macaroons: rename PermissionsConstraint to AllowConstraint
This commit is contained in:
parent
7df503575c
commit
1379488e72
2
lnd.go
2
lnd.go
@ -569,7 +569,7 @@ func genMacaroons(svc *bakery.Service, admFile, roFile string) error {
|
|||||||
|
|
||||||
// Generate the read-only macaroon and write it to a file.
|
// Generate the read-only macaroon and write it to a file.
|
||||||
roMacaroon, err := macaroons.AddConstraints(admMacaroon,
|
roMacaroon, err := macaroons.AddConstraints(admMacaroon,
|
||||||
macaroons.PermissionsConstraint(roPermissions...))
|
macaroons.AllowConstraint(roPermissions...))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -97,7 +97,7 @@ func ValidateMacaroon(ctx context.Context, method string,
|
|||||||
//
|
//
|
||||||
// TODO(aakselrod): Add more checks as required.
|
// TODO(aakselrod): Add more checks as required.
|
||||||
return svc.Check(macaroon.Slice{mac}, checkers.New(
|
return svc.Check(macaroon.Slice{mac}, checkers.New(
|
||||||
PermissionsChecker(method),
|
AllowChecker(method),
|
||||||
TimeoutChecker(),
|
TimeoutChecker(),
|
||||||
IPLockChecker(peerAddr),
|
IPLockChecker(peerAddr),
|
||||||
))
|
))
|
||||||
|
@ -29,17 +29,17 @@ func AddConstraints(mac *macaroon.Macaroon, cs ...Constraint) (*macaroon.Macaroo
|
|||||||
// to the macaroon and adds another restriction to it. For each *Constraint,
|
// to the macaroon and adds another restriction to it. For each *Constraint,
|
||||||
// the corresponding *Checker is provided.
|
// the corresponding *Checker is provided.
|
||||||
|
|
||||||
// PermissionsConstraint restricts allowed operations set to the ones
|
// AllowConstraint restricts allowed operations set to the ones
|
||||||
// passed to it.
|
// passed to it.
|
||||||
func PermissionsConstraint(ops ...string) func(*macaroon.Macaroon) error {
|
func AllowConstraint(ops ...string) func(*macaroon.Macaroon) error {
|
||||||
return func(mac *macaroon.Macaroon) error {
|
return func(mac *macaroon.Macaroon) error {
|
||||||
caveat := checkers.AllowCaveat(ops...)
|
caveat := checkers.AllowCaveat(ops...)
|
||||||
return mac.AddFirstPartyCaveat(caveat.Condition)
|
return mac.AddFirstPartyCaveat(caveat.Condition)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// PermissionsChecker wraps default checkers.OperationChecker.
|
// AllowChecker wraps default checkers.OperationChecker.
|
||||||
func PermissionsChecker(method string) checkers.Checker {
|
func AllowChecker(method string) checkers.Checker {
|
||||||
return checkers.OperationChecker(method)
|
return checkers.OperationChecker(method)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user