src/config/acl.rs: introduce more/better datastore privileges

src/api2/backup.rs

@@ -14,7 +14,7 @@ use crate::tools::{self, WrappedReaderStream};
 use crate::server::{WorkerTask, H2Service};
 use crate::backup::*;
 use crate::api2::types::*;
-use crate::config::acl::PRIV_DATASTORE_ALLOCATE_SPACE;
+use crate::config::acl::PRIV_DATASTORE_CREATE_BACKUP;
 use crate::config::cached_user_info::CachedUserInfo;
 
 mod environment;
@@ -41,7 +41,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new(
     )
 ).access(
     // Note: parameter 'store' is no uri parameter, so we need to test inside function body
-    Some("The user needs Datastore.AllocateSpace privilege on /datastore/{store}."),
+    Some("The user needs Datastore.CreateBackup privilege on /datastore/{store}."),
     &Permission::Anybody
 );
 
@@ -61,7 +61,7 @@ fn upgrade_to_backup_protocol(
     let store = tools::required_string_param(&param, "store")?.to_owned();
 
     let user_info = CachedUserInfo::new()?;
-    user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?;
+    user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_CREATE_BACKUP, false)?;
 
     let datastore = DataStore::lookup_datastore(&store)?;