import { SecurityRule, SecurityContext } from '../types';
import { Request, Response, NextFunction } from 'express';
export declare class Security {
    /**
     * 🔓 PUBLIC ACCESS - Anyone can access this table
     * Perfect for: blogs, public content, marketing pages
     *
     * Example: Security.public()
     * Can also be used as Express middleware: app.get('/api/endpoint', Security.public(), handler)
     */
    static public(): SecurityRule & ((req: Request, res: Response, next: NextFunction) => void);
    /**
     * 🔐 ADMIN ONLY - Only admin users can access this table
     * Perfect for: admin logs, system settings, sensitive data
     *
     * Example: Security.admin()
     * Can also be used as Express middleware: app.post('/api/admin', Security.admin(), handler)
     */
    static admin(): SecurityRule & ((req: Request, res: Response, next: NextFunction) => void);
    /**
     * 👤 OWNER-BASED - Users can only access their own records
     * Perfect for: user profiles, user posts, private data
     *
     * @param ownerField The field that contains the user ID (default: 'userId')
     *
     * Example: Security.owner('userId') or Security.owner()
     * Can also be used as Express middleware: app.get('/api/posts', Security.owner('authorId'), handler)
     */
    static owner(ownerField?: string): SecurityRule & ((req: Request, res: Response, next: NextFunction) => void);
    /**
     * 🔑 AUTHENTICATED - Any logged-in user can access
     * Perfect for: user dashboards, protected content
     *
     * Example: Security.authenticated()
     * Can also be used as Express middleware: app.get('/api/profile', Security.authenticated(), handler)
     */
    static authenticated(): SecurityRule & ((req: Request, res: Response, next: NextFunction) => void);
    /**
     * ⚙️ CUSTOM RULE - Define your own security logic
     * Perfect for: complex business rules, team-based access
     *
     * @param rule Custom function that returns true/false for access
     *
     * Example: Security.custom((ctx) => ctx.user?.teamId === ctx.data?.teamId)
     * Can also be used as Express middleware: app.post('/api/data', Security.custom(myRule), handler)
     */
    static custom(rule: (context: SecurityContext) => boolean | Promise<boolean>): SecurityRule & ((req: Request, res: Response, next: NextFunction) => void);
    /**
     * 👥 TEAM-BASED - Users can only access records from their team
     *
     * @param teamField The field that contains the team ID (default: 'teamId')
     */
    static team(teamField?: string): SecurityRule;
    /**
     * 📝 READ-ONLY PUBLIC - Anyone can read, only admins can write
     * Perfect for: announcements, company info
     */
    static readOnlyPublic(): SecurityRule;
}
export declare class SecurityEnforcer {
    static checkAccess(rule: SecurityRule, context: SecurityContext): Promise<boolean>;
    static createUnauthorizedError(operation: string, tableName: string): Error;
}
export default Security;
//# sourceMappingURL=index.d.ts.map