From 7a1ee2640c4b7fdf4cd87e27a3e4bf038b074199 Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Mon, 10 Feb 2025 15:27:38 +0100
Subject: [PATCH] fix: remove realm from group

---
 csv/customers/itp.csv |  7 -------
 csv/organizations.csv | 32 +++++---------------------------
 model.fga             |  1 -
 3 files changed, 5 insertions(+), 35 deletions(-)

diff --git a/csv/customers/itp.csv b/csv/customers/itp.csv
index 10b2b95..968ae7c 100644
--- a/csv/customers/itp.csv
+++ b/csv/customers/itp.csv
@@ -1,12 +1,5 @@
 user_type,user_id,relation,object_type,object_id,condition_name,condition_context
 
-system,atlantis,parent,organization,itpartner,,
-organization,itpartner,parent,group,/itpartner,,
-domain,itpartner.no,realm,organization,itpartner,,
-domain,itpartner.no,realm,group,/itpartner,,
-domain,tromso.serit.no,realm,organization,itpartner,,
-domain,tromso.serit.no,realm,group,/itpartner,,
-
 group,/itpartner#member,view,archive,01860e78-a3f5-4323-a78a-89ae50d1e785,term,"{""start_time"": ""2025-01-15T00:00:00Z"", ""end_time"": ""2025-02-21T00:00:00Z""}"
 group,/itpartner#member,view,archive,0243896e-d02e-48d9-b809-c9e54f66ab64,term,"{""start_time"": ""2025-01-15T00:00:00Z"", ""end_time"": ""2025-02-21T00:00:00Z""}"
 group,/itpartner#member,exec,archive,01860e78-a3f5-4323-a78a-89ae50d1e785,ticket,"{""tasks"": [ ""*"" ], ""quota"": ""-1.0"", ""start_time"": ""2025-01-01T00:00:00Z"", ""end_time"": ""2025-02-21T00:00:00Z""}"
diff --git a/csv/organizations.csv b/csv/organizations.csv
index a64b23b..ee364da 100644
--- a/csv/organizations.csv
+++ b/csv/organizations.csv
@@ -3,126 +3,104 @@ user_type,user_id,relation,object_type,object_id,condition_name,condition_contex
 system,atlantis,parent,organization,oceanbox,,
 organization,oceanbox,parent,group,/oceanbox,,
 domain,oceanbox.io,realm,organization,oceanbox,,
-domain,oceanbox.io,realm,group,/oceanbox,,
 
 system,atlantis,parent,organization,salmar,,
 organization,salmar,parent,group,/salmar,,
 domain,salmar.no,realm,organization,salmar,,
-domain,salmar.no,realm,group,/salmar,,
 
 system,atlantis,parent,organization,leroy,,
 organization,leroy,parent,group,/leroy,,
 domain,leroy.no,realm,organization,leroy,,
-domain,leroy.no,realm,group,/leroy,,
 domain,leroyseafood.com,realm,organization,leroy,,
-domain,leroyseafood.com,realm,group,/leroy,,
 domain,leroyaurora.no,realm,organization,leroy,,
-domain,leroyaurora.no,realm,group,/leroy,,
 domain,leroymidt.no,realm,organization,leroy,,
-domain,leroymidt.no,realm,group,/leroy,,
 
 system,atlantis,parent,organization,serit,,
 organization,serit,parent,group,/serit,,
 domain,serit.no,realm,organization,serit,,
-domain,serit.no,realm,group,/serit,,
 
 system,atlantis,parent,organization,aqua-kompetanse,,
 organization,aqua-kompetanse,parent,group,/aqua-kompetanse,,
 domain,aqua-kompetanse.no,realm,organization,aqua-kompetanse,,
-domain,aqua-kompetanse.no,realm,group,/aqua-kompetanse,,
 
 system,atlantis,parent,organization,kelpinor,,
 organization,kelpinor,parent,group,/kelpinor,,
 domain,kelpinor.no,realm,organization,kelpinor,,
-domain,kelpinor.no,realm,group,/kelpinor,,
 
 system,atlantis,parent,organization,bkmanimalhealth,,
 organization,bkmanimalhealth,parent,group,/bkmanimalhealth,,
 domain,bkmanimalhealth.com,realm,organization,bkmanimalhealth,,
-domain,bkmanimalhealth.com,realm,group,/bkmanimalhealth,,
 
 system,atlantis,parent,organization,uio,,
 organization,uio,parent,group,/uio,,
 domain,uio.no,realm,organization,uio,,
-domain,uio.no,realm,group,/uio,,
 
