusCode.Unauthorized);
+    }
+
+    [Test]
+    public async Task RestoreLeaderboard_Unauthorized()
+    {
+        IUserService userService = _factory.Services.CreateScope().ServiceProvider.GetRequiredService<IUserService>();
+
+        RegisterRequest registerRequest = new()
+        {
+            Email = "[email protected]",
+            Password = "Passw0rd",
+            Username = "unauthorized"
+        };
+
+        await userService.CreateUser(registerRequest);
+
+        string jwt = (await _apiClient.LoginUser(registerRequest.Email, registerRequest.Password)).Token;
+
+        Func<Task<LeaderboardViewModel>> act = async () => await _apiClient.Put<LeaderboardViewModel>($"/leaderboard/100/restore", new()
+        {
+            Jwt = jwt,
+        });
+
+        await act.Should().ThrowAsync<RequestFailureException>().Where(e => e.Response.StatusCode == HttpStatusCode.Forbidden);
+    }
+
     [Test]
     public async Task RestoreLeaderboard_NotFound()
     {