From 4d842a53470a88e17589b76d1e70207cc56d1d08 Mon Sep 17 00:00:00 2001
From: JG <moarpheus@gmail.com>
Date: Fri, 10 Jun 2022 12:08:12 +0100
Subject: [PATCH] testing not being able to view any other orgs supported
 housing for coordinator user

---
 spec/requests/organisations_controller_spec.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/spec/requests/organisations_controller_spec.rb b/spec/requests/organisations_controller_spec.rb
index 3ac75ee17..5608597a9 100644
--- a/spec/requests/organisations_controller_spec.rb
+++ b/spec/requests/organisations_controller_spec.rb
@@ -127,6 +127,18 @@ RSpec.describe OrganisationsController, type: :request do
           end
         end
 
+        context "with schemes that are not in scope for the user, i.e. that they do not belong to" do
+          let!(:unauthorised_organisation) { FactoryBot.create(:organisation) }
+
+          before do
+            get "/organisations/#{unauthorised_organisation.id}/supported-housing", headers:, params: {}
+          end
+
+          it "returns not found 404 from org details route" do
+            expect(response).to have_http_status(:not_found)
+          end
+        end
+
         context "when searching" do
           let!(:searched_scheme) { FactoryBot.create(:scheme, code: "CODE321", organisation: user.organisation) }
           let(:search_param) { "CODE321" }