npm - @spotify/backstage-plugin-rbac-common - Versions diffs - 0.2.1 - Mend

@spotify/backstage-plugin-rbac-common 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,1735 @@
+import * as _backstage_plugin_permission_common from '@backstage/plugin-permission-common';
+import { PermissionCondition, PermissionCriteria, AllOfCriteria, AnyOfCriteria, NotCriteria, Permission, PermissionRuleParam, PermissionRuleParams } from '@backstage/plugin-permission-common';
+import { z } from 'zod';
+/** @public */
+declare const PolicyDefaultName = "Untitled policy";
+/** @public */
+declare const BackstageUserPlaceholder = ":backstageUser";
+/** @public */
+declare type RBACPermissionCondition = Omit<PermissionCondition, 'resourceType'>;
+/** @public */
+declare const PermissionConditionParser: z.ZodSchema<RBACPermissionCondition>;
+/** @public */
+declare const ConditionalDecisionParser: z.ZodObject<{
+    pluginId: z.ZodString;
+    resourceType: z.ZodString;
+    conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+}, "strip", z.ZodTypeAny, {
+    pluginId: string;
+    resourceType: string;
+    conditions: PermissionCriteria<RBACPermissionCondition>;
+}, {
+    pluginId: string;
+    resourceType: string;
+    conditions: PermissionCriteria<RBACPermissionCondition>;
+}>;
+/** @public */
+declare const LiteralDecisionParser: z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>;
+/** @public */
+declare const PermissionDecisionParser: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+    pluginId: z.ZodString;
+    resourceType: z.ZodString;
+    conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+}, "strip", z.ZodTypeAny, {
+    pluginId: string;
+    resourceType: string;
+    conditions: PermissionCriteria<RBACPermissionCondition>;
+}, {
+    pluginId: string;
+    resourceType: string;
+    conditions: PermissionCriteria<RBACPermissionCondition>;
+}>]>;
+/** @public */
+declare const PermissionMatchParser: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+    name: z.ZodOptional<z.ZodString>;
+    actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    resourceType: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    name?: string | undefined;
+    actions?: string[] | undefined;
+    resourceType?: string | undefined;
+}, {
+    name?: string | undefined;
+    actions?: string[] | undefined;
+    resourceType?: string | undefined;
+}>]>;
+/** @public */
+declare const RolePermissionParser: z.ZodEffects<z.ZodObject<{
+    id: z.ZodDefault<z.ZodString>;
+    match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+        name: z.ZodOptional<z.ZodString>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        resourceType: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    }, {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    }>]>;
+    decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+        pluginId: z.ZodString;
+        resourceType: z.ZodString;
+        conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+    }, "strip", z.ZodTypeAny, {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    }, {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    }>]>;
+}, "strip", z.ZodTypeAny, {
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    id: string;
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}, {
+    id?: string | undefined;
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}>, {
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    id: string;
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}, {
+    id?: string | undefined;
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}>;
+/** @public */
+declare const RolePermissionsParser: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+    id: z.ZodDefault<z.ZodString>;
+    match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+        name: z.ZodOptional<z.ZodString>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        resourceType: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    }, {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    }>]>;
+    decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+        pluginId: z.ZodString;
+        resourceType: z.ZodString;
+        conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+    }, "strip", z.ZodTypeAny, {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    }, {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    }>]>;
+}, "strip", z.ZodTypeAny, {
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    id: string;
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}, {
+    id?: string | undefined;
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}>, {
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    id: string;
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}, {
+    id?: string | undefined;
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}>, "many">, {
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    id: string;
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}[], {
+    id?: string | undefined;
+    match: "*" | {
+        name?: string | undefined;
+        actions?: string[] | undefined;
+        resourceType?: string | undefined;
+    };
+    decision: "allow" | "deny" | {
+        pluginId: string;
+        resourceType: string;
+        conditions: PermissionCriteria<RBACPermissionCondition>;
+    };
+}[]>;
+/** @public */
+declare const RoleParser: z.ZodObject<{
+    name: z.ZodString;
+    id: z.ZodDefault<z.ZodString>;
+    members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+    permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+        id: z.ZodDefault<z.ZodString>;
+        match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+            name: z.ZodOptional<z.ZodString>;
+            actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+            resourceType: z.ZodOptional<z.ZodString>;
+        }, "strip", z.ZodTypeAny, {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        }, {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        }>]>;
+        decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+            pluginId: z.ZodString;
+            resourceType: z.ZodString;
+            conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+        }, "strip", z.ZodTypeAny, {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        }, {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        }>]>;
+    }, "strip", z.ZodTypeAny, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }, {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }>, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }, {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }>, "many">, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[], {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[]>;
+}, "strip", z.ZodTypeAny, {
+    id: string;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}, {
+    id?: string | undefined;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}>;
+/** @public */
+declare const RolesParser: z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+    name: z.ZodString;
+    id: z.ZodDefault<z.ZodString>;
+    members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+    permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+        id: z.ZodDefault<z.ZodString>;
