BoolQueryBuilder boolQuery = QueryBuilders.boolQuery();
        Set<String> roles = Set.of("role1", "role2");

        queryHelper.buildRoleQuery(roles, boolQuery);

        String queryString = boolQuery.toString();
        assertTrue(queryString.contains("role1"));
        assertTrue(queryString.contains("role2"));
        assertTrue(queryString.contains("filter"));
    }

authentication.admin.users=admin
# Admin role names for authentication.
authentication.admin.roles=admin

# Default permissions for search roles.
role.search.default.permissions=
# Default display permissions for search roles.
role.search.default.display.permissions={role}guest
# Guest permissions for search roles.
role.search.guest.permissions={role}guest

# Prefix for user roles in search.

    }

    /**
     * Processes sub-roles for the specified LDAP user.
     *
     * @param ldapUser the LDAP user to process sub-roles for
     * @param bindDn the bind DN for LDAP connection
     * @param subRoleSet the set of sub-roles to process
     * @param groupFilter the group filter pattern
     * @param roleSet the set of roles to update
     */

    default String[] getAuthenticationAdminRolesAsArray() {
        String[] roles = (String[]) propMap.get(AUTHENTICATION_ADMIN_ROLES);
        if (roles == null) {
            roles = getAuthenticationAdminRoles().split(",");
            propMap.put(AUTHENTICATION_ADMIN_ROLES, roles);
        }
        return roles;
    }

    String getJvmCrawlerOptions();

    /**
     * Sets whether to use robots.txt disallow rules.
     *
     * @param useRobotsTxtDisallows True to use disallow rules, false otherwise
     */
    public void setUseRobotsTxtDisallows(final boolean useRobotsTxtDisallows) {
        this.useRobotsTxtDisallows = useRobotsTxtDisallows;
    }

    /**
     * Sets whether to use robots.txt allow rules.
     *

// expiry. The permissions for these STS credentials is determined in one of the
// following ways:
//
// - RoleARN - if a role-arn is specified in the request, the STS credential's
// policy is the role's policy.
//
// - inherited from parent - this is the case for AssumeRole API, where the
// parent user is an actual real user with their own (permanent) credentials and

labels.groups=Группы
labels.hash=Хэш
labels.kuromojiFile=Файл Kuromoji
labels.maxSize=Максимальный размер
labels.order=Порядок
labels.purgeSuggestSearchLogDay=Удалить старую информацию о предложениях
labels.q=Запрос
labels.roles=Роли
labels.suggestSearchLog=Журнал поиска предложений
labels.suggestWord=Предложить слово
labels.targetLabel=Метка
labels.term=Термин
labels.fields=Поля
labels.ex_q=Расширенный запрос

      },
      "dutch_stemmer": {
        "type":       "stemmer",
        "language":   "dutch"
      },
      "dutch_override": {
        "type":       "stemmer_override",
        "rules": [
          "fiets=>fiets",
          "bromfiets=>bromfiets",
          "ei=>eier",
          "kind=>kinder"
        ]
      },
      "english_keywords": {
        "type":       "keyword_marker",

    it keeps your `HeldCertificate` and its chain. On the client it keeps the root certificates
    that are trusted to sign a server's certificate chain. `HandshakeCertificates` also works with
    mutual TLS where these roles are reversed.

    These classes make it possible to enable HTTPS in MockWebServer in [just a few lines of
    code][https_server_sample].