From 0925af91e30324968a90220b2d5fb7bebe0d33e8 Mon Sep 17 00:00:00 2001 From: Pascal Vizeli Date: Thu, 9 Jan 2020 14:35:37 +0100 Subject: [PATCH] Fix snapshot HA / remove API password (#1425) * Fix snapshot HA / remove API password * fix lint * Fix log * cleanup API * stale password handling * fix lint --- API.md | 1 - hassio/addons/__init__.py | 4 ++-- hassio/api/homeassistant.py | 7 ------- hassio/homeassistant.py | 16 ---------------- hassio/snapshots/snapshot.py | 26 +++++++++++++++++--------- hassio/snapshots/validate.py | 2 -- hassio/validate.py | 2 -- 7 files changed, 19 insertions(+), 39 deletions(-) diff --git a/API.md b/API.md index 4bd2d0f5a..75544b208 100644 --- a/API.md +++ b/API.md @@ -410,7 +410,6 @@ Output is the raw Docker log. "last_version": "Optional for custom image|null", "port": "port for access hass", "ssl": "bool", - "password": "", "refresh_token": "", "watchdog": "bool", "wait_boot": 600 diff --git a/hassio/addons/__init__.py b/hassio/addons/__init__.py index c416db01b..47f85a4eb 100644 --- a/hassio/addons/__init__.py +++ b/hassio/addons/__init__.py @@ -254,10 +254,10 @@ class AddonManager(CoreSysAttributes): async def restore(self, slug: str, tar_file: tarfile.TarFile) -> None: """Restore state of an add-on.""" if slug not in self.local: - _LOGGER.debug("Add-on %s is not local available for restore") + _LOGGER.debug("Add-on %s is not local available for restore", slug) addon = Addon(self.coresys, slug) else: - _LOGGER.debug("Add-on %s is local available for restore") + _LOGGER.debug("Add-on %s is local available for restore", slug) addon = self.local[slug] await addon.restore(tar_file) diff --git a/hassio/api/homeassistant.py b/hassio/api/homeassistant.py index 471fb3725..99e72fe2b 100644 --- a/hassio/api/homeassistant.py +++ b/hassio/api/homeassistant.py @@ -21,7 +21,6 @@ from ..const import ( ATTR_MEMORY_PERCENT, ATTR_NETWORK_RX, ATTR_NETWORK_TX, - ATTR_PASSWORD, ATTR_PORT, ATTR_REFRESH_TOKEN, ATTR_SSL, @@ -45,7 +44,6 @@ SCHEMA_OPTIONS = vol.Schema( vol.Inclusive(ATTR_IMAGE, "custom_hass"): vol.Maybe(docker_image), vol.Inclusive(ATTR_LAST_VERSION, "custom_hass"): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_PORT): network_port, - vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_SSL): vol.Boolean(), vol.Optional(ATTR_WATCHDOG): vol.Boolean(), vol.Optional(ATTR_WAIT_BOOT): vol.All(vol.Coerce(int), vol.Range(min=60)), @@ -92,10 +90,6 @@ class APIHomeAssistant(CoreSysAttributes): if ATTR_PORT in body: self.sys_homeassistant.api_port = body[ATTR_PORT] - if ATTR_PASSWORD in body: - self.sys_homeassistant.api_password = body[ATTR_PASSWORD] - self.sys_homeassistant.refresh_token = None - if ATTR_SSL in body: self.sys_homeassistant.api_ssl = body[ATTR_SSL] @@ -107,7 +101,6 @@ class APIHomeAssistant(CoreSysAttributes): if ATTR_REFRESH_TOKEN in body: self.sys_homeassistant.refresh_token = body[ATTR_REFRESH_TOKEN] - self.sys_homeassistant.api_password = None self.sys_homeassistant.save_data() diff --git a/hassio/homeassistant.py b/hassio/homeassistant.py index a765a4725..ebd18a84a 100644 --- a/hassio/homeassistant.py +++ b/hassio/homeassistant.py @@ -22,7 +22,6 @@ from .const import ( ATTR_BOOT, ATTR_IMAGE, ATTR_LAST_VERSION, - ATTR_PASSWORD, ATTR_PORT, ATTR_REFRESH_TOKEN, ATTR_SSL, @@ -31,7 +30,6 @@ from .const import ( ATTR_WAIT_BOOT, ATTR_WATCHDOG, FILE_HASSIO_HOMEASSISTANT, - HEADER_HA_ACCESS, ) from .coresys import CoreSys, CoreSysAttributes from .docker.homeassistant import DockerHomeAssistant @@ -122,16 +120,6 @@ class HomeAssistant(JsonConfig, CoreSysAttributes): """Set network port for Home Assistant instance.""" self._data[ATTR_PORT] = value - @property - def api_password(self) -> str: - """Return password for Home Assistant instance.""" - return self._data.get(ATTR_PASSWORD) - - @api_password.setter - def api_password(self, value: str): - """Set password for Home Assistant instance.""" - self._data[ATTR_PASSWORD] = value - @property def api_ssl(self) -> bool: """Return if we need ssl to Home Assistant instance.""" @@ -500,10 +488,6 @@ class HomeAssistant(JsonConfig, CoreSysAttributes): if content_type is not None: headers[hdrs.CONTENT_TYPE] = content_type - # Set old API Password - if not self.refresh_token and self.api_password: - headers[HEADER_HA_ACCESS] = self.api_password - for _ in (1, 2): # Prepare Access token if self.refresh_token: diff --git a/hassio/snapshots/snapshot.py b/hassio/snapshots/snapshot.py index 5ea4d3d5b..0881485d9 100644 --- a/hassio/snapshots/snapshot.py +++ b/hassio/snapshots/snapshot.py @@ -24,7 +24,6 @@ from ..const import ( ATTR_IMAGE, ATTR_LAST_VERSION, ATTR_NAME, - ATTR_PASSWORD, ATTR_PORT, ATTR_PROTECTED, ATTR_REFRESH_TOKEN, @@ -37,16 +36,27 @@ from ..const import ( ATTR_WAIT_BOOT, ATTR_WATCHDOG, CRYPTO_AES128, + FOLDER_HOMEASSISTANT, ) from ..coresys import CoreSys, CoreSysAttributes from ..exceptions import AddonsError from ..utils.json import write_json_file -from ..utils.tar import SecureTarFile, secure_path +from ..utils.tar import SecureTarFile, exclude_filter, secure_path from .utils import key_to_iv, password_for_validating, password_to_key, remove_folder from .validate import ALL_FOLDERS, SCHEMA_SNAPSHOT _LOGGER: logging.Logger = logging.getLogger(__name__) +MAP_FOLDER_EXCLUDE = { + FOLDER_HOMEASSISTANT: [ + "*.db-wal", + "*.db-shm", + "__pycache__/*", + "*.log", + "OZW_Log.txt", + ] +} + class Snapshot(CoreSysAttributes): """A single Hass.io snapshot.""" @@ -359,7 +369,11 @@ class Snapshot(CoreSysAttributes): try: _LOGGER.info("Snapshot folder %s", name) with SecureTarFile(tar_name, "w", key=self._key) as tar_file: - tar_file.add(origin_dir, arcname=".") + tar_file.add( + origin_dir, + arcname=".", + filter=exclude_filter(MAP_FOLDER_EXCLUDE.get(name, [])), + ) _LOGGER.info("Snapshot folder %s done", name) self._data[ATTR_FOLDERS].append(name) @@ -428,9 +442,6 @@ class Snapshot(CoreSysAttributes): self.homeassistant[ATTR_REFRESH_TOKEN] = self._encrypt_data( self.sys_homeassistant.refresh_token ) - self.homeassistant[ATTR_PASSWORD] = self._encrypt_data( - self.sys_homeassistant.api_password - ) def restore_homeassistant(self): """Write all data to the Home Assistant object.""" @@ -451,9 +462,6 @@ class Snapshot(CoreSysAttributes): self.sys_homeassistant.refresh_token = self._decrypt_data( self.homeassistant[ATTR_REFRESH_TOKEN] ) - self.sys_homeassistant.api_password = self._decrypt_data( - self.homeassistant[ATTR_PASSWORD] - ) # save self.sys_homeassistant.save_data() diff --git a/hassio/snapshots/validate.py b/hassio/snapshots/validate.py index fea39b218..33ab4ea18 100644 --- a/hassio/snapshots/validate.py +++ b/hassio/snapshots/validate.py @@ -11,7 +11,6 @@ from ..const import ( ATTR_IMAGE, ATTR_LAST_VERSION, ATTR_NAME, - ATTR_PASSWORD, ATTR_PORT, ATTR_PROTECTED, ATTR_REFRESH_TOKEN, @@ -64,7 +63,6 @@ SCHEMA_SNAPSHOT = vol.Schema( vol.Optional(ATTR_BOOT, default=True): vol.Boolean(), vol.Optional(ATTR_SSL, default=False): vol.Boolean(), vol.Optional(ATTR_PORT, default=8123): network_port, - vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_REFRESH_TOKEN): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_WATCHDOG, default=True): vol.Boolean(), vol.Optional(ATTR_WAIT_BOOT, default=600): vol.All( diff --git a/hassio/validate.py b/hassio/validate.py index 4bf9acbfe..a3bbd3e31 100644 --- a/hassio/validate.py +++ b/hassio/validate.py @@ -21,7 +21,6 @@ from .const import ( ATTR_LAST_BOOT, ATTR_LAST_VERSION, ATTR_LOGGING, - ATTR_PASSWORD, ATTR_PORT, ATTR_PORTS, ATTR_REFRESH_TOKEN, @@ -110,7 +109,6 @@ SCHEMA_HASS_CONFIG = vol.Schema( vol.Inclusive(ATTR_IMAGE, "custom_hass"): docker_image, vol.Inclusive(ATTR_LAST_VERSION, "custom_hass"): vol.Coerce(str), vol.Optional(ATTR_PORT, default=8123): network_port, - vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_REFRESH_TOKEN): vol.Maybe(vol.Coerce(str)), vol.Optional(ATTR_SSL, default=False): vol.Boolean(), vol.Optional(ATTR_WATCHDOG, default=True): vol.Boolean(),