/**
 * AUTO-GENERATED FILE - DO NOT EDIT DIRECTLY
 *
 * This file is generated by packages/server/scripts/generate-permissions.ts
 * Run `pnpm generate:permissions` from packages/server to regenerate.
 *
 * Source of truth: SERVER_ROUTES in @mastra/server
 */
/**
 * All known API resources.
 * Derived from SERVER_ROUTES paths in @mastra/server.
 */
export declare const RESOURCES: readonly ["a2a", "agent-builder", "agents", "datasets", "embedders", "experiments", "logs", "mcp", "memory", "observability", "processor-providers", "processors", "scores", "stored", "stored-agents", "system", "tool-providers", "tools", "vector", "vectors", "workflows", "workspaces"];
/**
 * Resource type union.
 */
export type Resource = (typeof RESOURCES)[number];
/**
 * All permission actions.
 * Derived from HTTP methods and route overrides:
 * - GET → read
 * - POST → write or execute (context-dependent)
 * - PUT/PATCH → write
 * - DELETE → delete
 * - Additional actions from explicit requiresPermission overrides
 */
export declare const ACTIONS: readonly ["delete", "execute", "read", "write"];
/**
 * Action type union.
 */
export type Action = (typeof ACTIONS)[number];
/**
 * All valid permission patterns.
 * Use `keyof typeof PERMISSION_PATTERNS` or the `PermissionPattern` type.
 */
export declare const PERMISSION_PATTERNS: {
    /** Full access to all resources and actions */
    readonly '*': "*";
    /** Delete all resources */
    readonly '*:delete': "*:delete";
    /** Execute all resources */
    readonly '*:execute': "*:execute";
    /** View all resources */
    readonly '*:read': "*:read";
    /** Create and modify all resources */
    readonly '*:write': "*:write";
    /** Full access to agent-to-agent communication */
    readonly 'a2a:*': "a2a:*";
    /** Full access to agent builder */
    readonly 'agent-builder:*': "agent-builder:*";
    /** Full access to agents */
    readonly 'agents:*': "agents:*";
    /** Full access to datasets */
    readonly 'datasets:*': "datasets:*";
    /** Full access to embedders */
    readonly 'embedders:*': "embedders:*";
    /** Full access to experiments */
    readonly 'experiments:*': "experiments:*";
    /** Full access to logs */
    readonly 'logs:*': "logs:*";
    /** Full access to MCP servers */
    readonly 'mcp:*': "mcp:*";
    /** Full access to memory and threads */
    readonly 'memory:*': "memory:*";
    /** Full access to traces and spans */
    readonly 'observability:*': "observability:*";
    /** Full access to processor-providers */
    readonly 'processor-providers:*': "processor-providers:*";
    /** Full access to processors */
    readonly 'processors:*': "processors:*";
    /** Full access to evaluation scores */
    readonly 'scores:*': "scores:*";
    /** Full access to stored */
    readonly 'stored:*': "stored:*";
    /** Full access to stored agents */
    readonly 'stored-agents:*': "stored-agents:*";
    /** Full access to system info */
    readonly 'system:*': "system:*";
    /** Full access to tool-providers */
    readonly 'tool-providers:*': "tool-providers:*";
    /** Full access to tools */
    readonly 'tools:*': "tools:*";
    /** Full access to vector stores */
    readonly 'vector:*': "vector:*";
    /** Full access to vectors */
    readonly 'vectors:*': "vectors:*";
    /** Full access to workflows */
    readonly 'workflows:*': "workflows:*";
    /** Full access to workspaces */
    readonly 'workspaces:*': "workspaces:*";
    /** View agent-to-agent communication */
    readonly 'a2a:read': "a2a:read";
    /** Create and modify agent-to-agent communication */
    readonly 'a2a:write': "a2a:write";
    /** Execute agent builder */
    readonly 'agent-builder:execute': "agent-builder:execute";
    /** View agent builder */
    readonly 'agent-builder:read': "agent-builder:read";
    /** Create and modify agent builder */
    readonly 'agent-builder:write': "agent-builder:write";
    /** Execute agents */
    readonly 'agents:execute': "agents:execute";
    /** View agents */
    readonly 'agents:read': "agents:read";
    /** Create and modify agents */
    readonly 'agents:write': "agents:write";
    /** Delete datasets */
    readonly 'datasets:delete': "datasets:delete";
    /** Execute datasets */
    readonly 'datasets:execute': "datasets:execute";
    /** View datasets */
    readonly 'datasets:read': "datasets:read";
    /** Create and modify datasets */
    readonly 'datasets:write': "datasets:write";
    /** View embedders */
    readonly 'embedders:read': "embedders:read";
    /** View experiments */
    readonly 'experiments:read': "experiments:read";
    /** View logs */
    readonly 'logs:read': "logs:read";
    /** Execute MCP servers */
    readonly 'mcp:execute': "mcp:execute";
    /** View MCP servers */
    readonly 'mcp:read': "mcp:read";
    /** Create and modify MCP servers */
    readonly 'mcp:write': "mcp:write";
    /** Delete memory and threads */
    readonly 'memory:delete': "memory:delete";
    /** Execute memory and threads */
    readonly 'memory:execute': "memory:execute";
