2018-10-29 10:28:04 +00:00
|
|
|
"""Permissions for Home Assistant."""
|
|
|
|
import logging
|
2019-11-16 09:22:07 +00:00
|
|
|
from typing import Any, Callable, Optional
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
import voluptuous as vol
|
|
|
|
|
2018-11-08 11:57:00 +00:00
|
|
|
from .const import CAT_ENTITIES
|
2018-10-29 10:28:04 +00:00
|
|
|
from .entities import ENTITY_POLICY_SCHEMA, compile_entities
|
2019-11-16 09:22:07 +00:00
|
|
|
from .merge import merge_policies # noqa: F401
|
2019-12-09 15:42:10 +00:00
|
|
|
from .models import PermissionLookup
|
|
|
|
from .types import PolicyType
|
2019-04-23 10:46:23 +00:00
|
|
|
from .util import test_all
|
2018-10-29 10:28:04 +00:00
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
POLICY_SCHEMA = vol.Schema({vol.Optional(CAT_ENTITIES): ENTITY_POLICY_SCHEMA})
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
_LOGGER = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
|
|
|
class AbstractPermissions:
|
|
|
|
"""Default permissions class."""
|
|
|
|
|
2019-08-12 03:38:18 +00:00
|
|
|
_cached_entity_func: Optional[Callable[[str, str], bool]] = None
|
2018-10-29 10:28:04 +00:00
|
|
|
|
2018-11-25 17:04:48 +00:00
|
|
|
def _entity_func(self) -> Callable[[str, str], bool]:
|
|
|
|
"""Return a function that can test entity access."""
|
2018-10-29 10:28:04 +00:00
|
|
|
raise NotImplementedError
|
|
|
|
|
2019-04-23 10:46:23 +00:00
|
|
|
def access_all_entities(self, key: str) -> bool:
|
|
|
|
"""Check if we have a certain access to all entities."""
|
|
|
|
raise NotImplementedError
|
|
|
|
|
2018-11-25 17:04:48 +00:00
|
|
|
def check_entity(self, entity_id: str, key: str) -> bool:
|
|
|
|
"""Check if we can access entity."""
|
|
|
|
entity_func = self._cached_entity_func
|
|
|
|
|
|
|
|
if entity_func is None:
|
|
|
|
entity_func = self._cached_entity_func = self._entity_func()
|
|
|
|
|
|
|
|
return entity_func(entity_id, key)
|
|
|
|
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
class PolicyPermissions(AbstractPermissions):
|
|
|
|
"""Handle permissions."""
|
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
def __init__(self, policy: PolicyType, perm_lookup: PermissionLookup) -> None:
|
2018-10-29 10:28:04 +00:00
|
|
|
"""Initialize the permission class."""
|
|
|
|
self._policy = policy
|
2018-12-05 10:41:00 +00:00
|
|
|
self._perm_lookup = perm_lookup
|
2018-10-29 10:28:04 +00:00
|
|
|
|
2019-04-23 10:46:23 +00:00
|
|
|
def access_all_entities(self, key: str) -> bool:
|
|
|
|
"""Check if we have a certain access to all entities."""
|
|
|
|
return test_all(self._policy.get(CAT_ENTITIES), key)
|
|
|
|
|
2018-11-25 17:04:48 +00:00
|
|
|
def _entity_func(self) -> Callable[[str, str], bool]:
|
|
|
|
"""Return a function that can test entity access."""
|
2019-07-31 19:25:30 +00:00
|
|
|
return compile_entities(self._policy.get(CAT_ENTITIES), self._perm_lookup)
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
def __eq__(self, other: Any) -> bool:
|
|
|
|
"""Equals check."""
|
2019-07-31 19:25:30 +00:00
|
|
|
return isinstance(other, PolicyPermissions) and other._policy == self._policy
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
|
|
|
|
class _OwnerPermissions(AbstractPermissions):
|
|
|
|
"""Owner permissions."""
|
|
|
|
|
2019-04-23 10:46:23 +00:00
|
|
|
def access_all_entities(self, key: str) -> bool:
|
|
|
|
"""Check if we have a certain access to all entities."""
|
|
|
|
return True
|
|
|
|
|
2018-11-25 17:04:48 +00:00
|
|
|
def _entity_func(self) -> Callable[[str, str], bool]:
|
|
|
|
"""Return a function that can test entity access."""
|
|
|
|
return lambda entity_id, key: True
|
2018-10-29 10:28:04 +00:00
|
|
|
|
|
|
|
|
2020-08-29 05:59:24 +00:00
|
|
|
OwnerPermissions = _OwnerPermissions()
|