import type { ReadonlySignal } from '@nonoun/native-core'; import type { Command, CommandMiddleware } from './types.ts'; export interface Capability { readonly id: string; readonly name: string; readonly patterns: readonly string[]; readonly scopes?: readonly CapabilityScope[]; readonly expiresAt?: number; } export interface CapabilityScope { readonly type: 'source' | 'planId' | 'custom'; readonly value: string; } export type PolicyEffect = 'allow' | 'deny'; export interface PolicyRule { readonly id: string; readonly effect: PolicyEffect; readonly patterns: readonly string[]; readonly priority: number; readonly conditions?: readonly PolicyCondition[]; readonly description?: string; } export interface PolicyCondition { readonly field: 'source' | 'planId' | 'capability'; readonly op: 'eq' | 'neq' | 'in' | 'matches'; readonly value: string | readonly string[]; } export interface RateLimit { readonly pattern: string; readonly maxPerWindow: number; readonly windowMs: number; } export interface PolicyDecision { readonly allowed: boolean; readonly reason: string; readonly matchedRule?: string; readonly missingCapabilities?: readonly string[]; } export declare class PolicyEngine { #private; readonly capabilities: ReadonlySignal; readonly rules: ReadonlySignal; readonly lastDecision: ReadonlySignal; readonly deniedCount: ReadonlySignal; grant(capability: Omit): string; revoke(capabilityId: string): void; revokeAll(): void; hasCapability(name: string): boolean; addRule(rule: Omit): string; removeRule(ruleId: string): void; addRateLimit(limit: RateLimit): void; removeRateLimit(pattern: string): void; evaluate(command: Command): PolicyDecision; middleware(): CommandMiddleware; destroy(): void; } export declare function createPolicyEngine(): PolicyEngine; //# sourceMappingURL=policy.d.ts.map