1/**
2 * Project is a project.
3 */
4definition test/project {
5 relation issue_creator: role#member
6 relation issue_assigner: role#member
7 relation any_issue_resolver: role#member
8 relation assigned_issue_resolver: role#member
9 relation comment_creator: role#member
10 relation comment_deleter: role#member
11 relation role_manager: role#member
12
13 permission create_issue = issue_creator
14 permission create_role = role_manager
15}
16
17definition role {
18 /** project is the project */
19 relation project: project
20 relation member: user
21 relation built_in_role: project
22
23 permission delete = project->role_manager - built_in_role->role_manager
24 permission add_user = project->role_manager
25 permission add_permission = project->role_manager & built_in_role->role_manager
26
27 // with arrows!
28 permission remove_permission = project->role_manager + built_in_role->role_manager
29}View as plain text