Module org.elasticsearch.xcore
Class ClusterPrivilegeResolver
java.lang.Object
org.elasticsearch.xpack.core.security.authz.privilege.ClusterPrivilegeResolver
Translates cluster privilege names into concrete implementations
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilegestatic final NamedClusterPrivilege -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic Collection<String> findPrivilegesThatGrant(String action, TransportRequest request, Authentication authentication) Returns the names of privileges that grant the specified action and request, for the given authentication context.static NamedClusterPrivilegegetNamedOrNull(String name) static booleanisClusterAction(String actionName) names()static NamedClusterPrivilegeResolves aNamedClusterPrivilegefrom a given name if it exists.static SortedMap<String, NamedClusterPrivilege> sortByAccessLevel(Collection<NamedClusterPrivilege> privileges) Sorts the collection of privileges from least-privilege to most-privilege (to the extent possible), returning them in a sorted map keyed by name.
-
Field Details
-
NONE
-
ALL
-
MONITOR
-
MONITOR_INFERENCE
-
MONITOR_ML
-
MONITOR_TRANSFORM_DEPRECATED
-
MONITOR_TEXT_STRUCTURE
-
MONITOR_TRANSFORM
-
MONITOR_WATCHER
-
MONITOR_ROLLUP
-
MONITOR_ENRICH
-
MONITOR_STATS
-
MANAGE
-
MANAGE_INFERENCE
-
MANAGE_ML
-
MANAGE_TRANSFORM_DEPRECATED
-
MANAGE_TRANSFORM
-
MANAGE_TOKEN
-
MANAGE_WATCHER
-
MANAGE_ROLLUP
-
MANAGE_IDX_TEMPLATES
-
MANAGE_INGEST_PIPELINES
-
READ_PIPELINE
-
TRANSPORT_CLIENT
-
MANAGE_SECURITY
-
READ_SECURITY
-
MANAGE_SAML
-
MANAGE_OIDC
-
MANAGE_API_KEY
-
MANAGE_SERVICE_ACCOUNT
-
MANAGE_USER_PROFILE
-
GRANT_API_KEY
-
MANAGE_PIPELINE
-
MANAGE_AUTOSCALING
-
MANAGE_CCR
-
READ_CCR
-
CREATE_SNAPSHOT
-
MONITOR_SNAPSHOT
-
MANAGE_ILM
-
READ_ILM
-
MANAGE_SLM
-
READ_SLM
-
DELEGATE_PKI
-
MANAGE_OWN_API_KEY
-
MANAGE_ENRICH
-
MANAGE_LOGSTASH_PIPELINES
-
READ_FLEET_SECRETS
-
WRITE_FLEET_SECRETS
-
CANCEL_TASK
-
MANAGE_SEARCH_APPLICATION
-
MANAGE_CONNECTOR
-
MONITOR_CONNECTOR
-
MANAGE_SEARCH_SYNONYMS
-
MANAGE_BEHAVIORAL_ANALYTICS
-
POST_BEHAVIORAL_ANALYTICS_EVENT
-
MANAGE_SEARCH_QUERY_RULES
-
CROSS_CLUSTER_SEARCH
-
CROSS_CLUSTER_REPLICATION
-
READ_CONNECTOR_SECRETS
-
WRITE_CONNECTOR_SECRETS
-
MONITOR_GLOBAL_RETENTION
-
MANAGE_GLOBAL_RETENTION
-
-
Constructor Details
-
ClusterPrivilegeResolver
public ClusterPrivilegeResolver()
-
-
Method Details
-
resolve
Resolves aNamedClusterPrivilegefrom a given name if it exists. If the name is a cluster action, then it converts the name to pattern and creates aActionClusterPrivilege- Parameters:
name- eithernames()or cluster actionisClusterAction(String)- Returns:
- instance of
NamedClusterPrivilege
-
getNamedOrNull
-
names
-
isClusterAction
-
findPrivilegesThatGrant
public static Collection<String> findPrivilegesThatGrant(String action, TransportRequest request, Authentication authentication) Returns the names of privileges that grant the specified action and request, for the given authentication context. -
sortByAccessLevel
public static SortedMap<String,NamedClusterPrivilege> sortByAccessLevel(Collection<NamedClusterPrivilege> privileges) Sorts the collection of privileges from least-privilege to most-privilege (to the extent possible), returning them in a sorted map keyed by name.
-