import { Permission } from '@vendure/common/lib/generated-types'; export declare const PERMISSIONS_METADATA_KEY = "__permissions__"; /** * @description * Attaches metadata to the resolver defining which permissions are required to execute the * operation, using one or more {@link Permission} values. * * When multiple permissions are specified, the user needs only **one** of them (OR logic). * This is useful for operations that can be performed by users with different permission sets. * * In a GraphQL context, it can be applied to top-level queries and mutations as well as field resolvers. * * For REST controllers, it can be applied to route handler. * * ## Allow and Sessions * The `@Allow()` decorator is closely linked to the way Vendure manages sessions. For any operation or route that is decorated * with `@Allow()`, there must be an authenticated session in progress, which would have been created during a prior authentication * step. * * The exception to this is when the operation is decorated with `@Allow(Permission.Owner)`. This is a special permission which is designed * to give access to certain resources to potentially un-authenticated users. For this reason, any operation decorated with this permission * will always have an anonymous session created if no session is currently in progress. * * For more information see [Understanding Permission.Owner](/reference/typescript-api/common/permission/#understanding-permissionowner). * * @example * ```ts * \@Allow(Permission.SuperAdmin) * \@Query() * getAdministrators() { * // ... * } * ``` * * @example * ```ts * // User needs ReadProduct OR ReadCatalog (either grants access) * \@Allow(Permission.ReadProduct, Permission.ReadCatalog) * \@Query() * getProducts() { * // ... * } * ``` * * @docsCategory request * @docsPage Allow Decorator */ export declare const Allow: (...permissions: Permission[]) => import("@nestjs/common").CustomDecorator;