rpc: add new invoicePermissions bakery.Op slice for an invoice only macaroon
In this commit, we add a new invoicePermissions slice. This contains all the permission that a holder of an invoice.macaroon is able to access, and no others. We also include read and write access to addresses as this may be useful from the PoV of a merchant or exchange.
This commit is contained in:
parent
237ed4fc6e
commit
6c6285344b
20
rpcserver.go
20
rpcserver.go
@ -98,6 +98,26 @@ var (
|
|||||||
Entity: "info",
|
Entity: "info",
|
||||||
Action: "write",
|
Action: "write",
|
||||||
},
|
},
|
||||||
|
// invoicePermissions is a slice of all the entities that allows a user
|
||||||
|
// to only access calls that are related to invoices, so: streaming
|
||||||
|
// RPC's, generating, and listening invoices.
|
||||||
|
invoicePermissions = []bakery.Op{
|
||||||
|
{
|
||||||
|
Entity: "invoices",
|
||||||
|
Action: "read",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Entity: "invoices",
|
||||||
|
Action: "write",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Entity: "address",
|
||||||
|
Action: "read",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Entity: "address",
|
||||||
|
Action: "write",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// permissions maps RPC calls to the permissions they require.
|
// permissions maps RPC calls to the permissions they require.
|
||||||
|
Loading…
Reference in New Issue
Block a user