Cid optout action

extensions/amp-user-notification/0.1/amp-user-notification.js

@@ -157,6 +157,7 @@ export class AmpUserNotification extends AMP.BaseElement {
         .registerUserNotification(this.elementId_, this);
 
     this.registerAction('dismiss', this.dismiss.bind(this));
+    this.registerAction('optoutOfCid', this.optoutOfCid_.bind(this));
   }
 
   /**
@@ -232,12 +233,27 @@ export class AmpUserNotification extends AMP.BaseElement {
   }
 
   /**
-   * Get async cid service.
+   * Opts the user out of cid issuance and dismisses the notification.
+   * @private
+   */
+  optoutOfCid_() {
+    return this.getCidService_()
+        .then(cid => cid.optOut())
+        .then(this.dismiss.bind(this), reason => {
+          dev().error('amp-user-notification',
+              'Failed to opt out of Cid', reason);
+          // If optout fails, dismiss notification without persisting.
+          this.dismiss(/*opt_forceNoPersist*/true);
+        });
+  }
+
+  /**
+   * Get async cid.
    * @return {!Promise}
    * @private
    */
   getAsyncCid_() {
-    return cidForDoc(this.element).then(cid => {
+    return this.getCidService_().then(cid => {
       // `amp-user-notification` is our cid scope, while we give it a resolved
       // promise for the 2nd argument so that the 3rd argument (the
       // persistentConsent) is the one used to resolve getting
@@ -252,6 +268,15 @@ export class AmpUserNotification extends AMP.BaseElement {
     });
   }
 
+  /**
+   * Get cid service.
+   * @return {!Promise}
+   * @private
+   */
+  getCidService_() {
+    cidForDoc(this.element);
+  }
+
   /** @override */
   shouldShow() {
     return this.isDismissed().then(dismissed => {
@@ -308,14 +333,17 @@ export class AmpUserNotification extends AMP.BaseElement {
   /**
    * Hides the current user notification and invokes the `dialogResolve_`
    * method. Removes the `.amp-active` class from the element.
+   *
+   * @param {boolean=} opt_forceNoPersist If true, dismissal won't be persisted
+   * regardless of 'data-persist-dismissal''s value
    */
-  dismiss() {
+  dismiss(opt_forceNoPersist = false) {
     this.element.classList.remove('amp-active');
     this.element.classList.add('amp-hidden');
     this.dialogResolve_();
     this.getViewport().removeFromFixedLayer(this.element);
 
-    if (this.persistDismissal_) {
+    if (this.persistDismissal_ && !opt_forceNoPersist) {
       // Store and post.
       this.storagePromise_.then(storage => {
         storage.set(this.storageKey_, true);

extensions/amp-user-notification/0.1/test/test-amp-user-notification.js

@@ -592,4 +592,50 @@ describe('amp-user-notification', () => {
       expect(get().then).to.be.function;
     });
   });
+
+  describe('optOutOfCid', () => {
+    const cidMock = {
+      optOut() {
+        return optoutPromise;
+      },
+    };
+    let dismissSpy;
+    let optoutPromise;
+    let optOutOfCidStub;
+
+    beforeEach(() => {
+      optOutOfCidStub = sandbox.spy(cidMock, 'optOut');
+    });
+
+    it('should call cid.optOut() and dismiss', () => {
+      return getUserNotification({id: 'n1'}).then(el => {
+        const impl = el.implementation_;
+        impl.buildCallback();
+        optoutPromise = Promise.resolve();
+        impl.getCidService_ = () => { return Promise.resolve(cidMock); };
+        dismissSpy = sandbox.spy(impl, 'dismiss');
+
+        return impl.optoutOfCid_();
+      }).then(() => {
+        expect(dismissSpy).to.be.calledWithExactly(undefined);
+        expect(optOutOfCidStub).to.be.calledOnce;
+      });
+    });
+
+    it('should dissmiss without persistence if cid.optOut() fails', () => {
+      return getUserNotification({id: 'n1'}).then(el => {
+        const impl = el.implementation_;
+        impl.buildCallback();
+        optoutPromise = Promise.reject('failed');
+        impl.getCidService_ = () => { return Promise.resolve(cidMock); };
+        dismissSpy = sandbox.spy(impl, 'dismiss');
+
+        return impl.optoutOfCid_();
+      }).then(() => {
+        expect(dismissSpy).to.be.calledWithExactly(true);
+        expect(optOutOfCidStub).to.be.calledOnce;
+      });
+    });
+
+  });
 });

src/service/cid-impl.js

@@ -35,7 +35,7 @@ import {
 import {dict} from '../utils/object';
 import {isIframed} from '../dom';
 import {getCryptoRandomBytesArray} from '../utils/bytes';
-import {viewerForDoc} from '../services';
+import {viewerForDoc, storageForDoc} from '../services';
 import {cryptoFor} from '../crypto';
 import {parseJson, tryParseJson} from '../json';
 import {timerFor} from '../services';
@@ -50,6 +50,11 @@ const BASE_CID_MAX_AGE_MILLIS = 365 * ONE_DAY_MILLIS;
 
 const SCOPE_NAME_VALIDATOR = /^[a-zA-Z0-9-_.]+$/;
 
+const CID_OPTOUT_STORAGE_KEY = 'amp-cid-optout';
+
+// TODO(aghassemi): replace with real viewer message when implemented.
+const CID_OPTOUT_VIEWER_MESSAGE = 'cidOptout';
+
 /**
  * A base cid string value and the time it was last read / stored.
  * @typedef {{time: time, cid: string}}
@@ -107,7 +112,8 @@ export class Cid {
    *     consent, of course).
    * @return {!Promise<?string>} A client identifier that should be used
    *      within the current source origin and externalCidScope. Might be
-   *      null if no identifier was found or could be made.
+   *      null if user has opted out of cid or no identifier was found
+   *      or it could be made.
    *      This promise may take a long time to resolve if consent isn't
    *      given.
    */
@@ -118,13 +124,64 @@ export class Cid {
         'The CID scope and cookie name must only use the characters ' +
         '[a-zA-Z0-9-_.]+\nInstead found: %s',
         getCidStruct.scope);
-    return consent.then(() => {
-      return viewerForDoc(this.ampdoc).whenFirstVisible();
-    }).then(() => {
-      return getExternalCid(this, getCidStruct,
-          opt_persistenceConsent || consent);
+    return isOptedOutOfCid(this.ampdoc).then(optedOut => {
+      // TODO(aghassemi): null or '' ?
+      if (optedOut) {
+        return null;
+      } else {
+        return consent.then(() => {
+          return viewerForDoc(this.ampdoc).whenFirstVisible();
+        }).then(() => {
+          return getExternalCid(this, getCidStruct,
+              opt_persistenceConsent || consent);
+        });
+      }
     });
   }
+
+  /**
+   * User will be opted out of Cid issuance for all scopes.
+   * When opted-out Cid service will reject all `get` requests.
+   *
+   * @return {!Promise}
+   */
+  optOut() {
+    return optOutOfCid(this.ampdoc);
+  }
+}
+
+/**
+ * User will be opted out of Cid issuance for all scopes.
+ * When opted-out Cid service will reject all `get` requests.
+ *
+ * @return {!Promise}
+ * @visibleForTesting
+ */
+export function optOutOfCid(ampdoc) {
+
+  // Tell the viewer that user has opted out.
+  viewerForDoc(ampdoc).sendMessage(CID_OPTOUT_VIEWER_MESSAGE);
+
+  // Store the optout bit in storage
+  return storageForDoc(ampdoc).then(storage => {
+    return storage.set(CID_OPTOUT_STORAGE_KEY, true);
+  });
+}
+
+/**
+ * Whether user has opted out of Cid issuance for all scopes.
+ *
+ * @param {!./ampdoc-impl.AmpDoc} ampdoc
+ * @return {!Promise<boolean>}
+ * @visibleForTesting
+ */
+export function isOptedOutOfCid(ampdoc) {
+  return storageForDoc(ampdoc).then(storage => {
+    return storage.get(CID_OPTOUT_STORAGE_KEY).then(val => !!val);
+  }).catch(() => {
+    // If we fail to read the flag, assume not opted out.
+    return false;
+  });
 }
 
