{
  "fess_user.role" : {
    "aliases" : { },
    "mappings" : {
      "role" : {
        "properties" : {
          "name" : {
            "type" : "keyword"
          }
        }
      }
    },
    "settings" : {
      "index" : {
        "creation_date" : "1509021059090",
        "number_of_shards" : "5",
        "number_of_replicas" : "1",
        "uuid" : "ugUWT7UpRCau5xEMgWOBsw",
        "version" : {

        request.addTag(tag);
        return this;
    }

    /**
     * Adds a role to filter by.
     * @param role The role.
     * @return This builder instance.
     */
    public SuggestRequestBuilder addRole(final String role) {
        request.addRole(role);
        return this;
    }

    /**
     * Adds a field to filter by.
     * @param field The field name.

     */
    @Execute
    @Secured({ ROLE, ROLE + VIEW })
    public HtmlResponse index() {
        saveToken();
        return asHtml(path_AdminSuggest_AdminSuggestJsp).useForm(SuggestForm.class);
    }

    /**
     * Deletes all suggest words from the suggest index.
     *
     * @return HTML response redirecting to the index page
     */
    @Execute
    @Secured({ ROLE })
    public HtmlResponse deleteAllWords() {

 */
public class AdminUserAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminUserAction() {
        super();
    }

    /** Role name for admin user operations */
    public static final String ROLE = "admin-user";

    private static final Logger logger = LogManager.getLogger(AdminUserAction.class);

 * role type information from various file system protocols (SMB, file, FTP).
 */
public class PermissionHelper {
    /** Logger instance for this class */
    private static final Logger logger = LogManager.getLogger(PermissionHelper.class);

    /** Prefix used to identify role-based permissions */
    protected String rolePrefix = "{role}";

public class AdminWebauthAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminWebauthAction() {
        super();
    }

    /** Role name for admin web auth operations */
    public static final String ROLE = "admin-webauth";

    private static final Logger logger = LogManager.getLogger(AdminWebauthAction.class);

public class AdminSearchlistAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminSearchlistAction() {
        super();
    }

    /** Role name for admin search list operations */
    public static final String ROLE = "admin-searchlist";

    // ===================================================================================
    // Constant
    //

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.app.web.api.admin.role;

import org.codelibs.fess.app.web.admin.role.CreateForm;

/**
 * Request body for creating role via REST API.
 * Extends CreateForm to inherit validation and field definitions.
 */
public class CreateBody extends CreateForm {

    /**

    }

    @Override
    protected String getActionRole() {
        return ROLE;
    }

    /**
     * Displays the storage management index page.
     *
     * @return HTML response for the storage list page
     */
    @Execute
    @Secured({ ROLE, ROLE + VIEW })
    public HtmlResponse index() {
        saveToken();
        return asListHtml(StringUtil.EMPTY);
    }

#### Adding 'admin' Role

- Go to Roles
  - Add new Role `admin` with Description `${role_admin}`.
  - Add this Role into compositive role named `default-roles-{realm}` - `{realm}` should be replaced with whatever realm you created from `prerequisites` section. This role is automatically trusted in the 'Service Accounts' tab.

- Check that `account` client_id has the role 'admin' assigned in the "Service Account Roles" tab.