elasticsearch 8.11.0__py3-none-any.whl → 8.12.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- elasticsearch/_async/client/__init__.py +493 -347
- elasticsearch/_async/client/async_search.py +108 -72
- elasticsearch/_async/client/autoscaling.py +13 -8
- elasticsearch/_async/client/cat.py +26 -26
- elasticsearch/_async/client/ccr.py +178 -117
- elasticsearch/_async/client/cluster.py +56 -48
- elasticsearch/_async/client/dangling_indices.py +3 -3
- elasticsearch/_async/client/enrich.py +15 -13
- elasticsearch/_async/client/eql.py +53 -36
- elasticsearch/_async/client/esql.py +99 -0
- elasticsearch/_async/client/features.py +2 -2
- elasticsearch/_async/client/fleet.py +111 -71
- elasticsearch/_async/client/graph.py +13 -11
- elasticsearch/_async/client/ilm.py +33 -27
- elasticsearch/_async/client/indices.py +326 -227
- elasticsearch/_async/client/inference.py +212 -0
- elasticsearch/_async/client/ingest.py +28 -24
- elasticsearch/_async/client/license.py +15 -13
- elasticsearch/_async/client/logstash.py +13 -10
- elasticsearch/_async/client/migration.py +3 -3
- elasticsearch/_async/client/ml.py +762 -538
- elasticsearch/_async/client/monitoring.py +10 -5
- elasticsearch/_async/client/nodes.py +13 -11
- elasticsearch/_async/client/query_ruleset.py +12 -10
- elasticsearch/_async/client/rollup.py +59 -46
- elasticsearch/_async/client/search_application.py +23 -16
- elasticsearch/_async/client/searchable_snapshots.py +23 -16
- elasticsearch/_async/client/security.py +393 -287
- elasticsearch/_async/client/shutdown.py +18 -14
- elasticsearch/_async/client/slm.py +23 -21
- elasticsearch/_async/client/snapshot.py +91 -65
- elasticsearch/_async/client/sql.py +81 -58
- elasticsearch/_async/client/ssl.py +1 -1
- elasticsearch/_async/client/synonyms.py +23 -19
- elasticsearch/_async/client/tasks.py +3 -3
- elasticsearch/_async/client/text_structure.py +10 -5
- elasticsearch/_async/client/transform.py +111 -75
- elasticsearch/_async/client/watcher.py +77 -55
- elasticsearch/_async/client/xpack.py +2 -2
- elasticsearch/_async/helpers.py +1 -1
- elasticsearch/_sync/client/__init__.py +493 -347
- elasticsearch/_sync/client/async_search.py +108 -72
- elasticsearch/_sync/client/autoscaling.py +13 -8
- elasticsearch/_sync/client/cat.py +26 -26
- elasticsearch/_sync/client/ccr.py +178 -117
- elasticsearch/_sync/client/cluster.py +56 -48
- elasticsearch/_sync/client/dangling_indices.py +3 -3
- elasticsearch/_sync/client/enrich.py +15 -13
- elasticsearch/_sync/client/eql.py +53 -36
- elasticsearch/_sync/client/esql.py +99 -0
- elasticsearch/_sync/client/features.py +2 -2
- elasticsearch/_sync/client/fleet.py +111 -71
- elasticsearch/_sync/client/graph.py +13 -11
- elasticsearch/_sync/client/ilm.py +33 -27
- elasticsearch/_sync/client/indices.py +326 -227
- elasticsearch/_sync/client/inference.py +212 -0
