Description
 
When using a Job Template from another Organization (the user is privileged to use) in a Workflow, and then trying to export the workflow template using the ansible.controller.export module, the module fails.
 
Steps to Reproduce
 
Requirements/Assumptions:

• A project exists to be used for testing purposes
   
  1. Login as a SuperUser (e.g. 'admin') and create a new Organization via Organizations -> Add and give it a name, e.g. 'org-test', then hit save
  2. Create a new user via Users -> Add. Give it a name, e.g. 'test_user', select 'Normal User' for the Usertype, set the password and set the Organization to the Organization created in step 1
  3. Head to the created Users's Roles via Users -> Select the created User of step 2 -> Roles
  4. Click on Add
  5. Select as 'resource type' 'Organization', click next
  6. Select the Organization created in step 1, click next
  7. Select Admin and click on Save
  8. Still as the SuperUser, create a new Job Template via Templates -> Add -> Add Job Template and fill out all mandatory fields, then hit save
  9. Once saved, still in the Job Template, select Access -> Add
  10. Select Users, followed by selecting the user created in step 2. Select Execute as Permission and hit save
  11. Logout as SuperUser and login as the user created in step 2 ('test_user')
  12. Verify you can access and execute the Job Template created in step 8
  13. As the user created in step 2 ('test_user') create a new workflow template via: Templates -> Add -> Add Workflow Template. Give it a name and hit save
  14. In the workflow visualizer select the Job Template created in step 8 as the first workflow node and hit save
  15. Run below playbook with the credentials of the created in step 2 ('test_user')
   

  ---
  - name: Test
    hosts: 'localhost'
    gather_facts: false
  
    vars:
      controller_host: 'host.example.com'
      controller_username: 'test_user'
      controller_password: 'mypass'
      validate_certs: false
  
    tasks:
      - name: 'Export'
        ansible.controller.export:
          controller_host: '{{ controller_host }}'
          controller_username: '{{ controller_username }}'
          controller_password: '{{ controller_password }}'
          validate_certs: '{{ validate_certs }}'
          workflow_job_templates:  
            - 'wf-test'
        register: 'workflow'
  
      - name: 'Debug'
        ansible.builtin.debug:
          var: workflow 

Actual Behavior
The Ansible module ansible.controller.export fails with the following error:
 

