1 files changed, 15 insertions, 9 deletions

diff --git a/spec/graphql/types/alert_management/prometheus_integration_type_spec.rb b/spec/graphql/types/alert_management/prometheus_integration_type_spec.rb
index b10c2a2ab2a..d057afb331c 100644
--- a/spec/graphql/types/alert_management/prometheus_integration_type_spec.rb
+++ b/spec/graphql/types/alert_management/prometheus_integration_type_spec.rb
@@ -48,15 +48,21 @@ RSpec.describe GitlabSchema.types['AlertManagementPrometheusIntegration'] do
       end
     end
 
-    context 'without project' do
-      let_it_be(:integration) { create(:prometheus_service, project: nil, group: create(:group)) }
-
-      it_behaves_like 'has field with value', 'token' do
-        let(:value) { nil }
-      end
-
-      it_behaves_like 'has field with value', 'url' do
-        let(:value) { nil }
+    describe 'a group integration' do
+      let_it_be(:group) { create(:group) }
+      let_it_be(:integration) { create(:prometheus_service, project: nil, group: group) }
+
+      # Since it is impossible to authorize the parent here, given that the
+      # project is nil, all fields should be redacted:
+
+      described_class.fields.each_key do |field_name|
+        context "field: #{field_name}" do
+          it 'is redacted' do
+            expect do
+              resolve_field(field_name, integration, current_user: user)
+            end.to raise_error(GraphqlHelpers::UnauthorizedObject)
+          end
+        end
       end
     end
   end