Modify require_admin decorator to take parameters for Unauthorized (#144346)

This commit is contained in:
Erik Montnemery 2025-05-07 09:30:40 +02:00 committed by GitHub
parent 358d904c2c
commit 65ad39f5be
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 17 additions and 34 deletions

View File

@ -165,9 +165,7 @@ class ConfigManagerFlowIndexView(
"""Not implemented."""
raise aiohttp.web_exceptions.HTTPMethodNotAllowed("GET", ["POST"])
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission="add")
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission="add")
@RequestDataValidator(
vol.Schema(
{
@ -218,16 +216,12 @@ class ConfigManagerFlowResourceView(
url = "/api/config/config_entries/flow/{flow_id}"
name = "api:config:config_entries:flow:resource"
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission="add")
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission="add")
async def get(self, request: web.Request, /, flow_id: str) -> web.Response:
"""Get the current state of a data_entry_flow."""
return await super().get(request, flow_id)
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission="add")
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission="add")
async def post(self, request: web.Request, flow_id: str) -> web.Response:
"""Handle a POST request."""
return await super().post(request, flow_id)
@ -262,9 +256,7 @@ class OptionManagerFlowIndexView(
url = "/api/config/config_entries/options/flow"
name = "api:config:config_entries:option:flow"
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
async def post(self, request: web.Request) -> web.Response:
"""Handle a POST request.
@ -281,16 +273,12 @@ class OptionManagerFlowResourceView(
url = "/api/config/config_entries/options/flow/{flow_id}"
name = "api:config:config_entries:options:flow:resource"
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
async def get(self, request: web.Request, /, flow_id: str) -> web.Response:
"""Get the current state of a data_entry_flow."""
return await super().get(request, flow_id)
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
async def post(self, request: web.Request, flow_id: str) -> web.Response:
"""Handle a POST request."""
return await super().post(request, flow_id)
@ -304,9 +292,7 @@ class SubentryManagerFlowIndexView(
url = "/api/config/config_entries/subentries/flow"
name = "api:config:config_entries:subentries:flow"
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
@RequestDataValidator(
vol.Schema(
{
@ -341,16 +327,12 @@ class SubentryManagerFlowResourceView(
url = "/api/config/config_entries/subentries/flow/{flow_id}"
name = "api:config:config_entries:subentries:flow:resource"
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
async def get(self, request: web.Request, /, flow_id: str) -> web.Response:
"""Get the current state of a data_entry_flow."""
return await super().get(request, flow_id)
@require_admin(
error=Unauthorized(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
)
@require_admin(perm_category=CAT_CONFIG_ENTRIES, permission=POLICY_EDIT)
async def post(self, request: web.Request, flow_id: str) -> web.Response:
"""Handle a POST request."""
return await super().post(request, flow_id)

View File

@ -27,7 +27,8 @@ def require_admin[
](
_func: None = None,
*,
error: Unauthorized | None = None,
perm_category: str | None = None,
permission: str | None = None,
) -> Callable[
[_FuncType[_HomeAssistantViewT, _P, _ResponseT]],
_FuncType[_HomeAssistantViewT, _P, _ResponseT],
@ -51,7 +52,8 @@ def require_admin[
](
_func: _FuncType[_HomeAssistantViewT, _P, _ResponseT] | None = None,
*,
error: Unauthorized | None = None,
perm_category: str | None = None,
permission: str | None = None,
) -> (
Callable[
[_FuncType[_HomeAssistantViewT, _P, _ResponseT]],
@ -76,7 +78,7 @@ def require_admin[
"""Check admin and call function."""
user: User = request["hass_user"]
if not user.is_admin:
raise error or Unauthorized()
raise Unauthorized(perm_category=perm_category, permission=permission)
return await func(self, request, *args, **kwargs)

View File

@ -14,7 +14,6 @@ from homeassistant.components import websocket_api
from homeassistant.components.http.data_validator import RequestDataValidator
from homeassistant.components.http.decorators import require_admin
from homeassistant.core import HomeAssistant, callback
from homeassistant.exceptions import Unauthorized
from homeassistant.helpers import issue_registry as ir
from homeassistant.helpers.data_entry_flow import (
FlowManagerIndexView,
@ -114,7 +113,7 @@ class RepairsFlowIndexView(FlowManagerIndexView):
url = "/api/repairs/issues/fix"
name = "api:repairs:issues:fix"
@require_admin(error=Unauthorized(permission=POLICY_EDIT))
@require_admin(permission=POLICY_EDIT)
@RequestDataValidator(
vol.Schema(
{
@ -149,12 +148,12 @@ class RepairsFlowResourceView(FlowManagerResourceView):
url = "/api/repairs/issues/fix/{flow_id}"
name = "api:repairs:issues:fix:resource"
@require_admin(error=Unauthorized(permission=POLICY_EDIT))
@require_admin(permission=POLICY_EDIT)
async def get(self, request: web.Request, /, flow_id: str) -> web.Response:
"""Get the current state of a data_entry_flow."""
return await super().get(request, flow_id)
@require_admin(error=Unauthorized(permission=POLICY_EDIT))
@require_admin(permission=POLICY_EDIT)
async def post(self, request: web.Request, flow_id: str) -> web.Response:
"""Handle a POST request."""
return await super().post(request, flow_id)