evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert "Remove strict connection" (#116416)

Browse source
This commit is contained in:
Robert Resch 2024-04-29 21:26:40 +02:00 committed by GitHub
parent f001e8524a
commit 630ddd6a8c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 40 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

8
homeassistant/components/cloud/__init__.py
View file

@ -30,6 +30,7 @@ from homeassistant.core import (
HomeAssistant, HomeAssistant,
ServiceCall, ServiceCall,
ServiceResponse, ServiceResponse,
SupportsResponse,
callback, callback,
) )
from homeassistant.exceptions import ( from homeassistant.exceptions import (
@ -457,3 +458,10 @@ def _setup_services(hass: HomeAssistant, prefs: CloudPreferences) -> None:
"url": f"https://login.home-assistant.io?u={quote_plus(url)}", "url": f"https://login.home-assistant.io?u={quote_plus(url)}",
"direct_url": url, "direct_url": url,
} }
hass.services.async_register(
DOMAIN,
"create_temporary_strict_connection_url",
create_temporary_strict_connection_url,
supports_response=SupportsResponse.ONLY,
)

11
homeassistant/components/cloud/prefs.py
View file

@ -365,7 +365,16 @@ class CloudPreferences:
@property @property
def strict_connection(self) -> http.const.StrictConnectionMode: def strict_connection(self) -> http.const.StrictConnectionMode:
"""Return the strict connection mode.""" """Return the strict connection mode."""
return http.const.StrictConnectionMode.DISABLED mode = self._prefs.get(PREF_STRICT_CONNECTION)
if mode is None:
# Set to default value
# We store None in the store as the default value to detect if the user has changed the
# value or not.
mode = http.const.StrictConnectionMode.DISABLED
elif not isinstance(mode, http.const.StrictConnectionMode):
mode = http.const.StrictConnectionMode(mode)
return mode
async def get_cloud_user(self) -> str: async def get_cloud_user(self) -> str:
"""Return ID of Home Assistant Cloud system user.""" """Return ID of Home Assistant Cloud system user."""

18
homeassistant/components/http/__init__.py
View file

@ -10,7 +10,7 @@ import os
import socket import socket
import ssl import ssl
from tempfile import NamedTemporaryFile from tempfile import NamedTemporaryFile
from typing import Any, Final, TypedDict, cast from typing import Any, Final, Required, TypedDict, cast
from urllib.parse import quote_plus, urljoin from urllib.parse import quote_plus, urljoin
from aiohttp import web from aiohttp import web
@ -36,6 +36,7 @@ from homeassistant.core import (
HomeAssistant, HomeAssistant,
ServiceCall, ServiceCall,
ServiceResponse, ServiceResponse,
SupportsResponse,
callback, callback,
) )
from homeassistant.exceptions import ( from homeassistant.exceptions import (
@ -145,6 +146,9 @@ HTTP_SCHEMA: Final = vol.All(
[SSL_INTERMEDIATE, SSL_MODERN] [SSL_INTERMEDIATE, SSL_MODERN]
), ),
vol.Optional(CONF_USE_X_FRAME_OPTIONS, default=True): cv.boolean, vol.Optional(CONF_USE_X_FRAME_OPTIONS, default=True): cv.boolean,
vol.Optional(
CONF_STRICT_CONNECTION, default=StrictConnectionMode.DISABLED
): vol.Coerce(StrictConnectionMode),
} }
), ),
) )
@ -168,6 +172,7 @@ class ConfData(TypedDict, total=False):
login_attempts_threshold: int login_attempts_threshold: int
ip_ban_enabled: bool ip_ban_enabled: bool
ssl_profile: str ssl_profile: str
strict_connection: Required[StrictConnectionMode]
@bind_hass @bind_hass
@ -234,7 +239,7 @@ async def async_setup(hass: HomeAssistant, config: ConfigType) -> bool:
login_threshold=login_threshold, login_threshold=login_threshold,
is_ban_enabled=is_ban_enabled, is_ban_enabled=is_ban_enabled,
use_x_frame_options=use_x_frame_options, use_x_frame_options=use_x_frame_options,
strict_connection_non_cloud=StrictConnectionMode.DISABLED, strict_connection_non_cloud=conf[CONF_STRICT_CONNECTION],
) )
async def stop_server(event: Event) -> None: async def stop_server(event: Event) -> None:
@ -615,7 +620,7 @@ def _setup_services(hass: HomeAssistant, conf: ConfData) -> None:
if not user.is_admin: if not user.is_admin:
raise Unauthorized(context=call.context) raise Unauthorized(context=call.context)
if StrictConnectionMode.DISABLED is StrictConnectionMode.DISABLED: if conf[CONF_STRICT_CONNECTION] is StrictConnectionMode.DISABLED:
raise ServiceValidationError( raise ServiceValidationError(
translation_domain=DOMAIN, translation_domain=DOMAIN,
translation_key="strict_connection_not_enabled_non_cloud", translation_key="strict_connection_not_enabled_non_cloud",
@ -647,3 +652,10 @@ def _setup_services(hass: HomeAssistant, conf: ConfData) -> None:
"url": f"https://login.home-assistant.io?u={quote_plus(url)}", "url": f"https://login.home-assistant.io?u={quote_plus(url)}",
"direct_url": url, "direct_url": url,
} }
hass.services.async_register(
DOMAIN,
"create_temporary_strict_connection_url",
create_temporary_strict_connection_url,
supports_response=SupportsResponse.ONLY,
)

