From 830ce163c6282b75e32d33d6950fa07006e0354d Mon Sep 17 00:00:00 2001
From: Oliver Gugger <gugger@gmail.com>
Date: Fri, 4 Sep 2020 09:22:47 +0200
Subject: [PATCH] lncli: add new URI permissions to bakemacaroon

---
 cmd/lncli/cmd_macaroon.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/cmd/lncli/cmd_macaroon.go b/cmd/lncli/cmd_macaroon.go
index fe1ce36f..86825ff2 100644
--- a/cmd/lncli/cmd_macaroon.go
+++ b/cmd/lncli/cmd_macaroon.go
@@ -34,6 +34,19 @@ var bakeMacaroonCommand = cli.Command{
 	colon. Multiple operations can be added as arguments, for example:
 
 	lncli bakemacaroon info:read invoices:write foo:bar
+
+	For even more fine-grained permission control, it is also possible to
+	specify single RPC method URIs that are allowed to be accessed by a
+	macaroon. This can be achieved by specifying "uri:<methodURI>" pairs,
+	for example:
+
+	lncli bakemacaroon uri:/lnrpc.Lightning/GetInfo uri:/verrpc.Versioner/GetVersion
+
+	The macaroon created by this command would only be allowed to use the
+	"lncli getinfo" and "lncli version" commands.
+
+	To get a list of all available URIs and permissions, use the
+	"lncli listpermissions" command.
 	`,
 	Flags: []cli.Flag{
 		cli.StringFlag{