From cd29306bf400aec3831f90abd3f1324203869b59 Mon Sep 17 00:00:00 2001 From: OpenShift Cherrypick Robot Date: Thu, 25 Jul 2024 16:50:38 +0200 Subject: [PATCH] [redhat-3.12] api: adding token to global readonly user list robots (PROJQUAY-7177) (#3083) Adding token to list robots api when calling as global readonly superuser. Co-authored-by: bcaton --- endpoints/api/robot.py | 7 ++++--- test/test_api_usage.py | 6 ++++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/endpoints/api/robot.py b/endpoints/api/robot.py index 64b5d0f5e..b9319e8d9 100644 --- a/endpoints/api/robot.py +++ b/endpoints/api/robot.py @@ -188,9 +188,10 @@ class OrgRobotList(ApiResource): """ permission = OrganizationMemberPermission(orgname) if permission.can() or allow_if_superuser() or allow_if_global_readonly_superuser(): - include_token = AdministerOrganizationPermission(orgname).can() and parsed_args.get( - "token", True - ) + include_token = ( + AdministerOrganizationPermission(orgname).can() + or allow_if_global_readonly_superuser() + ) and parsed_args.get("token", True) include_permissions = AdministerOrganizationPermission( orgname ).can() and parsed_args.get("permissions", False) diff --git a/test/test_api_usage.py b/test/test_api_usage.py index f45b2cc50..b73143c1b 100644 --- a/test/test_api_usage.py +++ b/test/test_api_usage.py @@ -3919,6 +3919,12 @@ class TestOrgRobots(ApiTestCase): self.assertEqual(json["token"], json2["token"]) + def test_get_robots_as_globalreadonlysuperuser(self): + self.login("globalreadonlysuperuser") + params = dict(orgname=ORGANIZATION) + for r in self.getJsonResponse(OrgRobotList, params=params)["robots"]: + assert "token" in r + class TestLogs(ApiTestCase): def test_repo_logs(self):