remove organization_workspace_role table and all related endpoints, code

There is no reason to add an organization-workspace relationship when we
are moving off of workspaces onto builds, and organizations are a new concept.
Many queries become more simplified as a result.

removes endpoints:

GET /workspace/:workspace_id_or_name/organization
POST /workspace/:workspace_id_or_name/organization?send_mail=<1|0>
DELETE /workspace/:workspace_id_or_name/organization/:organization_id_or_name?send_mail=<1|0>

docs/_resources/full-schema.er

@@ -204,11 +204,6 @@ deactivated
 *+build_id
 role {label: "ro, rw, admin"}
 
-[organization_workspace_role] {bgcolor: "#d0e0d0"}
-*+organization_id
-*+workspace_id
-role {label: "ro, rw, admin"}
-
 [rack] {bgcolor: "#fcecec"}
 *id
 +datacenter_room_id
@@ -373,8 +368,6 @@ hardware_product *--1 validation_plan
 hardware_product *--1 hardware_vendor
 organization_build_role *--1 build
 organization_build_role *--1 organization
-organization_workspace_role *--1 organization
-organization_workspace_role *--1 workspace
 rack *--? build
 rack *--1 datacenter_room
 rack_layout *--1 hardware_product

docs/json-schema/request.json

@@ -1118,22 +1118,6 @@
       },
       "type" : "object"
     },
-    "WorkspaceAddOrganization" : {
-      "additionalProperties" : false,
-      "properties" : {
-        "organization_id" : {
-          "$ref" : "common.json#/definitions/uuid"
-        },
-        "role" : {
-          "$ref" : "common.json#/definitions/role"
-        }
-      },
-      "required" : [
-        "organization_id",
-        "role"
-      ],
-      "type" : "object"
-    },
     "WorkspaceAddRack" : {
       "additionalProperties" : false,
       "properties" : {

docs/json-schema/response.json

@@ -1836,9 +1836,6 @@
           "minItems" : 1,
           "type" : "array",
           "uniqueItems" : true
-        },
-        "workspaces" : {
-          "$ref" : "/definitions/WorkspacesAndRoles"
         }
       },
       "required" : [
@@ -1847,7 +1844,6 @@
         "description",
         "created",
         "users",
-        "workspaces",
         "builds"
       ],
       "type" : "object"
@@ -2861,9 +2857,6 @@
         "role" : {
           "$ref" : "common.json#/definitions/role"
         },
-        "role_via_organization_id" : {
-          "$ref" : "common.json#/definitions/uuid"
-        },
         "role_via_workspace_id" : {
           "$ref" : "common.json#/definitions/uuid"
         }
@@ -2974,53 +2967,6 @@
       "type" : "array",
       "uniqueItems" : true
     },
-    "WorkspaceOrganizations" : {
-      "items" : {
-        "additionalProperties" : false,
-        "properties" : {
-          "admins" : {
-            "items" : {
-              "$ref" : "/definitions/UserTerse"
-            },
-            "minItems" : 1,
-            "type" : "array",
-            "uniqueItems" : true
-          },
-          "description" : {
-            "oneOf" : [
-              {
-                "type" : "null"
-              },
-              {
-                "type" : "string"
-              }
-            ]
-          },
-          "id" : {
-            "$ref" : "common.json#/definitions/uuid"
-          },
-          "name" : {
-            "type" : "string"
-          },
-          "role" : {
-            "$ref" : "common.json#/definitions/role"
-          },
-          "role_via_workspace_id" : {
-            "$ref" : "common.json#/definitions/uuid"
-          }
-        },
-        "required" : [
-          "id",
-          "name",
-          "description",
-          "role",
-          "admins"
-        ],
-        "type" : "object"
-      },
-      "type" : "array",
-      "uniqueItems" : true
-    },
     "WorkspaceRackSummary" : {
       "additionalProperties" : {
         "items" : {
@@ -3210,9 +3156,6 @@
           "role" : {
             "$ref" : "common.json#/definitions/role"
           },
-          "role_via_organization_id" : {
-            "$ref" : "common.json#/definitions/uuid"
-          },
           "role_via_workspace_id" : {
             "$ref" : "common.json#/definitions/uuid"
           }

docs/modules/Conch::Controller::Organization.md

@@ -9,11 +9,6 @@ Conch::Controller::Organization
 If the user is a system admin, retrieve a list of all active organizations in the database;
 otherwise, limits the list to those organizations of which the user is a member.
 
-Note: the only workspaces and roles listed are those reachable via the organization, even if
-the user might have direct access to the workspace at a greater role. For comprehensive
-information about what workspaces the user can access, and at what role, please use `GET
-/workspace` or `GET /user/me`.
-
 Response uses the Organizations json schema.
 
 ## create
@@ -36,11 +31,6 @@ continue; otherwise the user must have the 'admin' role.
 Get the details of a single organization.
 Requires the 'admin' role on the organization.
 
