From e5cb68cee953c179312daaeb0d04ebf9e0fb99ba Mon Sep 17 00:00:00 2001
From: Lucas Manuel Rodriguez <lucarodriguez@gmail.com>
Date: Wed, 19 Jan 2022 18:17:42 -0300
Subject: [PATCH] Return 404 when listing policies for a team that does not
 exist (#3793)

* Return 404 when listing policies for a team that does not exist

* Set mock for auth test
---
 changes/list-team-policies-team-doesnt-exist | 1 +
 server/service/integration_core_test.go      | 8 ++++++++
 server/service/team_policies.go              | 4 ++++
 server/service/team_policies_test.go         | 3 +++
 4 files changed, 16 insertions(+)
 create mode 100644 changes/list-team-policies-team-doesnt-exist

diff --git a/changes/list-team-policies-team-doesnt-exist b/changes/list-team-policies-team-doesnt-exist
new file mode 100644
index 0000000000..10c0ca315f
--- /dev/null
+++ b/changes/list-team-policies-team-doesnt-exist
@@ -0,0 +1 @@
+* Return 404 when listing policies of a team that doesn't exist.
diff --git a/server/service/integration_core_test.go b/server/service/integration_core_test.go
index 849374b96a..cb89d83873 100644
--- a/server/service/integration_core_test.go
+++ b/server/service/integration_core_test.go
@@ -2248,3 +2248,11 @@ func (s *integrationTestSuite) TestGlobalPoliciesBrowsing() {
 	assert.Equal(t, "global policy", policiesResponse.Policies[0].Name)
 	assert.Equal(t, "select * from osquery;", policiesResponse.Policies[0].Query)
 }
+
+func (s *integrationTestSuite) TestTeamPoliciesTeamNotExists() {
+	t := s.T()
+
+	teamPoliciesResponse := listTeamPoliciesResponse{}
+	s.DoJSON("GET", fmt.Sprintf("/api/v1/fleet/teams/%d/policies", 9999999), nil, http.StatusNotFound, &teamPoliciesResponse)
+	require.Len(t, teamPoliciesResponse.Policies, 0)
+}
diff --git a/server/service/team_policies.go b/server/service/team_policies.go
index 030615274e..1fc318388e 100644
--- a/server/service/team_policies.go
+++ b/server/service/team_policies.go
@@ -108,6 +108,10 @@ func (svc Service) ListTeamPolicies(ctx context.Context, teamID uint) ([]*fleet.
 		return nil, err
 	}
 
+	if _, err := svc.ds.Team(ctx, teamID); err != nil {
+		return nil, ctxerr.Wrapf(ctx, err, "loading team %d", teamID)
+	}
+
 	return svc.ds.ListTeamPolicies(ctx, teamID)
 }
 
diff --git a/server/service/team_policies_test.go b/server/service/team_policies_test.go
index 22668c39d9..a7d3ddef4e 100644
--- a/server/service/team_policies_test.go
+++ b/server/service/team_policies_test.go
@@ -56,6 +56,9 @@ func TestTeamPoliciesAuth(t *testing.T) {
 	ds.NewActivityFunc = func(ctx context.Context, user *fleet.User, activityType string, details *map[string]interface{}) error {
 		return nil
 	}
+	ds.TeamFunc = func(ctx context.Context, tid uint) (*fleet.Team, error) {
+		return &fleet.Team{ID: 1}, nil
+	}
 
 	testCases := []struct {
 		name            string