From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <l.wagner@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id A989C61661
 for <pve-devel@lists.proxmox.com>; Wed, 26 Jul 2023 11:50:39 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 413C83532
 for <pve-devel@lists.proxmox.com>; Wed, 26 Jul 2023 11:50:11 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pve-devel@lists.proxmox.com>; Wed, 26 Jul 2023 11:50:10 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 1CF0545971
 for <pve-devel@lists.proxmox.com>; Wed, 26 Jul 2023 11:50:10 +0200 (CEST)
From: Lukas Wagner <l.wagner@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Wed, 26 Jul 2023 11:49:37 +0200
Message-Id: <20230726095002.325276-6-l.wagner@proxmox.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230726095002.325276-1-l.wagner@proxmox.com>
References: <20230726095002.325276-1-l.wagner@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.063 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pve-devel] [PATCH v5 pve-manager 05/30] api: apt: send
 notification via new notification module
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 26 Jul 2023 09:50:39 -0000

... instead of using sendmail directly

If the new 'target-package-updates' is set, we send a
notification to this target. If not, we continue to send
a mail to root@pam (if the mail address is configured)

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
---
 PVE/API2/APT.pm | 99 ++++++++++++++++++++++++++++++++++---------------
 1 file changed, 70 insertions(+), 29 deletions(-)

diff --git a/PVE/API2/APT.pm b/PVE/API2/APT.pm
index 6694dbeb..93a6970e 100644
--- a/PVE/API2/APT.pm
+++ b/PVE/API2/APT.pm
@@ -19,6 +19,7 @@ use PVE::DataCenterConfig;
 use PVE::SafeSyslog;
 use PVE::INotify;
 use PVE::Exception;
+use PVE::Notify;
 use PVE::RESTHandler;
 use PVE::RPCEnvironment;
 use PVE::API2Tools;
@@ -272,6 +273,12 @@ __PACKAGE__->register_method({
 	return $pkglist;
     }});
 
+my $updates_available_subject_template = "New software packages available ({{hostname}})";
+my $updates_available_body_template = <<EOT;
+The following updates are available:
+{{table updates}}
+EOT
+
 __PACKAGE__->register_method({
     name => 'update_database',
     path => 'update',
@@ -279,6 +286,8 @@ __PACKAGE__->register_method({
     description => "This is used to resynchronize the package index files from their sources (apt-get update).",
     permissions => {
 	check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
+	description => "If 'notify: target-package-updates' is set, then the user must have the "
+	    . "'Mapping.Use' permission on '/mapping/notification/<target>'",
     },
     protected => 1,
     proxyto => 'node',
@@ -307,6 +316,17 @@ __PACKAGE__->register_method({
 	my ($param) = @_;
 
 	my $rpcenv = PVE::RPCEnvironment::get();
+	my $dcconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
+	my $target = $dcconf->{notify}->{'target-package-updates'} //
+	    PVE::Notify::default_target();
+
+	if ($param->{notify} && $target ne PVE::Notify::default_target()) {
+	    # If we notify via anything other than the default target (mail to root),
+	    # then the user must have the proper permissions for the target.
+	    # The mail-to-root target does not require these, as otherwise
+	    # we would break compatibility.
+	    PVE::Notify::check_may_use_target($target, $rpcenv);
+	}
 
 	my $authuser = $rpcenv->get_user();
 
@@ -314,7 +334,6 @@ __PACKAGE__->register_method({
 	    my $upid = shift;
 
 	    # setup proxy for apt
-	    my $dcconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
 
 	    my $aptconf = "// no proxy configured\n";
 	    if ($dcconf->{http_proxy}) {
@@ -336,39 +355,59 @@ __PACKAGE__->register_method({
 	    my $pkglist = &$update_pve_pkgstatus();
 
 	    if ($param->{notify} && scalar(@$pkglist)) {
+		my $updates_table = {
+		    schema => {
+			columns => [
+			    {
+				label => "Package",
+				id    => "package",
+			    },
+			    {
+				label => "Old Version",
+				id    => "old-version",
+			    },
+			    {
+				label => "New Version",
+				id    => "new-version",
+			    }
+			]
+		    },
+		    data => []
+		};
+
+		my $hostname = `hostname -f` || PVE::INotify::nodename();
+		chomp $hostname;
+
+		my $count = 0;
+		foreach my $p (sort {$a->{Package} cmp $b->{Package} } @$pkglist) {
+		    next if $p->{NotifyStatus} && $p->{NotifyStatus} eq $p->{Version};
+		    $count++;
+
+		    push @{$updates_table->{data}}, {
+			"package"     => $p->{Package},
+			"old-version" => $p->{OldVersion},
+			"new-version" => $p->{Version}
+		    };
+		}
 
-		my $usercfg = PVE::Cluster::cfs_read_file("user.cfg");
-		my $rootcfg = $usercfg->{users}->{'root@pam'} || {};
-		my $mailto = $rootcfg->{email};
-
-		if ($mailto) {
-		    my $hostname = `hostname -f` || PVE::INotify::nodename();
-		    chomp $hostname;
-		    my $mailfrom = $dcconf->{email_from} || "root";
-		    my $subject = "New software packages available ($hostname)";
-
-		    my $data = "The following updates are available:\n\n";
-
-		    my $count = 0;
-		    foreach my $p (sort {$a->{Package} cmp $b->{Package} } @$pkglist) {
-			next if $p->{NotifyStatus} && $p->{NotifyStatus} eq $p->{Version};
-			$count++;
-			if ($p->{OldVersion}) {
-			    $data .= "$p->{Package}: $p->{OldVersion} ==> $p->{Version}\n";
-			} else {
-			    $data .= "$p->{Package}: $p->{Version} (new)\n";
-			}
-		    }
+		return if !$count;
 
-		    return if !$count;
+		my $properties = {
+		    updates  => $updates_table,
+		    hostname => $hostname,
+		};
 
-		    PVE::Tools::sendmail($mailto, $subject, $data, undef, $mailfrom, '');
+		PVE::Notify::info(
+		    $target,
+		    $updates_available_subject_template,
+		    $updates_available_body_template,
+		    $properties,
+		);
 
-		    foreach my $pi (@$pkglist) {
-			$pi->{NotifyStatus} = $pi->{Version};
-		    }
-		    PVE::Tools::file_set_contents($pve_pkgstatus_fn, encode_json($pkglist));
+		foreach my $pi (@$pkglist) {
+		    $pi->{NotifyStatus} = $pi->{Version};
 		}
+		PVE::Tools::file_set_contents($pve_pkgstatus_fn, encode_json($pkglist));
 	    }
 
 	    return;
@@ -378,6 +417,8 @@ __PACKAGE__->register_method({
 
     }});
 
+
+
 __PACKAGE__->register_method({
     name => 'changelog',
     path => 'changelog',
-- 
2.39.2