From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 8C8BF1FF13B
	for <inbox@lore.proxmox.com>; Wed, 11 Feb 2026 10:49:43 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 61AE817621;
	Wed, 11 Feb 2026 10:50:24 +0100 (CET)
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Date: Wed, 11 Feb 2026 10:49:45 +0100
Message-Id: <DGC1ESZ0WWAL.2E5RRYJO5QOV0@proxmox.com>
Subject: Re: [PATCH pve-manager 2/5] notifications: Add refresh-targets
 endpoint
From: "Lukas Wagner" <l.wagner@proxmox.com>
To: "Arthur Bied-Charreton" <a.bied-charreton@proxmox.com>,
 <pve-devel@lists.proxmox.com>
X-Mailer: aerc 0.21.0-0-g5549850facc2-dirty
References: <20260204161354.458814-1-a.bied-charreton@proxmox.com>
 <20260204161354.458814-11-a.bied-charreton@proxmox.com>
In-Reply-To: <20260204161354.458814-11-a.bied-charreton@proxmox.com>
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1770803300040
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.036 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	RCVD_IN_VALIDITY_RPBL_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	RCVD_IN_VALIDITY_SAFE_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: QAZUS7EOK6FOU7BVOY73LR6TKQDZX3PB
X-Message-ID-Hash: QAZUS7EOK6FOU7BVOY73LR6TKQDZX3PB
X-MailFrom: l.wagner@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

On Wed Feb 4, 2026 at 5:13 PM CET, Arthur Bied-Charreton wrote:
> This endpoint allows triggering a refresh of the notification targets'
> state, e.g., to prevent OAuth2 refresh tokens from expiring.
>
> Signed-off-by: Arthur Bied-Charreton <a.bied-charreton@proxmox.com>
> ---
>  PVE/API2/Cluster/Notifications.pm | 34 +++++++++++++++++++++++++++++++
>  1 file changed, 34 insertions(+)
>
> diff --git a/PVE/API2/Cluster/Notifications.pm b/PVE/API2/Cluster/Notific=
ations.pm
> index a45a15b2..f993817d 100644
> --- a/PVE/API2/Cluster/Notifications.pm
> +++ b/PVE/API2/Cluster/Notifications.pm
> @@ -321,6 +321,40 @@ __PACKAGE__->register_method({
>      },
>  });
> =20
> +__PACKAGE__->register_method({
> +    name =3D> "refresh_targets",
> +    path =3D> 'refresh-targets',

Same note here regarding naming, I think 'refresh-targets' is a bit too
generic for my taste. Either we fully narrow it down to
'refresh-oauth-tokens', or make it rather general, e.g.
'trigger-periodic-maintenance' (or something similar, you get the
general direction), covering the case that *maybe* some other endpoint
could need some periodic action as well.

Also, do have any plans of exposing this in the GUI somehow? It's
definitely nice to have this available via pvesh for manual
troubleshooting by an admin anyways, so the API endpoint makes sense;
but as far as I can tell you do not use this endpoint anywhere in the
GUI code; hence I'm asking.

> +    protected =3D> 1,
> +    method =3D> 'POST',
> +    description =3D> 'Refresh state for all targets',
> +    permissions =3D> {
> +        check =3D> [
> +            'and',
> +            ['perm', '/mapping/notifications', ['Mapping.Modify']],
> +            [
> +                'or',
> +                ['perm', '/', ['Sys.Audit', 'Sys.Modify']],
> +                ['perm', '/', ['Sys.AccessNetwork']],
> +            ],
> +        ],
> +    },
> +    parameters =3D> {
> +        additionalProperties =3D> 0,
> +        properties =3D> {},
> +    },
> +    returns =3D> { type =3D> 'null' },
> +    code =3D> sub {
> +        eval {
> +            my $config =3D PVE::Notify::read_config();
> +            $config->refresh_targets();
> +        };
> +
> +        raise_api_error($@) if $@;
> +
> +        return;
> +    },
> +});
> +
>  __PACKAGE__->register_method({
>      name =3D> 'test_target',
>      path =3D> 'targets/{name}/test',