Skip to content

Commit

Permalink
Disable user profiles on login screen (#105749)
Browse files Browse the repository at this point in the history
  • Loading branch information
@frenck
frenck committed Dec 14, 2023
1 parent 4aa03b3 commit dbfc5ea
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 102 deletions.
21 changes: 0 additions & 21 deletions homeassistant/components/auth/login_flow.py
View file
Expand Up @@ -91,7 +91,6 @@
from homeassistant.components.http.view import HomeAssistantView
from homeassistant.core import HomeAssistant
from homeassistant.helpers.network import is_cloud_connection
from homeassistant.util.network import is_local

from . import indieauth

Expand Down Expand Up @@ -165,8 +164,6 @@ async def get(self, request: web.Request) -> web.Response:

providers = []
for provider in hass.auth.auth_providers:
additional_data = {}

if provider.type == "trusted_networks":
if cloud_connection:
# Skip quickly as trusted networks are not available on cloud
Expand All @@ -179,30 +176,12 @@ async def get(self, request: web.Request) -> web.Response:
except InvalidAuthError:
# Not a trusted network, so we don't expose that trusted_network authenticator is setup
continue
elif (
provider.type == "homeassistant"
and not cloud_connection
and is_local(remote_address)
and "person" in hass.config.components
):
# We are local, return user id and username
users = await provider.store.async_get_users()
additional_data["users"] = {
user.id: credentials.data["username"]
for user in users
for credentials in user.credentials
if (
credentials.auth_provider_type == provider.type
and credentials.auth_provider_id == provider.id
)
}

providers.append(
{
"name": provider.name,
"id": provider.id,
"type": provider.type,
**additional_data,
}
)

Expand Down
36 changes: 4 additions & 32 deletions homeassistant/components/person/__init__.py
View file
Expand Up @@ -2,7 +2,6 @@
from __future__ import annotations

from http import HTTPStatus
from ipaddress import ip_address
import logging
from typing import Any

Expand Down Expand Up @@ -51,12 +50,10 @@
)
from homeassistant.helpers.entity_component import EntityComponent
from homeassistant.helpers.event import async_track_state_change_event
from homeassistant.helpers.network import is_cloud_connection
from homeassistant.helpers.restore_state import RestoreEntity
from homeassistant.helpers.storage import Store
from homeassistant.helpers.typing import ConfigType
from homeassistant.loader import bind_hass
from homeassistant.util.network import is_local

_LOGGER = logging.getLogger(__name__)

Expand Down Expand Up @@ -588,33 +585,8 @@ class ListPersonsView(HomeAssistantView):

async def get(self, request: web.Request) -> web.Response:
"""Return a list of persons if request comes from a local IP."""
try:
remote_address = ip_address(request.remote) # type: ignore[arg-type]
except ValueError:
return self.json_message(
message="Invalid remote IP",
status_code=HTTPStatus.BAD_REQUEST,
message_code="invalid_remote_ip",
)

hass: HomeAssistant = request.app["hass"]
if is_cloud_connection(hass) or not is_local(remote_address):
return self.json_message(
message="Not local",
status_code=HTTPStatus.BAD_REQUEST,
message_code="not_local",
)

yaml, storage, _ = hass.data[DOMAIN]
persons = [*yaml.async_items(), *storage.async_items()]

return self.json(
{
person[ATTR_USER_ID]: {
ATTR_NAME: person[ATTR_NAME],
CONF_PICTURE: person.get(CONF_PICTURE),
}
for person in persons
if person.get(ATTR_USER_ID)
}
return self.json_message(
message="Not local",
status_code=HTTPStatus.BAD_REQUEST,
message_code="not_local",
)
13 changes: 1 addition & 12 deletions tests/components/auth/test_login_flow.py
View file
@@ -1,12 +1,10 @@
"""Tests for the login flow."""
from collections.abc import Callable
from http import HTTPStatus
from typing import Any
from unittest.mock import patch

import pytest

from homeassistant.auth.models import User
from homeassistant.core import HomeAssistant
from homeassistant.setup import async_setup_component

