Allow non-admins to listen to certain events (#22137)
This commit is contained in:
Paulus Schoutsen
GitHub
parent
c020b7c47d
commit
29131a655d
3 changed files with 125 additions and 10 deletions
|
|
@ -1,7 +1,9 @@
|
|||
"""Commands part of Websocket API."""
|
||||
import voluptuous as vol
|
||||
|
||||
from homeassistant.const import MATCH_ALL, EVENT_TIME_CHANGED
|
||||
from homeassistant.auth.permissions.const import POLICY_READ
|
||||
from homeassistant.const import (
|
||||
MATCH_ALL, EVENT_TIME_CHANGED, EVENT_STATE_CHANGED)
|
||||
from homeassistant.core import callback, DOMAIN as HASS_DOMAIN
|
||||
from homeassistant.exceptions import Unauthorized, ServiceNotFound, \
|
||||
HomeAssistantError
|
||||
|
|
@ -42,20 +44,37 @@ def handle_subscribe_events(hass, connection, msg):
|
|||
|
||||
Async friendly.
|
||||
"""
|
||||
if not connection.user.is_admin:
|
||||
from .permissions import SUBSCRIBE_WHITELIST
|
||||
|
||||
event_type = msg['event_type']
|
||||
|
||||
if (event_type not in SUBSCRIBE_WHITELIST and
|
||||
not connection.user.is_admin):
|
||||
raise Unauthorized
|
||||
|
||||
async def forward_events(event):
|
||||
"""Forward events to websocket."""
|
||||
if event.event_type == EVENT_TIME_CHANGED:
|
||||
return
|
||||
if event_type == EVENT_STATE_CHANGED:
|
||||
@callback
|
||||
def forward_events(event):
|
||||
"""Forward state changed events to websocket."""
|
||||
if not connection.user.permissions.check_entity(
|
||||
event.data['entity_id'], POLICY_READ):
|
||||
return
|
||||
|
||||
connection.send_message(messages.event_message(
|
||||
msg['id'], event.as_dict()
|
||||
))
|
||||
connection.send_message(messages.event_message(msg['id'], event))
|
||||
|
||||
else:
|
||||
@callback
|
||||
def forward_events(event):
|
||||
"""Forward events to websocket."""
|
||||
if event.event_type == EVENT_TIME_CHANGED:
|
||||
return
|
||||
|
||||
connection.send_message(messages.event_message(
|
||||
msg['id'], event.as_dict()
|
||||
))
|
||||
|
||||
connection.subscriptions[msg['id']] = hass.bus.async_listen(
|
||||
msg['event_type'], forward_events)
|
||||
event_type, forward_events)
|
||||
|
||||
connection.send_message(messages.result_message(msg['id']))
|
||||
|
||||
|
|
|
|||
23
homeassistant/components/websocket_api/permissions.py
Normal file
23
homeassistant/components/websocket_api/permissions.py
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
"""Permission constants for the websocket API.
|
||||
|
||||
Separate file to avoid circular imports.
|
||||
"""
|
||||
from homeassistant.const import (
|
||||
EVENT_COMPONENT_LOADED,
|
||||
EVENT_SERVICE_REGISTERED,
|
||||
EVENT_SERVICE_REMOVED,
|
||||
EVENT_STATE_CHANGED,
|
||||
EVENT_THEMES_UPDATED)
|
||||
from homeassistant.components.persistent_notification import (
|
||||
EVENT_PERSISTENT_NOTIFICATIONS_UPDATED)
|
||||
|
||||
# These are events that do not contain any sensitive data
|
||||
# Except for state_changed, which is handled accordingly.
|
||||
SUBSCRIBE_WHITELIST = {
|
||||
EVENT_COMPONENT_LOADED,
|
||||
EVENT_PERSISTENT_NOTIFICATIONS_UPDATED,
|
||||
EVENT_SERVICE_REGISTERED,
|
||||
EVENT_SERVICE_REMOVED,
|
||||
EVENT_STATE_CHANGED,
|
||||
EVENT_THEMES_UPDATED,
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue