- Included Client Audience: security-admin-console

#### Adding 'admin' Role

- Go to Roles
  - Add new Role `admin` with Description `${role_admin}`.
  - Add this Role into compositive role named `default-roles-{realm}` - `{realm}` should be replaced with whatever realm you created from `prerequisites` section. This role is automatically trusted in the 'Service Accounts' tab.

        assertEquals(testMessage, exception.getMessage(), "The exception message should match the input message.");
    }

    /**
     * Test the NO_NULL_REF static field.
     * Ensures that the static field holds the expected string value.
     */
    @Test
    void testNoNullRefConstant() {
        assertNotNull(NdrException.NO_NULL_REF, "NO_NULL_REF constant should not be null.");

    }

    /**
     * Processes sub-roles for the specified LDAP user.
     *
     * @param ldapUser the LDAP user to process sub-roles for
     * @param bindDn the bind DN for LDAP connection
     * @param subRoleSet the set of sub-roles to process
     * @param groupFilter the group filter pattern
     * @param roleSet the set of roles to update
     */

type wholeBitrotReader struct {
	disk       StorageAPI
	volume     string
	filePath   string
	verifier   *BitrotVerifier // Holds the bit-rot info
	tillOffset int64           // Affects the length of data requested in disk.ReadFile depending on Read()'s offset
	buf        []byte          // Holds bit-rot verified data
}

func (b *wholeBitrotReader) ReadAt(buf []byte, offset int64) (n int, err error) {
	if b.buf == nil {

     * @param fields The fields.
     * @param tags The tags.
     * @param roles The roles.
     * @param num The number.
     * @param langs The languages.
     * @return The SuggestIndexResponse.
     */
    public SuggestIndexResponse indexFromSearchWord(final String searchWord, final String[] fields, final String[] tags,
            final String[] roles, final int num, final String[] langs) {
        if (logger.isDebugEnabled()) {

                final LdapManager ldapManager = ComponentUtil.getLdapManager();
                permissions = distinct(ArrayUtils.addAll(ldapManager.getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
                    permissions = distinct(roles);
                    ComponentUtil.getActivityHelper().permissionChanged(OptionalThing.of(new FessUserBean(this)));

   * a "hole" in it so that set tests of {@code ContiguousSet} can suppress them with {@code
   * FeatureSpecificTestSuiteBuilder.suppressing()}.
   */
  /*
   * TODO(cpovirk): or we could make HOLES_FORBIDDEN a feature. Or we could declare that
   * implementations are permitted to throw IAE if a hole is requested, and we could update

    private int currentPageNumber;

    /** User ID for search filtering */
    public String id;

    /** User name for search filtering */
    public String name;

    /** User roles for search filtering */
    public String[] roles;

    /** User groups for search filtering */
    public String[] groups;

    /** Version number for optimistic locking */
    public String versionNo;

    /**

    "docFreq": {
      "type": "long"
    },
    "fields": {
      "type": "keyword"
    },
    "kinds": {
      "type": "keyword"
    },
    "queryFreq": {
      "type": "long"
    },
    "roles": {
      "type": "keyword"
    },
    "languages": {
      "type": "keyword"
    },
    "score": {
      "type": "double"
    },
    "tags": {
      "type": "keyword"
    },
    "text": {

                                    <label for="roles" class="col-sm-3 text-sm-right col-form-label"><la:message
                                            key="labels.roles"/></label>
                                    <div class="col-sm-9">
                                        <la:errors property="roles"/>
                                        <la:select styleId="roles" property="roles" multiple="true"