+        match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+            name: z.ZodOptional<z.ZodString>;
+            actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+            resourceType: z.ZodOptional<z.ZodString>;
+        }, "strip", z.ZodTypeAny, {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        }, {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        }>]>;
+        decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+            pluginId: z.ZodString;
+            resourceType: z.ZodString;
+            conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+        }, "strip", z.ZodTypeAny, {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        }, {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        }>]>;
+    }, "strip", z.ZodTypeAny, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }, {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }>, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }, {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }>, "many">, {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[], {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[]>;
+}, "strip", z.ZodTypeAny, {
+    id: string;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}, {
+    id?: string | undefined;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}>, "many">>, {
+    id: string;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        id: string;
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}[], {
+    id?: string | undefined;
+    name: string;
+    members: string[] | "*";
+    permissions: {
+        id?: string | undefined;
+        match: "*" | {
+            name?: string | undefined;
+            actions?: string[] | undefined;
+            resourceType?: string | undefined;
+        };
+        decision: "allow" | "deny" | {
+            pluginId: string;
+            resourceType: string;
+            conditions: PermissionCriteria<RBACPermissionCondition>;
+        };
+    }[];
+}[] | undefined>;
+/** @public */
+declare const PolicyTitleParser: z.ZodDefault<z.ZodString>;
+/** @public */
+declare const PolicyConfigParser: z.ZodObject<{
+    name: z.ZodDefault<z.ZodString>;
+    roles: z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodDefault<z.ZodString>;
+        members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+        permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+            id: z.ZodDefault<z.ZodString>;
+            match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+                name: z.ZodOptional<z.ZodString>;
+                actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+                resourceType: z.ZodOptional<z.ZodString>;
+            }, "strip", z.ZodTypeAny, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }>]>;
+            decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+                pluginId: z.ZodString;
+                resourceType: z.ZodString;
+                conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+            }, "strip", z.ZodTypeAny, {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            }, {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            }>]>;
+        }, "strip", z.ZodTypeAny, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, "many">, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[], {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[]>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }, {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }>, "many">>, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[], {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    roles: {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[];
+}, {
+    name?: string | undefined;
+    roles?: {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined;
+}>;
+/** @public */
+declare const DefaultingPolicyConfigParser: z.ZodDefault<z.ZodObject<{
+    name: z.ZodDefault<z.ZodString>;
+    roles: z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodDefault<z.ZodString>;
+        members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+        permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+            id: z.ZodDefault<z.ZodString>;
+            match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+                name: z.ZodOptional<z.ZodString>;
+                actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+                resourceType: z.ZodOptional<z.ZodString>;
+            }, "strip", z.ZodTypeAny, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }>]>;
+            decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+                pluginId: z.ZodString;
+                resourceType: z.ZodString;
+                conditions: z.ZodType<PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, PermissionCriteria<RBACPermissionCondition>>;
+            }, "strip", z.ZodTypeAny, {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            }, {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            }>]>;
+        }, "strip", z.ZodTypeAny, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, "many">, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[], {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[]>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }, {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }>, "many">>, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[], {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    roles: {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[];
+}, {
+    name?: string | undefined;
+    roles?: {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined;
+}>>;
+/** @public */
+declare function isConditionalDecision(decision: PermissionDecision): decision is ConditionalDecision;
+/** @public */
+declare function isAllOfPermissionCriteria(conditions: PermissionCriteria<RBACPermissionCondition>): conditions is AllOfCriteria<RBACPermissionCondition>;
+/** @public */
+declare function isAnyOfPermissionCriteria(conditions: PermissionCriteria<RBACPermissionCondition>): conditions is AnyOfCriteria<RBACPermissionCondition>;
+/** @public */
+declare function isNotPermissionCriteria(conditions: PermissionCriteria<RBACPermissionCondition>): conditions is NotCriteria<RBACPermissionCondition>;
+/** @public */
+declare type ConditionalDecision = z.infer<typeof ConditionalDecisionParser>;
+/** @public */
+declare type LiteralDecision = z.infer<typeof LiteralDecisionParser>;
+/** @public */
+declare type PermissionDecision = z.infer<typeof PermissionDecisionParser>;
+/** @public */
+declare type PermissionMatch = z.infer<typeof PermissionMatchParser>;
+/** @public */
+declare type RolePermission = z.infer<typeof RolePermissionParser>;
+/** @public */
+declare type RolePermissions = z.infer<typeof RolePermissionsParser>;
+/** @public */
+declare type RawRole = z.input<typeof RoleParser>;
+/** @public */
+declare type Role = z.infer<typeof RoleParser>;
+/** @public */
+declare type RawPolicyConfig = z.input<typeof PolicyConfigParser>;
+/** @public */
+declare type PolicyConfig = z.infer<typeof PolicyConfigParser>;
+/** @public */
+declare type Policy = {
+    /**
+     * Internal ID for lookups/references.
