type Role = { role_id: string; description: string; permissions: { resource_id: string; actions: string[]; }[]; }; type Policy = { roles: Role[]; resources: { resource_id: string; description: string; actions: string[]; }[]; scopes: { scope: string; description: string; permissions: { resource_id: string; actions: string[]; }[]; }[]; }; type OrgPolicy = Pick; type AuthorizationCheck = { resource_id: string; action: string; }; export type baseScopeAuthorizationCheckArgs = { policy: Policy; tokenScopes: string[]; authorizationCheck: AuthorizationCheck; callerType: string; }; export declare function performBaseScopeAuthorizationCheck({ policy, tokenScopes, authorizationCheck, callerType, }: baseScopeAuthorizationCheckArgs): void; export type baseRoleAuthorizationCheckArgs = { policyRoles: Role[]; subjectRoles: string[]; authorizationCheck: AuthorizationCheck; callerType: string; }; export declare function performBaseRoleAuthorizationCheck({ policyRoles, subjectRoles, authorizationCheck, callerType, }: baseRoleAuthorizationCheckArgs): void; interface PolicyGetter { policy: () => Promise<{ policy?: T; }>; } interface OrgPolicyGetter extends PolicyGetter { organizations: { getOrgPolicy: (params: { organization_id: string; }) => Promise<{ org_policy?: U; }>; }; } export declare class PolicyCache { /** * The maximum TTL, in milliseconds, before a cached policy should be refreshed. * Resolves to 5 minutes. */ static readonly CacheTTL: number; private rbac; private projectPolicy?; private lastRefreshedAt?; constructor(rbac: PolicyGetter); private fresh; private refresh; getPolicy(): Promise; } export declare class B2BPolicyCache extends PolicyCache { private b2bRBAC; private orgPolicyCache; constructor(rbac: OrgPolicyGetter); private orgPolicyFresh; private refreshOrgPolicy; getOrgPolicy(organizationID: string): Promise; } export {};