    /** View memory and threads */
    readonly 'memory:read': "memory:read";
    /** Create and modify memory and threads */
    readonly 'memory:write': "memory:write";
    /** View traces and spans */
    readonly 'observability:read': "observability:read";
    /** Create and modify traces and spans */
    readonly 'observability:write': "observability:write";
    /** View processor-providers */
    readonly 'processor-providers:read': "processor-providers:read";
    /** Execute processors */
    readonly 'processors:execute': "processors:execute";
    /** View processors */
    readonly 'processors:read': "processors:read";
    /** View evaluation scores */
    readonly 'scores:read': "scores:read";
    /** Create and modify evaluation scores */
    readonly 'scores:write': "scores:write";
    /** Delete stored agents */
    readonly 'stored-agents:delete': "stored-agents:delete";
    /** View stored agents */
    readonly 'stored-agents:read': "stored-agents:read";
    /** Create and modify stored agents */
    readonly 'stored-agents:write': "stored-agents:write";
    /** Delete stored */
    readonly 'stored:delete': "stored:delete";
    /** View stored */
    readonly 'stored:read': "stored:read";
    /** Create and modify stored */
    readonly 'stored:write': "stored:write";
    /** View system info */
    readonly 'system:read': "system:read";
    /** View tool-providers */
    readonly 'tool-providers:read': "tool-providers:read";
    /** Execute tools */
    readonly 'tools:execute': "tools:execute";
    /** View tools */
    readonly 'tools:read': "tools:read";
    /** Delete vector stores */
    readonly 'vector:delete': "vector:delete";
    /** Execute vector stores */
    readonly 'vector:execute': "vector:execute";
    /** View vector stores */
    readonly 'vector:read': "vector:read";
    /** Create and modify vector stores */
    readonly 'vector:write': "vector:write";
    /** View vectors */
    readonly 'vectors:read': "vectors:read";
    /** Delete workflows */
    readonly 'workflows:delete': "workflows:delete";
    /** Execute workflows */
    readonly 'workflows:execute': "workflows:execute";
    /** View workflows */
    readonly 'workflows:read': "workflows:read";
    /** Create and modify workflows */
    readonly 'workflows:write': "workflows:write";
    /** Delete workspaces */
    readonly 'workspaces:delete': "workspaces:delete";
    /** View workspaces */
    readonly 'workspaces:read': "workspaces:read";
    /** Create and modify workspaces */
    readonly 'workspaces:write': "workspaces:write";
};
/**
 * Permission pattern that can be used in role definitions.
 * Supports:
 * - Specific permissions: 'agents:read', 'workflows:execute'
 * - Resource wildcards: 'agents:*', 'workflows:*' (all actions on a resource)
 * - Action wildcards: '*:read', '*:write' (an action across all resources)
 * - Global wildcard: '*' (full access)
 */
export type PermissionPattern = keyof typeof PERMISSION_PATTERNS;
/**
 * All valid resource:action permission combinations (excludes wildcards).
 */
export declare const PERMISSIONS: readonly ["a2a:read", "a2a:write", "agent-builder:execute", "agent-builder:read", "agent-builder:write", "agents:execute", "agents:read", "agents:write", "datasets:delete", "datasets:execute", "datasets:read", "datasets:write", "embedders:read", "experiments:read", "logs:read", "mcp:execute", "mcp:read", "mcp:write", "memory:delete", "memory:execute", "memory:read", "memory:write", "observability:read", "observability:write", "processor-providers:read", "processors:execute", "processors:read", "scores:read", "scores:write", "stored-agents:delete", "stored-agents:read", "stored-agents:write", "stored:delete", "stored:read", "stored:write", "system:read", "tool-providers:read", "tools:execute", "tools:read", "vector:delete", "vector:execute", "vector:read", "vector:write", "vectors:read", "workflows:delete", "workflows:execute", "workflows:read", "workflows:write", "workspaces:delete", "workspaces:read", "workspaces:write"];
/**
 * Specific permission type (e.g., 'agents:read', 'workflows:execute').
 */
export type Permission = (typeof PERMISSIONS)[number];
/**
 * Type-safe role mapping configuration.
 *
 * Maps role names (from your identity provider) to Mastra permission patterns.
 *
 * @example
 * ```typescript
 * const roleMapping: TypedRoleMapping = {
 *   "Engineering": ["agents:*", "workflows:*"],
 *   "Product": ["agents:read", "workflows:read"],
 *   "Admin": ["*"],
 *   "_default": [],
 * };
 * ```
 */
export type TypedRoleMapping = {
    [role: string]: PermissionPattern[];
};
/**
 * Validates that a string is a valid permission pattern.
 * Useful for runtime validation of permission strings.
 */
export declare function isValidPermissionPattern(pattern: string): pattern is PermissionPattern;
/**
 * Validates that all permissions in an array are valid patterns.
 */
export declare function validatePermissions(permissions: string[]): permissions is PermissionPattern[];
//# sourceMappingURL=permissions.generated.d.ts.map