[lib] Fix role permissions for channels
Summary:
This diff addresses ENG-8953. I went through each broken permission listed here.
- The changes in lib/types/thread-permission-types.js update the mapping from UserSurfacedPermission to role permission strings, the representation used in MariaDB. We add permission strings that guarantee each user-surfaced permission propagates to descendants in the right way.
- The changes in lib/permissions/thread-permissions.js removes these permissions from being assigned based on ThreadType. The user-surfaced permissions are responsible for these permissions, so we need to make sure they don't appear if the admin didn't grant them.
Depends on D13016
Test Plan:
The whole stack was tested as follows:
- Unit tests from D9686, which toggle user-surfaced permissions on and off and make sure no difference is caught. This ensures that the original issue introduced in D9686 isn't reintroduced
- Careful review of each descendant permission removed in D9686
- Create a community as userA and add userB. Grant tagging permissions to all members. Make sure userB can tag inside non-root channels
- Do above, then create a channel without userB, and make sure userB can't tag there either (or do anything other than view). This is the repro described here
- Do above, but also create a thread inside the channel (as userA) and make sure userB can't do anything inside the thread other than view, until they join the parent channel
Reviewers: tomek, inka
Reviewed By: tomek
Differential Revision: https://phab.comm.dev/D13017