diff --git a/tests/TestHelpers/GraphHelper.php b/tests/TestHelpers/GraphHelper.php
index 2056fb6d8..14335d6b8 100644
--- a/tests/TestHelpers/GraphHelper.php
+++ b/tests/TestHelpers/GraphHelper.php
@@ -82,7 +82,7 @@ class GraphHelper {
 	 *
 	 * @return string
 	 */
-	private static function getFullUrl(string $baseUrl, string $path): string {
+	public static function getFullUrl(string $baseUrl, string $path): string {
 		$fullUrl = $baseUrl;
 		if (\substr($fullUrl, -1) !== '/') {
 			$fullUrl .= '/';
diff --git a/tests/acceptance/features/apiSpaces/changeSpaces.feature b/tests/acceptance/features/apiSpaces/changeSpaces.feature
index 833e86643..93fafaa1c 100644
--- a/tests/acceptance/features/apiSpaces/changeSpaces.feature
+++ b/tests/acceptance/features/apiSpaces/changeSpaces.feature
@@ -229,7 +229,7 @@ Feature: Change data of space
       | 0          | between "201" and "204" | 0     | 26   |
       | -1         | between "201" and "204" | 0     | 26   |
 
-  
+
   Scenario: user sends invalid space uuid via the Graph API
     When user "Admin" tries to change the name of the "non-existing" space to "new name"
     Then the HTTP status code should be "404"
@@ -237,3 +237,13 @@ Feature: Change data of space
     Then the HTTP status code should be "404"
     When user "Alice" tries to change the description of the "non-existing" space to "new description"
     Then the HTTP status code should be "404"
+
+
+  Scenario: user sends PATCH request to other user's space that they don't have access to
+    Given these users have been created with default attributes and without skeleton files:
+      | username |
+      | Carol    |
+    When user "Carol" sends PATCH request to the space "Personal" of user "Alice" with data "{}"
+    Then the HTTP status code should be "404"
+    When user "Carol" sends PATCH request to the space "Project Jupiter" of user "Alice" with data "{}"
+    Then the HTTP status code should be "404"
diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php
index 1ae8c983a..7a5733593 100644
--- a/tests/acceptance/features/bootstrap/SpacesContext.php
+++ b/tests/acceptance/features/bootstrap/SpacesContext.php
@@ -753,6 +753,35 @@ class SpacesContext implements Context {
 		);
 	}
 
+	/**
+	 * @When /^user "([^"]*)" sends PATCH request to the space "([^"]*)" of user "([^"]*)" with data "([^"]*)"$/
+	 *
+	 * @param string $user
+	 * @param string $spaceName
+	 * @param string $owner
+	 * @param string $data
+	 *
+	 * @return void
+	 * @throws GuzzleException
+	 */
+	public function userSendsPatchRequestToTheSpaceOfUserWithData(string $user, string $spaceName, string $owner, string $data): void {
+		$space = $this->getSpaceByName($owner, $spaceName);
+		Assert::assertIsArray($space);
+		Assert::assertNotEmpty($spaceId = $space["id"]);
+		$url = GraphHelper::getFullUrl($this->featureContext->getBaseUrl(), 'drives/' . $spaceId);
+		$this->featureContext->setResponse(
+			HttpRequestHelper::sendRequest(
+				$url,
+				"",
+				"PATCH",
+				$this->featureContext->getActualUsername($user),
+				$this->featureContext->getPasswordForUser($user),
+				null,
+				$data
+			)
+		);
+	}
+
 	/**
 	 * @Then /^the (?:propfind|search) result of the space should (not|)\s?contain these (?:files|entries):$/
 	 *