feat(frontend): check permission on frontend

rvd_front.pl

@@ -438,7 +438,7 @@ get '/machine/pause/(:id).(:type)' => sub {
 
 get '/machine/hybernate/(:id).(:type)' => sub {
         my $c = shift;
-	return access_denied($c)   if !$USER ->can_hibernate_all();
+	return access_denied($c)   if !$USER ->is_admin();
         return hybernate_machine($c);
 };
 

templates/main/admin_machines.html.ep

@@ -245,7 +245,7 @@
                          <i class="fa fa-play"></i>
                         </a>
 %				}
-%		if ($_user-> can_hibernate_all){
+%		if ($_user->is_admin){
                         <a type="button" class="btn btn-warning btn-sm"
                          ng-click="action('machine','hybernate',machine.id)"
                          ng-disabled="!machine.is_active"

templates/main/list_bases2.html.ep

@@ -97,7 +97,7 @@
 
 %                   }
 %                   if ( $machine->{id_clone}) {
-%			if ($user->can_change_settings){
+%			if ($user->can_change_settings || $user->can_change_settings_all){
                         <a align="right" href="/machine/settings/<%= $machine->{id_clone} %>.html"><i class="fa fa-fw fa-cog" title="<%=l 'Settings' %>"></a></i>
 %      							}
                     <div ng-show="host_restore == <%= $machine->{id_clone} %>">

templates/main/settings_machine_tabs_head.html.ep

@@ -17,7 +17,7 @@
 %   if ($domain->drivers && $USER->can_change_settings) {
         <li class="nav"><a href="#graphics" data-toggle="tab"><%=l 'Graphics' %></a></li>
 %   }
-%   if ($USER->can_clone_all){
+%   if ($USER->is_admin){
         <li class="nav"><a href="#copy" data-toggle="tab"><%=l 'Copy' %></a></li>
 %   }
 %   if ( $USER->can_remove || $USER->can_remove_clone_all ) {