evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add is_admin checks to cloud APIs (#97804)

Browse source
This commit is contained in:
Franck Nijhof 2023-08-08 11:02:42 +02:00 committed by GitHub
parent 3859d2e2a6
commit 5e020ea354
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 66 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
homeassistant/components/cloud/http_api.py
View file

@ -24,7 +24,7 @@ from homeassistant.components.alexa import (
)
from homeassistant.components.google_assistant import helpers as google_helpers
from homeassistant.components.homeassistant import exposed_entities
from homeassistant.components.http import HomeAssistantView
from homeassistant.components.http import HomeAssistantView, require_admin
from homeassistant.components.http.data_validator import RequestDataValidator
from homeassistant.const import CLOUD_NEVER_EXPOSED_ENTITIES
from homeassistant.core import HomeAssistant
@ -128,7 +128,6 @@ def _handle_cloud_errors(
try:
result = await handler(view, request, *args, **kwargs)
return result
except Exception as err: # pylint: disable=broad-except
status, msg = _process_cloud_exception(err, request.path)
return view.json_message(
@ -188,6 +187,7 @@ class GoogleActionsSyncView(HomeAssistantView):
url = "/api/cloud/google_actions/sync"
name = "api:cloud:google_actions/sync"
@require_admin
@_handle_cloud_errors
async def post(self, request: web.Request) -> web.Response:
"""Trigger a Google Actions sync."""
@ -204,6 +204,7 @@ class CloudLoginView(HomeAssistantView):
url = "/api/cloud/login"
name = "api:cloud:login"
@require_admin
@_handle_cloud_errors
@RequestDataValidator(
vol.Schema({vol.Required("email"): str, vol.Required("password"): str})
@ -244,6 +245,7 @@ class CloudLogoutView(HomeAssistantView):
url = "/api/cloud/logout"
name = "api:cloud:logout"
@require_admin
@_handle_cloud_errors
async def post(self, request: web.Request) -> web.Response:
"""Handle logout request."""
@ -262,6 +264,7 @@ class CloudRegisterView(HomeAssistantView):
url = "/api/cloud/register"
name = "api:cloud:register"
@require_admin
@_handle_cloud_errors
@RequestDataValidator(
vol.Schema(
@ -305,6 +308,7 @@ class CloudResendConfirmView(HomeAssistantView):
url = "/api/cloud/resend_confirm"
name = "api:cloud:resend_confirm"
@require_admin
@_handle_cloud_errors
@RequestDataValidator(vol.Schema({vol.Required("email"): str}))
async def post(self, request: web.Request, data: dict[str, Any]) -> web.Response:
@ -324,6 +328,7 @@ class CloudForgotPasswordView(HomeAssistantView):
url = "/api/cloud/forgot_password"
name = "api:cloud:forgot_password"
@require_admin
@_handle_cloud_errors
@RequestDataValidator(vol.Schema({vol.Required("email"): str}))
async def post(self, request: web.Request, data: dict[str, Any]) -> web.Response: