# Admin role names for authentication.
authentication.admin.roles=admin

# Default permissions for search roles.
role.search.default.permissions=
# Default display permissions for search roles.
role.search.default.display.permissions={role}guest
# Guest permissions for search roles.
role.search.guest.permissions={role}guest

# Prefix for user roles in search.
role.search.user.prefix=1

public class SearchEngineApiManager extends BaseApiManager {
    private static final String ADMIN_SERVER = "/admin/server_";

    private static final Logger logger = LogManager.getLogger(SearchEngineApiManager.class);

    /** Roles that are allowed to access the search engine API */
    protected String[] acceptedRoles = { "admin" };

    /**
     * Default constructor.
     * Initializes the API manager with the admin server path prefix.
     */

// UTF-8-encoded rune as a token. The sequence of runes returned is
// equivalent to that from a range loop over the input as a string, which
// means that erroneous UTF-8 encodings translate to U+FFFD = "\xef\xbf\xbd".
// Because of the Scan interface, this makes it impossible for the client to
// distinguish correctly encoded replacement runes from encoding errors.

If you want to secure your API, there are several better things you can do, for example:

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like Passlib and JWT tokens, etc.

	"http://dbflute.org/meta/lastadi10.dtd">
<components namespace="fessCrawler">
	<include path="crawler/container.xml"/>
	<include path="crawler/client.xml"/>
	<include path="crawler/rule.xml"/>
	<include path="crawler/filter.xml"/>
	<include path="crawler/interval.xml"/>
	<include path="crawler/extractor.xml"/>
	<include path="crawler/mimetype.xml"/>
	<include path="crawler/encoding.xml"/>

            "registeredAddress", null, false, false, false, "keyword", 0, 0, null, null, false, null, null, null, null, null, false);
    protected final ColumnInfo _columnRoles = cci("roles", "roles", null, null, String[].class, "roles", null, false, false, false,
            "keyword", 0, 0, null, null, false, null, null, null, null, null, false);

                case FessConfig.INDEX_ADMIN_REQUIRED_FIELDS:
                    return "url,title,role,boost";
                case FessConfig.INDEX_ADMIN_ARRAY_FIELDS:
                    return "alerts,roles";

                case FessConfig.INDEX_FIELD_CACHE:
                    return "cache";
                case FessConfig.INDEX_FIELD_DIGEST:
                    return "digest";

netsh interface portproxy add v4tov4 listenaddress=$IP_ADDR listenport=80 connectaddress=169.254.169.254 connectport=80
# A local firewall rule for the container is added in

                }
            } else if (contentMap.containsKey("error")) {
                logger.warn("Failed to access groups/roles: {}", contentMap);
            }
        } catch (final IOException e) {
            logger.warn("Failed to access groups/roles in AzureAD.", e);
        }
    }

    /**
     * Adds a group or role name to the specified list.

    # Additional setup is contained in ci/official/envs/rbe.
    CONTAINER_IP_ADDR=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' tf)
    netsh advfirewall firewall add rule name="Allow Metadata Proxy" dir=in action=allow protocol=TCP localport=80 remoteip="$CONTAINER_IP_ADDR"
  fi

fi