From 37796c5a6b2ce85fc2c7d64a414e483f970f8dd6 Mon Sep 17 00:00:00 2001
From: moeez96 <moeezzahid1996@gmail.com>
Date: Tue, 6 Sep 2022 20:54:12 +0500
Subject: [PATCH] fix: Fix retiring user auth models on disable event

---
 lms/djangoapps/support/tests/test_views.py  | 13 +++++++++++++
 lms/djangoapps/support/views/manage_user.py |  2 +-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/lms/djangoapps/support/tests/test_views.py b/lms/djangoapps/support/tests/test_views.py
index 48dce9ed1e6d..a3d65bde7765 100644
--- a/lms/djangoapps/support/tests/test_views.py
+++ b/lms/djangoapps/support/tests/test_views.py
@@ -16,6 +16,7 @@
 from django.http import HttpResponse
 from django.urls import reverse
 from django.test.utils import override_settings
+from oauth2_provider.models import AccessToken, RefreshToken
 from organizations.tests.factories import OrganizationFactory
 from pytz import UTC
 from rest_framework import status
@@ -41,6 +42,7 @@
 from lms.djangoapps.verify_student.services import IDVerificationService
 from lms.djangoapps.verify_student.tests.factories import SSOVerificationFactory
 from openedx.core.djangoapps.content.course_overviews.models import CourseOverview
+from openedx.core.djangoapps.oauth_dispatch.tests import factories
 from openedx.features.content_type_gating.models import ContentTypeGatingConfig
 from openedx.features.course_duration_limits.models import CourseDurationLimitConfig
 from xmodule.modulestore.tests.django_utils import ModuleStoreTestCase, SharedModuleStoreTestCase
@@ -130,6 +132,15 @@ def test_disable_user_account(self):
         test_user = UserFactory(
             username='foobar', email='foobar@foobar.com', password='foobar'
         )
+
+        application = factories.ApplicationFactory(user=test_user)
+        access_token = factories.AccessTokenFactory(user=test_user, application=application)
+        factories.RefreshTokenFactory(
+            user=test_user, application=application, access_token=access_token
+        )
+        assert 0 != AccessToken.objects.filter(user=test_user).count()
+        assert 0 != RefreshToken.objects.filter(user=test_user).count()
+
         url = reverse('support:manage_user_detail') + test_user.username
         response = self.client.post(url, data={
             'username_or_email': test_user.username,
@@ -139,6 +150,8 @@ def test_disable_user_account(self):
         assert data['success_msg'] == 'User Disabled Successfully'
         test_user = User.objects.get(username=test_user.username, email=test_user.email)
         assert test_user.has_usable_password() is False
+        assert 0 == AccessToken.objects.filter(user=test_user).count()
+        assert 0 == RefreshToken.objects.filter(user=test_user).count()
 
 
 @ddt.ddt
diff --git a/lms/djangoapps/support/views/manage_user.py b/lms/djangoapps/support/views/manage_user.py
index fdc4f412e31d..ac4f37a57c2e 100644
--- a/lms/djangoapps/support/views/manage_user.py
+++ b/lms/djangoapps/support/views/manage_user.py
@@ -75,7 +75,7 @@ def post(self, request, username_or_email):
             UserPasswordToggleHistory.objects.create(
                 user=user, comment=comment, created_by=request.user, disabled=True
             )
-            retire_dot_oauth2_models(request.user)
+            retire_dot_oauth2_models(user)
         else:
             user.set_password(generate_password(length=25))
             UserPasswordToggleHistory.objects.create(