diff --git a/endpoints/api/robot.py b/endpoints/api/robot.py index 64b5d0f5e..b9319e8d9 100644 --- a/endpoints/api/robot.py +++ b/endpoints/api/robot.py @@ -188,9 +188,10 @@ class OrgRobotList(ApiResource): """ permission = OrganizationMemberPermission(orgname) if permission.can() or allow_if_superuser() or allow_if_global_readonly_superuser(): - include_token = AdministerOrganizationPermission(orgname).can() and parsed_args.get( - "token", True - ) + include_token = ( + AdministerOrganizationPermission(orgname).can() + or allow_if_global_readonly_superuser() + ) and parsed_args.get("token", True) include_permissions = AdministerOrganizationPermission( orgname ).can() and parsed_args.get("permissions", False) diff --git a/test/test_api_usage.py b/test/test_api_usage.py index f45b2cc50..b73143c1b 100644 --- a/test/test_api_usage.py +++ b/test/test_api_usage.py @@ -3919,6 +3919,12 @@ class TestOrgRobots(ApiTestCase): self.assertEqual(json["token"], json2["token"]) + def test_get_robots_as_globalreadonlysuperuser(self): + self.login("globalreadonlysuperuser") + params = dict(orgname=ORGANIZATION) + for r in self.getJsonResponse(OrgRobotList, params=params)["robots"]: + assert "token" in r + class TestLogs(ApiTestCase): def test_repo_logs(self):