Joshua Send flyingsilverfin

## permissions_rules.tql
define

rule owners-have-write-access:
when { (resource: $r, owner: $owner) isa resource-ownership; }
then { (writer: $owner, writable: $r) isa write-access; };

rule members-borrow-write-access:
when {
  (member: $u, team: $t) isa team-membership;
  (writer: $t, writable: $r) isa write-access;

## permissions_schema.tql
define
user sub entity,
  plays team-membership:member,
  plays read-access:reader,
  plays write-access:writer,
  plays resource-ownership:owner;
team sub entity,
  plays team-membership:team,
  plays read-access:reader,
  plays write-access:writer,

## permissions_data.tql
insert
$x isa user;
$t isa team;
(member: $x, team: $t) isa team-membership;
$r isa resource;
(owner: $t, resource: $r) isa resource-ownership;

## rule_skeleton.tql
define
rule <label>:
when {
  <condition>
} then {
  <conclusion>
}

## contradicting_rule.tql
rule give-permission:
when {
  $x isa user;
  not { $x has permission $a; };
} then {
  $x has permission "read";
};

## rules_in_typedb_relations_on_relations.tql
insert
$u isa user;
$t isa team;
$r isa resource;
$r (owner: $t, owned: $r) isa resource-ownership;
(source: $r, accessor: $u, accessible: $r) isa derived-access;

## rules_in_typedb_infinite_relations_rule.tql
rule infinite-list:
when {
  $r isa list-node;
} then {
  (previous: $r) isa list-node;
}

## rules_in_typedb_members_borrow_read_access_rule.tql
rule members-borrow-read-access:
when {
 (member: $u, team: $t) isa team-membership;
 (reader: $t, readable: $r) isa read-access;
} then {
 (reader: $u, readable: $r) isa read-access;
};

## rules_in_typedb_members_borrow_write_access_rule.tql
rule members-borrow-write-access:
when {
  (member: $u, team: $t) isa team-membership;
  (writer: $t, writable: $r) isa write-access;
} then {
  (writer: $u, writable: $r) isa write-access;
};

## rules_in_typedb_owners_have_write_access_rule.tql
rule owners-have-write-access:
when {
  (resource: $r, owner: $owner) isa resource-ownership;
} then {
  (writer: $owner, writable: $r) isa write-access;
};
	define

	rule owners-have-write-access:
	when { (resource: $r, owner: $owner) isa resource-ownership; }
	then { (writer: $owner, writable: $r) isa write-access; };

	rule members-borrow-write-access:
	when {
	(member: $u, team: $t) isa team-membership;
	(writer: $t, writable: $r) isa write-access;
	define
	user sub entity,
	plays team-membership:member,
	plays read-access:reader,
	plays write-access:writer,
	plays resource-ownership:owner;
	team sub entity,
	plays team-membership:team,
	plays read-access:reader,
	plays write-access:writer,
	insert
	$x isa user;
	$t isa team;
	(member: $x, team: $t) isa team-membership;
	$r isa resource;
	(owner: $t, resource: $r) isa resource-ownership;
	rule give-permission:
	when {
	$x isa user;
	not { $x has permission $a; };
	} then {
	$x has permission "read";
	};
	insert
	$u isa user;
	$t isa team;
	$r isa resource;
	$r (owner: $t, owned: $r) isa resource-ownership;
	(source: $r, accessor: $u, accessible: $r) isa derived-access;
	rule infinite-list:
	when {
	$r isa list-node;
	} then {
	(previous: $r) isa list-node;
	}
	rule members-borrow-read-access:
	when {
	(member: $u, team: $t) isa team-membership;
	(reader: $t, readable: $r) isa read-access;
	} then {
	(reader: $u, readable: $r) isa read-access;
	};
	rule owners-have-write-access:
	when {
	(resource: $r, owner: $owner) isa resource-ownership;
	} then {
	(writer: $owner, writable: $r) isa write-access;
	};