signrpc+rpcserver: add signer macaroon permissions

This commit is contained in:
Oliver Gugger 2019-12-11 09:54:49 +01:00
parent 9a73b9be78
commit 95226771ed
No known key found for this signature in database
GPG Key ID: 8E4256593F177720
2 changed files with 16 additions and 0 deletions

@ -38,6 +38,10 @@ var (
Entity: "signer", Entity: "signer",
Action: "generate", Action: "generate",
}, },
{
Entity: "signer",
Action: "read",
},
} }
// macPermissions maps RPC calls to the permissions they require. // macPermissions maps RPC calls to the permissions they require.
@ -50,6 +54,14 @@ var (
Entity: "signer", Entity: "signer",
Action: "generate", Action: "generate",
}}, }},
"/signrpc.Signer/SignMessage": {{
Entity: "signer",
Action: "generate",
}},
"/signrpc.Signer/VerifyMessage": {{
Entity: "signer",
Action: "read",
}},
} }
// DefaultSignerMacFilename is the default name of the signer macaroon // DefaultSignerMacFilename is the default name of the signer macaroon

@ -115,6 +115,10 @@ var (
Entity: "invoices", Entity: "invoices",
Action: "read", Action: "read",
}, },
{
Entity: "signer",
Action: "read",
},
} }
// writePermissions is a slice of all entities that allow write // writePermissions is a slice of all entities that allow write