From 882eddf229b951d9c096293b959b45b816bf534b Mon Sep 17 00:00:00 2001 From: RogerSelwyn Date: Sun, 10 Sep 2023 22:00:06 +0100 Subject: [PATCH] Pull all permissions methods into Permissions class Simplify all permissions logic and remove duplication --- custom_components/o365/__init__.py | 10 +- custom_components/o365/calendar.py | 21 +- .../o365/{utils => classes}/permissions.py | 293 +++++++++--------- .../o365/classes/sensorentity.py | 14 +- custom_components/o365/const.py | 1 + custom_components/o365/notify.py | 21 +- custom_components/o365/repairs.py | 18 +- custom_components/o365/sensor.py | 35 +-- custom_components/o365/setup.py | 4 +- 9 files changed, 185 insertions(+), 232 deletions(-) rename custom_components/o365/{utils => classes}/permissions.py (60%) diff --git a/custom_components/o365/__init__.py b/custom_components/o365/__init__.py index 5905727..7e28afc 100644 --- a/custom_components/o365/__init__.py +++ b/custom_components/o365/__init__.py @@ -11,6 +11,7 @@ from O365 import Account, FileSystemTokenBackend from oauthlib.oauth2.rfc6749.errors import InvalidClientError +from .classes.permissions import Permissions from .const import ( CONF_ACCOUNT, CONF_ACCOUNT_CONF, @@ -46,7 +47,6 @@ build_token_filename, check_file_location, ) -from .utils.permissions import build_minimum_permissions, validate_permissions _LOGGER = logging.getLogger(__name__) @@ -154,15 +154,13 @@ async def _async_setup_account(hass, account_conf, conf_type): ) ) is_authenticated = account.is_authenticated - minimum_permissions = build_minimum_permissions(hass, account_conf, conf_type) - permissions, failed_permissions = validate_permissions( - hass, minimum_permissions, filename=token_file - ) + perms = Permissions(hass, account_conf) + permissions, failed_permissions = perms.validate_permissions() check_token = None if is_authenticated and permissions and permissions != TOKEN_FILE_MISSING: check_token = await _async_check_token(hass, account, account_name) if check_token: - do_setup(hass, account_conf, account, account_name, conf_type) + do_setup(hass, account_conf, account, account_name, conf_type, perms) else: await _async_authorization_repair( hass, diff --git a/custom_components/o365/calendar.py b/custom_components/o365/calendar.py index 003ac56..a987681 100644 --- a/custom_components/o365/calendar.py +++ b/custom_components/o365/calendar.py @@ -45,6 +45,7 @@ CONF_HOURS_BACKWARD_TO_GET, CONF_HOURS_FORWARD_TO_GET, CONF_MAX_RESULTS, + CONF_PERMISSIONS, CONF_SEARCH, CONF_TRACK, CONF_TRACK_NEW_CALENDAR, @@ -73,13 +74,11 @@ ) from .utils.filemgmt import ( build_config_file_path, - build_token_filename, build_yaml_filename, check_file_location, load_yaml_file, update_calendar_file, ) -from .utils.permissions import get_permissions, validate_minimum_permission from .utils.utils import ( add_call_data_to_event, clean_html, @@ -105,13 +104,11 @@ async def async_setup_platform( if not account.is_authenticated: return False - permissions = get_permissions( - hass, - filename=build_token_filename(conf, conf.get(CONF_CONFIG_TYPE)), - ) update_supported = bool( conf[CONF_ENABLE_UPDATE] - and validate_minimum_permission(PERM_MINIMUM_CALENDAR_WRITE, permissions) + and conf[CONF_PERMISSIONS].validate_minimum_permission( + PERM_MINIMUM_CALENDAR_WRITE + ) ) cal_ids = _setup_add_entities(hass, account, add_entities, conf, update_supported) hass.data[DOMAIN][account_name][CONF_CAL_IDS] = cal_ids @@ -433,13 +430,9 @@ def _get_event_from_calendar(self, event_id): return calendar.get_event(event_id) def _validate_permissions(self, error_message): - permissions = get_permissions( - self.hass, - filename=build_token_filename( - self._config, self._config.get(CONF_CONFIG_TYPE) - ), - ) - if not