foreach my $role (keys %{$usercfg->{roles}}) {
my $privs = join(',', sort keys %{$usercfg->{roles}->{$role}});
- push @$res, { roleid => $role, privs => $privs,
- special => PVE::AccessControl::role_is_special($role) };
+ push @$res, {
+ roleid => $role,
+ privs => $privs,
+ special => PVE::AccessControl::role_is_special($role),
+ };
}
return $res;
code => sub {
my ($param) = @_;
- PVE::AccessControl::lock_user_config(
- sub {
+ my $role = $param->{roleid};
- my $role = $param->{roleid};
+ die "auto-generated role '$role' cannot be deleted\n"
+ if PVE::AccessControl::role_is_special($role);
+ PVE::AccessControl::lock_user_config(
+ sub {
my $usercfg = cfs_read_file("user.cfg");
die "role '$role' does not exist\n"
if !$usercfg->{roles}->{$role};
- die "auto-generated role '$role' can not be deleted\n"
- if PVE::AccessControl::role_is_special($role);
-
delete ($usercfg->{roles}->{$role});
# fixme: delete role from acl?