Merge pull request #371 from ellemouton/movePermsToOwnDir

multi: move RequiredPermissions to dedicated dir
lightninglabs · Jun 15, 2022 · 160ae45 · 160ae45
2 parents 19eed44 + 92d4aa0
commit 160ae45
Show file tree

Hide file tree

Showing 3 changed files with 137 additions and 136 deletions.
diff --git a/macaroons.go b/macaroons.go
@@ -1,146 +1,12 @@
 package pool
 
-import (
-	"gopkg.in/macaroon-bakery.v2/bakery"
-)
-
 const (
 	// poolMacaroonLocation is the value we use for the pool macaroons'
 	// "Location" field when baking them.
 	poolMacaroonLocation = "pool"
 )
 
 var (
-	// RequiredPermissions is a map of all pool RPC methods and their
-	// required macaroon permissions to access poold.
-	RequiredPermissions = map[string][]bakery.Op{
-		"/poolrpc.Trader/GetInfo": {{
-			Entity: "account",
-			Action: "read",
-		}, {
-			Entity: "order",
-			Action: "read",
-		}, {
-			Entity: "auction",
-			Action: "read",
-		}, {
-			Entity: "auth",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/StopDaemon": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/QuoteAccount": {{
-			Entity: "account",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/InitAccount": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/ListAccounts": {{
-			Entity: "account",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/CloseAccount": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/WithdrawAccount": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/DepositAccount": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/RenewAccount": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/BumpAccountFee": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/RecoverAccounts": {{
-			Entity: "account",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/SubmitOrder": {{
-			Entity: "order",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/ListOrders": {{
-			Entity: "order",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/CancelOrder": {{
-			Entity: "order",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/QuoteOrder": {{
-			Entity: "order",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/AuctionFee": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/Leases": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/BatchSnapshot": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/GetLsatTokens": {{
-			Entity: "auth",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/LeaseDurations": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/NextBatchInfo": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/NodeRatings": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/BatchSnapshots": {{
-			Entity: "auction",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/OfferSidecar": {{
-			Entity: "order",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/RegisterSidecar": {{
-			Entity: "order",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/ExpectSidecarChannel": {{
-			Entity: "order",
-			Action: "write",
-		}},
-		"/poolrpc.Trader/DecodeSidecarTicket": {{
-			Entity: "order",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/ListSidecars": {{
-			Entity: "order",
-			Action: "read",
-		}},
-		"/poolrpc.Trader/CancelSidecar": {{
-			Entity: "order",
-			Action: "write",
-		}},
-	}
-
 	// macDbDefaultPw is the default encryption password used to encrypt the
 	// pool macaroon database. The macaroon service requires us to set a
 	// non-nil password so we set it to an empty string. This will cause the

diff --git a/perms/perms.go b/perms/perms.go
@@ -0,0 +1,133 @@
+package perms
+
+import "gopkg.in/macaroon-bakery.v2/bakery"
+
+// RequiredPermissions is a map of all pool RPC methods and their required
+// macaroon permissions to access poold.
+var RequiredPermissions = map[string][]bakery.Op{
+	"/poolrpc.Trader/GetInfo": {{
+		Entity: "account",
+		Action: "read",
+	}, {
+		Entity: "order",
+		Action: "read",
+	}, {
+		Entity: "auction",
+		Action: "read",
+	}, {
+		Entity: "auth",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/StopDaemon": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/QuoteAccount": {{
+		Entity: "account",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/InitAccount": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/ListAccounts": {{
+		Entity: "account",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/CloseAccount": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/WithdrawAccount": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/DepositAccount": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/RenewAccount": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/BumpAccountFee": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/RecoverAccounts": {{
+		Entity: "account",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/SubmitOrder": {{
+		Entity: "order",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/ListOrders": {{
+		Entity: "order",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/CancelOrder": {{
+		Entity: "order",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/QuoteOrder": {{
+		Entity: "order",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/AuctionFee": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/Leases": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/BatchSnapshot": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/GetLsatTokens": {{
+		Entity: "auth",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/LeaseDurations": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/NextBatchInfo": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/NodeRatings": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/BatchSnapshots": {{
+		Entity: "auction",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/OfferSidecar": {{
+		Entity: "order",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/RegisterSidecar": {{
+		Entity: "order",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/ExpectSidecarChannel": {{
+		Entity: "order",
+		Action: "write",
+	}},
+	"/poolrpc.Trader/DecodeSidecarTicket": {{
+		Entity: "order",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/ListSidecars": {{
+		Entity: "order",
+		Action: "read",
+	}},
+	"/poolrpc.Trader/CancelSidecar": {{
+		Entity: "order",
+		Action: "write",
+	}},
+}
diff --git a/server.go b/server.go
@@ -14,6 +14,8 @@ import (
 	"sync"
 	"sync/atomic"
 
+	"github.com/lightninglabs/pool/perms"
+
 	"github.com/btcsuite/btcd/btcec/v2"
 	proxy "github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
 	"github.com/lightninglabs/aperture/lsat"
@@ -163,7 +165,7 @@ func (s *Server) Start() error {
 			Checkers: []macaroons.Checker{
 				macaroons.IPLockChecker,
 			},
-			RequiredPerms: RequiredPermissions,
+			RequiredPerms: perms.RequiredPermissions,
 			DBPassword:    macDbDefaultPw,
 			LndClient:     &s.lndServices.LndServices,
 			EphemeralKey:  lndclient.SharedKeyNUMS,
@@ -378,7 +380,7 @@ func (s *Server) StartAsSubserver(lndClient lnrpc.LightningClient,
 				Checkers: []macaroons.Checker{
 					macaroons.IPLockChecker,
 				},
-				RequiredPerms: RequiredPermissions,
+				RequiredPerms: perms.RequiredPermissions,
 				DBPassword:    macDbDefaultPw,
 				LndClient:     &s.lndServices.LndServices,
 				EphemeralKey:  lndclient.SharedKeyNUMS,