only restrict OAuth2 tokens for external accounts *at creation time*

related: https://github.com/ansible/awx/pull/5477
2026-03-06 19:21:06 -03:30 · 2019-12-13 10:11:24 -05:00
parent 4dd4928aab
commit a7a3609e48
2 changed files with 5 additions and 9 deletions
--- a/awx/main/tests/functional/api/test_oauth.py
+++ b/awx/main/tests/functional/api/test_oauth.py
@@ -69,7 +69,7 @@ def test_token_creation_disabled_for_external_accounts(oauth_application, post,


@pytest.mark.django_db
-def test_existing_token_disabled_for_external_accounts(oauth_application, get, post, admin):
+def test_existing_token_enabled_for_external_accounts(oauth_application, get, post, admin):
    UserEnterpriseAuth(user=admin, provider='radius').save()
    url = drf_reverse('api:oauth_authorization_root_view') + 'token/'
    with override_settings(RADIUS_SERVER='example.org', ALLOW_OAUTH2_FOR_EXTERNAL_USERS=True):
@@ -98,9 +98,9 @@ def test_existing_token_disabled_for_external_accounts(oauth_application, get, p
            resp = get(
                drf_reverse('api:user_me_list', kwargs={'version': 'v2'}),
                HTTP_AUTHORIZATION='Bearer ' + token,
-                status=401
+                status=200
            )
-            assert b'To establish a login session' in resp.content
+            assert json.loads(resp.content)['results'][0]['username'] == 'admin'


@pytest.mark.django_db