X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=blobdiff_plain;f=PVE%2FAccessControl.pm;h=44fc0aa924849f11780f427c8d891f26ea975dab;hp=98e2fd6849e68c548f5ebfbb3a9235b6662956d8;hb=b54b7474bbd31dfea36a773b848a343d2d13aedd;hpb=894e6f0c4b166d09f5623c06812edb3ec5e8bf62

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 98e2fd6..44fc0aa 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -14,7 +14,7 @@ use PVE::OTP;
 use PVE::Ticket;
 use PVE::Tools qw(run_command lock_file file_get_contents split_list safe_print);
 use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file);
-use PVE::JSONSchema;
+use PVE::JSONSchema qw(register_standard_option get_standard_option);
 
 use PVE::Auth::Plugin;
 use PVE::Auth::AD;
@@ -22,8 +22,6 @@ use PVE::Auth::LDAP;
 use PVE::Auth::PVE;
 use PVE::Auth::PAM;
 
-use Data::Dumper; # fixme: remove
-
 # load and initialize all plugins
 
 PVE::Auth::AD->register();
@@ -47,7 +45,6 @@ cfs_register_file('user.cfg',
 		  \&parse_user_config,
 		  \&write_user_config);
 
-
 sub verify_username {
     PVE::Auth::Plugin::verify_username(@_);
 }
@@ -174,7 +171,6 @@ sub assemble_spice_ticket {
 	$secret, $username, $vmid, $node);
 }
 
-
 sub verify_spice_connect_url {
     my ($connect_str) = @_;
 
@@ -406,6 +402,7 @@ my $privgroups = {
 	    'VM.Migrate',
 	    'VM.Monitor',
 	    'VM.Snapshot',
+	    'VM.Snapshot.Rollback',
 	],
 	user => [
 	    'VM.Config.CDROM', # change CDROM media
@@ -504,7 +501,7 @@ create_roles();
 
 sub role_is_special {
     my ($role) = @_;
-    return exists $special_roles->{$role};
+    return (exists $special_roles->{$role}) ? 1 : 0;
 }
 
 sub add_role_privs {
@@ -539,7 +536,6 @@ sub normalize_path {
     return $path;
 }
 
-
 PVE::JSONSchema::register_format('pve-groupid', \&verify_groupname);
 sub verify_groupname {
     my ($groupname, $noerr) = @_;
@@ -568,7 +564,7 @@ sub verify_rolename {
     return $rolename;
 }
 
-PVE::JSONSchema::register_format('pve-poolid', \&verify_groupname);
+PVE::JSONSchema::register_format('pve-poolid', \&verify_poolname);
 sub verify_poolname {
     my ($poolname, $noerr) = @_;
 
@@ -1082,6 +1078,10 @@ sub remove_vm_from_pool {
 
 # bash completion helpers
 
+register_standard_option('userid-completed',
+    get_standard_option('userid', { completion => \&complete_username}),
+);
+
 sub complete_username {
 
     my $user_cfg = cfs_read_file('user.cfg');