import { IBlockStore, IBrightTrustService } from '@brightchain/brightchain-lib';
import { HexString, IIdProvider, Member, PlatformID } from '@digitaldefiance/ecies-lib';
import { DocumentCollection, DocumentId, DocumentRecord, IBrightDbDocumentStore, QueryBuilder } from './document-store';
/**
 * Options for creating a document with optional encryption
 */
export interface CreateDocumentOptions<TID extends PlatformID = Uint8Array> {
    /**
     * Whether to encrypt the document using BrightTrust sealing
     */
    encrypt?: boolean;
    /**
     * The member performing the sealing operation (required if encrypt is true)
     */
    agent?: Member<TID>;
    /**
     * IDs of members who will receive shares (required if encrypt is true)
     */
    memberIds?: TID[];
    /**
     * Number of shares required to unseal (defaults to all members)
     */
    sharesRequired?: number;
}
/**
 * Options for retrieving an encrypted document
 */
export interface RetrieveDocumentOptions<TID extends PlatformID = Uint8Array> {
    /**
     * Members with loaded private keys for decryption (required for encrypted documents)
     */
    membersWithPrivateKey?: Member<TID>[];
}
/**
 * Metadata stored alongside encrypted documents
 */
interface EncryptedDocumentMetadata {
    isEncrypted: boolean;
    sealedDocumentId?: HexString;
    memberIds?: HexString[];
    sharesRequired?: number;
    createdAt?: string;
}
/**
 * Simple in-memory registry for collection head pointers.
 * This maps collection names to their latest index block IDs.
 *
 * In a production system, this would be persisted to a separate
 * key-value store or database. For now, we use a static map
 * that's shared across all BlockDocumentStore instances.
 */
export declare class CollectionHeadRegistry {
    private static instance;
    private readonly heads;
    private constructor();
    static getInstance(): CollectionHeadRegistry;
    getHead(collectionKey: string): string | undefined;
    setHead(collectionKey: string, indexBlockId: string): void;
    /**
     * Generate a unique key for a collection based on store identity and collection name
     */
    static makeKey(storeId: string, collectionName: string): string;
    /**
     * Clear all heads (useful for testing)
     */
    clear(): void;
}
declare class BlockCollection<T extends DocumentRecord, TID extends PlatformID = PlatformID> implements DocumentCollection<T> {
    private readonly store;
    private readonly collectionName;
    private readonly brightTrustService?;
    private readonly storeId;
    private readonly generateId;
    private readonly index;
    private readonly registryKey;
    private indexLoaded;
    private indexLoading;
    constructor(store: IBlockStore, collectionName: string, brightTrustService?: IBrightTrustService<TID> | undefined, storeId?: string, generateId?: () => string);
    private ensureIndexLoaded;
    private persistIndex;
    private resolveBlockId;
    private writeDoc;
    private readDoc;
    private toSingleQuery;
    private toManyQuery;
    find(filter?: Partial<T>): QueryBuilder<T[]>;
    findOne(filter?: Partial<T>): QueryBuilder<T>;
    findById(id: DocumentId): QueryBuilder<T>;
    /**
     * Retrieve a document by ID, decrypting if necessary
     * @param id - The document ID
     * @param options - Options for retrieving encrypted documents
     * @returns The document (decrypted if it was encrypted)
     */
    findByIdDecrypted(id: DocumentId, options?: RetrieveDocumentOptions<TID>): Promise<T | null>;
    /**
     * Check if a document is encrypted
     * @param id - The document ID
     * @returns True if the document is encrypted
     */
    isEncrypted(id: DocumentId): Promise<boolean>;
    /**
     * Get encryption metadata for a document
     * @param id - The document ID
     * @returns The encryption metadata, or null if not encrypted
     */
    getEncryptionMetadata(id: DocumentId): Promise<EncryptedDocumentMetadata | null>;
    /**