-Note: the only workspaces and roles listed are those reachable via the organization, even if
-the user might have direct access to the workspace at a greater role. For comprehensive
-information about what workspaces the user can access, and at what role, please use
-`GET /workspace` or `GET /user/me`.
-
 Response uses the Organization json schema.
 
 ## update

docs/modules/Conch::DB::Result::Organization.md

@@ -59,12 +59,6 @@ Type: has\_many
 
 Related object: [Conch::DB::Result::OrganizationBuildRole](../modules/Conch%3A%3ADB%3A%3AResult%3A%3AOrganizationBuildRole)
 
-## organization\_workspace\_roles
-
-Type: has\_many
-
-Related object: [Conch::DB::Result::OrganizationWorkspaceRole](../modules/Conch%3A%3ADB%3A%3AResult%3A%3AOrganizationWorkspaceRole)
-
 ## user\_organization\_roles
 
 Type: has\_many
@@ -83,17 +77,11 @@ Type: many\_to\_many
 
 Composing rels: ["user\_organization\_roles"](#user_organization_roles) -> user\_account
 
-## workspaces
-
-Type: many\_to\_many
-
-Composing rels: ["organization\_workspace\_roles"](#organization_workspace_roles) -> workspace
-
 # METHODS
 
 ## TO\_JSON
 
-Include information about the organization's admins, workspaces and builds, if available.
+Include information about the organization's admins and builds, if available.
 
 # LICENSING
 

docs/modules/Conch::DB::Result::Workspace.md

@@ -52,12 +52,6 @@ size: 16
 
 # RELATIONS
 
-## organization\_workspace\_roles
-
-Type: has\_many
-
-Related object: [Conch::DB::Result::OrganizationWorkspaceRole](../modules/Conch%3A%3ADB%3A%3AResult%3A%3AOrganizationWorkspaceRole)
-
 ## parent\_workspace
 
 Type: belongs\_to
@@ -82,12 +76,6 @@ Type: has\_many
 
 Related object: [Conch::DB::Result::Workspace](../modules/Conch%3A%3ADB%3A%3AResult%3A%3AWorkspace)
 
-## organizations
-
-Type: many\_to\_many
-
-Composing rels: ["organization\_workspace\_roles"](#organization_workspace_roles) -> organization
-
 ## racks
 
 Type: many\_to\_many
@@ -113,11 +101,6 @@ Accessor for informational column, which is by the serializer in the result data
 Accessor for informational column, which is used by the serializer to signal we should fetch
 and include inherited role data for the user.
 
-## organization\_id\_for\_role
-
-Accessor for informational column, which is used by the serializer to signal we should fetch
-and include inherited role data for the organization.
-
 # LICENSING
 
 Copyright Joyent, Inc.

docs/modules/Conch::DB::ResultSet::Workspace.md

@@ -55,9 +55,8 @@ will not appear in the serialized data). This is intended to be used in preferen
 ## with\_role\_via\_data\_for\_user
 
 Query for workspace(s) with an extra field attached to the query which will signal the
-workspace serializer to include the "role", "role\_via\_workspace\_id" and
-"role\_via\_organization\_id" columns, containing information about the effective role the user
-has for the workspace.
+workspace serializer to include the "role" and "role\_via\_workspace\_id" columns, containing
+information about the effective role the user has for the workspace.
 
 Only one user\_id can be calculated at a time. If you need to generate workspace-and-role data
 for multiple users at once, you can manually do:
@@ -70,25 +69,15 @@ before serializing the workspace object.
 
 ## role\_via\_for\_user
 
-For a given workspace\_id and user\_id, find the user\_workspace\_role or
-organization\_workspace\_role row that is responsible for providing the user access to the
-workspace (the row with the greatest role that is attached to an ancestor workspace).
+For a given workspace\_id and user\_id, find the user\_workspace\_role row that is responsible for
+providing the user access to the workspace (the row with the greatest role that is attached to
+an ancestor workspace).
 
 How the role is calculated:
 
 - The role on the user\_organization\_role role is **not** used.
 - The number of workspaces between `$workspace_id` and the workspace attached to the
-user\_workspace\_role or organization\_workspace\_role row is **not** used.
-- When both a user\_workspace\_role and organization\_workspace\_role row are found with the same
-role, the record directly associated with the workspace (if there is one) is preferred;
-otherwise, the user\_workspace\_role row is preferred.
-
-## role\_via\_for\_organization
-
-For a given workspace\_id and organization\_id, find the organization\_workspace\_role row that is
-responsible for providing the organization access to the workspace (the
-organization\_workspace\_role with the greatest role that is attached to an ancestor
-workspace).
+user\_workspace\_role row is **not** used.
 
 ## admins
 
@@ -107,9 +96,6 @@ Checks that the provided user\_id has (at least) the specified role in at least
 the resultset. (Does not search recursively; add `->and_workspaces_above($workspace_id)`
 to your resultset first, if this is what you want.)
 
-Both direct `user_workspace_role` entries and joined
-`user_organization_role` -> `organization_workspace_role` entries are checked.
-
 Returns a boolean.
 
 ## \_workspaces\_subquery