rpc: add new invoicePermissions bakery.Op slice for an invoice only macaroon
In this commit, we add a new invoicePermissions slice. This contains all the permission that a holder of an invoice.macaroon is able to access, and no others. We also include read and write access to addresses as this may be useful from the PoV of a merchant or exchange.
This commit is contained in:
Olaoluwa Osuntokun
parent
237ed4fc6e
commit
6c6285344b
20
rpcserver.go
20
rpcserver.go
@ -98,6 +98,26 @@ var (
|
||||
Entity: "info",
|
||||
Action: "write",
|
||||
},
|
||||
// invoicePermissions is a slice of all the entities that allows a user
|
||||
// to only access calls that are related to invoices, so: streaming
|
||||
// RPC's, generating, and listening invoices.
|
||||
invoicePermissions = []bakery.Op{
|
||||
{
|
||||
Entity: "invoices",
|
||||
Action: "read",
|
||||
},
|
||||
{
|
||||
Entity: "invoices",
|
||||
Action: "write",
|
||||
},
|
||||
{
|
||||
Entity: "address",
|
||||
Action: "read",
|
||||
},
|
||||
{
|
||||
Entity: "address",
|
||||
Action: "write",
|
||||
},
|
||||
}
|
||||
|
||||
// permissions maps RPC calls to the permissions they require.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user