import { Subject, DeepPartial } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/auth'; import { Request } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control'; import { FilterOp } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base'; import { ACSAuthZ } from './authz'; import { ACSClientContext, DecisionResponse, PolicySetRQResponse, ACSResource, AuthZAction, ACSClientOptions } from './interfaces'; export declare const isAllowedRequest: (subject: Subject, resources: ACSResource[], actions: AuthZAction, ctx: ACSClientContext, useCache: boolean) => Promise; /** * It turns an API request as can be found in typical Web frameworks like express, koa etc. * into a proper ACS request. For `whatIsAllowed` operation it returns the filters * to enforce the applicapble poilicies. The response is `Decision` * or policy set reverse query `PolicySetRQ` depending on the requeste operation `isAllowed()` or * `whatIsAllowed()` respectively. * @param {Subject} subject Contains subject information * @param {ACSResource[]} resource Contains resource name, resource instance and optional resource properties * @param {AuthZAction} action Action to be performed on resource * @param {ACSClientContext} ctx Context containing Subject and Context Resources for ACS * @param {Operation} operation Operation to perform `isAllowed` or `whatIsAllowed`, * if this param is missing defaults to `isAllowed` operation * @param {Database} database database used either `arangoDB` or `postgres`, * if this param is missing defaults to `arangoDB` * @param {boolean} useCache by default ACS caching is used, if set to false then ACS cache * is not used and ACS request is made to `access-control-srv` * @returns {DecisionResponse | PolicySetRQResponse} */ export declare const accessRequest: (subject: DeepPartial, resource: ACSResource[], action: AuthZAction, ctx: ACSClientContext, options?: ACSClientOptions) => Promise; /** * Exposes the isAllowed() api of `access-control-srv` and retruns the response * as `Decision`. * @param {ACSRequest} request input authorization request * @param {ACSContext} ctx Context Object containing requester's subject information * @return {Decision} PERMIT or DENY or INDETERMINATE */ export declare const isAllowed: (request: Request, authZ: ACSAuthZ) => Promise; /** * Exposes the whatIsAllowed() api of `access-control-srv` and retruns the response * a policy set reverse query `PolicySetRQ` * @param {ACSRequest} authZRequest input authorization request * @param {ACSContext} ctx Context Object containing requester's subject information * @return {PolicySetRQ} set of applicable policies and rules for the input request */ export declare const whatIsAllowed: (request: Request, authZ: ACSAuthZ) => Promise; export interface Output { details?: PayloadStatus[]; error?: OutputError; } export interface OutputError { message: string; code: number; } export interface PayloadStatus { payload: any; status: { message: string; code: number; }; } export interface LoginResult { me?: Subject; error?: LoginError; } export interface LoginError { code: string; message: string; } export interface QueryArguments { filters?: FilterOp[]; limit?: any; sort?: any; offset?: any; custom_queries: string[]; custom_arguments: any; } export interface UserQueryArguments extends QueryArguments { user_role: RoleRequest; } export interface RoleRequest { role: string; organizations: string[]; } //# sourceMappingURL=resolver.d.ts.map