import { z } from 'zod';
import type { ExpressionValidationContext, RefExpressionDependency, RefExpressionParseResult, RefExpressionWarning, ResolvedExpressionSlots } from '#src/references/expression-types.js';
import type { modelEntityType } from '#src/schema/models/types.js';
import type { ProjectDefinition } from '#src/schema/project-definition.js';
import { RefExpressionParser } from '#src/references/expression-types.js';
import type { AuthorizerExpressionInfo } from './authorizer-expression-ast.js';
/**
 * Expression parser for model authorizer role expressions.
 *
 * Parses expressions like:
 * - `model.id === auth.userId` (ownership check)
 * - `auth.hasRole('admin')` (global role check)
 * - `model.id === auth.userId || auth.hasRole('admin')` (combined)
 *
 * Uses Acorn to parse JavaScript expressions and validates
 * that only supported constructs are used.
 *
 * @example
 * ```typescript
 * const schema = z.object({
 *   expression: ctx.withExpression(authorizerExpressionParser, { model: modelSlot }),
 * });
 * ```
 */
export declare class AuthorizerExpressionParser extends RefExpressionParser<string, AuthorizerExpressionInfo, {
    model: typeof modelEntityType;
}> {
    readonly name = "authorizer-expression";
    /**
     * Creates a Zod schema for validating expression strings.
     * Requires a non-empty string value.
     */
    createSchema(): z.ZodType<string>;
    /**
     * Parse the expression string into an AST.
     *
     * @param value - The expression string
     * @returns Success with parsed expression info, or failure with error message
     */
    parse(value: string): RefExpressionParseResult<AuthorizerExpressionInfo>;
    /**
     * Get validation warnings for the expression.
     *
     * Validates:
     * - Syntax errors from parsing
     * - Model field references exist
     * - Auth field references are valid
     * - Role names exist in project config (warning only)
     */
    getWarnings(parseResult: AuthorizerExpressionInfo, context: ExpressionValidationContext, resolvedSlots: ResolvedExpressionSlots<{
        model: typeof modelEntityType;
    }>): RefExpressionWarning[];
    /**
     * Get entity references from the expression with their positions.
     *
     * Walks the AST and resolves each name reference (field, relation, role)
     * to its entity ID by navigating the model definition from the resolved slots.
     * Returns positions marking exactly which text to replace when an entity is renamed.
     */
    getReferencedEntities(_value: string, parseResult: RefExpressionParseResult<AuthorizerExpressionInfo>, definition: ProjectDefinition, resolvedSlots: ResolvedExpressionSlots<{
        model: typeof modelEntityType;
    }>): RefExpressionDependency[];
    /**
     * Navigate to the raw model object from the definition using resolved slots.
     *
     * Resolved slot paths point to the entity's ID field (e.g., `['models', 2, 'id']`),
     * so we walk parent paths until we find an object with a string `name` property.
     */
    private getRawModel;
    /**
     * Extract model context from the project definition using resolved slots.
     */
    private getModelContext;
}
//# sourceMappingURL=authorizer-expression-parser.d.ts.map