From c5ddcfc5fcdb49634f8ea39d0a4f6032d2b93537 Mon Sep 17 00:00:00 2001
From: painyjames <victor.arbues@digital.hmrc.gov.uk>
Date: Tue, 25 Jan 2022 09:16:41 +0000
Subject: [PATCH] add test for tables not allowed with out datasource
 permission

---
 tests/integration_tests/core_tests.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/tests/integration_tests/core_tests.py b/tests/integration_tests/core_tests.py
index 1bb0fbddc6dfa..ff690b2081488 100644
--- a/tests/integration_tests/core_tests.py
+++ b/tests/integration_tests/core_tests.py
@@ -195,6 +195,31 @@ def test_get_superset_tables_allowed(self):
         gamma_user.roles.remove(security_manager.find_role(role_name))
         session.commit()
 
+    @pytest.mark.usefixtures("load_energy_table_with_slice")
+    def test_get_superset_tables_not_allowed_with_out_permissions(self):
+        session = db.session
+        table_name = "energy_usage"
+        role_name = "dummy_role_no_table_access"
+        self.logout()
+        self.login(username="gamma")
+        gamma_user = security_manager.find_user(username="gamma")
+        security_manager.add_role(role_name)
+        dummy_role = security_manager.find_role(role_name)
+        gamma_user.roles.append(dummy_role)
+
+        session.commit()
+
+        example_db = utils.get_example_database()
+        schema_name = self.default_schema_backend_map[example_db.backend]
+        uri = f"superset/tables/{example_db.id}/{schema_name}/{table_name}/"
+        rv = self.client.get(uri)
+        self.assertEqual(rv.status_code, 404)
+
+        # cleanup
+        gamma_user = security_manager.find_user(username="gamma")
+        gamma_user.roles.remove(security_manager.find_role(role_name))
+        session.commit()
+
     def test_get_superset_tables_substr(self):
         example_db = utils.get_example_database()
         if example_db.backend in {"presto", "hive"}: