dnf5daemon-server: clean(cache-expire) requires root password

[mcrha]

This is with dnf5daemon-server-5.2.5.0-20240827005816.54.gbb826e17.fc39.x86_64 .

Calling org.rpm.dnf.v0.Base::clear('cache-expire') requires admin privileges, which is reflected by a password prompt.

Calling org.rpm.dnf.v0.Base::read_all_repos() does not require admin privileges.

It would be better for both of these to not require admin privileges.

Use case: to simulate dnf update --refresh, I need to call clear() first, followed by read_all_repos(). Calling only the read_all_repos() is not enough when the user of the app wants to force the refresh of the metadata and eventually to find new updates.

The read_all_repos() does modify information about the repositories, similar to the clear(cache-expire), hence it would make sense to not require the admin privileges as well.

I can understand it's hard to distinguish which clear() mode is in use for the polkit rules, thus an alternative would be to add an options argument to the read_all_repos() call and recognize a single option cache-expire or force or similar, to set the cache expiration before the actual read of all the repos.

[mcrha]

While being at it, even better than a simple cache-expire option would be cache-age-secs option, telling the daemon that when the cache is older than cache-age-secs seconds it should be refreshed, where 0 means always refresh, and otherwise do not refresh the cache/metadata.