Expand Down Expand Up @@ -67,22 +65,16 @@ async def _test_fetch_auth_providers_home_assistant(
hass: HomeAssistant,
aiohttp_client: ClientSessionGenerator,
ip: str,
additional_expected_fn: Callable[[User], dict[str, Any]],
) -> None:
"""Test fetching auth providers for homeassistant auth provider."""
client = await async_setup_auth(
hass, aiohttp_client, [{"type": "homeassistant"}], custom_ip=ip
)

provider = hass.auth.auth_providers[0]
credentials = await provider.async_get_or_create_credentials({"username": "hello"})
user = await hass.auth.async_get_or_create_user(credentials)

expected = {
"name": "Home Assistant Local",
"type": "homeassistant",
"id": None,
**additional_expected_fn(user),
}

resp = await client.get("/auth/providers")
Expand All @@ -105,9 +97,7 @@ async def test_fetch_auth_providers_home_assistant_person_not_loaded(
ip: str,
) -> None:
"""Test fetching auth providers for homeassistant auth provider, where person integration is not loaded."""
await _test_fetch_auth_providers_home_assistant(
hass, aiohttp_client, ip, lambda _: {}
)
await _test_fetch_auth_providers_home_assistant(hass, aiohttp_client, ip)


@pytest.mark.parametrize(
Expand All @@ -134,7 +124,6 @@ async def test_fetch_auth_providers_home_assistant_person_loaded(
hass,
aiohttp_client,
ip,
lambda user: {"users": {user.id: user.name}} if is_local else {},
)


Expand Down
39 changes: 2 additions & 37 deletions tests/components/person/test_init.py
View file
@@ -1,5 +1,4 @@
"""The tests for the person component."""
from collections.abc import Callable
from http import HTTPStatus
from typing import Any
from unittest.mock import patch
Expand Down Expand Up @@ -31,7 +30,6 @@
from .conftest import DEVICE_TRACKER, DEVICE_TRACKER_2

from tests.common import MockUser, mock_component, mock_restore_cache
from tests.test_util import mock_real_ip
from tests.typing import ClientSessionGenerator, WebSocketGenerator


Expand Down Expand Up @@ -852,42 +850,10 @@ async def test_entities_in_person(hass: HomeAssistant) -> None:
]


@pytest.mark.parametrize(
("ip", "status_code", "expected_fn"),
[
(
"192.168.0.10",
HTTPStatus.OK,
lambda user: {
user["user_id"]: {"name": user["name"], "picture": user["picture"]}
},
),
(
"::ffff:192.168.0.10",
HTTPStatus.OK,
lambda user: {
user["user_id"]: {"name": user["name"], "picture": user["picture"]}
},
),
(
"1.2.3.4",
HTTPStatus.BAD_REQUEST,
lambda _: {"code": "not_local", "message": "Not local"},
),
(
"2001:db8::1",
HTTPStatus.BAD_REQUEST,
lambda _: {"code": "not_local", "message": "Not local"},
),
],
)
async def test_list_persons(
hass: HomeAssistant,
hass_client_no_auth: ClientSessionGenerator,
hass_admin_user: MockUser,
ip: str,
status_code: HTTPStatus,
expected_fn: Callable[[dict[str, Any]], dict[str, Any]],
) -> None:
"""Test listing persons from a not local ip address."""

Expand All @@ -902,11 +868,10 @@ async def test_list_persons(
assert await async_setup_component(hass, DOMAIN, config)

await async_setup_component(hass, "api", {})
mock_real_ip(hass.http.app)(ip)
client = await hass_client_no_auth()

resp = await client.get("/api/person/list")

assert resp.status == status_code
assert resp.status == HTTPStatus.BAD_REQUEST
result = await resp.json()
assert result == expected_fn(admin)
assert result == {"code": "not_local", "message": "Not local"}

0 comments on commit dbfc5ea

Please sign in to comment.