• fatal: [localhost]: FAILED! => {     "changed": false,     "module_stderr": "",     "module_stdout": "\n{\"changed\": false, \"assets\": {\"workflow_job_templates\": [{\"name\": \"wf-test\", \"description\": \"\", \"extra_vars\": \"---\", \"survey_enabled\": false, \"allow_simultaneous\": false, \"ask_variables_on_launch\": false, \"inventory\": null, \"limit\": null, \"scm_branch\": null, \"ask_inventory_on_launch\": false, \"ask_scm_branch_on_launch\": false, \"ask_limit_on_launch\": false, \"webhook_service\": \"\", \"webhook_credential\": null, \"ask_labels_on_launch\": false, \"ask_skip_tags_on_launch\": false, \"ask_tags_on_launch\": false, \"skip_tags\": null, \"job_tags\": null, \"organization\": {\"name\": \"org-test\", \"type\": \"organization\"}, \"related\": {\"schedules\": [], \"workflow_nodes\": [{\"extra_data\": {}, \"inventory\": null, \"scm_branch\": null, \"job_type\": null, \"job_tags\": null, \"skip_tags\": null, \"limit\": null, \"diff_mode\": null, \"verbosity\": null, \"execution_environment\": null, \"forks\": null, \"job_slice_count\": null, \"timeout\": null, \"all_parents_must_converge\": false, \"identifier\": \"7760a65b-e529-43e5-bd12-7d4bac3fa7ea\", \"workflow_job_template\": {\"organization\": {\"name\": \"org-test\", \"type\": \"organization\"}, \"name\": \"wf-test\", \"type\": \"workflow_job_template\"}, \"unified_job_template\": {\"organization\": null, \"name\": \"jt-test\", \"type\": \"job_template\"}, \"related\": {\"credentials\": [], \"success_nodes\": [], \"failure_nodes\": [], \"always_nodes\": []}, \"natural_key\": {\"workflow_job_template\": {\"organization\": {\"name\": \"org-test\", \"type\": \"organization\"}, \"name\": \"wf-test\", \"type\": \"workflow_job_template\"}, \"identifier\": \"7760a65b-e529-43e5-bd12-7d4bac3fa7ea\", \"type\": \"workflow_job_template_node\"}}], \"labels\": [], \"notification_templates_started\": [], \"notification_templates_success\": [], \"notification_templates_error\": [], \"notification_templates_approvals\": [], \"survey_spec\": {}}, \"natural_key\": {\"organization\": {\"name\": \"org-test\", \"type\": \"organization\"}, \"name\": \"wf-test\", \"type\": \"workflow_job_template\"}}]}, \"invocation\": {\"module_args\": {\"controller_host\": \"https://lab-aap2-controller1.core.rh.scheib.me\", \"controller_username\": \"test_user\", \"controller_password\": \"VALUE_SPECIFIED_IN_NO_LOG_PARAMETER\", \"validate_certs\": false, \"workflow_job_templates\": [\"wf-test\"], \"all\": false, \"controller_oauthtoken\": null, \"controller_config_file\": null, \"users\": null, \"organizations\": null, \"teams\": null, \"credential_types\": null, \"credentials\": null, \"notification_templates\": null, \"projects\": null, \"inventory\": null, \"inventory_sources\": null, \"job_templates\": null, \"execution_environments\": null, \"applications\": null, \"schedules\": null}}}\n\n{\"failed\": true, \"msg\": \"This endpoint raised an error: /api/v2/organizations/1/\\n\", \"exception\": \"  File \\\"/tmp/ansible_ansible.controller.export_payload_1xg66wqm/ansible_ansible.controller.export_payload.zip/ansible_collections/ansible/controller/plugins/modules/export.py\\\", line 185, in main\\n  File \\\"/tmp/ansible_ansible.controller.export_payload_1xg66wqm/ansible_ansible.controller.export_payload.zip/ansible_collections/ansible/controller/plugins/module_utils/controller_api.py\\\", line 296, in exit_json\\n    super().exit_json(**kwargs)\\n  File \\\"/tmp/ansible_ansible.controller.export_payload_1xg66wqm/ansible_ansible.controller.export_payload.zip/ansible/module_utils/basic.py\\\", line 1522, in exit_json\\n    sys.exit(0)\\n\", \"invocation\": {\"module_args\": {\"controller_host\": \"https://lab-aap2-controller1.core.rh.scheib.me\", \"controller_username\": \"test_user\", \"controller_password\": \"VALUE_SPECIFIED_IN_NO_LOG_PARAMETER\", \"validate_certs\": false, \"workflow_job_templates\": [\"wf-test\"], \"all\": false, \"controller_oauthtoken\": null, \"controller_config_file\": null, \"users\": null, \"organizations\": null, \"teams\": null, \"credential_types\": null, \"credentials\": null, \"notification_templates\": null, \"projects\": null, \"inventory\": null, \"inventory_sources\": null, \"job_templates\": null, \"execution_environments\": null, \"applications\": null, \"schedules\": null}}}\n",     "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",     "rc": 1 }

   
   
  When running the same playbook with SuperUser credentials, everything works as expected.
   
  Even setting the user ('test_user') as Admin of the Job Template will not work as intended and the same error is shown.
   
  The user is perfectly able to browse the API endpoints for the job template (e.g. https://controller.example.com/api/v2/job_templates/<jtID>/), but is unable to use the export module.
   
  Expected Behavior
   
  The export module should be able to work with lesser privileged users and be able to only export what is accessible by the user.