add VM.Replicate privilege

Currently, guest replication is guarded with Datastore.Allocate on
'/storage', which is rather surprising. One could require
Datastore.AllocateSpace on all involved storages, but having a
dedicated privilege like for other VM operations like migration and
snapshot seems to be more natural.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>

src/PVE/AccessControl.pm

@@ -1061,6 +1061,7 @@ my $privgroups = {
             'VM.Clone',
             'VM.GuestAgent.Unrestricted',
             'VM.Migrate',
+            'VM.Replicate',
             'VM.Snapshot',
             'VM.Snapshot.Rollback',
         ],

src/test/perm-test1.pl

@@ -66,8 +66,8 @@ check_permission(
         . 'VM.Allocate,VM.Audit,VM.Backup,VM.Clone,VM.Config.CDROM,VM.Config.CPU,VM.Config.Cloudinit,'
         . 'VM.Config.Disk,VM.Config.HWType,VM.Config.Memory,VM.Config.Network,VM.Config.Options,'
         . 'VM.Console,VM.GuestAgent.Audit,VM.GuestAgent.FileRead,VM.GuestAgent.FileSystemMgmt,'
-        . 'VM.GuestAgent.FileWrite,VM.GuestAgent.Unrestricted,VM.Migrate,VM.PowerMgmt,VM.Snapshot,'
+        . 'VM.GuestAgent.FileWrite,VM.GuestAgent.Unrestricted,VM.Migrate,VM.PowerMgmt,VM.Replicate,'
-        . 'VM.Snapshot.Rollback',
+        . 'VM.Snapshot,VM.Snapshot.Rollback',
 );
 # Administrator -> Permissions.Modify!
 check_permission(
@@ -86,8 +86,8 @@ check_permission(
         . 'VM.Allocate,VM.Audit,VM.Backup,VM.Clone,VM.Config.CDROM,VM.Config.CPU,VM.Config.Cloudinit,'
         . 'VM.Config.Disk,VM.Config.HWType,VM.Config.Memory,VM.Config.Network,VM.Config.Options,'
         . 'VM.Console,VM.GuestAgent.Audit,VM.GuestAgent.FileRead,VM.GuestAgent.FileSystemMgmt,'
-        . 'VM.GuestAgent.FileWrite,VM.GuestAgent.Unrestricted,VM.Migrate,VM.PowerMgmt,VM.Snapshot,'
+        . 'VM.GuestAgent.FileWrite,VM.GuestAgent.Unrestricted,VM.Migrate,VM.PowerMgmt,VM.Replicate,'
-        . 'VM.Snapshot.Rollback',
+        . 'VM.Snapshot,VM.Snapshot.Rollback',
 );
 
 check_roles('max@pve', '/vms/200', 'storage_manager');