With Proxmox VE 8, we'll have support for a enterprise ceph repo,
accessed through Proxmox VE subscriptions, to provide more broadly
tested ceph updates for production setups.
Replace the test-repository parameter with an actual enum of
selectable repo types for:
- test (same as previously selected through setting test-repository)
- no-subscription (the previous default, then named "main")
- enterprise (new and the default now, recommended for production)
Note that writing the auth-part is a bit hacky and might/should be
improved.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
commit 2d2ed7ab53 had a valid cause but
unnecessarily used the static PVE::AccessControl::check_permissions.
As the RPCEnvironment based check method has a "$noerr" parameter and
we already have a rpcenv instance readily available, we can use that
one just fine.
this is the last caller of PVE::AccessControl::check_permissions(),
which is the last caller of PVE::AccessControl::permission(). both can
thus be dropped altogether.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
when using 'check_permissions' directly, we have to actually use the
nodename in the path, else we check the wrong permission and one
needed to have propagating 'Sys.Audit' permissions on '/nodes' for
this to work.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
workaround to keep the subscription popup on login even without 'Sys.Audit'
permissions but remove the subscription details in the GUI for unauthorized
users.
Allow users which have Sys.Audit on a specific node to get the
subscription status and those with Sys.Modify to set and check
(update) it.
This mirrors the required permissions from other node specific
actions, e.g., APT (package management).
We always showed the Subscription Panel and all its elements in the
WebUI, so no need for change there.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
