All Known Implementing Classes:
LimitedRole, SimpleRole

public interface Role
  • Field Details

    • REMOTE_USER_ROLE_NAME

      static final String REMOTE_USER_ROLE_NAME
      See Also:
    • EMPTY

      static final Role EMPTY
    • EMPTY_RESTRICTED_BY_WORKFLOW

      static final Role EMPTY_RESTRICTED_BY_WORKFLOW
  • Method Details

    • names

      String[] names()
    • cluster

    • indices

    • application

      ApplicationPermission application()
    • runAs

    • remoteIndices

      RemoteIndicesPermission remoteIndices()
    • remoteCluster

      RemoteClusterPermissions remoteCluster()
    • hasWorkflowsRestriction

      boolean hasWorkflowsRestriction()
    • forWorkflow

      Role forWorkflow(@Nullable String workflow)
      This method returns an effective role for the given workflow if role has workflows restriction (i.e. hasWorkflowsRestriction() is true). Otherwise, this method returns an unchanged role. The returned effective role can be an EMPTY_RESTRICTED_BY_WORKFLOW when the given workflow is not one of the workflows to which this role is restricted. The workflows to which a role can be restricted are static and defined in WorkflowResolver.
    • hasFieldOrDocumentLevelSecurity

      boolean hasFieldOrDocumentLevelSecurity()
      Whether the Role has any field or document level security enabled index privileges
      Returns:
    • allowedIndicesMatcher

      Returns:
      A predicate that will match all the indices that this role has the privilege for executing the given action on.
    • allowedActionsMatcher

      org.apache.lucene.util.automaton.Automaton allowedActionsMatcher(String index)
      Returns an Automaton that matches all action names allowed for the given index
    • checkRunAs

      boolean checkRunAs(String runAsName)
      Check if the role is allowed to run-as the given username.
      Parameters:
      runAsName -
      Returns:
    • checkIndicesAction

      boolean checkIndicesAction(String action)
      Check if indices permissions allow for the given action
      Parameters:
      action - indices action
      Returns:
      true if action is allowed else returns false
    • checkIndicesPrivileges

      boolean checkIndicesPrivileges(Set<String> checkForIndexPatterns, boolean allowRestrictedIndices, Set<String> checkForPrivileges, @Nullable ResourcePrivilegesMap.Builder resourcePrivilegesMapBuilder)
      For given index patterns and index privileges determines allowed privileges and creates an instance of ResourcePrivilegesMap holding a map of resource to ResourcePrivileges where resource is index pattern and the map of index privilege to whether it is allowed or not.
      Parameters:
      checkForIndexPatterns - check permission grants for the set of index patterns
      allowRestrictedIndices - if true then checks permission grants even for restricted indices by index matching
      checkForPrivileges - check permission grants for the set of index privileges
      resourcePrivilegesMapBuilder - out-parameter for returning the details on which privilege over which resource is granted or not. Can be null when no such details are needed so the method can return early, after encountering the first privilege that is not granted over some resource.
      Returns:
      true when all the privileges are granted over all the resources, or false otherwise
    • checkClusterAction

      boolean checkClusterAction(String action, TransportRequest request, Authentication authentication)
      Check if cluster permissions allow for the given action in the context of given authentication.
      Parameters:
      action - cluster action
      request - TransportRequest
      authentication - Authentication
      Returns:
      true if action is allowed else returns false
    • grants

      boolean grants(ClusterPrivilege clusterPrivilege)
      Check if cluster permissions grants the given cluster privilege
      Parameters:
      clusterPrivilege - cluster privilege
      Returns:
      true if cluster privilege is allowed else returns false
    • checkApplicationResourcePrivileges

      boolean checkApplicationResourcePrivileges(String applicationName, Set<String> checkForResources, Set<String> checkForPrivilegeNames, Collection<ApplicationPrivilegeDescriptor> storedPrivileges, @Nullable ResourcePrivilegesMap.Builder resourcePrivilegesMapBuilder)
      For a given application, checks for the privileges for resources and returns an instance of ResourcePrivilegesMap holding a map of resource to ResourcePrivileges where the resource is application resource and the map of application privilege to whether it is allowed or not.
      Parameters:
      applicationName - checks privileges for the provided application name
      checkForResources - check permission grants for the set of resources
      checkForPrivilegeNames - check permission grants for the set of privilege names
      storedPrivileges - stored ApplicationPrivilegeDescriptor for an application against which the access checks are performed
      resourcePrivilegesMapBuilder - out-parameter for returning the details on which privilege over which resource is granted or not. Can be null when no such details are needed so the method can return early, after encountering the first privilege that is not granted over some resource.
      Returns:
      true when all the privileges are granted over all the resources, or false otherwise
    • authorize

      IndicesAccessControl authorize(String action, Set<String> requestedIndicesOrAliases, Metadata metadata, FieldPermissionsCache fieldPermissionsCache)
      Returns whether at least one group encapsulated by this indices permissions is authorized to execute the specified action with the requested indices/aliases. At the same time if field and/or document level security is configured for any group also the allowed fields and role queries are resolved.
    • getRoleDescriptorsIntersectionForRemoteCluster

      RoleDescriptorsIntersection getRoleDescriptorsIntersectionForRemoteCluster(String remoteClusterAlias, TransportVersion remoteClusterVersion)
      Returns the intersection of role descriptors defined for a remote cluster with the given alias.
      Parameters:
      remoteClusterAlias - the remote cluster alias for which to return a role descriptors intersection
      remoteClusterVersion - the version of the remote cluster
      Returns:
      an intersection of role descriptors that describe the remote privileges towards a given cluster, otherwise an empty intersection if remote privileges are not defined
    • limitedBy

      default Role limitedBy(Role role)
      Creates a LimitedRole that uses this Role as base and the given role as limited-by.
    • builder

      static Role.Builder builder(RestrictedIndices restrictedIndices, String... names)
      Parameters:
      restrictedIndices - An automaton that can determine whether a string names a restricted index. For simple unit tests, this can be Automatons.EMPTY.
      names - Names of roles.
      Returns:
      A builder for a role
    • buildFromRoleDescriptor

      static SimpleRole buildFromRoleDescriptor(RoleDescriptor roleDescriptor, FieldPermissionsCache fieldPermissionsCache, RestrictedIndices restrictedIndices)
    • buildFromRoleDescriptor

      static SimpleRole buildFromRoleDescriptor(RoleDescriptor roleDescriptor, FieldPermissionsCache fieldPermissionsCache, RestrictedIndices restrictedIndices, Collection<ApplicationPrivilegeDescriptor> storedApplicationPrivilegeDescriptors)