instead of silently ignoring the change
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
code => sub {
my ($param) = @_;
code => sub {
my ($param) = @_;
+ my $role = $param->{roleid};
+
+ die "auto-generated role '$role' cannot be modified\n"
+ if PVE::AccessControl::role_is_special($role);
+
PVE::AccessControl::lock_user_config(
sub {
PVE::AccessControl::lock_user_config(
sub {
- my $role = $param->{roleid};
-
my $usercfg = cfs_read_file("user.cfg");
die "role '$role' does not exist\n"
my $usercfg = cfs_read_file("user.cfg");
die "role '$role' does not exist\n"