File tree Expand file tree Collapse file tree 3 files changed +88
-87
lines changed Expand file tree Collapse file tree 3 files changed +88
-87
lines changed Original file line number Diff line number Diff line change @@ -15,6 +15,7 @@ import (
1515 proxy "github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
1616 "github.com/lightninglabs/lndclient"
1717 "github.com/lightninglabs/loop"
18+ "github.com/lightninglabs/loop/loopd/perms"
1819 "github.com/lightninglabs/loop/loopdb"
1920 "github.com/lightninglabs/loop/looprpc"
2021 "github.com/lightningnetwork/lnd/lntypes"
@@ -379,7 +380,7 @@ func (d *Daemon) initialize(withMacaroonService bool) error {
379380 // Add our debug permissions to our main set of required permissions
380381 // if compiled in.
381382 for endpoint , perm := range debugRequiredPermissions {
382- RequiredPermissions [endpoint ] = perm
383+ perms . RequiredPermissions [endpoint ] = perm
383384 }
384385
385386 if withMacaroonService {
@@ -395,7 +396,7 @@ func (d *Daemon) initialize(withMacaroonService bool) error {
395396 Checkers : []macaroons.Checker {
396397 macaroons .IPLockChecker ,
397398 },
398- RequiredPerms : RequiredPermissions ,
399+ RequiredPerms : perms . RequiredPermissions ,
399400 DBPassword : macDbDefaultPw ,
400401 LndClient : & d .lnd .LndServices ,
401402 EphemeralKey : lndclient .SharedKeyNUMS ,
Original file line number Diff line number Diff line change 11package loopd
22
3- import (
4- "gopkg.in/macaroon-bakery.v2/bakery"
5- )
6-
73const (
84 // loopMacaroonLocation is the value we use for the loopd macaroons'
95 // "Location" field when baking them.
106 loopMacaroonLocation = "loop"
117)
128
139var (
14- // RequiredPermissions is a map of all loop RPC methods and their
15- // required macaroon permissions to access loopd.
16- RequiredPermissions = map [string ][]bakery.Op {
17- "/looprpc.SwapClient/LoopOut" : {{
18- Entity : "swap" ,
19- Action : "execute" ,
20- }, {
21- Entity : "loop" ,
22- Action : "out" ,
23- }},
24- "/looprpc.SwapClient/LoopIn" : {{
25- Entity : "swap" ,
26- Action : "execute" ,
27- }, {
28- Entity : "loop" ,
29- Action : "in" ,
30- }},
31- "/looprpc.SwapClient/Monitor" : {{
32- Entity : "swap" ,
33- Action : "read" ,
34- }},
35- "/looprpc.SwapClient/ListSwaps" : {{
36- Entity : "swap" ,
37- Action : "read" ,
38- }},
39- "/looprpc.SwapClient/SwapInfo" : {{
40- Entity : "swap" ,
41- Action : "read" ,
42- }},
43- "/looprpc.SwapClient/LoopOutTerms" : {{
44- Entity : "terms" ,
45- Action : "read" ,
46- }, {
47- Entity : "loop" ,
48- Action : "out" ,
49- }},
50- "/looprpc.SwapClient/LoopOutQuote" : {{
51- Entity : "swap" ,
52- Action : "read" ,
53- }, {
54- Entity : "loop" ,
55- Action : "out" ,
56- }},
57- "/looprpc.SwapClient/GetLoopInTerms" : {{
58- Entity : "terms" ,
59- Action : "read" ,
60- }, {
61- Entity : "loop" ,
62- Action : "in" ,
63- }},
64- "/looprpc.SwapClient/GetLoopInQuote" : {{
65- Entity : "swap" ,
66- Action : "read" ,
67- }, {
68- Entity : "loop" ,
69- Action : "in" ,
70- }},
71- "/looprpc.SwapClient/GetLsatTokens" : {{
72- Entity : "auth" ,
73- Action : "read" ,
74- }},
75- "/looprpc.SwapClient/SuggestSwaps" : {{
76- Entity : "suggestions" ,
77- Action : "read" ,
78- }},
79- "/looprpc.SwapClient/GetLiquidityParams" : {{
80- Entity : "suggestions" ,
81- Action : "read" ,
82- }},
83- "/looprpc.SwapClient/SetLiquidityParams" : {{
84- Entity : "suggestions" ,
85- Action : "write" ,
86- }},
87- "/looprpc.SwapClient/Probe" : {{
88- Entity : "swap" ,
89- Action : "execute" ,
90- }, {
91- Entity : "loop" ,
92- Action : "in" ,
93- }},
94- }
9510
9611 // macDbDefaultPw is the default encryption password used to encrypt the
9712 // loop macaroon database. The macaroon service requires us to set a
Original file line number Diff line number Diff line change 1+ package perms
2+
3+ import "gopkg.in/macaroon-bakery.v2/bakery"
4+
5+ // RequiredPermissions is a map of all loop RPC methods and their
6+ // required macaroon permissions to access loopd.
