From 8bdb82c7be9c778d48c6571f527040751b08cb6d Mon Sep 17 00:00:00 2001
From: Eneko Lakasta <eneko@cartodb.com>
Date: Thu, 8 Feb 2018 14:48:00 +0100
Subject: [PATCH] add test should fail creating a layergroup with default
 apikey token

---
 test/acceptance/auth/authorization.js | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/test/acceptance/auth/authorization.js b/test/acceptance/auth/authorization.js
index da139638..c82b2a37 100644
--- a/test/acceptance/auth/authorization.js
+++ b/test/acceptance/auth/authorization.js
@@ -29,6 +29,33 @@ describe('authorization', function() {
         });
     });
 
+    it('should fail creating a layergroup with default apikey token', function (done) {
+        const apikeyToken = 'default_public';
+        const mapConfig = {
+            version: '1.7.0',
+            layers: [
+                {
+                    options: {
+                        sql: 'select * FROM test_table_localhost_regular1',
+                        cartocss: TestClient.CARTOCSS.POINTS,
+                        cartocss_version: '2.3.0'
+                    }
+                }
+            ]
+        };
+        const testClient = new TestClient(mapConfig, apikeyToken);
+
+        testClient.getLayergroup({ response: { status: 403 } }, function (err, layergroupResult) {
+            assert.ifError(err);
+
+            assert.ok(layergroupResult.hasOwnProperty('errors'));
+            assert.equal(layergroupResult.errors.length, 1);
+            assert.ok(layergroupResult.errors[0].match(/permission denied/), layergroupResult.errors[0]);
+
+            testClient.drain(done);
+        });
+    });
+
     it('should fail if apikey does not grant access to table', function (done) {
         const mapConfig = {
             version: '1.7.0',