Merge pull request #1903 from hypothesis/remove-permissions-service

Remove unused `permissions` service

src/sidebar/index.js

@@ -181,7 +181,6 @@ import frameSyncService from './services/frame-sync';
 import groupsService from './services/groups';
 import loadAnnotationsService from './services/load-annotations';
 import localStorageService from './services/local-storage';
-import permissionsService from './services/permissions';
 import persistedDefaultsService from './services/persisted-defaults';
 import rootThreadService from './services/root-thread';
 import searchFilterService from './services/search-filter';
@@ -224,7 +223,6 @@ function startAngularApp(config) {
     .register('groups', groupsService)
     .register('loadAnnotationsService', loadAnnotationsService)
     .register('localStorage', localStorageService)
-    .register('permissions', permissionsService)
     .register('persistedDefaults', persistedDefaultsService)
     .register('rootThread', rootThreadService)
     .register('searchFilter', searchFilterService)
@@ -312,7 +310,6 @@ function startAngularApp(config) {
     .service('loadAnnotationsService', () =>
       container.get('loadAnnotationsService')
     )
-    .service('permissions', () => container.get('permissions'))
     .service('persistedDefaults', () => container.get('persistedDefaults'))
     .service('rootThread', () => container.get('rootThread'))
     .service('searchFilter', () => container.get('searchFilter'))

src/sidebar/services/permissions.js

-/**
- * Object defining which principals can read, update and delete an annotation.
- *
- * This is the same as the `permissions` field retrieved on an annotation via
- * the API.
- *
- * Principals are strings of the form `type:id` where `type` is `'acct'` (for a
- * specific user) or `'group'` (for a group).
- *
- * @typedef Permissions
- * @property {string[]} read - List of principals that can read the annotation
- * @property {string[]} update - List of principals that can edit the annotation
- * @property {string[]} delete - List of principals that can delete the
- * annotation
- */
-
-/**
- * A service for generating and querying `Permissions` objects for annotations.
- *
- * It also provides methods to save and restore permissions preferences for new
- * annotations to local storage.
- */
-// @ngInject
-export default function Permissions(store) {
-  const self = this;
-
-  /**
-   * Return the permissions for a private annotation.
-   *
-   * A private annotation is one which is readable only by its author.
-   *
-   * @param {string} userid - User ID of the author
-   * @return {Permissions}
-   */
-  this.private = function(userid) {
-    return {
-      read: [userid],
-      update: [userid],
-      delete: [userid],
-    };
-  };
-
-  /**
-   * Return the permissions for an annotation that is shared with the given
-   * group.
-   *
-   * @param {string} userid - User ID of the author
-   * @param {string} groupId - ID of the group the annotation is being
-   * shared with
-   * @return {Permissions}
-   */
-  this.shared = function(userid, groupId) {
-    return Object.assign(self.private(userid), {
-      read: ['group:' + groupId],
-    });
-  };
-
-  /**
-   * Set the default permissions for new annotations.
-   *
-   * @param {'private'|'shared'} level
-   */
-  this.setDefault = function(level) {
-    store.setDefault('annotationPrivacy', level);
-  };
-
-  /**
-   * Return true if an annotation with the given permissions is shared with any
-   * group.
-   *
-   * @param {Permissions} perms
-   * @return {boolean}
-   */
-  this.isShared = function(perms) {
-    return perms.read.some(function(principal) {
-      return principal.indexOf('group:') === 0;
-    });
-  };
-
-  /**
-   * Return true if a user can perform the given `action` on an annotation.
-   *
-   * @param {Permissions} perms
-   * @param {'update'|'delete'} action
-   * @param {string} userid
-   * @return {boolean}
-   */
-  this.permits = function(perms, action, userid) {
-    return perms[action].indexOf(userid) !== -1;
-  };
-}

src/sidebar/services/test/permissions-test.js

-import Permissions from '../permissions';
-
-const userid = 'acct:flash@gord.on';
-
-describe('permissions', function() {
-  let fakeStore;
-  let permissions;
-
-  beforeEach(function() {
-    fakeStore = {
-      getDefault: sinon.stub().returns(null),
-      setDefault: sinon.stub(),
-    };
-    permissions = new Permissions(fakeStore);
-  });
-
-  describe('#private', function() {
-    it('only allows the user to read the annotation', function() {
-      assert.deepEqual(permissions.private(userid), {
-        read: [userid],
-        update: [userid],
-        delete: [userid],
-      });
-    });
-  });
-
-  describe('#shared', function() {
-    it('allows the group to read the annotation', function() {
-      assert.deepEqual(permissions.shared(userid, 'gid'), {
-        read: ['group:gid'],
-        update: [userid],
-        delete: [userid],
-      });
-    });
-  });
-
-  describe('#setDefault', function() {
-    it('saves the default permissions in the store', function() {
-      permissions.setDefault('private');
-      assert.calledWith(fakeStore.setDefault, 'annotationPrivacy', 'private');
-    });
-  });
-
-  describe('#isShared', function() {
-    it('returns true if a group can read the annotation', function() {
-      const perms = permissions.shared(userid, 'gid');
-      assert.isTrue(permissions.isShared(perms));
-    });
-
-    it('returns false if only specific users can read the annotation', function() {
-      const perms = permissions.private(userid);
-      assert.isFalse(permissions.isShared(perms));
-    });
-  });
-
-  describe('#permits', function() {
-    it('returns true if the user can perform the action', function() {
-      const perms = permissions.private(userid);
-      assert.isTrue(permissions.permits(perms, 'update', userid));
-      assert.isTrue(permissions.permits(perms, 'delete', userid));
-    });
-
-    it('returns false if the user cannot perform the action', function() {
-      const perms = permissions.private('acct:not.flash@gord.on');
-      assert.isFalse(permissions.permits(perms, 'update', userid));
-      assert.isFalse(permissions.permits(perms, 'delete', userid));
-    });
-  });
-});