properly register pve-poolid format

[pve-access-control.git] / PVE / AccessControl.pm

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 7d02cdf27494b64a237963db408a6a28eca38517..f0fb7dc3873117c89cbb5dcd07e9475686add02a 100644 (file)
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -22,8 +22,6 @@ use PVE::Auth::LDAP;
 use PVE::Auth::PVE;
 use PVE::Auth::PAM;
 
-use Data::Dumper; # fixme: remove
-
 # load and initialize all plugins
 
 PVE::Auth::AD->register();
@@ -47,7 +45,6 @@ cfs_register_file('user.cfg',
                  \&parse_user_config,
                  \&write_user_config);
 
-
 sub verify_username {
     PVE::Auth::Plugin::verify_username(@_);
 }
@@ -174,7 +171,6 @@ sub assemble_spice_ticket {
        $secret, $username, $vmid, $node);
 }
 
-
 sub verify_spice_connect_url {
     my ($connect_str) = @_;
 
@@ -406,6 +402,7 @@ my $privgroups = {
            'VM.Migrate',
            'VM.Monitor',
            'VM.Snapshot',
+           'VM.Snapshot.Rollback',
        ],
        user => [
            'VM.Config.CDROM', # change CDROM media
@@ -502,6 +499,11 @@ sub create_roles {
 
 create_roles();
 
+sub role_is_special {
+    my ($role) = @_;
+    return exists $special_roles->{$role};
+}
+
 sub add_role_privs {
     my ($role, $usercfg, $privs) = @_;
 
@@ -534,7 +536,6 @@ sub normalize_path {
     return $path;
 }
 
-
 PVE::JSONSchema::register_format('pve-groupid', \&verify_groupname);
 sub verify_groupname {
     my ($groupname, $noerr) = @_;
@@ -563,7 +564,7 @@ sub verify_rolename {
     return $rolename;
 }
 
-PVE::JSONSchema::register_format('pve-poolid', \&verify_groupname);
+PVE::JSONSchema::register_format('pve-poolid', \&verify_poolname);
 sub verify_poolname {
     my ($poolname, $noerr) = @_;