2
tests/components/cloud/test_http_api.py
View file

@ -915,6 +915,7 @@ async def test_websocket_update_preferences(
"google_secure_devices_pin": "1234", "google_secure_devices_pin": "1234",
"tts_default_voice": ["en-GB", "RyanNeural"], "tts_default_voice": ["en-GB", "RyanNeural"],
"remote_allow_remote_enable": False, "remote_allow_remote_enable": False,
"strict_connection": StrictConnectionMode.DROP_CONNECTION,
} }
) )
response = await client.receive_json() response = await client.receive_json()
@ -925,6 +926,7 @@ async def test_websocket_update_preferences(
assert cloud.client.prefs.google_secure_devices_pin == "1234" assert cloud.client.prefs.google_secure_devices_pin == "1234"
assert cloud.client.prefs.remote_allow_remote_enable is False assert cloud.client.prefs.remote_allow_remote_enable is False
assert cloud.client.prefs.tts_default_voice == ("en-GB", "RyanNeural") assert cloud.client.prefs.tts_default_voice == ("en-GB", "RyanNeural")
assert cloud.client.prefs.strict_connection is StrictConnectionMode.DROP_CONNECTION
@pytest.mark.parametrize( @pytest.mark.parametrize(

2
tests/components/cloud/test_init.py
View file

@ -303,7 +303,6 @@ async def test_cloud_logout(
assert cloud.is_logged_in is False assert cloud.is_logged_in is False
@pytest.mark.skip(reason="Remove strict connection config option")
async def test_service_create_temporary_strict_connection_url_strict_connection_disabled( async def test_service_create_temporary_strict_connection_url_strict_connection_disabled(
hass: HomeAssistant, hass: HomeAssistant,
) -> None: ) -> None:
@ -324,7 +323,6 @@ async def test_service_create_temporary_strict_connection_url_strict_connection_
) )
@pytest.mark.skip(reason="Remove strict connection config option")
@pytest.mark.parametrize( @pytest.mark.parametrize(
("mode"), ("mode"),
[ [

1
tests/components/cloud/test_prefs.py
View file

@ -181,7 +181,6 @@ async def test_tts_default_voice_legacy_gender(
assert cloud.client.prefs.tts_default_voice == (expected_language, voice) assert cloud.client.prefs.tts_default_voice == (expected_language, voice)
@pytest.mark.skip(reason="Remove strict connection config option")
@pytest.mark.parametrize("mode", list(StrictConnectionMode)) @pytest.mark.parametrize("mode", list(StrictConnectionMode))
async def test_strict_connection_convertion( async def test_strict_connection_convertion(
hass: HomeAssistant, hass: HomeAssistant,

