Module org.elasticsearch.xcore
Class RoleDescriptor
java.lang.Object
org.elasticsearch.xpack.core.security.authz.RoleDescriptor
- All Implemented Interfaces:
Writeable,org.elasticsearch.xcontent.ToXContent,org.elasticsearch.xcontent.ToXContentObject
public class RoleDescriptor
extends Object
implements org.elasticsearch.xcontent.ToXContentObject, Writeable
A holder for a Role that contains user-readable information about the Role
without containing the actual Role object.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classstatic interfacestatic classA class representing permissions for a group of indices mapped to privileges, field permissions, and a query.static final recordstatic final classstatic classNested classes/interfaces inherited from interface org.elasticsearch.xcontent.ToXContent
org.elasticsearch.xcontent.ToXContent.DelegatingMapParams, org.elasticsearch.xcontent.ToXContent.MapParams, org.elasticsearch.xcontent.ToXContent.ParamsNested classes/interfaces inherited from interface org.elasticsearch.common.io.stream.Writeable
Writeable.Reader<V>, Writeable.Writer<V> -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final TransportVersionstatic final TransportVersionFields inherited from interface org.elasticsearch.xcontent.ToXContent
EMPTY, EMPTY_PARAMS -
Constructor Summary
ConstructorsConstructorDescriptionRoleDescriptor(String name, String[] clusterPrivileges, RoleDescriptor.IndicesPrivileges[] indicesPrivileges, String[] runAs) RoleDescriptor(String name, String[] clusterPrivileges, RoleDescriptor.IndicesPrivileges[] indicesPrivileges, String[] runAs, Map<String, Object> metadata) Deprecated.RoleDescriptor(String name, String[] clusterPrivileges, RoleDescriptor.IndicesPrivileges[] indicesPrivileges, String[] runAs, Map<String, Object> metadata, Map<String, Object> transientMetadata) RoleDescriptor(String name, String[] clusterPrivileges, RoleDescriptor.IndicesPrivileges[] indicesPrivileges, RoleDescriptor.ApplicationResourcePrivileges[] applicationPrivileges, ConfigurableClusterPrivilege[] configurableClusterPrivileges, String[] runAs, Map<String, Object> metadata, Map<String, Object> transientMetadata) RoleDescriptor(String name, String[] clusterPrivileges, RoleDescriptor.IndicesPrivileges[] indicesPrivileges, RoleDescriptor.ApplicationResourcePrivileges[] applicationPrivileges, ConfigurableClusterPrivilege[] configurableClusterPrivileges, String[] runAs, Map<String, Object> metadata, Map<String, Object> transientMetadata, RoleDescriptor.RemoteIndicesPrivileges[] remoteIndicesPrivileges, RemoteClusterPermissions remoteClusterPermissions, RoleDescriptor.Restriction restriction, String description) -
Method Summary
Modifier and TypeMethodDescriptionbooleanString[]getName()String[]getRunAs()booleanbooleanbooleanbooleaninthashCode()booleanbooleanbooleanbooleanhasRunAs()booleanbooleanorg.elasticsearch.xcontent.XContentBuilderinnerToXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params, boolean docCreation) Generates x-content for thisRoleDescriptorinstance.booleanisEmpty()booleanparseApplicationPrivileges(String roleName, org.elasticsearch.xcontent.XContentParser parser) parseIndexWithPredefinedPrivileges(String roleName, String[] privileges, org.elasticsearch.xcontent.XContentParser parser) static RoleDescriptor.IndicesPrivileges[]parseIndices(String roleName, org.elasticsearch.xcontent.XContentParser parser, boolean allow2xFormat) parsePrivilegesToCheck(String description, boolean runDetailedCheck, BytesReference source, org.elasticsearch.xcontent.XContentType xContentType) Parses the privileges to be checked, from the same syntax used for granting privileges in aRoleDescriptor.parsePrivilegesToCheck(String description, boolean runDetailedCheck, org.elasticsearch.xcontent.XContentParser parser) static voidtoString()org.elasticsearch.xcontent.XContentBuildertoXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params) org.elasticsearch.xcontent.XContentBuildertoXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params, boolean docCreation) voidwriteTo(StreamOutput out) Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, waitMethods inherited from interface org.elasticsearch.xcontent.ToXContentObject
isFragment
-
Field Details
-
WORKFLOWS_RESTRICTION_VERSION
-
SECURITY_ROLE_DESCRIPTION
-
ROLE_TYPE
- See Also:
-
-
Constructor Details
-
RoleDescriptor
public RoleDescriptor(String name, @Nullable String[] clusterPrivileges, @Nullable RoleDescriptor.IndicesPrivileges[] indicesPrivileges, @Nullable String[] runAs) -
RoleDescriptor
@Deprecated public RoleDescriptor(String name, @Nullable String[] clusterPrivileges, @Nullable RoleDescriptor.IndicesPrivileges[] indicesPrivileges, @Nullable String[] runAs, @Nullable Map<String, Object> metadata) -
RoleDescriptor
-
RoleDescriptor