validate_minimum_permission(PERM_MINIMUM_CALENDAR_WRITE, permissions): + if not self._config[CONF_PERMISSIONS].validate_minimum_permission( + PERM_MINIMUM_CALENDAR_WRITE + ): raise vol.Invalid( f"Not authorisied to {PERM_CALENDARS_READWRITE} calendar event " + f"- requires permission: {error_message}" diff --git a/custom_components/o365/utils/permissions.py b/custom_components/o365/classes/permissions.py similarity index 60% rename from custom_components/o365/utils/permissions.py rename to custom_components/o365/classes/permissions.py index 2ab1c46..66edac5 100644 --- a/custom_components/o365/utils/permissions.py +++ b/custom_components/o365/classes/permissions.py @@ -11,6 +11,7 @@ CONF_BASIC_CALENDAR, CONF_CAL_ID, CONF_CHAT_SENSORS, + CONF_CONFIG_TYPE, CONF_EMAIL_SENSORS, CONF_ENABLE_UPDATE, CONF_ENTITIES, @@ -47,86 +48,55 @@ PERM_TASKS_READWRITE, PERM_USER_READ, TOKEN_FILE_MISSING, - TOKEN_FILENAME, YAML_CALENDARS, ) from ..schema import CALENDAR_DEVICE_SCHEMA -from .filemgmt import build_config_file_path, build_yaml_filename, load_yaml_file +from ..utils.filemgmt import ( + build_config_file_path, + build_token_filename, + build_yaml_filename, + load_yaml_file, +) _LOGGER = logging.getLogger(__name__) -def build_minimum_permissions(hass, config, conf_type): - """Build the minimum permissions required to operate.""" - scope = MinumumPermissions(hass, config, conf_type).scope - return scope - - -def build_requested_permissions(config): - """Build the requested permissions for the scope.""" - scope = RequiredPermissions(config).scope - return scope - - -def validate_permissions( - hass, minimum_permissions, token_path=DEFAULT_CACHE_PATH, filename=TOKEN_FILENAME -): - """Validate the permissions.""" - permissions = get_permissions(hass, token_path=token_path, filename=filename) - if permissions == TOKEN_FILE_MISSING: - return TOKEN_FILE_MISSING, None - - failed_permissions = [] - for minimum_perm in minimum_permissions: - permission_granted = validate_minimum_permission(minimum_perm, permissions) - if not permission_granted: - failed_permissions.append(minimum_perm[0]) - - if failed_permissions: - _LOGGER.warning( - "Minimum required permissions not granted: %s", - ", ".join(failed_permissions), - ) - return False, failed_permissions - - return True, None - - -def validate_minimum_permission(minimum_perm, permissions): - """Validate the minimum permissions.""" - if minimum_perm[0] in permissions: - return True - - return any(alternate_perm in permissions for alternate_perm in minimum_perm[1]) - - -def get_permissions(hass, token_path=DEFAULT_CACHE_PATH, filename=TOKEN_FILENAME): - """Get the permissions from the token file.""" - config_path = build_config_file_path(hass, token_path) - full_token_path = os.path.join(config_path, filename) - if not os.path.exists(full_token_path) or not os.path.isfile(full_token_path): - _LOGGER.warning("Could not locate token at %s", full_token_path) - return TOKEN_FILE_MISSING - with open(full_token_path, "r", encoding="UTF-8") as file_handle: - raw = file_handle.read() - permissions = json.loads(raw)["scope"] - - return permissions - - -class RequiredPermissions: - """Class in support of building required permssions.""" +class Permissions: + """Class in support of building permssion sets.""" - def __init__(self, config): + def __init__(self, hass, config): """Initialise the class.""" + self._hass = hass self._config = config + self._conf_type = config.get(CONF_CONFIG_TYPE) + + self._shared = PERM_SHARED if config.get(CONF_SHARED_MAILBOX) else "" self._enable_update = self._config.get(CONF_ENABLE_UPDATE, False) - self._scope = [PERM_OFFLINE_ACCESS, PERM_USER_READ] - self._shared = PERM_SHARED if self._config.get(CONF_SHARED_MAILBOX) else "" + self._minimum_permissions = [] + self._requested_permissions = [] + self._filename = build_token_filename(config, self._conf_type) + self._token_path = DEFAULT_CACHE_PATH + self._permissions = [] @property - def scope(self): + def minimum_permissions(self): """Return the required scope.""" + self._minimum_permissions = [ + PERM_MINIMUM_USER, + self._add_shared(PERM_MINIMUM_CALENDAR), + ] + self._build_email_min_permissions() + self._build_status_min_permissions() + self._build_chat_min_permissions() + self._build_todo_min_permissions() + self._build_autoreply_min_permissions() + self._build_group_min_permssions() + return self._minimum_permissions + + @property + def requested_permissions(self): + """Return the required scope.""" + self._requested_permissions = [PERM_OFFLINE_ACCESS, PERM_USER_READ] self._build_calendar_permissions() self._build_group_permissions() self._build_email_permissions() @@ -134,117 +104,85 @@ def scope(self): self._build_status_permissions() self._build_chat_permissions() self._build_todo_permissions() - return self._scope + return self._requested_permissions - def _build_calendar_permissions(self): - if self._config.get(CONF_BASIC_CALENDAR, False): - if self._enable_update: - _LOGGER.warning( - "'enable_update' should not be true when 'basic_calendar' is true ." - + "for account: %s ReadBasic used. ", - self._config[CONF_ACCOUNT_NAME], - ) - self._scope.append(PERM_CALENDARS_READBASIC + self._shared) - elif self._enable_update: - self._scope.extend( - (PERM_MAIL_SEND + self._shared, PERM_CALENDARS_READWRITE + self._shared) + @property + def permissions(self): + """Return the permission set.""" + if not self._permissions: + self._permissions = self.get_permissions() + + return self._permissions + + def get_permissions(self): + """Get the permissions from the token file.""" + config_path = build_config_file_path(self._hass, self._token_path) + full_token_path = os.path.join(config_path, self._filename) + if not os.path.exists(full_token_path) or not os.path.isfile(full_token_path): + _LOGGER.warning("Could not locate token at %s", full_token_path) + return TOKEN_FILE_MISSING + with open(full_token_path, "r", encoding="UTF-8") as file_handle: + raw = file_handle.read() + permissions = json.loads(raw)["scope"] + + return permissions + + def validate_permissions(self): + """Validate the permissions.""" + if self.permissions == TOKEN_FILE_MISSING: + return TOKEN_FILE_MISSING, None + + failed_permissions = [] + for minimum_perm in self.minimum_permissions: + permission_granted = self.validate_minimum_permission(minimum_perm) + if not permission_granted: + failed_permissions.append(minimum_perm[0]) + + if failed_permissions: + _LOGGER.warning( + "Minimum required permissions not granted: %s", + ", ".join(failed_permissions), ) - else: - self._scope.append(PERM_CALENDARS_READ + self._shared) - - def _build_group_permissions(self): - if self._config.get(CONF_GROUPS, False): - if self._enable_update: - self._scope.append(PERM_GROUP_READWRITE_ALL) - else: - self._scope.append(PERM_GROUP_READ_ALL) - - def _build_email_permissions(self): - email_sensors = self._config.get(CONF_EMAIL_SENSORS, []) - query_sensors = self._config.get(CONF_QUERY_SENSORS, []) - if len(email_sensors) > 0 or len(query_sensors) > 0: - self._scope.append(PERM_MAIL_READ + self._shared) - - def _build_autoreply_permissions(self): - auto_reply_sensors = self._config.get(CONF_AUTO_REPLY_SENSORS, []) - if len(auto_reply_sensors) > 0: - self._scope.append(PERM_MAILBOX_SETTINGS) + return False, failed_permissions - def _build_status_permissions(self): - status_sensors = self._config.get(CONF_STATUS_SENSORS, []) - if len(status_sensors) > 0: - self._scope.append(PERM_PRESENCE_READ) - - def _build_chat_permissions(self): - chat_sensors = self._config.get(CONF_CHAT_SENSORS, []) - if len(chat_sensors) > 0: - if chat_sensors[0][CONF_ENABLE_UPDATE]: - self._scope.append(PERM_CHAT_READWRITE) - else: - self._scope.append(PERM_CHAT_READ) - - def _build_todo_permissions(self): - todo_sensors = self._config.get(CONF_TODO_SENSORS, []) - if todo_sensors and todo_sensors.get(CONF_ENABLED, False): - if todo_sensors[CONF_ENABLE_UPDATE]: - self._scope.append(PERM_TASKS_READWRITE) - else: - self._scope.append(PERM_TASKS_READ) + return True, None + def validate_minimum_permission(self, minimum_perm): + """Validate the minimum permissions.""" + if minimum_perm[0] in self.permissions: + return True -class MinumumPermissions: - """Class in support of building minimum permssions.""" - - def __init__(self, hass, config, conf_type): - """Initialise the class.""" - self._hass = hass - self._config = config - self._conf_type = conf_type - - self._shared = PERM_SHARED if config.get(CONF_SHARED_MAILBOX) else None - self._minimum_permissions = [ - PERM_MINIMUM_USER, - self._add_shared(PERM_MINIMUM_CALENDAR), - ] - - @property - def scope(self): - """Return the required scope.""" - self._build_email_permissions() - self._build_status_permissions() - self._build_chat_permissions() - self._build_todo_permissions() - self._build_autoreply_permissions() - self._build_group_permssions() - return self._minimum_permissions + return any( + alternate_perm in self.permissions for alternate_perm in minimum_perm[1] + ) - def _build_email_permissions(self): + def _build_email_min_permissions(self): email_sensors = self._config.get(CONF_EMAIL_SENSORS, []) query_sensors = self._config.get(CONF_QUERY_SENSORS, []) if len(email_sensors) > 0 or len(query_sensors) > 0: self._minimum_permissions.append(self._add_shared(PERM_MINIMUM_MAIL)) - def _build_status_permissions(self): + def _build_status_min_permissions(self): status_sensors = self._config.get(CONF_STATUS_SENSORS, []) if len(status_sensors) > 0: self._minimum_permissions.append(PERM_MINIMUM_PRESENCE) - def _build_chat_permissions(self): + def _build_chat_min_permissions(self): chat_sensors = self._config.get(CONF_CHAT_SENSORS, []) if len(chat_sensors) > 0: self._minimum_permissions.append(PERM_MINIMUM_CHAT) - def _build_todo_permissions(self): + def _build_todo_min_permissions(self): todo_sensors = self._config.get(CONF_TODO_SENSORS, []) if len(todo_sensors) > 0 and todo_sensors.get(CONF_ENABLED, False): self._minimum_permissions.append(PERM_MINIMUM_TASKS) - def _build_autoreply_permissions(self): + def _build_autoreply_min_permissions(self): auto_reply_sensors = self._config.get(CONF_AUTO_REPLY_SENSORS, []) if len(auto_reply_sensors) > 0: self._minimum_permissions.append(PERM_MINIMUM_MAILBOX_SETTINGS) - def _build_group_permssions(self): + def _build_group_min_permssions(self): if self._group_permissions_required(): self._minimum_permissions.append(PERM_MINIMUM_GROUP) @@ -280,3 +218,58 @@ def _group_permissions_required(self): if entity[CONF_TRACK]: return True return False + + def _build_calendar_permissions(self): + if self._config.get(CONF_BASIC_CALENDAR, False): + if self._enable_update: + _LOGGER.warning( + "'enable_update' should not be true when 'basic_calendar' is true ." + + "for account: %s ReadBasic used. ", + self._config[CONF_ACCOUNT_NAME], + ) + self._requested_permissions.append(PERM_CALENDARS_READBASIC + self._shared) + elif self._enable_update: + self._requested_permissions.extend( + (PERM_MAIL_SEND + self._shared, PERM_CALENDARS_READWRITE + self._shared) + ) + else: + self._requested_permissions.append(PERM_CALENDARS_READ + self._shared) + + def _build_group_permissions(self): + if self._config.get(CONF_GROUPS, False): + if self._enable_update: + self._requested_permissions.append(PERM_GROUP_READWRITE_ALL) + else: + self._requested_permissions.append(PERM_GROUP_READ_ALL) + + def _build_email_permissions(self): + email_sensors = self._config.get(CONF_EMAIL_SENSORS, []) + query_sensors = self._config.get(CONF_QUERY_SENSORS, []) + if len(email_sensors) > 0 or len(query_sensors) > 0: + self._requested_permissions.append(PERM_MAIL_READ + self._shared) + + def _build_autoreply_permissions(self): + auto_reply_sensors = self._config.get(CONF_AUTO_REPLY_SENSORS, []) + if len(auto_reply_sensors) > 0: + self._requested_permissions.append(PERM_MAILBOX_SETTINGS) + + def _build_status_permissions(self): + status_sensors = self._config.get(CONF_STATUS_SENSORS, []) + if len(status_sensors) > 0: + self._requested_permissions.append(PERM_PRESENCE_READ) + + def _build_chat_permissions(self): + chat_sensors = self._config.get(CONF_CHAT_SENSORS, []) + if len(chat_sensors) > 0: + if chat_sensors[0][CONF_ENABLE_UPDATE]: + self._requested_permissions.append(PERM_CHAT_READWRITE) + else: + self._requested_permissions.append(PERM_CHAT_READ) + + def _build_todo_permissions(self): + todo_sensors = self._config.get(CONF_TODO_SENSORS, []) + if todo_sensors and todo_sensors.get(CONF_ENABLED, False): + if todo_sensors[CONF_ENABLE_UPDATE]: + self._requested_permissions.append(PERM_TASKS_READWRITE) + else: + self._requested_permissions.append(PERM_TASKS_READ) diff --git a/custom_components/o365/classes/sensorentity.py b/custom_components/o365/classes/sensorentity.py index 3d4a998..764cf64 100644 --- a/custom_components/o365/classes/sensorentity.py +++ b/custom_components/o365/classes/sensorentity.py @@ -2,9 +2,7 @@ import voluptuous as vol from homeassistant.helpers.update_coordinator import CoordinatorEntity -from ..const import ATTR_STATE, CONF_CONFIG_TYPE -from ..utils.filemgmt import build_token_filename -from ..utils.permissions import get_permissions, validate_minimum_permission +from ..const import ATTR_STATE, CONF_PERMISSIONS class O365Sensor(CoordinatorEntity): @@ -42,13 +40,9 @@ def unique_id(self): return self._unique_id def _validate_permissions(self, minimum_perm_list, required_permission): - permissions = get_permissions( - self.hass, - filename=build_token_filename( - self._config, self._config.get(CONF_CONFIG_TYPE) - ), - ) - if not validate_minimum_permission(minimum_perm_list, permissions): + if not self._config[CONF_PERMISSIONS].validate_minimum_permission( + minimum_perm_list + ): raise vol.Invalid( f"Not authorisied requires permission: {required_permission}" ) diff --git a/custom_components/o365/const.py b/custom_components/o365/const.py index 0230342..d36508a 100644 --- a/custom_components/o365/const.py +++ b/custom_components/o365/const.py @@ -101,6 +101,7 @@ class EventResponse(Enum): CONF_MAIL_FROM = "from" CONF_MAX_ITEMS = "max_items" CONF_MAX_RESULTS = "max_results" +CONF_PERMISSIONS = "permissions" CONF_QUERY_SENSORS = "query_sensors" CONF_SEARCH = "search" CONF_SHARED_MAILBOX = "shared_mailbox" diff --git a/custom_components/o365/notify.py b/custom_components/o365/notify.py index f06bd22..134896c 100644 --- a/custom_components/o365/notify.py +++ b/custom_components/o365/notify.py @@ -19,15 +19,14 @@ ATTR_ZIP_NAME, CONF_ACCOUNT, CONF_ACCOUNT_NAME, - CONF_CONFIG_TYPE, + CONF_PERMISSIONS, DOMAIN, LEGACY_ACCOUNT_NAME, PERM_MAIL_SEND, PERM_MINIMUM_SEND, ) from .schema import NOTIFY_SERVICE_BASE_SCHEMA -from .utils.filemgmt import build_token_filename, get_ha_filepath, zip_files -from .utils.permissions import get_permissions, validate_minimum_permission +from .utils.filemgmt import get_ha_filepath, zip_files _LOGGER = logging.getLogger(__name__) @@ -41,12 +40,8 @@ async def async_get_service( account_name = discovery_info[CONF_ACCOUNT_NAME] conf = hass.data[DOMAIN][account_name] account = conf[CONF_ACCOUNT] - permissions = get_permissions( - hass, - filename=build_token_filename(conf, conf.get(CONF_CONFIG_TYPE)), - ) - if account.is_authenticated and validate_minimum_permission( - PERM_MINIMUM_SEND, permissions + if account.is_authenticated and conf[CONF_PERMISSIONS].validate_minimum_permission( + PERM_MINIMUM_SEND ): return O365EmailService(account, hass, conf) @@ -59,9 +54,7 @@ class O365EmailService(BaseNotificationService): def __init__(self, account, hass, config): """Initialize the service.""" self.account = account - self._permissions = get_permissions( - hass, filename=build_token_filename(config, config.get(CONF_CONFIG_TYPE)) - ) + self._config = config self._cleanup_files = [] self._hass = hass self._account_name = config.get(CONF_ACCOUNT_NAME, None) @@ -82,7 +75,9 @@ def send_message(self, message="", **kwargs): async def async_send_message(self, message="", **kwargs): """Send an async message to a user.""" - if not validate_minimum_permission(PERM_MINIMUM_SEND, self._permissions): + if not self._config[CONF_PERMISSIONS].validate_minimum_permission( + PERM_MINIMUM_SEND + ): _LOGGER.error( "Not authorisied to send mail - requires permission: %s", PERM_MAIL_SEND ) diff --git a/custom_components/o365/repairs.py b/custom_components/o365/repairs.py index e8b4c28..59e684f 100644 --- a/custom_components/o365/repairs.py +++ b/custom_components/o365/repairs.py @@ -12,6 +12,7 @@ from homeassistant.core import HomeAssistant, callback from homeassistant.helpers.network import get_url +from .classes.permissions import Permissions from .const import ( AUTH_CALLBACK_NAME, AUTH_CALLBACK_PATH_ALT, @@ -28,12 +29,6 @@ ) from .schema import REQUEST_AUTHORIZATION_DEFAULT_SCHEMA from .setup import do_setup -from .utils.filemgmt import build_token_filename -from .utils.permissions import ( - build_minimum_permissions, - build_requested_permissions, - validate_permissions, -) _LOGGER = logging.getLogger(__name__) @@ -55,7 +50,8 @@ def __init__( self._alt_config = self._conf.get(CONF_ALT_AUTH_METHOD) self._account_name = self._conf.get(CONF_ACCOUNT_NAME) self._callback_url = get_callback_url(hass, self._alt_config) - scope = build_requested_permissions(self._conf) + self._permissions = Permissions(hass, self._conf) + scope = self._permissions.requested_permissions self._url, self._state = self._account.con.get_authorization_url( requested_scopes=scope, redirect_uri=self._callback_url ) @@ -149,13 +145,7 @@ async def _async_validate_response(self, user_input): errors[CONF_URL] = "token_file_error" return errors - token_file = build_token_filename(self._conf, self._conf_type) - minimum_permissions = build_minimum_permissions( - self.hass, self._conf, self._conf_type - ) - permissions, self._failed_permissions = validate_permissions( - self.hass, minimum_permissions, filename=token_file - ) + permissions, self._failed_permissions = self._permissions.validate_permissions() if permissions == TOKEN_FILE_MISSING: errors[CONF_URL] = "missing_token_file" return errors diff --git a/custom_components/o365/sensor.py b/custom_components/o365/sensor.py index 4b47900..d647258 100644 --- a/custom_components/o365/sensor.py +++ b/custom_components/o365/sensor.py @@ -37,10 +37,10 @@ CONF_ACCOUNT_NAME, CONF_AUTO_REPLY_SENSORS, CONF_CHAT_SENSORS, - CONF_CONFIG_TYPE, CONF_EMAIL_SENSORS, CONF_ENABLE_UPDATE, CONF_MAIL_FOLDER, + CONF_PERMISSIONS, CONF_QUERY_SENSORS, CONF_STATUS_SENSORS, CONF_TASK_LIST_ID, @@ -74,12 +74,10 @@ ) from .utils.filemgmt import ( build_config_file_path, - build_token_filename, build_yaml_filename, load_yaml_file, update_task_list_file, ) -from .utils.permissions import get_permissions, validate_minimum_permission from .utils.utils import