@@ -772,15 +772,30 @@ describe('API authz tests', () => {
772772 . expect ( 'Content-Type' , / j s o n / )
773773 } )
774774
775- test ( 'team member can test code repository url' , async ( ) => {
776- jest . spyOn ( otomiStack , 'getTestRepoConnect' ) . mockResolvedValue ( { } )
775+ test ( 'team member can test own code repository url' , async ( ) => {
776+ jest . spyOn ( otomiStack , 'getTestRepoConnect' ) . mockResolvedValue ( { status : 'success' } )
777+
777778 await agent
778- . get ( `/v1/testRepoConnect` )
779- . query ( { url : data . repositoryUrl } )
779+ . get ( `/v2/teams/${ teamId } /coderepos/testRepoConnect` )
780+ . query ( {
781+ url : data . repositoryUrl ,
782+ } )
780783 . set ( 'Authorization' , `Bearer ${ teamMemberToken } ` )
781784 . expect ( 200 )
782785 } )
783786
787+ test ( 'team member cannot test other team code repository url' , async ( ) => {
788+ jest . spyOn ( otomiStack , 'getTestRepoConnect' ) . mockResolvedValue ( { status : 'success' } )
789+
790+ await agent
791+ . get ( `/v2/teams/${ otherTeamId } /coderepos/testRepoConnect` )
792+ . query ( {
793+ url : data . repositoryUrl ,
794+ } )
795+ . set ( 'Authorization' , `Bearer ${ teamMemberToken } ` )
796+ . expect ( 403 )
797+ } )
798+
784799 test ( 'team member can get own internal repository urls' , async ( ) => {
785800 jest . spyOn ( otomiStack , 'getInternalRepoUrls' ) . mockResolvedValue ( [ ] )
786801
0 commit comments