7+ var RequiredPermissions = map [string ][]bakery.Op {
8+ "/looprpc.SwapClient/LoopOut" : {{
9+ Entity : "swap" ,
10+ Action : "execute" ,
11+ }, {
12+ Entity : "loop" ,
13+ Action : "out" ,
14+ }},
15+ "/looprpc.SwapClient/LoopIn" : {{
16+ Entity : "swap" ,
17+ Action : "execute" ,
18+ }, {
19+ Entity : "loop" ,
20+ Action : "in" ,
21+ }},
22+ "/looprpc.SwapClient/Monitor" : {{
23+ Entity : "swap" ,
24+ Action : "read" ,
25+ }},
26+ "/looprpc.SwapClient/ListSwaps" : {{
27+ Entity : "swap" ,
28+ Action : "read" ,
29+ }},
30+ "/looprpc.SwapClient/SwapInfo" : {{
31+ Entity : "swap" ,
32+ Action : "read" ,
33+ }},
34+ "/looprpc.SwapClient/LoopOutTerms" : {{
35+ Entity : "terms" ,
36+ Action : "read" ,
37+ }, {
38+ Entity : "loop" ,
39+ Action : "out" ,
40+ }},
41+ "/looprpc.SwapClient/LoopOutQuote" : {{
42+ Entity : "swap" ,
43+ Action : "read" ,
44+ }, {
45+ Entity : "loop" ,
46+ Action : "out" ,
47+ }},
48+ "/looprpc.SwapClient/GetLoopInTerms" : {{
49+ Entity : "terms" ,
50+ Action : "read" ,
51+ }, {
52+ Entity : "loop" ,
53+ Action : "in" ,
54+ }},
55+ "/looprpc.SwapClient/GetLoopInQuote" : {{
56+ Entity : "swap" ,
57+ Action : "read" ,
58+ }, {
59+ Entity : "loop" ,
60+ Action : "in" ,
61+ }},
62+ "/looprpc.SwapClient/GetLsatTokens" : {{
63+ Entity : "auth" ,
64+ Action : "read" ,
65+ }},
66+ "/looprpc.SwapClient/SuggestSwaps" : {{
67+ Entity : "suggestions" ,
68+ Action : "read" ,
69+ }},
70+ "/looprpc.SwapClient/GetLiquidityParams" : {{
71+ Entity : "suggestions" ,
72+ Action : "read" ,
73+ }},
74+ "/looprpc.SwapClient/SetLiquidityParams" : {{
75+ Entity : "suggestions" ,
76+ Action : "write" ,
77+ }},
78+ "/looprpc.SwapClient/Probe" : {{
79+ Entity : "swap" ,
80+ Action : "execute" ,
81+ }, {
82+ Entity : "loop" ,
83+ Action : "in" ,
84+ }},
85+ }
You can’t perform that action at this time.
0 commit comments