From e65c19ddd8871912dcd13246fdc61302d4290743 Mon Sep 17 00:00:00 2001
From: David Mehren <git@herrmehren.de>
Date: Sun, 29 Aug 2021 17:36:03 +0200
Subject: [PATCH] Public API: Test that forbidden notes can't be accessed

Signed-off-by: David Mehren <git@herrmehren.de>
---
 test/public-api/notes.e2e-spec.ts | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/test/public-api/notes.e2e-spec.ts b/test/public-api/notes.e2e-spec.ts
index 61abb79eb..0fb44fab5 100644
--- a/test/public-api/notes.e2e-spec.ts
+++ b/test/public-api/notes.e2e-spec.ts
@@ -113,6 +113,13 @@ describe('Notes', () => {
         .expect('Content-Type', /json/)
         .expect(404);
     });
+    it('fails with a forbidden note id', async () => {
+      // check if a forbidden note correctly returns 400
+      await request(app.getHttpServer())
+        .get('/notes/forbiddenNoteId')
+        .expect('Content-Type', /json/)
+        .expect(400);
+    });
   });
 
   describe('POST /notes/{note}', () => {