tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

always allow retrieving (censored) subscription info 

like we do for PVE. this is visible on the dashboard, and caused 403 on
each update which bothers me when looking at the dev console.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2020-09-16 11:51:13 +02:00 committed by Dietmar Maurer
parent 463c03462a
commit 9626c28619
1 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/api2/node/subscription.rs
View File

@ -1,11 +1,12 @@
use anyhow::{Error}; use anyhow::{Error};
use serde_json::{json, Value}; use serde_json::{json, Value};
use proxmox::api::{api, Router, Permission}; use proxmox::api::{api, Router, RpcEnvironment, Permission};
use crate::tools; use crate::tools;
use crate::config::acl::PRIV_SYS_AUDIT; use crate::config::acl::PRIV_SYS_AUDIT;
use crate::api2::types::NODE_SCHEMA; use crate::config::cached_user_info::CachedUserInfo;
use crate::api2::types::{NODE_SCHEMA, Userid};
#[api( #[api(
input: { input: {
@ -28,7 +29,7 @@ use crate::api2::types::NODE_SCHEMA;
}, },
serverid: { serverid: {
type: String, type: String,
description: "The unique server ID.", description: "The unique server ID, if permitted to access.",
}, },
url: { url: {
type: String, type: String,
@ -37,18 +38,29 @@ use crate::api2::types::NODE_SCHEMA;
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false), permission: &Permission::Anybody,
}, },
)] )]
/// Read subscription info. /// Read subscription info.
fn get_subscription(_param: Value) -> Result<Value, Error> { fn get_subscription(
_param: Value,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &[]);
let server_id = if (user_privs & PRIV_SYS_AUDIT) != 0 {
tools::get_hardware_address()?
} else {
"hidden".to_string()
};
let url = "https://www.proxmox.com/en/proxmox-backup-server/pricing"; let url = "https://www.proxmox.com/en/proxmox-backup-server/pricing";
Ok(json!({ Ok(json!({
"status": "NotFound", "status": "NotFound",
"message": "There is no subscription key", "message": "There is no subscription key",
"serverid": tools::get_hardware_address()?, "serverid": server_id,
"url": url, "url": url,
})) }))
} }