1
tests/components/cloud/test_strict_connection.py
View file

@ -226,7 +226,6 @@ async def _guard_page_unauthorized_request(
assert await req.text() == await hass.async_add_executor_job(read_guard_page) assert await req.text() == await hass.async_add_executor_job(read_guard_page)
@pytest.mark.skip(reason="Remove strict connection config option")
@pytest.mark.parametrize( @pytest.mark.parametrize(
"test_func", "test_func",
[ [

2
tests/components/http/test_init.py
View file

@ -527,7 +527,6 @@ async def test_logging(
assert "GET /api/states/logging.entity" not in caplog.text assert "GET /api/states/logging.entity" not in caplog.text
@pytest.mark.skip(reason="Remove strict connection config option")
async def test_service_create_temporary_strict_connection_url_strict_connection_disabled( async def test_service_create_temporary_strict_connection_url_strict_connection_disabled(
hass: HomeAssistant, hass: HomeAssistant,
) -> None: ) -> None:
@ -545,7 +544,6 @@ async def test_service_create_temporary_strict_connection_url_strict_connection_
) )
@pytest.mark.skip(reason="Remove strict connection config option")
@pytest.mark.parametrize( @pytest.mark.parametrize(
("mode"), ("mode"),
[ [

5
tests/helpers/test_service.py
View file

@ -800,10 +800,11 @@ async def test_async_get_all_descriptions(hass: HomeAssistant) -> None:
assert proxy_load_services_files.mock_calls[0][1][1] == unordered( assert proxy_load_services_files.mock_calls[0][1][1] == unordered(
[ [
await async_get_integration(hass, DOMAIN_GROUP), await async_get_integration(hass, DOMAIN_GROUP),
await async_get_integration(hass, "http"), # system_health requires http
] ]
) )
assert len(descriptions) == 1 assert len(descriptions) == 2
assert DOMAIN_GROUP in descriptions assert DOMAIN_GROUP in descriptions
assert "description" in descriptions[DOMAIN_GROUP]["reload"] assert "description" in descriptions[DOMAIN_GROUP]["reload"]
assert "fields" in descriptions[DOMAIN_GROUP]["reload"] assert "fields" in descriptions[DOMAIN_GROUP]["reload"]
@ -837,7 +838,7 @@ async def test_async_get_all_descriptions(hass: HomeAssistant) -> None:
await async_setup_component(hass, DOMAIN_LOGGER, logger_config) await async_setup_component(hass, DOMAIN_LOGGER, logger_config)
descriptions = await service.async_get_all_descriptions(hass) descriptions = await service.async_get_all_descriptions(hass)
assert len(descriptions) == 2 assert len(descriptions) == 3
assert DOMAIN_LOGGER in descriptions assert DOMAIN_LOGGER in descriptions
assert descriptions[DOMAIN_LOGGER]["set_default_level"]["name"] == "Translated name" assert descriptions[DOMAIN_LOGGER]["set_default_level"]["name"] == "Translated name"
assert ( assert (

2
tests/scripts/test_check_config.py
View file

@ -5,6 +5,7 @@ from unittest.mock import patch
import pytest import pytest
from homeassistant.components.http.const import StrictConnectionMode
from homeassistant.config import YAML_CONFIG_FILE from homeassistant.config import YAML_CONFIG_FILE
from homeassistant.scripts import check_config from homeassistant.scripts import check_config
@ -134,6 +135,7 @@ def test_secrets(mock_is_file, event_loop, mock_hass_config_yaml: None) -> None:
"login_attempts_threshold": -1, "login_attempts_threshold": -1,
"server_port": 8123, "server_port": 8123,
"ssl_profile": "modern", "ssl_profile": "modern",
"strict_connection": StrictConnectionMode.DISABLED,
"use_x_frame_options": True, "use_x_frame_options": True,
"server_host": ["0.0.0.0", "::"], "server_host": ["0.0.0.0", "::"],
} }