Fix snapshot HA / remove API password (#1425)

* Fix snapshot HA / remove API password

* fix lint

* Fix log

* cleanup API

* stale password handling

* fix lint

API.md

@@ -410,7 +410,6 @@ Output is the raw Docker log.
   "last_version": "Optional for custom image|null",
   "port": "port for access hass",
   "ssl": "bool",
-  "password": "",
   "refresh_token": "",
   "watchdog": "bool",
   "wait_boot": 600

hassio/addons/__init__.py

@@ -254,10 +254,10 @@ class AddonManager(CoreSysAttributes):
     async def restore(self, slug: str, tar_file: tarfile.TarFile) -> None:
         """Restore state of an add-on."""
         if slug not in self.local:
-            _LOGGER.debug("Add-on %s is not local available for restore")
+            _LOGGER.debug("Add-on %s is not local available for restore", slug)
             addon = Addon(self.coresys, slug)
         else:
-            _LOGGER.debug("Add-on %s is local available for restore")
+            _LOGGER.debug("Add-on %s is local available for restore", slug)
             addon = self.local[slug]
 
         await addon.restore(tar_file)

hassio/api/homeassistant.py

@@ -21,7 +21,6 @@ from ..const import (
     ATTR_MEMORY_PERCENT,
     ATTR_NETWORK_RX,
     ATTR_NETWORK_TX,
-    ATTR_PASSWORD,
     ATTR_PORT,
     ATTR_REFRESH_TOKEN,
     ATTR_SSL,
@@ -45,7 +44,6 @@ SCHEMA_OPTIONS = vol.Schema(
         vol.Inclusive(ATTR_IMAGE, "custom_hass"): vol.Maybe(docker_image),
         vol.Inclusive(ATTR_LAST_VERSION, "custom_hass"): vol.Maybe(vol.Coerce(str)),
         vol.Optional(ATTR_PORT): network_port,
-        vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)),
         vol.Optional(ATTR_SSL): vol.Boolean(),
         vol.Optional(ATTR_WATCHDOG): vol.Boolean(),
         vol.Optional(ATTR_WAIT_BOOT): vol.All(vol.Coerce(int), vol.Range(min=60)),
@@ -92,10 +90,6 @@ class APIHomeAssistant(CoreSysAttributes):
         if ATTR_PORT in body:
             self.sys_homeassistant.api_port = body[ATTR_PORT]
 
-        if ATTR_PASSWORD in body:
-            self.sys_homeassistant.api_password = body[ATTR_PASSWORD]
-            self.sys_homeassistant.refresh_token = None
-
         if ATTR_SSL in body:
             self.sys_homeassistant.api_ssl = body[ATTR_SSL]
 
@@ -107,7 +101,6 @@ class APIHomeAssistant(CoreSysAttributes):
 
         if ATTR_REFRESH_TOKEN in body:
             self.sys_homeassistant.refresh_token = body[ATTR_REFRESH_TOKEN]
-            self.sys_homeassistant.api_password = None
 
         self.sys_homeassistant.save_data()
 

hassio/homeassistant.py

@@ -22,7 +22,6 @@ from .const import (
     ATTR_BOOT,
     ATTR_IMAGE,
     ATTR_LAST_VERSION,
-    ATTR_PASSWORD,
     ATTR_PORT,
     ATTR_REFRESH_TOKEN,
     ATTR_SSL,
@@ -31,7 +30,6 @@ from .const import (
     ATTR_WAIT_BOOT,
     ATTR_WATCHDOG,
     FILE_HASSIO_HOMEASSISTANT,
-    HEADER_HA_ACCESS,
 )
 from .coresys import CoreSys, CoreSysAttributes
 from .docker.homeassistant import DockerHomeAssistant
@@ -122,16 +120,6 @@ class HomeAssistant(JsonConfig, CoreSysAttributes):
         """Set network port for Home Assistant instance."""
         self._data[ATTR_PORT] = value
 
-    @property
-    def api_password(self) -> str:
-        """Return password for Home Assistant instance."""
-        return self._data.get(ATTR_PASSWORD)
-
-    @api_password.setter
-    def api_password(self, value: str):
-        """Set password for Home Assistant instance."""
-        self._data[ATTR_PASSWORD] = value
-
     @property
     def api_ssl(self) -> bool:
         """Return if we need ssl to Home Assistant instance."""
@@ -500,10 +488,6 @@ class HomeAssistant(JsonConfig, CoreSysAttributes):
         if content_type is not None:
             headers[hdrs.CONTENT_TYPE] = content_type
 
