> definition folder {
> relation parent: folder
> relation reader : user | group#member
> relation organization : organization
> permission organization_member = organization->member
> permission read= reader + parent->read & organization_member
>
> }
> definition group{
> relation user: user
> relation group: group#member
> permission member = user + group->user
> }
> definition user{}
> definition organization{
> relation reader: user | group#member
> relation member: user | group#member
> permission read = reader
> }