 system,atlantis,parent,organization,uni-nord,,
 organization,uni-nord,parent,group,/uni-nord,,
 domain,nord.no,realm,organization,uni-nord,,
-domain,nord.no,realm,group,/uni-nord,,
 
 system,atlantis,parent,organization,argusmiljo,,
 organization,argusmiljo,parent,group,/argusmiljo,,
 domain,argusmiljo.no,realm,organization,argusmiljo,,
-domain,argusmiljo.no,realm,group,/argusmiljo,,
 
 system,atlantis,parent,organization,bakkafrost,,
 organization,bakkafrost,parent,group,/bakkafrost,,
 domain,bakkafrost.com,realm,organization,bakkafrost,,
-domain,bakkafrost.com,realm,group,/bakkafrost,,
 
 system,atlantis,parent,organization,multiconsult,,
 organization,multiconsult,parent,group,/multiconsult,,
 domain,multiconsult.no,realm,organization,multiconsult,,
-domain,multiconsult.no,realm,group,/multiconsult,,
 
 system,atlantis,parent,organization,kpmg,,
 organization,kpmg,parent,group,/kpmg,,
 domain,kpmg.no,realm,organization,kpmg,,
-domain,kpmg.no,realm,group,/kpmg,,
 
 system,atlantis,parent,organization,synfaring,,
 organization,synfaring,parent,group,/synfaring,,
 domain,synfaring.no,realm,organization,synfaring,,
-domain,synfaring.no,realm,group,/synfaring,,
 
 system,atlantis,parent,organization,boehareide,,
 organization,boehareide,parent,group,/boehareide,,
 domain,boehareide.no,realm,organization,boehareide,,
-domain,boehareide.no,realm,group,/boehareide,,
 
 system,atlantis,parent,organization,sinkaberg,,
 organization,sinkaberg,parent,group,/sinkaberg,,
 domain,sinkaberg.no,realm,organization,sinkaberg,,
-domain,sinkaberg.no,realm,group,/sinkaberg,,
 
 system,atlantis,parent,organization,akerbla,,
 organization,akerbla,parent,group,/akerbla,,
 domain,akerbla.no,realm,organization,akerbla,,
-domain,akerbla.no,realm,group,/akerbla,,
 
 system,atlantis,parent,organization,nr,,
 organization,nr,parent,group,/nr,,
 domain,nr.no,realm,organization,nr,,
-domain,nr.no,realm,group,/nr,,
 
 system,atlantis,parent,organization,sjomatnorge,,
 organization,sjomatnorge,parent,group,/sjomatnorge,,
 domain,sjomatnorge.no,realm,organization,sjomatnorge,,
-domain,sjomatnorge.no,realm,group,/sjomatnorge,,
 
 system,atlantis,parent,organization,tatidentilbake,,
 organization,tatidentilbake,parent,group,/tatidentilbake,,
 domain,tatidentilbake.no,realm,organization,tatidentilbake,,
-domain,tatidentilbake.no,realm,group,/tatidentilbake,,
 
 system,atlantis,parent,organization,hubocean,,
 organization,hubocean,parent,group,/hubocean,,
 domain,oceandata.earth,realm,organization,hubocean,,
-domain,oceandata.earth,realm,group,/hubocean,,
 
 system,atlantis,parent,organization,masoval,,
 organization,masoval,parent,group,/masoval,,
 domain,masoval.no,realm,organization,masoval,,
-domain,masoval.no,realm,group,/masoval,,
 
 system,atlantis,parent,organization,bioceanor,,
 organization,bioceanor,parent,group,/bioceanor,,
 domain,bioceanor.com,realm,organization,bioceanor,,
-domain,bioceanor.com,realm,group,/bioeanor,,
 
 system,atlantis,parent,organization,capgemini,,
 organization,capgemini,parent,group,/capgemini,,
 domain,capgemini.com,realm,organization,capgemini,,
-domain,capgemini.com,realm,group,/capgemini,,
+
+system,atlantis,parent,organization,itpartner,,
+organization,itpartner,parent,group,/itpartner,,
+domain,itpartner.no,realm,organization,itpartner,,
+domain,tromso.serit.no,realm,organization,itpartner,,
 
diff --git a/model.fga b/model.fga
index 0d722b9..678ba86 100644
--- a/model.fga
+++ b/model.fga
@@ -18,7 +18,6 @@ type group
     define member: [ user, group#member ]
     define admin: [ user ] or admin from parent or superuser
     define superuser: superuser from parent
-    define realm: [ domain ] or realm from parent
     define parent: [ organization ]
 
 type user