import { GrantPermitQuery, Tid, TlimitOwnReduce } from './types';
import { Permit } from './Permit.class';
import { PermissionDefinition, PermissionDefinitionDefaults, PermissionDefinitionInternal } from './PermissionDefinitions';
/**
 The options passed at the `Permissions` constructor
 */
export interface IPermissionsOptions<TUserId extends Tid = number, TResourceId extends Tid = number> {
    permissionDefinitions?: PermissionDefinition<TUserId, TResourceId> | PermissionDefinition<TUserId, TResourceId>[];
    permissionDefinitionDefaults?: PermissionDefinitionDefaults;
    limitOwnReduce?: TlimitOwnReduce<TUserId, any>;
}
/**
 The main class - see [Basic Usage](/additional-documentation/basic-usage.html)
*/
export declare class Permissions<TUserId extends Tid = number, TResourceId extends Tid = number> {
    private _permissionDefinitionsInternal;
    private _accessControl;
    private _acre;
    private _rolesNotFound;
    private roles;
    private _limitOwnReduce;
    private _isBuilt;
    constructor({ permissionDefinitions, permissionDefinitionDefaults, limitOwnReduce, }?: IPermissionsOptions<TUserId, TResourceId>);
    addDefinitions(permissionDefinitions: PermissionDefinition<TUserId, TResourceId> | PermissionDefinition<TUserId, TResourceId>[], permissionDefinitionDefaults?: PermissionDefinitionDefaults): void;
    /**
     * Check is this Permissions instance has been built (so no more .addDefinitions() allowed)
     */
    get isBuilt(): boolean;
    build(): this;
    /**
     The `grantPermit()` is the way to *query* the Permissions instance for granting permissions to a User.
  
     The method responds with an instance of [Permit](/classes/Permit.html) that holds all known information about the queried **user**, **resource** and **action**.
  
     In short, the question is "can some of `user.roles` perform `action` either a) on **any** `resource` or b) on an **own** `resource` (AND the specific `resourceId` if passed)?
  
     We are checking all roles for both **any** & **own**, while collecting all `isOwner` & `listOwned` and feed all known information into a **Permit** object.
  
     @return Promise<Permit> a Promise of a [Permit](/classes/Permit.html) instance.
     */
    grantPermit({ user, action, resource, resourceId, }: GrantPermitQuery<TUserId, TResourceId>): Promise<Permit<TUserId, TResourceId>>;
    getRoles(): string[];
    getResources(): string[];
    getActions(): string[];
    /**
     * Returns a deep clone of [`AccessControl#getGrants()`](https://onury.io/accesscontrol/?api=ac#AccessControl#getGrants) (which according to its docs `Gets the internal grants object that stores all current grants.`), but omitting empty arrays eg `'rollover:any': []`.
     *
     * @see https://onury.io/accesscontrol/?api=ac#AccessControl#getGrants
     */
    getGrants(): object;
    compare(permissions1: Permissions<any, any>, permissions2?: Permissions<any, any>): any;
    /**
     Returns a list of the `PermissionDefinition` objects stored in this instance, with optional filtering & consolidations removing duplicates and redundant grants (**WARNING**: this is experimental)
  
     @param filter allows you to filter PDs:
  
       * Use an object eg `{ resource: 'document' }` as the `_.matches` iteratee shorthand.
         If this `_.matches` object is used, the props used for filtering are considered "default" and are omitted from each PD.
  
       * OR use a function returning boolean for each PD, eg (pd) => pd.resource === 'document'
  
       See https://lodash.com/docs/4.17.11#filter
  
     @param consolidateFlag is **experimental**, it tries to consolidate PermissionDefinitions, remove duplicates and merge compatible ones
    */
    getDefinitions(filter?: {
        [key: string]: any;
    }, consolidateFlag?: boolean | 'force'): Partial<PermissionDefinitionInternal>[];
    private ensureHasBuild;
    private ensureHasNotBuild;
    /**
     *
     * @param pdi a PermissionDefinitionInternal
     * @param strict true means we dont care if redefining action is _.equal. Duplicating is bad enough!
     */
    private filterPDsWithDuplicateGrantActions;
}