- elasticsearch/_sync/client/ingest.py +28 -24
- elasticsearch/_sync/client/license.py +15 -13
- elasticsearch/_sync/client/logstash.py +13 -10
- elasticsearch/_sync/client/migration.py +3 -3
- elasticsearch/_sync/client/ml.py +762 -538
- elasticsearch/_sync/client/monitoring.py +10 -5
- elasticsearch/_sync/client/nodes.py +13 -11
- elasticsearch/_sync/client/query_ruleset.py +12 -10
- elasticsearch/_sync/client/rollup.py +59 -46
- elasticsearch/_sync/client/search_application.py +23 -16
- elasticsearch/_sync/client/searchable_snapshots.py +23 -16
- elasticsearch/_sync/client/security.py +393 -287
- elasticsearch/_sync/client/shutdown.py +18 -14
- elasticsearch/_sync/client/slm.py +23 -21
- elasticsearch/_sync/client/snapshot.py +91 -65
- elasticsearch/_sync/client/sql.py +81 -58
- elasticsearch/_sync/client/ssl.py +1 -1
- elasticsearch/_sync/client/synonyms.py +23 -19
- elasticsearch/_sync/client/tasks.py +3 -3
- elasticsearch/_sync/client/text_structure.py +10 -5
- elasticsearch/_sync/client/transform.py +111 -75
- elasticsearch/_sync/client/utils.py +34 -10
- elasticsearch/_sync/client/watcher.py +77 -55
- elasticsearch/_sync/client/xpack.py +2 -2
- elasticsearch/_version.py +1 -1
- elasticsearch/client.py +2 -0
- elasticsearch/helpers/actions.py +1 -1
- {elasticsearch-8.11.0.dist-info → elasticsearch-8.12.0.dist-info}/METADATA +7 -4
- elasticsearch-8.12.0.dist-info/RECORD +103 -0
- {elasticsearch-8.11.0.dist-info → elasticsearch-8.12.0.dist-info}/WHEEL +1 -1
- elasticsearch-8.11.0.dist-info/RECORD +0 -99
- {elasticsearch-8.11.0.dist-info → elasticsearch-8.12.0.dist-info}/LICENSE +0 -0
- {elasticsearch-8.11.0.dist-info → elasticsearch-8.12.0.dist-info}/NOTICE +0 -0
- {elasticsearch-8.11.0.dist-info → elasticsearch-8.12.0.dist-info}/top_level.txt +0 -0
|
@@ -25,12 +25,14 @@ from .utils import SKIP_IN_PATH, _quote, _rewrite_parameters
|
|
|
25
25
|
|
|
26
26
|
class SecurityClient(NamespacedClient):
|
|
27
27
|
@_rewrite_parameters(
|
|
28
|
-
body_fields=
|
|
28
|
+
body_fields=("grant_type", "access_token", "password", "username"),
|
|
29
29
|
)
|
|
30
30
|
def activate_user_profile(
|
|
31
31
|
self,
|
|
32
32
|
*,
|
|
33
|
-
grant_type: t.
|
|
33
|
+
grant_type: t.Optional[
|
|
34
|
+
t.Union["t.Literal['access_token', 'password']", str]
|
|
35
|
+
] = None,
|
|
34
36
|
access_token: t.Optional[str] = None,
|
|
35
37
|
error_trace: t.Optional[bool] = None,
|
|
36
38
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
@@ -38,38 +40,40 @@ class SecurityClient(NamespacedClient):
|
|
|
38
40
|
password: t.Optional[str] = None,
|
|
39
41
|
pretty: t.Optional[bool] = None,
|
|
40
42
|
username: t.Optional[str] = None,
|
|
43
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
41
44
|
) -> ObjectApiResponse[t.Any]:
|
|
42
45
|
"""
|
|
43
46
|
Creates or updates the user profile on behalf of another user.
