import { sql } from 'slonik';
/**
 * Pin DELETE operations to the single write-target business.
 *
 * The previous migration (rls-multi-business-scope) replaced the read-side
 * USING predicate with `owner_id = ANY(get_current_business_scope())`.
 * PostgreSQL's DELETE command uses only USING (not WITH CHECK), so that change
 * inadvertently widened the delete envelope to every business in the read
 * scope — not just the explicit write target.
 *
 * This migration adds an AS RESTRICTIVE policy for DELETE on every
 * tenant-isolated table. A RESTRICTIVE policy ANDs with permissive ones, so a
 * DELETE row must satisfy BOTH the permissive USING (in scope) AND this
 * restriction (= write target). Net effect: only rows owned by the current
 * write-target business can be deleted — the same guarantee that existed before
 * the multi-business read scope was introduced.
 */
declare const _default: {
    name: string;
    run: ({ connection }: {
        sql: typeof sql.unsafe;
        connection: import("slonik").DatabaseTransactionConnection | import("slonik").DatabasePool;
    }) => Promise<void>;
};
export default _default;
