From f520d4b8dd49d5205e84993d7ac8b24a864a9c02 Mon Sep 17 00:00:00 2001 From: Josh Hawkins <32435876+hawkeye217@users.noreply.github.com> Date: Thu, 11 Sep 2025 07:38:03 -0500 Subject: [PATCH] fix post validation for roles --- frigate/config/config.py | 33 ++++++++++++--------------------- 1 file changed, 12 insertions(+), 21 deletions(-) diff --git a/frigate/config/config.py b/frigate/config/config.py index 494f297a3..23f77aa9d 100644 --- a/frigate/config/config.py +++ b/frigate/config/config.py @@ -719,6 +719,18 @@ class FrigateConfig(FrigateBaseModel): "Frigate+ is configured but clean snapshots are not enabled, submissions to Frigate+ will not be possible./" ) + # Validate auth roles against cameras + camera_names = set(self.cameras.keys()) + + for role, allowed_cameras in self.auth.roles.items(): + invalid_cameras = [ + cam for cam in allowed_cameras if cam not in camera_names + ] + if invalid_cameras: + logger.warning( + f"Role '{role}' references non-existent cameras: {invalid_cameras}. " + ) + return self @field_validator("cameras") @@ -730,27 +742,6 @@ class FrigateConfig(FrigateBaseModel): raise ValueError("Zones cannot share names with cameras") return v - @field_validator("auth") - @classmethod - def validate_auth_roles(cls, v: AuthConfig, info: ValidationInfo) -> AuthConfig: - # Access cameras from the validated model - frigate_config = info.data.get("cameras", {}) - camera_names = ( - set(frigate_config.keys()) if isinstance(frigate_config, dict) else set() - ) - - for role, allowed_cameras in v.roles.items(): - invalid_cameras = [ - cam for cam in allowed_cameras if cam not in camera_names - ] - if invalid_cameras: - logger.warning( - f"Role '{role}' references non-existent cameras: {invalid_cameras}. " - f"These will grant no access until cameras are added." - ) - - return v - @classmethod def load(cls, **kwargs): """Loads the Frigate config file, runs migrations, and creates the config object."""