add test (#4676)

* add test

* comment

---------

Co-authored-by: Richard Kuo (Onyx) <rkuo@onyx.app>

Author: rkuo-danswer

backend/tests/integration/multitenant_tests/tenants/test_tenant_creation.py

@@ -1,6 +1,11 @@
+from http import HTTPStatus
+
+import requests
+
 from onyx.configs.constants import DocumentSource
 from onyx.db.enums import AccessType
 from onyx.db.models import UserRole
+from tests.integration.common_utils.constants import API_SERVER_URL
 from tests.integration.common_utils.managers.cc_pair import CCPairManager
 from tests.integration.common_utils.managers.connector import ConnectorManager
 from tests.integration.common_utils.managers.credential import CredentialManager
@@ -80,3 +85,11 @@ def test_admin_can_create_and_verify_cc_pair(reset_multitenant: None) -> None:
 
     # Verify cc_pair
     CCPairManager.verify(cc_pair=test_cc_pair, user_performing_action=test_user)
+
+
+def test_settings_access() -> None:
+    """Calls to the enterprise settings endpoint without authentication should fail with
+    403 (and not 500, which will lock the web UI into a "maintenance mode" page)"""
+
+    response = requests.get(url=f"{API_SERVER_URL}/enterprise-settings")
+    assert response.status_code == HTTPStatus.FORBIDDEN