/// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// /// import type { AnyBulkWriteOperation, Model, MongooseBulkWriteOptions } from 'mongoose'; import type { BulkWriteResult } from 'mongodb'; /** Resets the cached strict-mode flag. Exposed for test teardown only. */ export declare function _resetBulkWriteStrictCache(): void; /** * Tenant-safe wrapper around Mongoose `Model.bulkWrite()`. * * Mongoose's `bulkWrite` does not trigger schema-level middleware hooks, so the * `applyTenantIsolation` plugin cannot intercept it. This wrapper: * * 1. **Sanitizes** every update document by stripping `tenantId` unconditionally * (both top-level and inside `$set`/`$unset`/`$setOnInsert`/`$rename`). * 2. **Injects** `tenantId` into operation filters and insert documents when a * tenant context is active. * * Unlike the Mongoose middleware guard (`sanitizeTenantIdMutation`), which throws * on cross-tenant values, this wrapper strips silently. Throwing mid-batch would * abort the entire write for one bad field; the filter injection already scopes * every operation to the correct tenant. * * Behavior: * - **tenantId present** (normal request): sanitize + inject into filters/documents. * - **SYSTEM_TENANT_ID**: sanitize only, skip injection (cross-tenant system op). * - **No tenantId + strict mode**: throws (fail-closed, same as the plugin). * - **No tenantId + non-strict**: sanitize only, no injection (backward compat). */ export declare function tenantSafeBulkWrite(model: Model, ops: AnyBulkWriteOperation[], options?: MongooseBulkWriteOptions): Promise;