jeans/core
jeans/core
1
0
Fork 0
mirror of https://github.com/home-assistant/core.git synced 2025-07-17 10:17:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add is_admin check to check configuration API (#97788)

Browse Source
This commit is contained in:
Franck Nijhof 2023-08-04 19:25:01 +02:00 committed by GitHub
parent 66cb407e4f
commit b286da211a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
homeassistant/components/config/core.py
View File

@ -9,6 +9,7 @@ from homeassistant.components.http import HomeAssistantView
from homeassistant.components.sensor import async_update_suggested_units
from homeassistant.config import async_check_ha_config_file
from homeassistant.core import HomeAssistant
from homeassistant.exceptions import Unauthorized
from homeassistant.helpers import config_validation as cv
from homeassistant.helpers.aiohttp_client import async_get_clientsession
from homeassistant.util import location, unit_system
@ -30,6 +31,9 @@ class CheckConfigView(HomeAssistantView):
async def post(self, request):
"""Validate configuration and return results."""
if not request["hass_user"].is_admin:
raise Unauthorized()
errors = await async_check_ha_config_file(request.app["hass"])
state = "invalid" if errors else "valid"

15
tests/components/config/test_core.py
View File

@ -60,6 +60,21 @@ async def test_validate_config_ok(
assert result["errors"] == "beer"
async def test_validate_config_requires_admin(
hass: HomeAssistant,
hass_client: ClientSessionGenerator,
hass_read_only_access_token: str,
) -> None:
"""Test checking configuration does not work as a normal user."""
with patch.object(config, "SECTIONS", ["core"]):
await async_setup_component(hass, "config", {})
client = await hass_client(hass_read_only_access_token)
resp = await client.post("/api/config/core/check_config")
assert resp.status == HTTPStatus.UNAUTHORIZED
async def test_websocket_core_update(hass: HomeAssistant, client) -> None:
"""Test core config update websocket command."""
assert hass.config.latitude != 60

4
tests/conftest.py
View File

@ -744,10 +744,10 @@ def hass_client(
) -> ClientSessionGenerator:
"""Return an authenticated HTTP client."""
async def auth_client() -> TestClient:
async def auth_client(access_token: str | None = hass_access_token) -> TestClient:
"""Return an authenticated client."""
return await aiohttp_client(
hass.http.app, headers={"Authorization": f"Bearer {hass_access_token}"}
hass.http.app, headers={"Authorization": f"Bearer {access_token}"}
)
return auth_client