From 7e12f4af14dc6e58446290f1cb059b8b261f8314 Mon Sep 17 00:00:00 2001 From: Jesus Bermudez Velazquez Date: Wed, 4 Sep 2024 18:59:46 +0100 Subject: [PATCH] Check LTSS product to verify After a non free extension has been activated successfully on a PAYG system, RMT calls ZypperAuth verify_instance method without any other information, the SCC verification of the activation would fail as there is no product info to check against Adding the product id present in the request params, that way RMT can fetch the product class and verify properly This Fixes bsc#1230154 --- engines/zypper_auth/lib/zypper_auth/engine.rb | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/engines/zypper_auth/lib/zypper_auth/engine.rb b/engines/zypper_auth/lib/zypper_auth/engine.rb index db43ac907..e7df82363 100644 --- a/engines/zypper_auth/lib/zypper_auth/engine.rb +++ b/engines/zypper_auth/lib/zypper_auth/engine.rb @@ -6,7 +6,7 @@ def auth_logger Thread.current[:logger] end - def verify_instance(request, logger, system) + def verify_instance(request, logger, system, params_product_id = nil) return false unless request.headers['X-Instance-Data'] instance_data = Base64.decode64(request.headers['X-Instance-Data'].to_s) @@ -31,7 +31,7 @@ def verify_instance(request, logger, system) ) is_valid = verification_provider.instance_valid? - return false if is_valid && system.hybrid? && !handle_scc_subscription(request, system, verification_provider, logger) + return false if is_valid && system.hybrid? && !handle_scc_subscription(request, system, verification_provider, logger, params_product_id) # update repository and registry cache InstanceVerification.update_cache(request.remote_ip, system.login, base_product.id) is_valid @@ -49,8 +49,9 @@ def verify_instance(request, logger, system) false end - def handle_scc_subscription(request, system, verification_provider, logger) - result = SccProxy.scc_check_subscription_expiration(request.headers, system.login, system.system_token, logger, system.proxy_byos_mode) + def handle_scc_subscription(request, system, verification_provider, logger, params_product_id = nil) + product_class = Product.find_by(id: params_product_id).product_class if params_product_id.present? + result = SccProxy.scc_check_subscription_expiration(request.headers, system.login, system.system_token, logger, system.proxy_byos_mode, product_class) return true if result[:is_active] ZypperAuth.zypper_auth_message(request, system, verification_provider, result[:message]) @@ -128,7 +129,7 @@ def make_repo_url(base_url, repo_local_path, service_name = nil) # additional validation for zypper service XML controller before_action :verify_instance def verify_instance - unless ZypperAuth.verify_instance(request, logger, @system) + unless ZypperAuth.verify_instance(request, logger, @system, params.fetch('id', nil)) render(xml: { error: 'Instance verification failed' }, status: 403) end end