From 095fe2eaea7c5af2ce5c60f42d8c262859ff4544 Mon Sep 17 00:00:00 2001
From: Hongxin Liang <honnix@spotify.com>
Date: Fri, 5 Aug 2022 13:14:58 +0200
Subject: [PATCH] Add unit test to cover it

---
 .../styx/api/ServiceAccountUsageAuthorizerTest.java  | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java b/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java
index ae4c3054ad..aab6b13142 100644
--- a/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java
+++ b/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java
@@ -357,6 +357,18 @@ public void shouldAuthorizeIfPrincipalIsAdminViaGroup(String serviceAccount) thr
     assertCachedSuccess(() -> sut.authorizeServiceAccountUsage(WORKFLOW_ID, serviceAccount, idToken));
   }
 
+  @Parameters({SERVICE_ACCOUNT, MANAGED_SERVICE_ACCOUNT})
+  @Test
+  public void shouldAuthorizeIfPrincipalIsAdminViaGroupEvenCheckRoleFails(String serviceAccount) throws IOException {
+    final Throwable cause = googleJsonResponseException(418);
+    var errorRequest = mock(Directory.Members.HasMember.class);
+    doThrow(cause).when(errorRequest).execute();
+    doReturn(errorRequest).when(members).hasMember(PROJECT_ADMINS_GROUP_EMAIL, PRINCIPAL_EMAIL);
+    doReturn(isMember).when(members).hasMember(STYX_ADMINS_GROUP_EMAIL, PRINCIPAL_EMAIL);
+    assertCachedSuccess(() -> sut.authorizeServiceAccountUsage(WORKFLOW_ID, serviceAccount, idToken));
+  }
+
+
   @Parameters({SERVICE_ACCOUNT, MANAGED_SERVICE_ACCOUNT})
   @Test
   public void shouldAuthorizeIfPrincipalHasUserRoleOnProjectViaGroup(String serviceAccount) throws IOException {