+     */
+    id: string;
+    /**
+     * Display name for the version.
+     */
+    name: string;
+    /**
+     * Date that the version was created in ISO-8601 format.
+     */
+    createdAt: string;
+    /**
+     * Entity ref of the user that created the version.
+     */
+    createdBy: string;
+    /**
+     * Latest date on which the version was updated in ISO-8601 format.
+     */
+    updatedAt: string;
+    /**
+     * Entity ref of the latest user that updated the version.
+     */
+    updatedBy: string;
+    /**
+     * Description of the changes introduced with the version.
+     */
+    description?: string;
+    /**
+     * Latest date on which the version was published in ISO-8601 format.
+     */
+    lastPublishedAt?: string;
+    /**
+     * Entity ref of the latest user that published the version.
+     */
+    lastPublishedBy?: string;
+    /**
+     * List of role configurations for policy evaluation.
+     */
+    roles: Role[];
+    /**
+     * Current status of the policy.
+     */
+    status: 'draft' | 'active' | 'inactive';
+};
+/** @public */
+declare const CreateDraftRequestParser: z.ZodObject<{
+    name: z.ZodDefault<z.ZodString>;
+    roles: z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodDefault<z.ZodString>;
+        members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+        permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+            id: z.ZodDefault<z.ZodString>;
+            match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+                name: z.ZodOptional<z.ZodString>;
+                actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+                resourceType: z.ZodOptional<z.ZodString>;
+            }, "strip", z.ZodTypeAny, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }>]>;
+            decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+                pluginId: z.ZodString;
+                resourceType: z.ZodString;
+                conditions: z.ZodType<_backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>>;
+            }, "strip", z.ZodTypeAny, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }>]>;
+        }, "strip", z.ZodTypeAny, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, "many">, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[], {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[]>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }, {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }>, "many">>, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[], {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    roles: {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[];
+}, {
+    name?: string | undefined;
+    roles?: {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined;
+}>;
+/** @public */
+declare const UpdateDraftRequestParser: z.ZodObject<z.extendShape<{
+    name: z.ZodDefault<z.ZodString>;
+    roles: z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodDefault<z.ZodString>;
+        members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+        permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+            id: z.ZodDefault<z.ZodString>;
+            match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+                name: z.ZodOptional<z.ZodString>;
+                actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+                resourceType: z.ZodOptional<z.ZodString>;
+            }, "strip", z.ZodTypeAny, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }>]>;
+            decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+                pluginId: z.ZodString;
+                resourceType: z.ZodString;
+                conditions: z.ZodType<_backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>>;
+            }, "strip", z.ZodTypeAny, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }>]>;
+        }, "strip", z.ZodTypeAny, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, "many">, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[], {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[]>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }, {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }>, "many">>, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[], {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined>;
+}, {
+    name: z.ZodOptional<z.ZodDefault<z.ZodString>>;
+    roles: z.ZodOptional<z.ZodEffects<z.ZodDefault<z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodDefault<z.ZodString>;
+        members: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodArray<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, "many">]>;
+        permissions: z.ZodEffects<z.ZodArray<z.ZodEffects<z.ZodObject<{
+            id: z.ZodDefault<z.ZodString>;
+            match: z.ZodUnion<[z.ZodLiteral<"*">, z.ZodObject<{