|
|
44
47
|
|
|
45
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
48
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-activate-user-profile.html>`_
|
|
46
49
|
|
|
47
50
|
:param grant_type:
|
|
48
51
|
:param access_token:
|
|
49
52
|
:param password:
|
|
50
53
|
:param username:
|
|
51
54
|
"""
|
|
52
|
-
if grant_type is None:
|
|
55
|
+
if grant_type is None and body is None:
|
|
53
56
|
raise ValueError("Empty value passed for parameter 'grant_type'")
|
|
54
57
|
__path = "/_security/profile/_activate"
|
|
55
|
-
__body: t.Dict[str, t.Any] = {}
|
|
56
58
|
__query: t.Dict[str, t.Any] = {}
|
|
57
|
-
if
|
|
58
|
-
__body["grant_type"] = grant_type
|
|
59
|
-
if access_token is not None:
|
|
60
|
-
__body["access_token"] = access_token
|
|
59
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
61
60
|
if error_trace is not None:
|
|
62
61
|
__query["error_trace"] = error_trace
|
|
63
62
|
if filter_path is not None:
|
|
64
63
|
__query["filter_path"] = filter_path
|
|
65
64
|
if human is not None:
|
|
66
65
|
__query["human"] = human
|
|
67
|
-
if password is not None:
|
|
68
|
-
__body["password"] = password
|
|
69
66
|
if pretty is not None:
|
|
70
67
|
__query["pretty"] = pretty
|
|
71
|
-
if
|
|
72
|
-
|
|
68
|
+
if not __body:
|
|
69
|
+
if grant_type is not None:
|
|
70
|
+
__body["grant_type"] = grant_type
|
|
71
|
+
if access_token is not None:
|
|
72
|
+
__body["access_token"] = access_token
|
|
73
|
+
if password is not None:
|
|
74
|
+
__body["password"] = password
|
|
75
|
+
if username is not None:
|
|
76
|
+
__body["username"] = username
|
|
73
77
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
74
78
|
return self.perform_request( # type: ignore[return-value]
|
|
75
79
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -88,7 +92,7 @@ class SecurityClient(NamespacedClient):
|
|
|
88
92
|
Enables authentication as a user and retrieve information about the authenticated
|
|
89
93
|
user.
|
|
90
94
|
|
|
91
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
95
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-authenticate.html>`_
|
|
92
96
|
"""
|
|
93
97
|
__path = "/_security/_authenticate"
|
|
94
98
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -106,7 +110,7 @@ class SecurityClient(NamespacedClient):
|
|
|
106
110
|
)
|
|
107
111
|
|
|
108
112
|
@_rewrite_parameters(
|
|
109
|
-
body_fields=
|
|
113
|
+
body_fields=("password", "password_hash"),
|
|
110
114
|
)
|
|
111
115
|
def change_password(
|
|
112
116
|
self,
|
|
@@ -121,11 +125,12 @@ class SecurityClient(NamespacedClient):
|
|
|
121
125
|
refresh: t.Optional[
|
|
122
126
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
123
127
|
] = None,
|
|
128
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
124
129
|
) -> ObjectApiResponse[t.Any]:
|
|
125
130
|
"""
|
|
126
131
|
Changes the passwords of users in the native realm and built-in users.
|
|
127
132
|
|
|
128
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
133
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-change-password.html>`_
|
|
129
134
|
|
|
130
135
|
:param username: The user whose password you want to change. If you do not specify
|
|
131
136
|
this parameter, the password is changed for the current user.
|
|
@@ -144,21 +149,22 @@ class SecurityClient(NamespacedClient):
|
|
|
144
149
|
else:
|
|
145
150
|
__path = "/_security/user/_password"
|
|
146
151
|
__query: t.Dict[str, t.Any] = {}
|
|
147
|
-
__body: t.Dict[str, t.Any] = {}
|
|
152
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
148
153
|
if error_trace is not None:
|
|
149
154
|
__query["error_trace"] = error_trace
|
|
150
155
|
if filter_path is not None:
|
|
151
156
|
__query["filter_path"] = filter_path
|
|
152
157
|
if human is not None:
|
|
153
158
|
__query["human"] = human
|
|
154
|
-
if password is not None:
|
|
155
|
-
__body["password"] = password
|
|
156
|
-
if password_hash is not None:
|
|
157
|
-
__body["password_hash"] = password_hash
|
|
158
159
|
if pretty is not None:
|
|
159
160
|
__query["pretty"] = pretty
|
|
160
161
|
if refresh is not None:
|
|
161
162
|
__query["refresh"] = refresh
|
|
163
|
+
if not __body:
|
|
164
|
+
if password is not None:
|
|
165
|
+
__body["password"] = password
|
|
166
|
+
if password_hash is not None:
|
|
167
|
+
__body["password_hash"] = password_hash
|
|
162
168
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
163
169
|
return self.perform_request( # type: ignore[return-value]
|
|
164
170
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
@@ -177,7 +183,7 @@ class SecurityClient(NamespacedClient):
|
|
|
177
183
|
"""
|
|
178
184
|
Clear a subset or all entries from the API key cache.
