Allow checking entity permissions based on devices (#19007)
* Allow checking entity permissions based on devices * Fix tests
This commit is contained in:
parent
2680bf8a61
commit
3928d034a3
11 changed files with 143 additions and 27 deletions
|
@ -4,12 +4,16 @@ import voluptuous as vol
|
|||
|
||||
from homeassistant.auth.permissions.entities import (
|
||||
compile_entities, ENTITY_POLICY_SCHEMA)
|
||||
from homeassistant.auth.permissions.models import PermissionLookup
|
||||
from homeassistant.helpers.entity_registry import RegistryEntry
|
||||
|
||||
from tests.common import mock_registry
|
||||
|
||||
|
||||
def test_entities_none():
|
||||
"""Test entity ID policy."""
|
||||
policy = None
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is False
|
||||
|
||||
|
||||
|
@ -17,7 +21,7 @@ def test_entities_empty():
|
|||
"""Test entity ID policy."""
|
||||
policy = {}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is False
|
||||
|
||||
|
||||
|
@ -32,7 +36,7 @@ def test_entities_true():
|
|||
"""Test entity ID policy."""
|
||||
policy = True
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
|
||||
|
||||
|
@ -42,7 +46,7 @@ def test_entities_domains_true():
|
|||
'domains': True
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
|
||||
|
||||
|
@ -54,7 +58,7 @@ def test_entities_domains_domain_true():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('switch.kitchen', 'read') is False
|
||||
|
||||
|
@ -76,7 +80,7 @@ def test_entities_entity_ids_true():
|
|||
'entity_ids': True
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
|
||||
|
||||
|
@ -97,7 +101,7 @@ def test_entities_entity_ids_entity_id_true():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('switch.kitchen', 'read') is False
|
||||
|
||||
|
@ -123,7 +127,7 @@ def test_entities_control_only():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('light.kitchen', 'control') is False
|
||||
assert compiled('light.kitchen', 'edit') is False
|
||||
|
@ -140,7 +144,7 @@ def test_entities_read_control():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('light.kitchen', 'control') is True
|
||||
assert compiled('light.kitchen', 'edit') is False
|
||||
|
@ -152,7 +156,7 @@ def test_entities_all_allow():
|
|||
'all': True
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('light.kitchen', 'control') is True
|
||||
assert compiled('switch.kitchen', 'read') is True
|
||||
|
@ -166,7 +170,7 @@ def test_entities_all_read():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is True
|
||||
assert compiled('light.kitchen', 'control') is False
|
||||
assert compiled('switch.kitchen', 'read') is True
|
||||
|
@ -180,8 +184,40 @@ def test_entities_all_control():
|
|||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy)
|
||||
compiled = compile_entities(policy, None)
|
||||
assert compiled('light.kitchen', 'read') is False
|
||||
assert compiled('light.kitchen', 'control') is True
|
||||
assert compiled('switch.kitchen', 'read') is False
|
||||
assert compiled('switch.kitchen', 'control') is True
|
||||
|
||||
|
||||
def test_entities_device_id_boolean(hass):
|
||||
"""Test entity ID policy applying control on device id."""
|
||||
registry = mock_registry(hass, {
|
||||
'test_domain.allowed': RegistryEntry(
|
||||
entity_id='test_domain.allowed',
|
||||
unique_id='1234',
|
||||
platform='test_platform',
|
||||
device_id='mock-allowed-dev-id'
|
||||
),
|
||||
'test_domain.not_allowed': RegistryEntry(
|
||||
entity_id='test_domain.not_allowed',
|
||||
unique_id='5678',
|
||||
platform='test_platform',
|
||||
device_id='mock-not-allowed-dev-id'
|
||||
),
|
||||
})
|
||||
|
||||
policy = {
|
||||
'device_ids': {
|
||||
'mock-allowed-dev-id': {
|
||||
'read': True,
|
||||
}
|
||||
}
|
||||
}
|
||||
ENTITY_POLICY_SCHEMA(policy)
|
||||
compiled = compile_entities(policy, PermissionLookup(registry))
|
||||
assert compiled('test_domain.allowed', 'read') is True
|
||||
assert compiled('test_domain.allowed', 'control') is False
|
||||
assert compiled('test_domain.not_allowed', 'read') is False
|
||||
assert compiled('test_domain.not_allowed', 'control') is False
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue