always allow retrieving (censored) subscription info

like we do for PVE. this is visible on the dashboard, and caused 403 on
each update which bothers me when looking at the dev console.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2020-09-16 11:51:13 +02:00 committed by Dietmar Maurer
parent 463c03462a
commit 9626c28619

View File

@ -1,11 +1,12 @@
use anyhow::{Error};
use serde_json::{json, Value};
use proxmox::api::{api, Router, Permission};
use proxmox::api::{api, Router, RpcEnvironment, Permission};
use crate::tools;
use crate::config::acl::PRIV_SYS_AUDIT;
use crate::api2::types::NODE_SCHEMA;
use crate::config::cached_user_info::CachedUserInfo;
use crate::api2::types::{NODE_SCHEMA, Userid};
#[api(
input: {
@ -28,7 +29,7 @@ use crate::api2::types::NODE_SCHEMA;
},
serverid: {
type: String,
description: "The unique server ID.",
description: "The unique server ID, if permitted to access.",
},
url: {
type: String,
@ -37,18 +38,29 @@ use crate::api2::types::NODE_SCHEMA;
},
},
access: {
permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false),
permission: &Permission::Anybody,
},
)]
/// Read subscription info.
fn get_subscription(_param: Value) -> Result<Value, Error> {
fn get_subscription(
_param: Value,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &[]);
let server_id = if (user_privs & PRIV_SYS_AUDIT) != 0 {
tools::get_hardware_address()?
} else {
"hidden".to_string()
};
let url = "https://www.proxmox.com/en/proxmox-backup-server/pricing";
Ok(json!({
"status": "NotFound",
"message": "There is no subscription key",
"serverid": tools::get_hardware_address()?,
"url": url,
"message": "There is no subscription key",
"serverid": server_id,
"url": url,
}))
}