|
|
179
185
|
|
|
180
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
186
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-api-key-cache.html>`_
|
|
181
187
|
|
|
182
188
|
:param ids: Comma-separated list of API key IDs to evict from the API key cache.
|
|
183
189
|
To evict all API keys, use `*`. Does not support other wildcard patterns.
|
|
@@ -212,7 +218,7 @@ class SecurityClient(NamespacedClient):
|
|
|
212
218
|
"""
|
|
213
219
|
Evicts application privileges from the native application privileges cache.
|
|
214
220
|
|
|
215
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
221
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-privilege-cache.html>`_
|
|
216
222
|
|
|
217
223
|
:param application: A comma-separated list of application names
|
|
218
224
|
"""
|
|
@@ -248,7 +254,7 @@ class SecurityClient(NamespacedClient):
|
|
|
248
254
|
Evicts users from the user cache. Can completely clear the cache or evict specific
|
|
249
255
|
users.
|
|
250
256
|
|
|
251
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
257
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-cache.html>`_
|
|
252
258
|
|
|
253
259
|
:param realms: Comma-separated list of realms to clear
|
|
254
260
|
:param usernames: Comma-separated list of usernames to clear from the cache
|
|
@@ -285,7 +291,7 @@ class SecurityClient(NamespacedClient):
|
|
|
285
291
|
"""
|
|
286
292
|
Evicts roles from the native role cache.
|
|
287
293
|
|
|
288
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
294
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-role-cache.html>`_
|
|
289
295
|
|
|
290
296
|
:param name: Role name
|
|
291
297
|
"""
|
|
@@ -321,7 +327,7 @@ class SecurityClient(NamespacedClient):
|
|
|
321
327
|
"""
|
|
322
328
|
Evicts tokens from the service account token caches.
|
|
323
329
|
|
|
324
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
330
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-service-token-caches.html>`_
|
|
325
331
|
|
|
326
332
|
:param namespace: An identifier for the namespace
|
|
327
333
|
:param service: An identifier for the service name
|
|
@@ -349,7 +355,7 @@ class SecurityClient(NamespacedClient):
|
|
|
349
355
|
)
|
|
350
356
|
|
|
351
357
|
@_rewrite_parameters(
|
|
352
|
-
body_fields=
|
|
358
|
+
body_fields=("expiration", "metadata", "name", "role_descriptors"),
|
|
353
359
|
)
|
|
354
360
|
def create_api_key(
|
|
355
361
|
self,
|
|
@@ -365,11 +371,12 @@ class SecurityClient(NamespacedClient):
|
|
|
365
371
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
366
372
|
] = None,
|
|
367
373
|
role_descriptors: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
|
|
374
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
368
375
|
) -> ObjectApiResponse[t.Any]:
|
|
369
376
|
"""
|
|
370
377
|
Creates an API key for access without requiring basic authentication.
|
|
371
378
|
|
|
372
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
379
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-create-api-key.html>`_
|
|
373
380
|
|
|
374
381
|
:param expiration: Expiration time for the API key. By default, API keys never
|
|
375
382
|
expire.
