Merge pull request #410 from home-assistant/dev

Release 0.97
2025-07-18 22:56:31 +00:00 · 2018-03-13 16:05:31 +01:00 · 2018-03-13 16:05:31 +01:00 · 5716324934
commit 5716324934
parent 60bdc00ce9 ae267e0380
12 changed files with 111 additions and 104 deletions
--- a/hassio/addons/validate.py
+++ b/hassio/addons/validate.py
@ -60,6 +60,7 @@ PRIVILEGED_ALL = [
    "NET_ADMIN",
    "SYS_ADMIN",
    "SYS_RAWIO",
+    "IPC_LOCK",
    "SYS_TIME",
    "SYS_NICE"
 ]
--- a/hassio/api/init.py
+++ b/hassio/api/init.py
@ -13,7 +13,7 @@ from .proxy import APIProxy
 from .supervisor import APISupervisor
 from .snapshots import APISnapshots
 from .services import APIServices
-from .security import security_layer
+from .security import SecurityMiddleware
 from ..coresys import CoreSysAttributes

 _LOGGER = logging.getLogger(__name__)
@ -25,16 +25,14 @@ class RestAPI(CoreSysAttributes):
    def __init__(self, coresys):
        """Initialize docker base wrapper."""
        self.coresys = coresys
+        self.security = SecurityMiddleware(coresys)
        self.webapp = web.Application(
-            middlewares=[security_layer], loop=self._loop)
+            middlewares=[self.security.token_validation], loop=self._loop)

        # service stuff
        self._handler = None
        self.server = None

-        # middleware
-        self.webapp['coresys'] = coresys
-
    async def load(self):
        """Register REST API Calls."""
        self._register_supervisor()
--- a/hassio/api/panel/hassio-app.html
+++ b/hassio/api/panel/hassio-app.html
--- a/hassio/api/panel/hassio-app.html.gz
+++ b/hassio/api/panel/hassio-app.html.gz
--- a/hassio/api/panel/index.html.gz
+++ b/hassio/api/panel/index.html.gz
--- a/hassio/api/proxy.py
+++ b/hassio/api/proxy.py
@ -83,7 +83,7 @@ class APIProxy(CoreSysAttributes):
                if not data:
                    await response.write_eof()
                    break
-                response.write(data)
+                await response.write(data)

        except aiohttp.ClientError:
            await response.write_eof()
--- a/hassio/api/security.py
+++ b/hassio/api/security.py
@ -6,6 +6,7 @@ from aiohttp.web import middleware
 from aiohttp.web_exceptions import HTTPUnauthorized

 from ..const import HEADER_TOKEN, REQUEST_FROM
+from ..coresys import CoreSysAttributes

 _LOGGER = logging.getLogger(__name__)

@ -16,35 +17,41 @@ NO_SECURITY_CHECK = set((
 ))


-@middleware
-async def security_layer(request, handler):
-    """Check security access of this layer."""
-    coresys = request.app['coresys']
-    hassio_token = request.headers.get(HEADER_TOKEN)
+class SecurityMiddleware(CoreSysAttributes):
+    """Security middleware functions."""

-    # Ignore security check
-    for rule in NO_SECURITY_CHECK:
-        if rule.match(request.path):
-            _LOGGER.debug("Passthrough %s", request.path)
+    def __init__(self, coresys):
+        """Initialize security middleware."""
+        self.coresys = coresys
+
+    @middleware
+    async def token_validation(self, request, handler):
+        """Check security access of this layer."""
+        hassio_token = request.headers.get(HEADER_TOKEN)
+
+        # Ignore security check
+        for rule in NO_SECURITY_CHECK:
+            if rule.match(request.path):
+                _LOGGER.debug("Passthrough %s", request.path)
+                return await handler(request)
+
+        # Need to be removed later
+        if not hassio_token:
+            _LOGGER.warning("Invalid token for access %s", request.path)
+            request[REQUEST_FROM] = 'UNKNOWN'
            return await handler(request)

-    # Need to be removed later
-    if not hassio_token:
-        _LOGGER.warning("Invalid token for access %s", request.path)
-        request[REQUEST_FROM] = 'UNKNOWN'
-        return await handler(request)
+        # Home-Assistant
+        if hassio_token == self._homeassistant.uuid:
+            _LOGGER.debug("%s access from Home-Assistant", request.path)
+            request[REQUEST_FROM] = 'homeassistant'
+            return await handler(request)

-    # Home-Assistant
-    if hassio_token == coresys.homeassistant.uuid:
-        _LOGGER.debug("%s access from Home-Assistant", request.path)
-        request[REQUEST_FROM] = 'homeassistant'
-        return await handler(request)
+        # Add-on
+        addon = self._addons.from_uuid(hassio_token)
+        if addon:
+            _LOGGER.info("%s access from %s", request.path, addon.slug)
+            request[REQUEST_FROM] = addon.slug
+            return await handler(request)

-    # Add-on
-    addon = coresys.addons.from_uuid(hassio_token)
-    if addon:
-        _LOGGER.info("%s access from %s", request.path, addon.slug)
-        request[REQUEST_FROM] = addon.slug
-        return await handler(request)
-
-    raise HTTPUnauthorized()
+        raise HTTPUnauthorized()
--- a/hassio/const.py
+++ b/hassio/const.py
@ -2,7 +2,7 @@
 from pathlib import Path
 from ipaddress import ip_network

