/** * @abac-engine - True Attribute-Based Access Control Engine * * A complete ABAC implementation that makes authorization decisions based purely * on attributes without relying on predefined roles. This follows standard ABAC * architecture with proper separation of concerns. * * Key Components: * - Policy Decision Point (PDP): ABACEngine * - Policy Information Point (PIP): AttributeProviders * - Policy Administration Point (PAP): PolicyRepository * - Policy Enforcement Point (PEP): Middleware (separate implementation) * * @example * ```typescript * import { ABACEngine, PolicyBuilder, AttributeRef } from '@abac-engine/core'; * * // Create a true ABAC policy (no roles required) * const policy = PolicyBuilder.create('document-access') * .permit() * .condition( * ConditionBuilder.equals(AttributeRef.subject('department'), AttributeRef.resource('department')) * .and(ConditionBuilder.greaterThan(AttributeRef.subject('clearanceLevel'), AttributeRef.resource('classification'))) * ) * .build(); * * // Evaluate access based on attributes * const decision = await engine.evaluate(request, [policy]); * ``` */ export * from './abac'; export { ConsoleLogger, createLogger, ILogger, LogLevel, SilentLogger } from './logger'; export type { ABACDecision, Action, Advice, AttributeProvider, Condition, ABACEngineConfig as EngineConfig, Environment, Obligation, ABACPolicy as Policy, PolicyTarget, ABACRequest as Request, Resource, Subject } from './abac/types'; export { AttributeCategory, AttributeDataType, CombiningAlgorithm, ComparisonOperator, Decision, Effect, LogicalOperator } from './abac/types'; export { ABACEngine, ABACEngine as default, ABACEngine as Engine } from './abac/engine'; export { validatePolicies, validatePolicy, validatePolicyOrThrow, type PolicyValidationError, type PolicyValidationResult, type PolicyValidationWarning } from './abac/policyValidator'; export { exportPoliciesToJSON, exportPolicyToJSON, filterPoliciesByTarget, groupPoliciesByEffect, loadAndValidatePoliciesFromFile, loadPoliciesFromFile, loadPoliciesFromJSON, PolicyCache, prismaAdapter, saveAndValidatePoliciesToFile, saveAndValidatePolicyToFile, savePoliciesToFile, savePolicyToFile } from './abac/policyLoaders'; /** * Package version for runtime introspection */ export declare const VERSION = "1.1.0"; /** * Quick start helpers for common ABAC scenarios */ export declare const QuickStart: { /** * Create a basic ABAC engine with in-memory providers */ createBasicEngine(): any; /** * Create an ABAC engine optimized for document management */ createDocumentEngine(): any; /** * Create an ABAC engine for multi-tenant applications */ createMultiTenantEngine(): any; }; /** * Common ABAC patterns and utilities */ export declare const ABACPatterns: { /** * Common attribute references */ Attributes: { subject: { id: { category: "subject"; attributeId: string; }; department: { category: "subject"; attributeId: string; }; clearanceLevel: { category: "subject"; attributeId: string; }; role: { category: "subject"; attributeId: string; }; tenantId: { category: "subject"; attributeId: string; }; }; resource: { id: { category: "resource"; attributeId: string; }; type: { category: "resource"; attributeId: string; }; owner: { category: "resource"; attributeId: string; }; department: { category: "resource"; attributeId: string; }; classification: { category: "resource"; attributeId: string; }; sensitivity: { category: "resource"; attributeId: string; }; status: { category: "resource"; attributeId: string; }; tenantId: { category: "resource"; attributeId: string; }; }; action: { id: { category: "action"; attributeId: string; }; type: { category: "action"; attributeId: string; }; }; environment: { currentTime: { category: "environment"; attributeId: string; }; ipAddress: { category: "environment"; attributeId: string; }; location: { category: "environment"; attributeId: string; }; userAgent: { category: "environment"; attributeId: string; }; sessionId: { category: "environment"; attributeId: string; }; }; }; /** * Common condition builders */ Conditions: { /** * User owns the resource */ ownership: () => any; /** * Same department access */ sameDepartment: () => any; /** * Sufficient clearance level */ sufficientClearance: () => any; /** * Business hours only */ businessHours: () => any; /** * Same tenant isolation */ sameTenant: () => any; }; }; /** * Validation utilities */ export declare const Validation: { /** * Check if a policy is valid ABAC format */ isValidABACPolicy(policy: unknown): boolean; /** * Check if a request is valid ABAC format */ isValidABACRequest(request: unknown): boolean; }; /** * Migration utilities (if coming from RBAC systems) */ export declare const Migration: { /** * Convert role-based thinking to attribute-based */ roleToAttributes(roleName: string): Record; /** * Suggest ABAC attributes based on common RBAC roles */ suggestAttributes(context: "healthcare" | "finance" | "government" | "corporate"): string[]; }; //# sourceMappingURL=index.d.ts.map