Introduce permissions service

3e0b3e16 · Gergely Ujvari · ujvari · af0e036b · 3e0b3e16 · 3e0b3e16
Commit 3e0b3e16 authored Dec 16, 2014 by Gergely Ujvari Committed by ujvari Jan 15, 2015
Showing with 74 additions and 26 deletions

annotation.coffee h/static/scripts/directives/annotation.coffee +8 -14

privacy.coffee h/static/scripts/directives/privacy.coffee +11 -12

permissions-service.coffee h/static/scripts/permissions-service.coffee +55 -0

No files found.
--- a/h/static/scripts/directives/annotation.coffee
+++ b/h/static/scripts/directives/annotation.coffee
@@ -38,9 +38,11 @@ validate = (value) ->
 ###
 AnnotationController = [
  '$scope', '$timeout',
-  'annotator', 'auth', 'drafts', 'flash', 'documentHelpers', 'timeHelpers'
+  'annotator', 'auth', 'drafts', 'flash', 'documentHelpers', 'permissions',
+  'timeHelpers'
  ($scope,   $timeout,
-   annotator,   auth,   drafts,   flash,   documentHelpers,   timeHelpers
+   annotator,   auth,   drafts,   flash,   documentHelpers,   permissions,
+   timeHelpers
  ) ->
    @annotation = {}
    @action = 'view'
@@ -183,15 +185,10 @@ AnnotationController = [
      annotator.publish 'beforeAnnotationCreated', reply
      if auth.user?
-        reply.permissions.update = [auth.user]
+        if permissions.isPublic model
-        reply.permissions.delete = [auth.user]
+          reply.permissions = permissions.public()
-        reply.permissions.admin = [auth.user]
-        # If replying to a public annotation make the response public.
-        if 'group:__world__' in (model.permissions.read or [])
-          reply.permissions.read = ['group:__world__']
        else
-          reply.permissions.read = [auth.user]
+          reply.permissions = permissions.private()
    ###*
    # @ngdoc method
@@ -279,10 +276,7 @@ AnnotationController = [
      # Save highlights once logged in.
      if highlight and this.isHighlight()
        if model.user
-          model.permissions.read = [model.user]
+          model.permissions = permissions.private()
-          model.permissions.update = [model.user]
-          model.permissions.delete = [model.user]
-          model.permissions.admin = [model.user]
          annotator.publish 'annotationCreated', model
          highlight = false  # skip this on future updates
        else

--- a/h/static/scripts/directives/privacy.coffee
+++ b/h/static/scripts/directives/privacy.coffee
-privacy = ['$window', ($window) ->
+privacy = ['$window', 'permissions', ($window, permissions) ->
  VISIBILITY_KEY ='hypothesis.visibility'
  VISIBILITY_PUBLIC = 'public'
  VISIBILITY_PRIVATE = 'private'
@@ -37,10 +37,10 @@ privacy = ['$window', ($window) ->
  link: (scope, elem, attrs, controller) ->
    return unless controller?
-    controller.$formatters.push (permissions) ->
+    controller.$formatters.push (selectedPermissions) ->
-      return unless permissions?
+      return unless selectedPermissions?
-      if 'group:__world__' in (permissions.read or [])
+      if permissions.isPublic {permissions: selectedPermissions}
        getLevel(VISIBILITY_PUBLIC)
      else
        getLevel(VISIBILITY_PRIVATE)
@@ -48,18 +48,17 @@ privacy = ['$window', ($window) ->
    controller.$parsers.push (privacy) ->
      return unless privacy?
-      permissions = controller.$modelValue
      if isPublic(privacy.name)
-          permissions.read = ['group:__world__']
+        newPermissions = permissions.public()
      else
-          permissions.read = [attrs.user]
+        newPermissions = permissions.private()
-      permissions.update = [attrs.user]
+      # Cannot change the $modelValue into a new object
-      permissions.delete = [attrs.user]
+      # Just update its properties
-      permissions.admin = [attrs.user]
+      for key,val of newPermissions
+        controller.$modelValue[key] = val
-      permissions
+      controller.$modelValue
    controller.$render = ->
      unless controller.$modelValue.read.length

--- a/h/static/scripts/permissions-service.coffee
+++ b/h/static/scripts/permissions-service.coffee
+###*
+# @ngdoc service
+# @name  Permissions
+#
+# @description
+# This service can set default permissions to annotations properly and
+# offers some utility functions regarding those.
+###
+class Permissions
+  this.$inject = ['auth']
+  constructor:    (auth) ->
+    ###*
+    # @ngdoc method
+    # @name permissions#private
+    #
+    # Sets permissions for a private annotation
+    # Typical use: annotation.permissions = permissions.private()
+    ###
+    @private = ->
+      return {
+        read: [auth.user]
+        update: [auth.user]
+        delete: [auth.user]
+        admin: [auth.user]
+      }
+    ###*
+    # @ngdoc method
+    # @name permissions#private
+    #
+    # Sets permissions for a public annotation
+    # Typical use: annotation.permissions = permissions.public()
+    ###
+    @public = ->
+      return {
+        read: ['group:__world__']
+        update: [auth.user]
+        delete: [auth.user]
+        admin: [auth.user]
+      }
+  ###*
+  # @ngdoc method
+  # @name permissions#isPublic
+  #
+  # @param {Object} annotation annotation to check permissions
+  #
+  # This function determines whether the annotation is publicly
+  # visible(readable) or not.
+  ###
+  isPublic: (annotation) ->
+    'group:__world__' in (annotation.permissions?.read or [])
+angular.module('h')
+.service('permissions', Permissions)
\ No newline at end of file