multi: add withAllSubServers param to perms.NewManager

ellemouton · ellemouton · commit bee2d629448d · 2023-01-11T17:03:04.000+02:00
In this commit, a new withAllSubServers option is added to the
perms.NewManager function. If its value is true, then all LND's
subserver permissions will be added to the active permissions set
regardless of whether LND was actually compiled with the necessary build
tags. This is useful for Lit clients who perhaps can never know which
sub-servers LND was compiled with and so want to assume that it was
compiled with all.
diff --git a/itest/litd_mode_integrated_test.go b/itest/litd_mode_integrated_test.go
@@ -974,7 +974,7 @@ func bakeSuperMacaroon(cfg *LitNodeConfig, readOnly bool) (string, error) {
 	lndAdminCtx := macaroonContext(ctxt, lndAdminMacBytes)
 	lndConn := lnrpc.NewLightningClient(rawConn)
 
-	permsMgr, err := perms.NewManager()
+	permsMgr, err := perms.NewManager(false)
 	if err != nil {
 		return "", err
 	}
diff --git a/perms/permissions.go b/perms/permissions.go
@@ -135,8 +135,12 @@ type Manager struct {
 }
 
 // NewManager constructs a new Manager instance and collects any of the fixed
-// permissions.
-func NewManager() (*Manager, error) {
+// permissions. If withAllSubServers is true, then all the LND sub-server
+// permissions will be added to the available permissions set regardless of
+// whether LND was compiled with those sub-servers. If it is not set, however,
+// then OnLNDBuildTags can be used to specify the exact sub-servers that LND
+// was compiled with and then only the corresponding permissions will be added.
+func NewManager(withAllSubServers bool) (*Manager, error) {
 	permissions := make(map[subServerName]map[string][]bakery.Op)
 	permissions[faradayPerms] = faraday.RequiredPermissions
 	permissions[loopPerms] = loop.RequiredPermissions
@@ -166,8 +170,11 @@ func NewManager() (*Manager, error) {
 
 			// If this sub-server is one that we know is
 			// automatically compiled in LND then we add it to our
-			// map of active permissions.
-			if lndAutoCompiledSubServers[name] {
+			// map of active permissions. We also add the permission
+			// if withAllSubServers is true.
+			if withAllSubServers ||
+				lndAutoCompiledSubServers[name] {
+
 				permissions[lndPerms][key] = value
 			}
 		}
diff --git a/terminal.go b/terminal.go
@@ -212,7 +212,7 @@ func (g *LightningTerminal) Run() error {
 	defer g.errQueue.Stop()
 
 	// Construct a new Manager.
-	g.permsMgr, err = perms.NewManager()
+	g.permsMgr, err = perms.NewManager(false)
 	if err != nil {
 		return fmt.Errorf("could not create permissions manager")
 	}

Original file line number	Diff line number	Diff line change
`@@ -974,7 +974,7 @@ func bakeSuperMacaroon(cfg *LitNodeConfig, readOnly bool) (string, error) {`
`974`	`974`	`lndAdminCtx := macaroonContext(ctxt, lndAdminMacBytes)`
`975`	`975`	`lndConn := lnrpc.NewLightningClient(rawConn)`
`976`	`976`
`977`		`- permsMgr, err := perms.NewManager()`
	`977`	`+ permsMgr, err := perms.NewManager(false)`
`978`	`978`	`if err != nil {`
`979`	`979`	`return "", err`
`980`	`980`	`}`
Original file line number	Diff line number	Diff line change
`@@ -212,7 +212,7 @@ func (g *LightningTerminal) Run() error {`
`212`	`212`	`defer g.errQueue.Stop()`
`213`	`213`
`214`	`214`	`// Construct a new Manager.`
`215`		`- g.permsMgr, err = perms.NewManager()`
	`215`	`+ g.permsMgr, err = perms.NewManager(false)`
`216`	`216`	`if err != nil {`
`217`	`217`	`return fmt.Errorf("could not create permissions manager")`
`218`	`218`	`}`