Restrict access

Restrict access to Anchor instructions
1. Annotate Anchor instruction with an access rule
2. Add required Sol Cerberus accounts

Now that we have added permissions, we can restrict the access to our Anchor program.

Restrict access to Anchor instructions

Restricting access to Anchor instructions is a two steps process:

Annotate the Anchor instruction with the corresponding access rule.
Add the required Sol Cerberus accounts.

Annotate Anchor instruction with an access rule

Simply add the #[rule(RESOURCE, PERMISSION)] annotation on top of the Anchor function that you want to limit access to, replacing RESOURCE and PERMISSION by your own ones.

For instance we used #[rule(Square, Add)] in our demo program:

use sol_cerberus_macros::rule;

#[program]
pub mod sol_cerberus_demo {

    use super::*;

    #[rule(Square, Add)]
    pub fn add_square(ctx: Context<Add>, color: String, size: u16) -> Result<()> {
        instructions::add::add(ctx, "square", &color, size)
    }

}

Add required Sol Cerberus accounts

Now we need to add the Sol Cerberus accounts required for authentication. Apply the #[sol_cerberus_accounts] annotation to the corresponding instruction’s Accounts struct.

Check out a real world example from our demo program:

#[program]
use sol_cerberus_macros::sol_cerberus_accounts;

#[sol_cerberus_accounts]
#[derive(Accounts)]
pub struct Add<'info> {
    ... /// Your accounts..
    pub system_program: Program<'info, System>,
}

Add permissions

Test access

Restrict access

Table of contents

Restrict access to Anchor instructions

Annotate Anchor instruction with an access rule

Add required Sol Cerberus accounts