code cleanup

[pve-access-control.git] / PVE / API2 / Group.pm

diff --git a/PVE/API2/Group.pm b/PVE/API2/Group.pm
index ddea3dc3e7f2f93cba80b356f49fa8363e2b1d4c..373e8e2da4bebdd50ea8dbdb971262592eda7c30 100644 (file)
--- a/PVE/API2/Group.pm
+++ b/PVE/API2/Group.pm
@@ -34,7 +34,7 @@ __PACKAGE__->register_method ({
     method => 'GET',
     description => "Group index.",
     permissions => { 
-       description => "The returned list is restricted to groups where you have 'User.Add' or 'Sys.Audit' permissions on '/access', or 'User.Add' on /access/groups/<group>.",
+       description => "The returned list is restricted to groups where you have 'User.Allocate' or 'Sys.Audit' permissions on '/access', or 'User.Allocate' on /access/groups/<group>.",
        user => 'all',
     },
     parameters => {
@@ -60,9 +60,8 @@ __PACKAGE__->register_method ({
        my $usercfg = cfs_read_file("user.cfg");
        my $authuser = $rpcenv->get_user();
 
-       my $privs = [ 'User.Add', 'Sys.Audit' ];
+       my $privs = [ 'User.Allocate', 'Sys.Audit' ];
        my $allow = $rpcenv->check_any($authuser, "/access", $privs, 1);
-       syslog("info", "TEST $allow");
        my $allowed_groups = $rpcenv->filter_groups($authuser, $privs, 1);
  
        foreach my $group (keys %{$usercfg->{groups}}) {
@@ -149,10 +148,10 @@ __PACKAGE__->register_method ({
                die "group '$group' does not exist\n" 
                    if !$data;
 
-               $data->{comment} = $param->{comment} if $param->{comment};
+               $data->{comment} = $param->{comment} if defined($param->{comment});
                
                cfs_write_file("user.cfg", $usercfg);
-           }, "create group failed");
+           }, "update group failed");
 
        return undef;
     }});