From e92f15ef82339d4d9dc4a04f8dce2599b6ef10da Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Thu, 10 Jul 2025 14:44:54 -0600
Subject: test: ensure authenticated users that are not in the entities do not
 have access

---
 tests/authorization/cedar_authorizer_test.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs
index 1a04b6af..f2dfebd4 100644
--- a/tests/authorization/cedar_authorizer_test.rs
+++ b/tests/authorization/cedar_authorizer_test.rs
@@ -94,6 +94,11 @@ mod tests {
         let user = build_user("1675940");
         let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
         let authorizer = subject_with(entities);
-        assert!(authorizer.authorize(request));
+        assert!(authorizer.authorize(request.clone()));
+
+        let user = build_user("1");
+        let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
+        let authorizer = subject_with(entities);
+        assert!(!authorizer.authorize(request.clone()));
     }
 }
-- 
cgit v1.2.3