1 use anyhow
::{Error, format_err, bail}
;
4 use proxmox
::api
::{api, Router, RpcEnvironment, Permission}
;
7 use crate::tools
::subscription
::{self, SubscriptionStatus, SubscriptionInfo}
;
8 use crate::config
::acl
::{PRIV_SYS_AUDIT,PRIV_SYS_MODIFY}
;
9 use crate::config
::cached_user_info
::CachedUserInfo
;
10 use crate::api2
::types
::{NODE_SCHEMA, Userid}
;
19 description
: "Always connect to server, even if information in cache is up to date.",
28 permission
: &Permission
::Privilege(&["system"], PRIV_SYS_MODIFY
, false),
31 /// Check and update subscription status.
32 fn check_subscription(
34 ) -> Result
<(), Error
> {
36 let info
= match subscription
::read_subscription() {
37 Err(err
) => bail
!("could not read subscription status: {}", err
),
38 Ok(Some(info
)) => info
,
39 Ok(None
) => return Ok(()),
42 let server_id
= tools
::get_hardware_address()?
;
43 let key
= if let Some(key
) = info
.key
{
44 // always update apt auth if we have a key to ensure user can access enterprise repo
45 subscription
::update_apt_auth(Some(key
.to_owned()), Some(server_id
.to_owned()))?
;
51 if !force
&& info
.status
== SubscriptionStatus
::ACTIVE
{
52 let age
= proxmox
::tools
::time
::epoch_i64() - info
.checktime
.unwrap_or(i64::MAX
);
53 if age
< subscription
::MAX_LOCAL_KEY_AGE
{
58 let info
= subscription
::check_subscription(key
, server_id
)?
;
60 subscription
::write_subscription(info
)
61 .map_err(|e
| format_err
!("Error writing updated subscription status - {}", e
))?
;
75 description
: "Subscription status.",
76 type: SubscriptionInfo
,
79 permission
: &Permission
::Anybody
,
82 /// Read subscription info.
85 rpcenv
: &mut dyn RpcEnvironment
,
86 ) -> Result
<SubscriptionInfo
, Error
> {
87 let url
= "https://www.proxmox.com/en/proxmox-backup-server/pricing";
89 let info
= match subscription
::read_subscription() {
90 Err(err
) => bail
!("could not read subscription status: {}", err
),
91 Ok(Some(info
)) => info
,
92 Ok(None
) => SubscriptionInfo
{
93 status
: SubscriptionStatus
::NOTFOUND
,
94 message
: Some("There is no subscription key".into()),
95 serverid
: Some(tools
::get_hardware_address()?
),
96 url
: Some(url
.into()),
101 let userid
: Userid
= rpcenv
.get_user().unwrap().parse()?
;
102 let user_info
= CachedUserInfo
::new()?
;
103 let user_privs
= user_info
.lookup_privs(&userid
, &[]);
105 if (user_privs
& PRIV_SYS_AUDIT
) == 0 {
106 // not enough privileges for full state
107 return Ok(SubscriptionInfo
{
109 message
: info
.message
,
125 description
: "Proxmox Backup Server subscription key",
133 permission
: &Permission
::Privilege(&["system"], PRIV_SYS_MODIFY
, false),
136 /// Set a subscription key and check it.
139 ) -> Result
<(), Error
> {
141 let server_id
= tools
::get_hardware_address()?
;
143 let info
= subscription
::check_subscription(key
, server_id
.to_owned())?
;
145 subscription
::write_subscription(info
)
146 .map_err(|e
| format_err
!("Error writing subscription status - {}", e
))?
;
161 permission
: &Permission
::Privilege(&["system"], PRIV_SYS_MODIFY
, false),
164 /// Delete subscription info.
165 fn delete_subscription() -> Result
<(), Error
> {
167 subscription
::delete_subscription()
168 .map_err(|err
| format_err
!("Deleting subscription failed: {}", err
))?
;
173 pub const ROUTER
: Router
= Router
::new()
174 .post(&API_METHOD_CHECK_SUBSCRIPTION
)
175 .put(&API_METHOD_SET_SUBSCRIPTION
)
176 .delete(&API_METHOD_DELETE_SUBSCRIPTION
)
177 .get(&API_METHOD_GET_SUBSCRIPTION
);