-HASSIO_VERSION = '0.96'
+HASSIO_VERSION = '0.97'

 URL_HASSIO_VERSION = ('https://raw.githubusercontent.com/home-assistant/'
                      'hassio/{}/version.json')
--- a/hassio/core.py
+++ b/hassio/core.py
@ -108,10 +108,10 @@ class HassIO(CoreSysAttributes):
        # don't process scheduler anymore
        self._scheduler.suspend = True

-        # process stop tasks
-        self._websession.close()
-        self._websession_ssl.close()
-
        # process async stop tasks
-        await asyncio.wait(
-            [self._api.stop(), self._dns.stop()], loop=self._loop)
+        await asyncio.wait([
+            self._api.stop(),
+            self._dns.stop(),
+            self._websession.close(),
+            self._websession_ssl.close()
+        ], loop=self._loop)
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 39172f8c49a5253b28eb8508940e2ffa4f0ca451
+Subproject commit 2c79094fb48870d1c6c7f819a5fcb80744a16bb4
--- a/setup.py
+++ b/setup.py
@ -1,53 +1,53 @@
-from setuptools import setup
-
-from hassio.const import HASSIO_VERSION
-
-
-setup(
-    name='HassIO',
-    version=HASSIO_VERSION,
-    license='BSD License',
-    author='The Home Assistant Authors',
-    author_email='hello@home-assistant.io',
-    url='https://home-assistant.io/',
-    description=('Open-source private cloud os for Home-Assistant'
-                 ' based on ResinOS'),
-    long_description=('A maintainless private cloud operator system that'
-                      'setup a Home-Assistant instance. Based on ResinOS'),
-    classifiers=[
-        'Intended Audience :: End Users/Desktop',
-        'Intended Audience :: Developers',
-        'License :: OSI Approved :: Apache Software License',
-        'Operating System :: OS Independent',
-        'Topic :: Home Automation'
-        'Topic :: Software Development :: Libraries :: Python Modules',
-        'Topic :: Scientific/Engineering :: Atmospheric Science',
-        'Development Status :: 5 - Production/Stable',
-        'Intended Audience :: Developers',
-        'Programming Language :: Python :: 3.6',
-    ],
-    keywords=['docker', 'home-assistant', 'api'],
-    zip_safe=False,
-    platforms='any',
-    packages=[
-        'hassio',
-        'hassio.docker',
-        'hassio.addons',
-        'hassio.api',
-        'hassio.misc',
-        'hassio.utils',
-        'hassio.snapshots'
-    ],
-    include_package_data=True,
-    install_requires=[
-        'async_timeout==2.0.0',
-        'aiohttp==2.3.10',
-        'docker==3.1.0',
-        'colorlog==3.1.2',
-        'voluptuous==0.11.1',
-        'gitpython==2.1.8',
-        'pytz==2018.3',
-        'pyudev==0.21.0',
-        'pycryptodome==3.4.11'
-    ]
-)
+from setuptools import setup
+
+from hassio.const import HASSIO_VERSION
+
+
+setup(
+    name='HassIO',
+    version=HASSIO_VERSION,
+    license='BSD License',
+    author='The Home Assistant Authors',
+    author_email='hello@home-assistant.io',
+    url='https://home-assistant.io/',
+    description=('Open-source private cloud os for Home-Assistant'
+                 ' based on ResinOS'),
+    long_description=('A maintainless private cloud operator system that'
+                      'setup a Home-Assistant instance. Based on ResinOS'),
+    classifiers=[
+        'Intended Audience :: End Users/Desktop',
+        'Intended Audience :: Developers',
+        'License :: OSI Approved :: Apache Software License',
+        'Operating System :: OS Independent',
+        'Topic :: Home Automation'
+        'Topic :: Software Development :: Libraries :: Python Modules',
+        'Topic :: Scientific/Engineering :: Atmospheric Science',
+        'Development Status :: 5 - Production/Stable',
+        'Intended Audience :: Developers',
+        'Programming Language :: Python :: 3.6',
+    ],
+    keywords=['docker', 'home-assistant', 'api'],
+    zip_safe=False,
+    platforms='any',
+    packages=[
+        'hassio',
+        'hassio.docker',
+        'hassio.addons',
+        'hassio.api',
+        'hassio.misc',
+        'hassio.utils',
+        'hassio.snapshots'
+    ],
+    include_package_data=True,
+    install_requires=[
+        'async_timeout==2.0.0',
+        'aiohttp==3.0.7',
+        'docker==3.1.1',
+        'colorlog==3.1.2',
+        'voluptuous==0.11.1',
+        'gitpython==2.1.8',
+        'pytz==2018.3',
+        'pyudev==0.21.0',
+        'pycryptodome==3.4.11'
+    ]
+)
--- a/version.json
+++ b/version.json
@ -1,6 +1,6 @@
 {
-    "hassio": "0.96",
-    "homeassistant": "0.65.3",
+    "hassio": "0.97",
+    "homeassistant": "0.65.4",
    "resinos": "1.3",
    "resinhup": "0.3",
    "generic": "0.3",