}

            @Override
            public String getRemoteUser() {
                return null;
            }

            @Override
            public boolean isUserInRole(String role) {
                return false;
            }

            @Override
            public java.security.Principal getUserPrincipal() {
                return null;
            }

            @Override

            }
        }
    }

    /**
     * Sets the roles that are allowed to access the search engine API.
     *
     * @param acceptedRoles array of role names that can access the API
     */
    public void setAcceptedRoles(final String[] acceptedRoles) {
        this.acceptedRoles = acceptedRoles;
    }

    /**

        notifyAll()
      }
    }
  }

  /**
   * Returns true if read timeouts should be enforced while reading response headers or body bytes.
   * We always do timeouts in the HTTP server role. For clients, we only do timeouts after the
   * request is transmitted. This is only interesting for duplex calls where the request and
   * response may be interleaved.
   *

    * action required: Cloud providers other than GCE might want to update their deployments or sample yaml files to reuse the role created via add-on.

### Other notable changes

            public String getIndexFieldPrimaryTerm() {
                return "primary_term";
            }

            @Override
            public String getIndexFieldRole() {
                return "role";
            }

            @Override
            public String getIndexFieldSeqNo() {
                return "seq_no";
            }

            @Override

  - The label applied to control-plane nodes "node-role.kubernetes.io/master" is now deprecated and will be removed in a future release after a GA deprecation period.
  - Introduce a new label "node-role.kubernetes.io/control-plane" that will be applied in parallel to "node-role.kubernetes.io/master" until the removal of the "node-role.kubernetes.io/master" label.

            }

            @Override
            public String getRemoteUser() {
                return null;
            }

            @Override
            public boolean isUserInRole(String role) {
                return false;
            }

            @Override
            public java.security.Principal getUserPrincipal() {
                return null;
            }

            @Override

        }

        @Override
        public String getRemoteUser() {
            throw new UnsupportedOperationException();
        }

        @Override
        public boolean isUserInRole(String role) {
            throw new UnsupportedOperationException();
        }

        @Override
        public java.security.Principal getUserPrincipal() {
            throw new UnsupportedOperationException();
        }

            ctx.skipRoleQuery(); // Skip role query to avoid complex dependency issues
        });

        assertNotNull(context);
    }

    public void test_buildRoleQuery_emptyRoleSet() {
        BoolQueryBuilder boolQuery = QueryBuilders.boolQuery();
        queryHelper.buildRoleQuery(Set.of(), boolQuery);

        // Should add empty role query filter

`settings/v1alpha1`, and `scheduling/v1alpha1` APIs are disabled by default.

* The `system:node` role is no longer automatically granted to the `system:nodes` group in new clusters. The role gives broad read access to resources, including secrets and configmaps. Use the `Node` authorization mode to authorize the nodes in new clusters. To continue providing the `system:node` role to the members of the `system:nodes` group, create an installation-specific `ClusterRoleBinding` in the installation....