entity user {}
entity organization {
relation admin @user
relation member @user
attribute admin_approval_limit integer
attribute member_approval_limit integer
attribute approval_num integer
action approve = admin
action create_account = admin
permission approval = (member and check_member_approval(approval_num, member_approval_limit)) or (admin and check_admin_approval(approval_num, admin_approval_limit))
}
entity account {
relation checkings @account
relation savings @account
relation owner @organization
attribute withdraw_limit double
attribute balance double
action withdraw = check_balance(balance, request.amount) and (check_limit(withdraw_limit, request.amount) or owner.approval)
}
rule check_balance(balance double, amount double) {
balance >= amount
}
rule check_limit(withdraw_limit double, amount double) {
withdraw_limit >= amount
}
rule check_admin_approval(approval_num integer, admin_approval_limit integer) {
approval_num >= admin_approval_limit
}
rule check_member_approval(approval_num integer, member_approval_limit integer) {
approval_num >= member_approval_limit
}
