From a42736e4379c7fc404d8c9588f19167e7240df4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joakim=20S=C3=B8rensen?= Date: Sat, 26 Sep 2020 09:26:02 +0200 Subject: [PATCH] Allow non-authenticated calls to snapshots during onboarding (#40582) --- homeassistant/components/hassio/http.py | 8 ++++++-- tests/components/hassio/test_http.py | 11 +++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/homeassistant/components/hassio/http.py b/homeassistant/components/hassio/http.py index aba0dac6494..60888d8d301 100644 --- a/homeassistant/components/hassio/http.py +++ b/homeassistant/components/hassio/http.py @@ -12,6 +12,7 @@ from aiohttp.web_exceptions import HTTPBadGateway import async_timeout from homeassistant.components.http import KEY_AUTHENTICATED, HomeAssistantView +from homeassistant.components.onboarding import async_is_onboarded from homeassistant.const import HTTP_UNAUTHORIZED from .const import X_HASS_IS_ADMIN, X_HASS_USER_ID, X_HASSIO @@ -54,7 +55,8 @@ class HassIOView(HomeAssistantView): self, request: web.Request, path: str ) -> Union[web.Response, web.StreamResponse]: """Route data to Hass.io.""" - if _need_auth(path) and not request[KEY_AUTHENTICATED]: + hass = request.app["hass"] + if _need_auth(hass, path) and not request[KEY_AUTHENTICATED]: return web.Response(status=HTTP_UNAUTHORIZED) return await self._command_proxy(path, request) @@ -145,8 +147,10 @@ def _get_timeout(path: str) -> int: return 300 -def _need_auth(path: str) -> bool: +def _need_auth(hass, path: str) -> bool: """Return if a path need authentication.""" + if not async_is_onboarded(hass) and path.startswith("snapshots"): + return False if NO_AUTH.match(path): return False return True diff --git a/tests/components/hassio/test_http.py b/tests/components/hassio/test_http.py index 195a8652e2f..db6e9d1f85e 100644 --- a/tests/components/hassio/test_http.py +++ b/tests/components/hassio/test_http.py @@ -3,6 +3,8 @@ import asyncio import pytest +from homeassistant.components.hassio.http import _need_auth + from tests.async_mock import patch @@ -147,3 +149,12 @@ async def test_snapshot_upload_headers(hassio_client, aioclient_mock): req_headers = aioclient_mock.mock_calls[0][-1] req_headers["Content-Type"] == content_type + + +def test_need_auth(hass): + """Test if the requested path needs authentication.""" + assert not _need_auth(hass, "addons/test/logo") + assert _need_auth(hass, "snapshots/new/upload") + + hass.data["onboarding"] = False + assert not _need_auth(hass, "snapshots/new/upload")