+                name: z.ZodOptional<z.ZodString>;
+                actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+                resourceType: z.ZodOptional<z.ZodString>;
+            }, "strip", z.ZodTypeAny, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }, {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            }>]>;
+            decision: z.ZodUnion<[z.ZodUnion<[z.ZodLiteral<"allow">, z.ZodLiteral<"deny">]>, z.ZodObject<{
+                pluginId: z.ZodString;
+                resourceType: z.ZodString;
+                conditions: z.ZodType<_backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>, z.ZodTypeDef, _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>>;
+            }, "strip", z.ZodTypeAny, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }, {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            }>]>;
+        }, "strip", z.ZodTypeAny, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }, {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }>, "many">, {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[], {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[]>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }, {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }>, "many">>, {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[], {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined>>;
+}>, "strip", z.ZodTypeAny, {
+    name?: string | undefined;
+    roles?: {
+        id: string;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            id: string;
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined;
+}, {
+    name?: string | undefined;
+    roles?: {
+        id?: string | undefined;
+        name: string;
+        members: string[] | "*";
+        permissions: {
+            id?: string | undefined;
+            match: "*" | {
+                name?: string | undefined;
+                actions?: string[] | undefined;
+                resourceType?: string | undefined;
+            };
+            decision: "allow" | "deny" | {
+                pluginId: string;
+                resourceType: string;
+                conditions: _backstage_plugin_permission_common.PermissionCriteria<RBACPermissionCondition>;
+            };
+        }[];
+    }[] | undefined;
+}>;
+/** @public */
+declare const PublishVersionRequestParser: z.ZodObject<{
+    description: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    description?: string | undefined;
+}, {
+    description?: string | undefined;
+}>;
+/** @public */
+declare type CreateDraftRequest = z.input<typeof CreateDraftRequestParser>;
+/** @public */
+declare type UpdateDraftRequest = z.input<typeof UpdateDraftRequestParser>;
+/** @public */
+declare type PublishVersionRequest = z.infer<typeof PublishVersionRequestParser>;
+/** @public */
+declare type SearchMembersRequest = {
+    query: string;
+};
+/** @public */
+declare type AuthorizeResponse = {
+    authorized: boolean;
+};
+/** @public */
+declare type MemberResponse = {
+    name?: string;
+    type: 'user' | 'group' | 'all' | 'unknown';
+    entityRef: string;
+};
+/** @public */
+declare type PolicyMember = {
+    policyId: string;
+    members: MemberResponse[];
+};
+/** @public */
+declare type SearchMembersResponse = {
+    members: MemberResponse[];
+};
+/** @public */
+declare type PaginatedResponse<T> = {
+    items: T[];
+    nextCursor?: string;
+    prevCursor?: string;
+    totalItems: number;
+};
+/** @public */
+declare type PoliciesResponse = PaginatedResponse<Policy>;
+/** @public */
+declare const isMatchingPermission: (permission: Permission, match: PermissionMatch) => boolean;
+/** @public */
+declare type MapParamsCallback = (param: PermissionRuleParam) => PermissionRuleParam;
+/** @public */
+declare function mapParams(params: PermissionRuleParams, cb: MapParamsCallback): PermissionRuleParams;
+export { AuthorizeResponse, BackstageUserPlaceholder, ConditionalDecision, ConditionalDecisionParser, CreateDraftRequest, CreateDraftRequestParser, DefaultingPolicyConfigParser, LiteralDecision, LiteralDecisionParser, MapParamsCallback, MemberResponse, PaginatedResponse, PermissionConditionParser, PermissionDecision, PermissionDecisionParser, PermissionMatch, PermissionMatchParser, PoliciesResponse, Policy, PolicyConfig, PolicyConfigParser, PolicyDefaultName, PolicyMember, PolicyTitleParser, PublishVersionRequest, PublishVersionRequestParser, RBACPermissionCondition, RawPolicyConfig, RawRole, Role, RoleParser, RolePermission, RolePermissionParser, RolePermissions, RolePermissionsParser, RolesParser, SearchMembersRequest, SearchMembersResponse, UpdateDraftRequest, UpdateDraftRequestParser, isAllOfPermissionCriteria, isAnyOfPermissionCriteria, isConditionalDecision, isMatchingPermission, isNotPermissionCriteria, mapParams };