Module org.elasticsearch.xcore
Class IndicesPermission.Builder
java.lang.Object
org.elasticsearch.xpack.core.security.authz.permission.IndicesPermission.Builder
- Enclosing class:
IndicesPermission
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaddGroup(IndexPrivilege privilege, FieldPermissions fieldPermissions, Set<BytesReference> query, boolean allowRestrictedIndices, boolean implicitlyGranted, String... indices) Adds a group to the permission.addGroup(IndexPrivilege privilege, FieldPermissions fieldPermissions, Set<BytesReference> query, boolean allowRestrictedIndices, String... indices) Adds an explicitly-granted group.build()
-
Constructor Details
-
Builder
-
-
Method Details
-
addGroup
public IndicesPermission.Builder addGroup(IndexPrivilege privilege, FieldPermissions fieldPermissions, @Nullable Set<BytesReference> query, boolean allowRestrictedIndices, String... indices) Adds an explicitly-granted group. Equivalent toaddGroup(IndexPrivilege, FieldPermissions, Set, boolean, boolean, String...)withimplicitlyGranted=false. -
addGroup
public IndicesPermission.Builder addGroup(IndexPrivilege privilege, FieldPermissions fieldPermissions, @Nullable Set<BytesReference> query, boolean allowRestrictedIndices, boolean implicitlyGranted, String... indices) Adds a group to the permission. WhenimplicitlyGrantedistrue, the group is marked as having been contributed by anImplicitPrivilegesProviderSPI implementation rather than declared in a role definition. The flag flows through to the resultingIndicesAccessControl.IndexAccessControl(viaIndicesPermission.authorize(java.lang.String, java.util.Set<java.lang.String>, org.elasticsearch.cluster.metadata.ProjectMetadata, org.elasticsearch.xpack.core.security.authz.permission.FieldPermissionsCache)) and gates whether downstream DLS/FLS license enforcement and feature-usage tracking apply: implicit grants bypass them; explicit grants do not. -
build
-