this.groups = groups;
        }

        /**
         * Sets the user's role assignments.
         * @param roles Array of role names.
         */
        public synchronized void setRoles(final String[] roles) {
            this.roles = roles;
        }

        /**
         * Resets permissions to force recalculation on next getPermissions() call.

     */
    protected void addRoleAttributes(final BasicAttributes entry, final Role user) {
        // nothing
    }

    /**
     * Deletes a role from the LDAP directory.
     *
     * @param role the role object to delete
     */
    public void delete(final Role role) {
        if (!fessConfig.isLdapAdminEnabled()) {
            return;
        }

Shinsuke Sugaya <******@****.***> 1638450896 +0900

     * @param tag The tag.
     */
    public void addTag(final String tag) {
        tags.add(tag);
    }

    /**
     * Adds a role to filter by.
     * @param role The role.
     */
    public void addRole(final String role) {
        roles.add(role);
    }

    /**
     * Adds a field to filter by.
     * @param field The field name.
     */
    public void addField(final String field) {

                logger.warn("Failed to access groups/roles: {}", contentMap);
            }
        } catch (final IOException e) {
            logger.warn("Failed to access groups/roles in Entra ID.", e);
        }
    }

    /**
     * Adds a group or role name to the specified list.
     * @param list The list to add the group or role name to.
     * @param value The group or role name value.

 */
package org.codelibs.fess.app.web.admin.role;

import org.lastaflute.web.validation.Required;
import org.lastaflute.web.validation.theme.conversion.ValidateTypeFailure;

import jakarta.validation.constraints.Size;

/**
 * Form class for editing user roles in the admin interface.
 * This form extends CreateForm to include fields necessary for updating existing role entries,

/**
 * Exception thrown when user role authentication fails during login attempts.
 * This exception is used to indicate that a user does not have the required role
 * to access a specific action or resource.
 *
 */
public class UserRoleLoginException extends RuntimeException {

    private static final long serialVersionUID = 1L;

    /** The action class that requires specific user roles */

#### Adding 'admin' Role

- Go to Roles
  - Add new Role `admin` with Description `${role_admin}`.
  - Add this Role into compositive role named `default-roles-{realm}` - `{realm}` should be replaced with whatever realm you created from `prerequisites` section. This role is automatically trusted in the 'Service Accounts' tab.

- Check that `account` client_id has the role 'admin' assigned in the "Service Account Roles" tab.

Harshavardhana <******@****.***> 1723857894 -0700

    /**
     * Redirects an authenticated user to the appropriate admin interface based on their roles.
     * Users with admin roles are redirected to the dashboard, while other users are redirected
     * to their designated admin action class or to the root if no specific action is available.
     *
     * @param user the authenticated user bean containing role information
     * @return HTML response redirecting to the appropriate admin interface
     */