import { FieldAccess } from '@prisma/client';
import { PrismaService } from "../../core/database/prisma/prisma.service";
import { DataScopeUser } from './data-scope.service';
import { MaskingService } from './masking.service';
import { IamAuditService } from './iam-audit.service';
export declare class FieldPermissionService {
    private readonly prisma;
    private readonly masking;
    private readonly audit;
    private readonly logger;
    constructor(prisma: PrismaService, masking: MaskingService, audit: IamAuditService);
    adminList(filters: {
        resource?: string;
        roleId?: string;
    }): import("@prisma/client").Prisma.PrismaPromise<{
        id: string;
        createdAt: Date;
        updatedAt: Date;
        resource: string;
        roleId: string;
        field: string;
        access: import("@prisma/client").$Enums.FieldAccess;
    }[]>;
    adminCreate(input: {
        roleId: string;
        resource: string;
        field: string;
        access: FieldAccess;
    }, actor: string): Promise<{
        id: string;
        createdAt: Date;
        updatedAt: Date;
        resource: string;
        roleId: string;
        field: string;
        access: import("@prisma/client").$Enums.FieldAccess;
    }>;
    adminUpdate(id: string, input: {
        access?: FieldAccess;
    }, actor: string): Promise<{
        id: string;
        createdAt: Date;
        updatedAt: Date;
        resource: string;
        roleId: string;
        field: string;
        access: import("@prisma/client").$Enums.FieldAccess;
    }>;
    adminRemove(id: string, actor: string): Promise<{
        ok: boolean;
    }>;
    filter<T extends Record<string, any>>(user: DataScopeUser, resource: string, records: T[] | T): Promise<T[] | T>;
    private resolveEffectiveAccess;
    private applyToRow;
}