decentralized-identity · diehuxx · Oct 4, 2023 · Sep 27, 2023 · Oct 3, 2023 · Oct 3, 2023
@@ -48,7 +48,7 @@ Here's to a thrilling Hacktoberfest voyage with us! 🎉
 # Decentralized Web Node (DWN) SDK <!-- omit in toc -->
 
 Code Coverage
-![Statements](https://img.shields.io/badge/statements-97.78%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-94.92%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-94.26%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-97.78%25-brightgreen.svg?style=flat)
+![Statements](https://img.shields.io/badge/statements-97.8%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-95.18%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-94.26%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-97.8%25-brightgreen.svg?style=flat)
 
 - [Introduction](#introduction)
 - [Installation](#installation)

@@ -341,7 +341,6 @@ export class ProtocolAuthorization {
       throw new Error(`no action rule defined for ${incomingMessage.message.descriptor.method}, ${author} is unauthorized`);
     }
 
-    // Get role being invoked. Currently only Reads support role-based authorization
     const invokedRole = incomingMessage.authorizationPayload?.protocolRole;
 
     for (const actionRule of actionRules) {

@@ -400,7 +400,7 @@ export class RecordsWrite {
       await ProtocolAuthorization.authorize(tenant, this, this, messageStore);
     } else if (this.author === tenant) {
       // if author is the same as the target tenant, we can directly grant access
-    } else if (this.author !== undefined && this.authorizationPayload?.permissionsGrantId !== undefined) {
+    } else if (this.author !== undefined && this.authorizationPayload!.permissionsGrantId !== undefined) {
       await RecordsGrantAuthorization.authorizeWrite(tenant, this, this.author, messageStore);
     } else {
       throw new Error('message failed authorization');
@@ -653,23 +653,19 @@ export class RecordsWrite {
     signer: Signer,
     additionalProperties?: { permissionsGrantId?: string, protocolRole?: string },
   ): Promise<AuthorizationModel> {
-    const authorizationPayload: RecordsWriteAuthorSignaturePayload = {
-      recordId,
-      descriptorCid
-    };
-
     const attestationCid = attestation ? await Cid.computeCid(attestation) : undefined;
     const encryptionCid = encryption ? await Cid.computeCid(encryption) : undefined;
 
-    if (contextId !== undefined) { authorizationPayload.contextId = contextId; } // assign `contextId` only if it is defined
-    if (attestationCid !== undefined) { authorizationPayload.attestationCid = attestationCid; } // assign `attestationCid` only if it is defined
-    if (encryptionCid !== undefined) { authorizationPayload.encryptionCid = encryptionCid; } // assign `encryptionCid` only if it is defined
-    if (additionalProperties?.permissionsGrantId !== undefined) {
-      authorizationPayload.permissionsGrantId = additionalProperties?.permissionsGrantId;
-    }
-    if (additionalProperties?.protocolRole !== undefined) {
-      authorizationPayload.protocolRole = additionalProperties?.protocolRole;
-    }
+    const authorizationPayload: RecordsWriteAuthorSignaturePayload = {
+      recordId,
+      descriptorCid,
+      contextId,
+      attestationCid,
+      encryptionCid,
+      permissionsGrantId : additionalProperties?.permissionsGrantId,
+      protocolRole       : additionalProperties?.protocolRole
+    };
+    removeUndefinedProperties(authorizationPayload);
 
     const authorizationPayloadBytes = Encoder.objectToBytes(authorizationPayload);
 

diff --git a/src/types/records-types.ts b/src/types/records-types.ts
@@ -13,7 +13,6 @@ export type RecordsWriteDescriptor = {
   method: DwnMethodName.Write;
   protocol?: string;
   protocolPath?: string;
-  protocolRole?: string;
   recipient?: string;
   schema?: string;
   parentId?: string;

@@ -9,8 +9,15 @@
     "friend": {
       "$globalRole": true
     },
+    "fan": {
+      "$globalRole": true
+    },
     "chat": {
       "$actions": [
+        {
+          "role": "fan",
+          "can": "read"
+        },
         {
           "role": "friend",
           "can": "write"