clean up

src/core/records-grant-authorization.ts

@@ -31,7 +31,7 @@ export class RecordsGrantAuthorization {
     });
 
     // NOTE: validated the invoked permission is for Records in GrantAuthorization.performBaseValidation()
-    RecordsGrantAuthorization.verifyProtocolRecordScope(recordsWriteMessage, permissionGrant.scope as RecordsPermissionScope);
+    RecordsGrantAuthorization.verifyScope(recordsWriteMessage, permissionGrant.scope as RecordsPermissionScope);
 
     RecordsGrantAuthorization.verifyConditions(recordsWriteMessage, permissionGrant.conditions);
   }
@@ -61,7 +61,7 @@ export class RecordsGrantAuthorization {
     });
 
     // NOTE: validated the invoked permission is for Records in GrantAuthorization.performBaseValidation()
-    RecordsGrantAuthorization.verifyProtocolRecordScope(recordsWriteMessageToBeRead, permissionGrant.scope as RecordsPermissionScope);
+    RecordsGrantAuthorization.verifyScope(recordsWriteMessageToBeRead, permissionGrant.scope as RecordsPermissionScope);
   }
 
   /**
@@ -138,9 +138,9 @@ export class RecordsGrantAuthorization {
   }
 
   /**
-   * Verifies a protocol record against the scope of the given grant.
+   * Verifies a record against the scope of the given grant.
    */
-  private static verifyProtocolRecordScope(
+  private static verifyScope(
     recordsWriteMessage: RecordsWriteMessage,
     grantScope: RecordsPermissionScope
   ): void {

src/handlers/records-write.ts

@@ -182,7 +182,7 @@ export class RecordsWriteHandler implements MethodHandler {
       const permissionGrantId = recordsWriteMessage.descriptor.parentId!;
       const grant = await PermissionsProtocol.fetchGrant(tenant, this.messageStore, permissionGrantId);
       const revokeTagProtocol = recordsWriteMessage.descriptor.tags?.protocol;
-      const grantProtocol = PermissionsProtocol.isRecordPermissionScope(grant.scope) ? grant.scope.protocol : undefined;
+      const grantProtocol = 'protocol' in grant.scope ? grant.scope.protocol : undefined;
       if (grantProtocol !== revokeTagProtocol) {
         throw new DwnError(
           DwnErrorCode.PermissionsProtocolValidateRevocationProtocolTagMismatch,

src/protocols/permissions.ts

@@ -390,7 +390,7 @@ export class PermissionsProtocol {
   /**
    * Type guard to determine if the scope is a record permission scope.
    */
-  public static isRecordPermissionScope(scope: PermissionScope): scope is RecordsPermissionScope {
+  private static isRecordPermissionScope(scope: PermissionScope): scope is RecordsPermissionScope {
     return scope.interface === 'Records';
   }
 

tests/features/permissions.spec.ts

@@ -196,7 +196,7 @@ export function testPermissions(): void {
       const permissionScope: PermissionScope = {
         interface : DwnInterfaceName.Records,
         method    : DwnMethodName.Write,
-        protocol  : `any-protocol` // URL will normalize to `http://any-protocol`
+        protocol  : `any-protocol`
       };
 
       const requestToAlice = await PermissionsProtocol.createRequest({
@@ -371,7 +371,7 @@ export function testPermissions(): void {
       ).to.throw(DwnErrorCode.PermissionsProtocolValidateSchemaUnexpectedRecord);
     });
 
-    it('performs additional validation to tagged protocol in a Revocation message matches the Grant it is revoking', async () => {
+    it('performs additional validation to the tagged protocol in a Revocation message ensuring it matches the Grant it is revoking', async () => {
       const alice = await TestDataGenerator.generateDidKeyPersona();
       const bob = await TestDataGenerator.generateDidKeyPersona();