-        # Set old API Password
-        if not self.refresh_token and self.api_password:
-            headers[HEADER_HA_ACCESS] = self.api_password
-
         for _ in (1, 2):
             # Prepare Access token
             if self.refresh_token:

hassio/snapshots/snapshot.py

@@ -24,7 +24,6 @@ from ..const import (
     ATTR_IMAGE,
     ATTR_LAST_VERSION,
     ATTR_NAME,
-    ATTR_PASSWORD,
     ATTR_PORT,
     ATTR_PROTECTED,
     ATTR_REFRESH_TOKEN,
@@ -37,16 +36,27 @@ from ..const import (
     ATTR_WAIT_BOOT,
     ATTR_WATCHDOG,
     CRYPTO_AES128,
+    FOLDER_HOMEASSISTANT,
 )
 from ..coresys import CoreSys, CoreSysAttributes
 from ..exceptions import AddonsError
 from ..utils.json import write_json_file
-from ..utils.tar import SecureTarFile, secure_path
+from ..utils.tar import SecureTarFile, exclude_filter, secure_path
 from .utils import key_to_iv, password_for_validating, password_to_key, remove_folder
 from .validate import ALL_FOLDERS, SCHEMA_SNAPSHOT
 
 _LOGGER: logging.Logger = logging.getLogger(__name__)
 
+MAP_FOLDER_EXCLUDE = {
+    FOLDER_HOMEASSISTANT: [
+        "*.db-wal",
+        "*.db-shm",
+        "__pycache__/*",
+        "*.log",
+        "OZW_Log.txt",
+    ]
+}
+
 
 class Snapshot(CoreSysAttributes):
     """A single Hass.io snapshot."""
@@ -359,7 +369,11 @@ class Snapshot(CoreSysAttributes):
             try:
                 _LOGGER.info("Snapshot folder %s", name)
                 with SecureTarFile(tar_name, "w", key=self._key) as tar_file:
-                    tar_file.add(origin_dir, arcname=".")
+                    tar_file.add(
+                        origin_dir,
+                        arcname=".",
+                        filter=exclude_filter(MAP_FOLDER_EXCLUDE.get(name, [])),
+                    )
 
                 _LOGGER.info("Snapshot folder %s done", name)
                 self._data[ATTR_FOLDERS].append(name)
@@ -428,9 +442,6 @@ class Snapshot(CoreSysAttributes):
         self.homeassistant[ATTR_REFRESH_TOKEN] = self._encrypt_data(
             self.sys_homeassistant.refresh_token
         )
-        self.homeassistant[ATTR_PASSWORD] = self._encrypt_data(
-            self.sys_homeassistant.api_password
-        )
 
     def restore_homeassistant(self):
         """Write all data to the Home Assistant object."""
@@ -451,9 +462,6 @@ class Snapshot(CoreSysAttributes):
         self.sys_homeassistant.refresh_token = self._decrypt_data(
             self.homeassistant[ATTR_REFRESH_TOKEN]
         )
-        self.sys_homeassistant.api_password = self._decrypt_data(
-            self.homeassistant[ATTR_PASSWORD]
-        )
 
         # save
         self.sys_homeassistant.save_data()

hassio/snapshots/validate.py

@@ -11,7 +11,6 @@ from ..const import (
     ATTR_IMAGE,
     ATTR_LAST_VERSION,
     ATTR_NAME,
-    ATTR_PASSWORD,
     ATTR_PORT,
     ATTR_PROTECTED,
     ATTR_REFRESH_TOKEN,
@@ -64,7 +63,6 @@ SCHEMA_SNAPSHOT = vol.Schema(
                 vol.Optional(ATTR_BOOT, default=True): vol.Boolean(),
                 vol.Optional(ATTR_SSL, default=False): vol.Boolean(),
                 vol.Optional(ATTR_PORT, default=8123): network_port,
-                vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)),
                 vol.Optional(ATTR_REFRESH_TOKEN): vol.Maybe(vol.Coerce(str)),
                 vol.Optional(ATTR_WATCHDOG, default=True): vol.Boolean(),
                 vol.Optional(ATTR_WAIT_BOOT, default=600): vol.All(

hassio/validate.py

@@ -21,7 +21,6 @@ from .const import (
     ATTR_LAST_BOOT,
     ATTR_LAST_VERSION,
     ATTR_LOGGING,
-    ATTR_PASSWORD,
     ATTR_PORT,
     ATTR_PORTS,
     ATTR_REFRESH_TOKEN,
@@ -110,7 +109,6 @@ SCHEMA_HASS_CONFIG = vol.Schema(
         vol.Inclusive(ATTR_IMAGE, "custom_hass"): docker_image,
         vol.Inclusive(ATTR_LAST_VERSION, "custom_hass"): vol.Coerce(str),
         vol.Optional(ATTR_PORT, default=8123): network_port,
-        vol.Optional(ATTR_PASSWORD): vol.Maybe(vol.Coerce(str)),
         vol.Optional(ATTR_REFRESH_TOKEN): vol.Maybe(vol.Coerce(str)),
         vol.Optional(ATTR_SSL, default=False): vol.Boolean(),
         vol.Optional(ATTR_WATCHDOG, default=True): vol.Boolean(),