test: ensure authenticated users that are not in the entities do not have access

author: mo khan <mo@mokhan.ca> 2025-07-10 14:44:54 -0600
committer: mo khan <mo@mokhan.ca> 2025-07-10 14:44:54 -0600
commit: e92f15ef82339d4d9dc4a04f8dce2599b6ef10da (patch)
tree: 276706cfddee5d0871153c64eb53399c7273ed88 /tests/authorization
parent: 04670ecf10906f90cd50c7ff5d6cdc3e6f1f777e (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs
index 1a04b6af..f2dfebd4 100644
--- a/tests/authorization/cedar_authorizer_test.rs
+++ b/tests/authorization/cedar_authorizer_test.rs
@@ -94,6 +94,11 @@ mod tests {
         let user = build_user("1675940");
         let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
         let authorizer = subject_with(entities);
-        assert!(authorizer.authorize(request));
+        assert!(authorizer.authorize(request.clone()));
+
+        let user = build_user("1");
+        let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
+        let authorizer = subject_with(entities);
+        assert!(!authorizer.authorize(request.clone()));
     }
 }
author	mo khan <mo@mokhan.ca>	2025-07-10 14:44:54 -0600
committer	mo khan <mo@mokhan.ca>	2025-07-10 14:44:54 -0600
commit	e92f15ef82339d4d9dc4a04f8dce2599b6ef10da (patch)
tree	276706cfddee5d0871153c64eb53399c7273ed88 /tests/authorization
parent	04670ecf10906f90cd50c7ff5d6cdc3e6f1f777e (diff)