     * Check if a member has access to a document
     * @param id - The document ID
     * @param memberId - The member ID to check access for
     * @returns True if the member has access (either unencrypted or member is in the encryption list)
     */
    hasAccess(id: DocumentId, memberId: HexString): Promise<boolean>;
    /**
     * Find all documents accessible by a specific member
     * @param memberId - The member ID to filter by
     * @param filter - Optional additional filter criteria
     * @returns Array of documents the member has access to
     */
    findAccessibleBy(memberId: HexString, filter?: Partial<T>): Promise<T[]>;
    /**
     * Find one document accessible by a specific member
     * @param memberId - The member ID to filter by
     * @param filter - Optional additional filter criteria
     * @returns The first document the member has access to, or null
     */
    findOneAccessibleBy(memberId: HexString, filter?: Partial<T>): Promise<T | null>;
    /**
     * Count documents accessible by a specific member
     * @param memberId - The member ID to filter by
     * @param filter - Optional additional filter criteria
     * @returns The count of documents the member has access to
     */
    countAccessibleBy(memberId: HexString, filter?: Partial<T>): Promise<number>;
    findOneAndUpdate(filter: Partial<T>, update: Partial<T>): QueryBuilder<T>;
    findOneAndDelete(filter: Partial<T>): QueryBuilder<T>;
    findByIdAndUpdate(id: DocumentId, update: Partial<T>): QueryBuilder<T>;
    findByIdAndDelete(id: DocumentId): QueryBuilder<T>;
    create(doc: T): Promise<T>;
    create(doc: T, options?: CreateDocumentOptions<TID>): Promise<T>;
    insertMany(docs: T[]): Promise<T[]>;
    updateOne(filter: Partial<T>, update: Partial<T>): Promise<{
        modifiedCount: number;
        matchedCount: number;
    }>;
    updateMany(filter: Partial<T>, update: Partial<T>): Promise<{
        modifiedCount: number;
        matchedCount: number;
    }>;
    replaceOne(filter: Partial<T>, doc: T): Promise<{
        modifiedCount: number;
        matchedCount: number;
    }>;
    deleteOne(filter: Partial<T>): Promise<{
        deletedCount: number;
    }>;
    deleteMany(filter: Partial<T>): Promise<{
        deletedCount: number;
    }>;
    countDocuments(filter?: Partial<T>): Promise<number>;
    estimatedDocumentCount(): Promise<number>;
    aggregate<U = unknown>(_pipeline: unknown[]): QueryBuilder<U[]>;
    distinct(field: keyof T): QueryBuilder<T[keyof T][]>;
    exists(filter: Partial<T>): Promise<{
        _id: DocumentId;
    } | null>;
    watch(): void;
    startSession(): unknown;
}
export declare class BlockDocumentStore<TID extends PlatformID = PlatformID> implements IBrightDbDocumentStore {
    private readonly blockStore;
    private readonly brightTrustService?;
    private readonly collections;
    private readonly storeId;
    private readonly generateId;
    private _connected;
    constructor(blockStore: IBlockStore, brightTrustService?: IBrightTrustService<TID> | undefined, idProvider?: IIdProvider<TID>);
    /**
     * Attempt to resolve the ID provider from the global ServiceProvider.
     * Returns undefined if the ServiceProvider is not yet initialized.
     */
    private resolveIdProvider;
    collection<T extends DocumentRecord>(name: string): DocumentCollection<T>;
    /**
     * Get a collection with encryption support
     * @param name - The collection name
     * @returns The collection with encryption methods available
     */
    encryptedCollection<T extends DocumentRecord>(name: string): BlockCollection<T, TID>;
    connect(): Promise<void>;
    disconnect(): Promise<void>;
    isConnected(): boolean;
    /**
     * Retrieve a collection by model name.
     * Alias for collection() to match upstream's IDocumentStore.getModel() pattern.
     */
    getModel<T extends DocumentRecord>(modelName: string): DocumentCollection<T>;
}
export {};
//# sourceMappingURL=block-document-store.d.ts.map