Reimplemented scope logic to account for tokens

2025-10-17 06:52:59 +00:00 · 2021-03-07 15:29:50 +01:00
parent 0eb275e863
commit 9d19ffe457
5 changed files with 32 additions and 62 deletions
--- a/jupyterhub/tests/test_api.py
+++ b/jupyterhub/tests/test_api.py
@@ -1319,7 +1319,7 @@ async def test_token_for_user(app, as_user, for_user, status):
    if for_user != 'missing':
        for_user_obj = add_user(app.db, app, name=for_user)
    data = {'username': for_user}
-    headers = {'Authorization': 'token %s' % u.new_api_token()}
+    headers = {'Authorization': 'token %s' % u.new_api_token(roles=[as_user])}
    r = await api_request(
        app,
        'users',
@@ -1414,7 +1414,7 @@ async def test_token_list(app, as_user, for_user, status):
    u = add_user(app.db, app, name=as_user)
    if for_user != 'missing':
        for_user_obj = add_user(app.db, app, name=for_user)
-    headers = {'Authorization': 'token %s' % u.new_api_token()}
+    headers = {'Authorization': 'token %s' % u.new_api_token(roles=[as_user])}
    r = await api_request(app, 'users', for_user, 'tokens', headers=headers)
    assert r.status_code == status
    if status != 200: