Add test to validate if one project is unathorized

Refactor code.
Separate in two method to update configuration project and delete project

functional-test/src/test/groovy/org/rundeck/tests/functional/api/execution/ExecutionSpec.groovy

@@ -368,11 +368,14 @@ class ExecutionSpec extends BaseContainer {
                 jsonValue(response4.body()).executions.size() >= 1
             }
         cleanup:
-            (2..4).each {disableScheduledAndDeleteProject("${projectNameSuffix}-${it}", [
+            (2..4).each {
+                updateConfigurationProject("${projectNameSuffix}-${it}", [
                     "project.disable.schedule": "true",
                     "project.later.schedule.enable": "false",
                     "project.disable.executions": "true"
-            ])}
+                ])
+                deleteProject("${projectNameSuffix}-${it}")
+            }
     }
 
     def "executions-running when project is disabled"() {

functional-test/src/test/groovy/org/rundeck/util/container/BaseContainer.groovy

@@ -320,30 +320,25 @@ abstract class BaseContainer extends Specification implements ClientProvider {
     }
 
     /**
-     * Disables scheduled executions for a specific project and then deletes the project.
-     * This method first makes a PUT request to update the project's configuration,
-     * specifically to disable all scheduled executions. If this operation is successful,
-     * it proceeds to delete the project with a DELETE request. If any of the operations fail,
-     * a RuntimeException is thrown.
+     * Updates the configuration of a project with the provided settings.
      *
-     * @param projectName the name of the project to be disabled and deleted. Must not be null.
-     * @param body a map containing the configuration to be updated in the project before deletion.
-     *        Specifically, this map should include the necessary properties to disable
-     *        scheduled executions. The exact contents of the map will depend on the client API and
-     *        the project configuration.
-     * @throws RuntimeException if disabling scheduled executions or deleting the project fails.
+     * This method sends a PUT request to update the configuration of the specified project
+     * with the provided settings. The configuration data is replaced entirely with the submitted values.
+     *
+     * @param projectName The name of the project whose configuration is to be updated. Must not be null.
+     * @param body A map containing the configuration settings to be applied to the project.
+     *             The content of this map should represent the entire configuration data to replace.
+     *             The structure of the map should match the expected format for the project configuration.
+     *             Must not be null.
+     * @throws RuntimeException if updating the project configuration fails.
      *         The exception contains a detailed message obtained from the server's response.
      */
-    void disableScheduledAndDeleteProject(String projectName, Map body) {
+    void updateConfigurationProject(String projectName, Map body) {
         def responseDisable = client.doPutWithJsonBody("/project/${projectName}/config", body)
         if (!responseDisable.successful) {
             throw new RuntimeException("Failed to disable scheduled execution: ${responseDisable.body().string()}")
         }
         hold 5
-        def response = client.doDelete("/project/${projectName}")
-        if (!response.successful) {
-            throw new RuntimeException("Failed to delete project: ${response.body().string()}")
-        }
     }
 
     def setupSpec() {

rundeckapp/grails-app/controllers/rundeck/controllers/MenuController.groovy

@@ -3592,8 +3592,7 @@ if executed in cluster mode.
                     ])
                     return true
                 }
-                def authorized = !apiAuthorizedForEventRead(project)
-                if (authorized) {
+                if (!apiAuthorizedForEventRead(project)) {
                     return true
                 }
                 return false

rundeckapp/src/test/groovy/rundeck/controllers/MenuControllerSpec.groovy

@@ -2582,14 +2582,40 @@ class MenuControllerSpec extends RundeckHibernateSpec implements ControllerUnitT
         controller.apiExecutionsRunningv14()
         then:
         response.status == 404
-        // response.errorMessage == 'api.error.project.disabled'
         1 * controller.rundeckAuthContextProcessor.authorizeProjectResource(_, _, action, _) >> true
         2 * controller.frameworkService.existsFrameworkProject(_) >> true
         1 * controller.frameworkService.isFrameworkProjectDisabled('aProject') >> false
         1 * controller.frameworkService.isFrameworkProjectDisabled('bProject') >> true
 
     }
 
+    @Unroll
+    def "apiExecutionsRunning one unauthorized project with list of projects"() {
+        given:
+        controller.frameworkService = Mock(FrameworkService)
+        controller.rundeckAuthContextProcessor=Mock(AppAuthContextProcessor)
+        controller.apiService = Mock(ApiService) {
+            1 * requireApi(_,_) >> true
+            1 * renderErrorFormat(_, { it.status == 403 }) >> {
+                it[0].status = 403
+            }
+
+            2 * requireExists(_, true, _) >> true
+            0 * _ (*_)
+        }
+        params.project = 'aProject,bProject,cProject'
+        def action = 'read'
+        when:
+        controller.apiExecutionsRunningv14()
+        then:
+        response.status == 403
+        1 * controller.rundeckAuthContextProcessor.authorizeProjectResource(_, _, action, 'aProject') >> true
+        1 * controller.rundeckAuthContextProcessor.authorizeProjectResource(_, _, action, 'bProject') >> false
+        2 * controller.frameworkService.existsFrameworkProject(_) >> true
+        2 * controller.frameworkService.isFrameworkProjectDisabled(_) >> false
+
+    }
+
     def "test project job list handler"() {
         given:
         controller.configurationService = Mock(ConfigurationService)