Onyx-Protocol · iampogo · Apr 26, 2017 · Apr 26, 2017 · Apr 26, 2017
diff --git a/cmd/corectl/main.go b/cmd/corectl/main.go
@@ -227,7 +227,7 @@ func createToken(client *rpc.Client, args []string) {
 	case len(args) == 2:
 		grant.Policy = args[1]
 	case *flagNet:
-		grant.Policy = "crosscore-readonly"
+		grant.Policy = "crosscore"
 		fmt.Fprintln(os.Stderr, "warning: the network flag is deprecated")
 	default:
 		grant.Policy = "client-readwrite"

diff --git a/core/access_tokens.go b/core/access_tokens.go
@@ -46,7 +46,7 @@ func (a *API) createAccessToken(ctx context.Context, x struct{ ID, Type string }
 		grant = authz.Grant{
 			GuardType: "access_token",
 			GuardData: guardData,
-			Policy:    "crosscore-readonly",
+			Policy:    "crosscore",
 		}
 	default:
 		// We've already returned if x.Type wasn't specified, so this must be a bad type.

diff --git a/core/authz.go b/core/authz.go
@@ -5,7 +5,7 @@ const grantPrefix = "/core/grant/"
 var policies = []string{
 	"client-readwrite",
 	"client-readonly",
-	"crosscore-readonly",
+	"crosscore",
 	"monitoring",
 	"internal",
 	"public",
@@ -39,12 +39,12 @@ var policyByRoute = map[string][]string{
 	"/list-unspent-outputs":   {"client-readwrite", "client-readonly"},
 	"/reset":                  {"client-readwrite", "internal"},
 
-	networkRPCPrefix + "submit":            {"crosscore-readonly"},
-	networkRPCPrefix + "get-block":         {"crosscore-readonly"},
-	networkRPCPrefix + "get-snapshot-info": {"crosscore-readonly"},
-	networkRPCPrefix + "get-snapshot":      {"crosscore-readonly"},
-	networkRPCPrefix + "signer/sign-block": {"crosscore-readonly"}, // TODO(tessr): make this crosscore-signblock
-	networkRPCPrefix + "block-height":      {"crosscore-readonly"},
+	networkRPCPrefix + "submit":            {"crosscore"},
+	networkRPCPrefix + "get-block":         {"crosscore"},
+	networkRPCPrefix + "get-snapshot-info": {"crosscore"},
+	networkRPCPrefix + "get-snapshot":      {"crosscore"},
+	networkRPCPrefix + "signer/sign-block": {"crosscore"}, // TODO(tessr): make this crosscore-signblock
+	networkRPCPrefix + "block-height":      {"crosscore"},
 
 	"/list-authorization-grants":  {"client-readwrite", "client-readonly"},
 	"/create-authorization-grant": {"client-readwrite"},
@@ -53,7 +53,7 @@ var policyByRoute = map[string][]string{
 	"/list-access-tokens":         {"client-readwrite", "client-readonly"},
 	"/delete-access-token":        {"client-readwrite"},
 	"/configure":                  {"client-readwrite", "internal"},
-	"/info":                       {"client-readwrite", "client-readonly", "crosscore-readonly", "monitoring"},
+	"/info":                       {"client-readwrite", "client-readonly", "crosscore", "monitoring"},
 
 	"/debug/vars":          {"client-readwrite", "client-readonly", "monitoring"}, // should monitoring endpoints also be available to any other policy-holders?
 	"/debug/pprof":         {"client-readwrite", "client-readonly", "monitoring"},

diff --git a/core/authz_test.go b/core/authz_test.go
@@ -57,7 +57,7 @@ func TestAuthz(t *testing.T) {
 	testPolicies := []string{
 		"client-readwrite",
 		"client-readonly",
-		"crosscore-readonly",
+		"crosscore",
 		"monitoring",
 		"internal",
 		"public",
@@ -81,68 +81,68 @@ func TestAuthz(t *testing.T) {
 