public RoleDescriptor(String name, @Nullable String[] clusterPrivileges, @Nullable RoleDescriptor.IndicesPrivileges[] indicesPrivileges, @Nullable RoleDescriptor.ApplicationResourcePrivileges[] applicationPrivileges, @Nullable ConfigurableClusterPrivilege[] configurableClusterPrivileges, @Nullable String[] runAs, @Nullable Map<String, Object> metadata, @Nullable Map<String, Object> transientMetadata) -
RoleDescriptor
public RoleDescriptor(String name, @Nullable String[] clusterPrivileges, @Nullable RoleDescriptor.IndicesPrivileges[] indicesPrivileges, @Nullable RoleDescriptor.ApplicationResourcePrivileges[] applicationPrivileges, @Nullable ConfigurableClusterPrivilege[] configurableClusterPrivileges, @Nullable String[] runAs, @Nullable Map<String, Object> metadata, @Nullable Map<String, Object> transientMetadata, @Nullable RoleDescriptor.RemoteIndicesPrivileges[] remoteIndicesPrivileges, @Nullable RemoteClusterPermissions remoteClusterPermissions, @Nullable RoleDescriptor.Restriction restriction, @Nullable String description) -
RoleDescriptor
- Throws:
IOException
-
-
Method Details
-
setFieldPermissionsCache
-
getName
-
getDescription
-
getClusterPrivileges
-
getConditionalClusterPrivileges
-
getIndicesPrivileges
-
getRemoteIndicesPrivileges
-
hasRemoteIndicesPrivileges
public boolean hasRemoteIndicesPrivileges() -
hasRemoteClusterPermissions
public boolean hasRemoteClusterPermissions() -
getRemoteClusterPermissions
-
getApplicationPrivileges
-
hasClusterPrivileges
public boolean hasClusterPrivileges() -
hasApplicationPrivileges
public boolean hasApplicationPrivileges() -
hasConfigurableClusterPrivileges
public boolean hasConfigurableClusterPrivileges() -
hasRunAs
public boolean hasRunAs() -
hasDescription
public boolean hasDescription() -
hasUnsupportedPrivilegesInsideAPIKeyConnectedRemoteCluster
public boolean hasUnsupportedPrivilegesInsideAPIKeyConnectedRemoteCluster() -
getRunAs
-
getRestriction
-
hasRestriction
public boolean hasRestriction() -
hasWorkflowsRestriction
public boolean hasWorkflowsRestriction() -
getMetadata
-
getTransientMetadata
-
isUsingDocumentOrFieldLevelSecurity
public boolean isUsingDocumentOrFieldLevelSecurity() -
toString
-
equals
-
hashCode
public int hashCode() -
isEmpty
public boolean isEmpty() -
toXContent
public org.elasticsearch.xcontent.XContentBuilder toXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params) throws IOException - Specified by:
toXContentin interfaceorg.elasticsearch.xcontent.ToXContent- Throws:
IOException
-
toXContent
public org.elasticsearch.xcontent.XContentBuilder toXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params, boolean docCreation) throws IOException - Throws:
IOException
-
innerToXContent
public org.elasticsearch.xcontent.XContentBuilder innerToXContent(org.elasticsearch.xcontent.XContentBuilder builder, org.elasticsearch.xcontent.ToXContent.Params params, boolean docCreation) throws IOException Generates x-content for thisRoleDescriptorinstance.- Parameters:
builder- the x-content builderparams- the parameters for x-content generation directivesdocCreation-trueif the x-content is being generated for creating a document in the security index,falseif the x-content being generated is for API display purposes- Returns:
- x-content builder
- Throws:
IOException- if there was an error writing the x-content to the builder
-
writeTo
- Specified by:
writeToin interfaceWriteable- Throws:
IOException
-
parserBuilder
-
parsePrivilegesToCheck
public static AuthorizationEngine.PrivilegesToCheck parsePrivilegesToCheck(String description, boolean runDetailedCheck, org.elasticsearch.xcontent.XContentParser parser) throws IOException - Throws:
IOException
-
parsePrivilegesToCheck
public static AuthorizationEngine.PrivilegesToCheck parsePrivilegesToCheck(String description, boolean runDetailedCheck, BytesReference source, org.elasticsearch.xcontent.XContentType xContentType) throws IOException Parses the privileges to be checked, from the same syntax used for granting privileges in aRoleDescriptor.- Throws:
IOException
-
parseIndices
public static RoleDescriptor.IndicesPrivileges[] parseIndices(String roleName, org.elasticsearch.xcontent.XContentParser parser, boolean allow2xFormat) throws IOException - Throws:
IOException
-
parseIndexWithPredefinedPrivileges
public static RoleDescriptor.IndicesPrivileges parseIndexWithPredefinedPrivileges(String roleName, String[] privileges, org.elasticsearch.xcontent.XContentParser parser) throws IOException - Throws:
IOException
-
parseApplicationPrivileges
public static RoleDescriptor.ApplicationResourcePrivileges[] parseApplicationPrivileges(String roleName, org.elasticsearch.xcontent.XContentParser parser) throws IOException - Throws:
IOException
-
RoleDescriptor(String, String[], IndicesPrivileges[], ApplicationResourcePrivileges[], ConfigurableClusterPrivilege[], String[], Map, Map, RemoteIndicesPrivileges[], RemoteClusterPermissions, Restriction, String)