From 65a2f5bcd562dc0ed2befa224411a8c658583938 Mon Sep 17 00:00:00 2001 From: Hejki <32815+Hejki@users.noreply.github.com> Date: Fri, 24 Nov 2023 13:19:25 +0100 Subject: [PATCH] Support for group into command_line auth provider (#92906) Co-authored-by: Franck Nijhof Co-authored-by: Erik Montnemery --- homeassistant/auth/__init__.py | 3 ++- homeassistant/auth/models.py | 2 ++ homeassistant/auth/providers/command_line.py | 15 ++++++++++++--- tests/auth/providers/test_command_line.py | 6 ++++++ tests/auth/providers/test_command_line_cmd.sh | 2 ++ 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/homeassistant/auth/__init__.py b/homeassistant/auth/__init__.py index 2707f8b6899..000dde90faa 100644 --- a/homeassistant/auth/__init__.py +++ b/homeassistant/auth/__init__.py @@ -280,7 +280,8 @@ class AuthManager: credentials=credentials, name=info.name, is_active=info.is_active, - group_ids=[GROUP_ID_ADMIN], + group_ids=[GROUP_ID_ADMIN if info.group is None else info.group], + local_only=info.local_only, ) self.hass.bus.async_fire(EVENT_USER_ADDED, {"user_id": user.id}) diff --git a/homeassistant/auth/models.py b/homeassistant/auth/models.py index e604bf9d21c..32a700d65f9 100644 --- a/homeassistant/auth/models.py +++ b/homeassistant/auth/models.py @@ -134,3 +134,5 @@ class UserMeta(NamedTuple): name: str | None is_active: bool + group: str | None = None + local_only: bool | None = None diff --git a/homeassistant/auth/providers/command_line.py b/homeassistant/auth/providers/command_line.py index bfe8a2fdddb..4ec2ca18611 100644 --- a/homeassistant/auth/providers/command_line.py +++ b/homeassistant/auth/providers/command_line.py @@ -44,7 +44,11 @@ class CommandLineAuthProvider(AuthProvider): DEFAULT_TITLE = "Command Line Authentication" # which keys to accept from a program's stdout - ALLOWED_META_KEYS = ("name",) + ALLOWED_META_KEYS = ( + "name", + "group", + "local_only", + ) def __init__(self, *args: Any, **kwargs: Any) -> None: """Extend parent's __init__. @@ -118,10 +122,15 @@ class CommandLineAuthProvider(AuthProvider): ) -> UserMeta: """Return extra user metadata for credentials. - Currently, only name is supported. + Currently, supports name, group and local_only. """ meta = self._user_meta.get(credentials.data["username"], {}) - return UserMeta(name=meta.get("name"), is_active=True) + return UserMeta( + name=meta.get("name"), + is_active=True, + group=meta.get("group"), + local_only=meta.get("local_only") == "true", + ) class CommandLineLoginFlow(LoginFlow): diff --git a/tests/auth/providers/test_command_line.py b/tests/auth/providers/test_command_line.py index 97f8f659397..a92d41a8c5f 100644 --- a/tests/auth/providers/test_command_line.py +++ b/tests/auth/providers/test_command_line.py @@ -50,6 +50,9 @@ async def test_create_new_credential(manager, provider) -> None: user = await manager.async_get_or_create_user(credentials) assert user.is_active + assert len(user.groups) == 1 + assert user.groups[0].id == "system-admin" + assert not user.local_only async def test_match_existing_credentials(store, provider) -> None: @@ -100,6 +103,9 @@ async def test_good_auth_with_meta(manager, provider) -> None: user = await manager.async_get_or_create_user(credentials) assert user.name == "Bob" assert user.is_active + assert len(user.groups) == 1 + assert user.groups[0].id == "system-users" + assert user.local_only async def test_utf_8_username_password(provider) -> None: diff --git a/tests/auth/providers/test_command_line_cmd.sh b/tests/auth/providers/test_command_line_cmd.sh index 0e689e338f1..4cbd7946a29 100755 --- a/tests/auth/providers/test_command_line_cmd.sh +++ b/tests/auth/providers/test_command_line_cmd.sh @@ -4,6 +4,8 @@ if [ "$username" = "good-user" ] && [ "$password" = "good-pass" ]; then echo "Auth should succeed." >&2 if [ "$1" = "--with-meta" ]; then echo "name=Bob" + echo "group=system-users" + echo "local_only=true" fi exit 0 fi