 /**

test/functional/test-cid.js

@@ -25,6 +25,8 @@ import {
   cidServiceForDocForTesting,
   getProxySourceOrigin,
   viewerBaseCid,
+  optOutOfCid,
+  isOptedOutOfCid,
 } from '../../src/service/cid-impl';
 import {installCryptoService, Crypto} from '../../src/service/crypto-impl';
 import {cryptoFor} from '../../src/crypto';
@@ -33,12 +35,14 @@ import {parseUrl} from '../../src/url';
 import {installPlatformService} from '../../src/service/platform-impl';
 import {installViewerServiceForDoc} from '../../src/service/viewer-impl';
 import {installTimerService} from '../../src/service/timer-impl';
+import {installStorageServiceForDoc} from '../../src/service/storage-impl';
 import {
   installCryptoPolyfill,
 } from '../../extensions/amp-crypto-polyfill/0.1/amp-crypto-polyfill';
 import {
   installExtensionsService,
 } from '../../src/service/extensions-impl';
+import {stubServiceForDoc} from '../../testing/test-helper';
 import * as sinon from 'sinon';
 
 const DAY = 24 * 3600 * 1000;
@@ -58,6 +62,7 @@ describe('cid', () => {
   let whenFirstVisible;
   let trustedViewer;
   let shouldSendMessageTimeout;
+  let storageGetStub;
 
   const hasConsent = Promise.resolve();
   const timer = timerFor(window);
@@ -117,6 +122,7 @@ describe('cid', () => {
     });
 
     installViewerServiceForDoc(ampdoc);
+    storageGetStub = stubServiceForDoc(sandbox, ampdoc, 'storage', 'get');
     viewer = viewerForDoc(ampdoc);
     sandbox.stub(viewer, 'whenFirstVisible', function() {
       return whenFirstVisible;
@@ -272,6 +278,18 @@ describe('cid', () => {
           'sha384(YYYhttp://www.origin.come2)');
     });
 
+    it('should return null if opted out', () => {
+      storageGetStub.withArgs('amp-cid-optout').returns(Promise.resolve(true));
+
+      storage['amp-cid'] = JSON.stringify({
+        cid: 'YYY',
+        time: Date.now(),
+      });
+      return compare(
+          'e2',
+          null);
+    });
+
     it('should read from viewer storage if embedded', () => {
       fakeWin.parent = {};
       const expectedBaseCid = 'from-viewer';
@@ -390,6 +408,7 @@ describe('cid', () => {
       installTimerService(win);
       installPlatformService(win);
       installViewerServiceForDoc(ampdoc2);
+      installStorageServiceForDoc(ampdoc2);
       cidServiceForDocForTesting(ampdoc2);
       installCryptoService(win);
       return cidForDoc(ampdoc2).then(cid => {
@@ -719,3 +738,61 @@ describe('getProxySourceOrigin', () => {
     }).to.throw(/Expected proxy origin/);
   });
 });
+
+describes.fakeWin('cid optout:', {amp: true}, env => {
+  let storageGetStub;
+  let storageSetStub;
+  let viewerSendMessageStub;
+  let ampdoc;
+
+  beforeEach(() => {
+    ampdoc = env.ampdoc;
+    storageSetStub = stubServiceForDoc(sandbox, ampdoc, 'storage', 'set');
+    storageGetStub = stubServiceForDoc(sandbox, ampdoc, 'storage', 'get');
+    viewerSendMessageStub = stubServiceForDoc(sandbox, ampdoc,
+        'viewer', 'sendMessage');
+  });
+
+  describe('optOutOfCid()', () => {
+    it('should send a message to viewer', () => {
+      return optOutOfCid(ampdoc).then(() => {
+        expect(viewerSendMessageStub).to.be.calledWith('cidOptout');
+      });
+    });
+
+    it('should save bit in storage', () => {
+      optOutOfCid(ampdoc).then(() => {
+        expect(storageSetStub).to.be.calledWith('amp-cid-optout', true);
+      });
+    });
+
+    it('should reject promise if storage set fails', () => {
+      storageSetStub.returns(Promise.reject('failed!'));
+      return optOutOfCid(ampdoc).should.eventually.be.rejectedWith('failed!');
+    });
+  });
+
+  describe('isOptedOutOfCid()', () => {
+    it('should return true if bit is set in storage', () => {
+      storageGetStub.withArgs('amp-cid-optout').returns(Promise.resolve(true));
+      return isOptedOutOfCid(ampdoc).then(isOut => {
+        expect(isOut).to.be.true;
+      });
+    });
+
+    it('should return false if bit is not set in storage', () => {
+      storageGetStub.withArgs('amp-cid-optout').returns(Promise.resolve(null));
+      return isOptedOutOfCid(ampdoc).then(isOut => {
+        expect(isOut).to.be.false;
+      });
+    });
+
+    it('should return false if storage get fails', () => {
+      storageGetStub.withArgs('amp-cid-optout').returns(Promise.reject('Fail'));
+      return isOptedOutOfCid(ampdoc).then(isOut => {
+        expect(isOut).to.be.false;
+      });
+    });
+  });
+
+});