 	pathTokenMap := map[string]map[string]bool{
 		"/create-account": map[string]bool{
-			"client-readwrite":   true,
-			"client-readonly":    false,
-			"crosscore-readonly": false,
-			"monitoring":         false,
-			"internal":           false,
-			"public":             false,
+			"client-readwrite": true,
+			"client-readonly":  false,
+			"crosscore":        false,
+			"monitoring":       false,
+			"internal":         false,
+			"public":           false,
 		},
 		"/list-accounts": map[string]bool{
-			"client-readwrite":   true,
-			"client-readonly":    true,
-			"crosscore-readonly": false,
-			"monitoring":         false,
-			"internal":           false,
-			"public":             false,
+			"client-readwrite": true,
+			"client-readonly":  true,
+			"crosscore":        false,
+			"monitoring":       false,
+			"internal":         false,
+			"public":           false,
 		},
 		"/reset": map[string]bool{
-			"client-readwrite":   true,
-			"client-readonly":    false,
-			"crosscore-readonly": false,
-			"monitoring":         false,
-			"internal":           true,
-			"public":             false,
+			"client-readwrite": true,
+			"client-readonly":  false,
+			"crosscore":        false,
+			"monitoring":       false,
+			"internal":         true,
+			"public":           false,
 		},
 		networkRPCPrefix + "get-block": map[string]bool{
-			"client-readwrite":   false,
-			"client-readonly":    false,
-			"crosscore-readonly": true,
-			"monitoring":         false,
-			"internal":           false,
-			"public":             false,
+			"client-readwrite": false,
+			"client-readonly":  false,
+			"crosscore":        true,
+			"monitoring":       false,
+			"internal":         false,
+			"public":           false,
 		},
 		"/info": map[string]bool{
-			"client-readwrite":   true,
-			"client-readonly":    true,
-			"crosscore-readonly": true,
-			"monitoring":         true,
-			"internal":           false,
-			"public":             false,
+			"client-readwrite": true,
+			"client-readonly":  true,
+			"crosscore":        true,
+			"monitoring":       true,
+			"internal":         false,
+			"public":           false,
 		},
 		"/debug/pprof/symbol": map[string]bool{
-			"client-readwrite":   true,
-			"client-readonly":    true,
-			"crosscore-readonly": false,
-			"monitoring":         true,
-			"internal":           false,
-			"public":             false,
+			"client-readwrite": true,
+			"client-readonly":  true,
+			"crosscore":        false,
+			"monitoring":       true,
+			"internal":         false,
+			"public":           false,
 		},
 		"/raft/msg": map[string]bool{
-			"client-readwrite":   false,
-			"client-readonly":    false,
-			"crosscore-readonly": false,
-			"monitoring":         false,
-			"internal":           true,
-			"public":             false,
+			"client-readwrite": false,
+			"client-readonly":  false,
+			"crosscore":        false,
+			"monitoring":       false,
+			"internal":         true,
+			"public":           false,
 		},
 		"/dashboard": map[string]bool{ // public is open to all
-			"client-readwrite":   true,
-			"client-readonly":    true,
-			"crosscore-readonly": true,
-			"monitoring":         true,
-			"internal":           true,
-			"public":             true,
+			"client-readwrite": true,
+			"client-readonly":  true,
+			"crosscore":        true,
+			"monitoring":       true,
+			"internal":         true,
+			"public":           true,
 		},
 	}
 

diff --git a/core/config/config.go b/core/config/config.go
@@ -323,7 +323,7 @@ func migrateAccessTokens(ctx context.Context, db pg.DB, rDB *raft.Service) error
 		case "client":
 			grant.Policy = "client-readwrite"
 		case "network":
-			grant.Policy = "crosscore-readonly"
+			grant.Policy = "crosscore"
 		}
 		_, err = authz.StoreGrant(ctx, rDB, grant, grantPrefix)
 		if err != nil {

diff --git a/net/http/authz/loopback_authz.go b/net/http/authz/loopback_authz.go
@@ -7,7 +7,7 @@ func init() {
 		&Grant{GuardType: "localhost", Policy: "client-readwrite"},
 		&Grant{GuardType: "localhost", Policy: "client-readonly"},
 		&Grant{GuardType: "localhost", Policy: "monitoring"},
-		&Grant{GuardType: "localhost", Policy: "crosscore-readonly"},
+		&Grant{GuardType: "localhost", Policy: "crosscore"},
 		&Grant{GuardType: "localhost", Policy: "internal"},
 	)
 }