build_entity_id, get_email_attributes _LOGGER = logging.getLogger(__name__) @@ -530,12 +528,13 @@ def _raise_event(self, event_type, task_id, time_type, task_datetime): async def _async_setup_register_services(hass, config): - await _async_setup_task_services(hass, config) - await _async_setup_chat_services(hass, config) - await _async_setup_mailbox_services(hass, config) + perms = config[CONF_PERMISSIONS] + await _async_setup_task_services(hass, config, perms) + await _async_setup_chat_services(config, perms) + await _async_setup_mailbox_services(config, perms) -async def _async_setup_task_services(hass, config): +async def _async_setup_task_services(hass, config, perms): todo_sensors = config.get(CONF_TODO_SENSORS) if ( not todo_sensors @@ -549,12 +548,8 @@ async def _async_setup_task_services(hass, config): DOMAIN, "scan_for_task_lists", sensor_services.async_scan_for_task_lists ) - permissions = get_permissions( - hass, - filename=build_token_filename(config, config.get(CONF_CONFIG_TYPE)), - ) platform = entity_platform.async_get_current_platform() - if validate_minimum_permission(PERM_MINIMUM_TASKS_WRITE, permissions): + if perms.validate_minimum_permission(PERM_MINIMUM_TASKS_WRITE): platform.async_register_entity_service( "new_task", TASK_SERVICE_NEW_SCHEMA, @@ -577,7 +572,7 @@ async def _async_setup_task_services(hass, config): ) -async def _async_setup_chat_services(hass, config): +async def _async_setup_chat_services(config, perms): chat_sensors = config.get(CONF_CHAT_SENSORS) if not chat_sensors: return @@ -585,12 +580,8 @@ async def _async_setup_chat_services(hass, config): if not chat_sensor or not chat_sensor.get(CONF_ENABLE_UPDATE): return - permissions = get_permissions( - hass, - filename=build_token_filename(config, config.get(CONF_CONFIG_TYPE)), - ) platform = entity_platform.async_get_current_platform() - if validate_minimum_permission(PERM_MINIMUM_CHAT_WRITE, permissions): + if perms.validate_minimum_permission(PERM_MINIMUM_CHAT_WRITE): platform.async_register_entity_service( "send_chat_message", CHAT_SERVICE_SEND_MESSAGE_SCHEMA, @@ -598,19 +589,15 @@ async def _async_setup_chat_services(hass, config): ) -async def _async_setup_mailbox_services(hass, config): +async def _async_setup_mailbox_services(config, perms): if not config.get(CONF_ENABLE_UPDATE): return if not config.get(CONF_AUTO_REPLY_SENSORS): return - permissions = get_permissions( - hass, - filename=build_token_filename(config, config.get(CONF_CONFIG_TYPE)), - ) platform = entity_platform.async_get_current_platform() - if validate_minimum_permission(PERM_MINIMUM_MAILBOX_SETTINGS, permissions): + if perms.validate_minimum_permission(PERM_MINIMUM_MAILBOX_SETTINGS): platform.async_register_entity_service( "auto_reply_enable", AUTO_REPLY_SERVICE_ENABLE_SCHEMA, diff --git a/custom_components/o365/setup.py b/custom_components/o365/setup.py index 759a972..2ed92df 100644 --- a/custom_components/o365/setup.py +++ b/custom_components/o365/setup.py @@ -11,6 +11,7 @@ CONF_CONFIG_TYPE, CONF_EMAIL_SENSORS, CONF_ENABLE_UPDATE, + CONF_PERMISSIONS, CONF_QUERY_SENSORS, CONF_STATUS_SENSORS, CONF_TODO_SENSORS, @@ -19,7 +20,7 @@ ) -def do_setup(hass, config, account, account_name, conf_type): +def do_setup(hass, config, account, account_name, conf_type, perms): """Run the setup after we have everything configured.""" email_sensors = config.get(CONF_EMAIL_SENSORS, []) query_sensors = config.get(CONF_QUERY_SENSORS, []) @@ -41,6 +42,7 @@ def do_setup(hass, config, account, account_name, conf_type): CONF_TRACK_NEW_CALENDAR: config.get(CONF_TRACK_NEW_CALENDAR, True), CONF_ACCOUNT_NAME: config.get(CONF_ACCOUNT_NAME, ""), CONF_CONFIG_TYPE: conf_type, + CONF_PERMISSIONS: perms, } if DOMAIN not in hass.data: hass.data[DOMAIN] = {}