AYS-383 | Permission List Endpoint Has Been Covered with Unauthorized Test

Author: agitrubard

src/test/java/org/ays/auth/controller/AysPermissionControllerTest.java

@@ -6,7 +6,9 @@
 import org.ays.auth.model.mapper.AysPermissionToPermissionsResponseMapper;
 import org.ays.auth.model.response.AysPermissionsResponse;
 import org.ays.auth.service.AysPermissionService;
+import org.ays.common.model.response.AysErrorResponse;
 import org.ays.common.model.response.AysResponse;
+import org.ays.common.util.exception.model.AysErrorBuilder;
 import org.ays.util.AysMockMvcRequestBuilders;
 import org.ays.util.AysMockResultMatchersBuilders;
 import org.junit.jupiter.api.Test;
@@ -59,4 +61,34 @@ void whenPermissionsFound_thenReturnPermissions() throws Exception {
                 .findAll();
     }
 
+    @Test
+    void whenUnauthorizedForFoundingPermissions_thenReturnAccessDeniedException() throws Exception {
+
+        // When
+        List<AysPermission> mockPermissions = List.of(
+                new AysPermissionBuilder().withValidValues().build(),
+                new AysPermissionBuilder().withValidValues().build()
+        );
+
+        Mockito.when(permissionService.findAll())
+                .thenReturn(mockPermissions);
+
+        // Then
+        String endpoint = BASE_PATH.concat("/permissions");
+        MockHttpServletRequestBuilder mockHttpServletRequestBuilder = AysMockMvcRequestBuilders
+                .get(endpoint, mockUserToken.getAccessToken());
+
+        AysErrorResponse mockErrorResponse = AysErrorBuilder.FORBIDDEN;
+
+        aysMockMvc.perform(mockHttpServletRequestBuilder, mockErrorResponse)
+                .andExpect(AysMockResultMatchersBuilders.status()
+                        .isForbidden())
+                .andExpect(AysMockResultMatchersBuilders.subErrors()
+                        .doesNotExist());
+
+        // Verify
+        Mockito.verify(permissionService, Mockito.never())
+                .findAll();
+    }
+
 }