diff --git a/concepts/policies/examples/access-control.mdx b/concepts/policies/examples/access-control.mdx index a1585e28..d51ad744 100644 --- a/concepts/policies/examples/access-control.mdx +++ b/concepts/policies/examples/access-control.mdx @@ -15,6 +15,17 @@ sidebarTitle: "Access control" } ``` +#### Restrict which wallets a user can add accounts to + +```json +{ + "policyName": "Allow user to create accounts only on ", + "effect": "EFFECT_ALLOW", + "consensus": "approvers.any(user, user.id == '')", + "condition": "activity.type == 'ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS' && wallet.id == ''" +} +``` + #### Allow users with a specific tag to create users ```json diff --git a/concepts/policies/language.mdx b/concepts/policies/language.mdx index 2aa142a4..10e0b282 100644 --- a/concepts/policies/language.mdx +++ b/concepts/policies/language.mdx @@ -48,7 +48,7 @@ Keywords are reserved words that are dynamically interchanged for real values at | **tron.tx** | TronTransaction | The parsed Tron transaction payload (see Appendix below) | | **bitcoin.tx** | BitcoinTransaction | The parsed Bitcoin transaction payload (see Appendix below) | | **tempo.tx** | TempoTransaction | The parsed Tempo transaction payload (see Appendix below) | -| **wallet** | Wallet | The target wallet used in sign + export requests | +| **wallet** | Wallet | The target wallet used in sign, export, and create wallet accounts requests | | **wallets** | list\ | The target wallets associated with requests involving with multiple wallets | | **private_key** | PrivateKey | The target private key used in sign + export requests | | **wallet_account** | WalletAccount | The target wallet account used in sign + export requests |