Class QueryableBuiltInRolesUtils

java.lang.Object
org.elasticsearch.xpack.security.support.QueryableBuiltInRolesUtils

public final class QueryableBuiltInRolesUtils extends Object
Utility class which provides helper method for calculating the hash of a role descriptor, determining the roles to upsert and the roles to delete.
  • Method Details

    • calculateHash

      public static String calculateHash(RoleDescriptor roleDescriptor)
      Calculates the hash of the given role descriptor by serializing it by calling RoleDescriptor.writeTo(StreamOutput) method and then SHA256 hashing the bytes.
      Parameters:
      roleDescriptor - the role descriptor to hash
      Returns:
      the base64 encoded SHA256 hash of the role descriptor
    • determineRolesToDelete

      public static Set<String> determineRolesToDelete(QueryableBuiltInRoles roles, Map<String,String> indexedRolesDigests)
      Determines the roles to delete by comparing the indexed roles with the roles in the built-in roles.
      Returns:
      the set of roles to delete
    • determineRolesToUpsert

      public static Set<RoleDescriptor> determineRolesToUpsert(QueryableBuiltInRoles roles, Map<String,String> indexedRolesDigests)
      Determines the roles to upsert by comparing the indexed roles and their digests with the current built-in roles.
      Returns:
      the set of roles to upsert (create or update)