|
|
@@ -391,25 +398,26 @@ class SecurityClient(NamespacedClient):
|
|
|
391
398
|
"""
|
|
392
399
|
__path = "/_security/api_key"
|
|
393
400
|
__query: t.Dict[str, t.Any] = {}
|
|
394
|
-
__body: t.Dict[str, t.Any] = {}
|
|
401
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
395
402
|
if error_trace is not None:
|
|
396
403
|
__query["error_trace"] = error_trace
|
|
397
|
-
if expiration is not None:
|
|
398
|
-
__body["expiration"] = expiration
|
|
399
404
|
if filter_path is not None:
|
|
400
405
|
__query["filter_path"] = filter_path
|
|
401
406
|
if human is not None:
|
|
402
407
|
__query["human"] = human
|
|
403
|
-
if metadata is not None:
|
|
404
|
-
__body["metadata"] = metadata
|
|
405
|
-
if name is not None:
|
|
406
|
-
__body["name"] = name
|
|
407
408
|
if pretty is not None:
|
|
408
409
|
__query["pretty"] = pretty
|
|
409
410
|
if refresh is not None:
|
|
410
411
|
__query["refresh"] = refresh
|
|
411
|
-
if
|
|
412
|
-
|
|
412
|
+
if not __body:
|
|
413
|
+
if expiration is not None:
|
|
414
|
+
__body["expiration"] = expiration
|
|
415
|
+
if metadata is not None:
|
|
416
|
+
__body["metadata"] = metadata
|
|
417
|
+
if name is not None:
|
|
418
|
+
__body["name"] = name
|
|
419
|
+
if role_descriptors is not None:
|
|
420
|
+
__body["role_descriptors"] = role_descriptors
|
|
413
421
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
414
422
|
return self.perform_request( # type: ignore[return-value]
|
|
415
423
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
@@ -433,7 +441,7 @@ class SecurityClient(NamespacedClient):
|
|
|
433
441
|
"""
|
|
434
442
|
Creates a service account token for access without requiring basic authentication.
|
|
435
443
|
|
|
436
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
444
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-create-service-token.html>`_
|
|
437
445
|
|
|
438
446
|
:param namespace: An identifier for the namespace
|
|
439
447
|
:param service: An identifier for the service name
|
|
@@ -491,7 +499,7 @@ class SecurityClient(NamespacedClient):
|
|
|
491
499
|
"""
|
|
492
500
|
Removes application privileges.
|
|
493
501
|
|
|
494
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
502
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-privilege.html>`_
|
|
495
503
|
|
|
496
504
|
:param application: Application name
|
|
497
505
|
:param name: Privilege name
|
|
@@ -536,7 +544,7 @@ class SecurityClient(NamespacedClient):
|
|
|
536
544
|
"""
|
|
537
545
|
Removes roles in the native realm.
|
|
538
546
|
|
|
539
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
547
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-role.html>`_
|
|
540
548
|
|
|
541
549
|
:param name: Role name
|
|
542
550
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -578,7 +586,7 @@ class SecurityClient(NamespacedClient):
|
|
|
578
586
|
"""
|
|
579
587
|
Removes role mappings.
|
|
580
588
|
|
|
581
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
589
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-role-mapping.html>`_
|
|
582
590
|
|
|
583
591
|
:param name: Role-mapping name
|
|
584
592
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -622,7 +630,7 @@ class SecurityClient(NamespacedClient):
|
|
|
622
630
|
"""
|
|
623
631
|
Deletes a service account token.
|
|
624
632
|
|
|
625
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
633
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-service-token.html>`_
|
|
626
634
|
|
|
627
635
|
:param namespace: An identifier for the namespace
|
|
628
636
|
:param service: An identifier for the service name
|
|
@@ -670,7 +678,7 @@ class SecurityClient(NamespacedClient):
|
|
|
670
678
|
"""
|
|
671
679
|
Deletes users from the native realm.
|
|
672
680
|
|
|
673
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
681
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-user.html>`_
|
|
674
682
|
|
|
675
683
|
:param username: username
|
|
676
684
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -712,7 +720,7 @@ class SecurityClient(NamespacedClient):
|
|
|
712
720
|
"""
|
|
713
721
|
Disables users in the native realm.
|
|
714
722
|
|
|
715
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
723
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-disable-user.html>`_
|
|
716
724
|
|
|
717
725
|
:param username: The username of the user to disable
|
|
718
726
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -754,7 +762,7 @@ class SecurityClient(NamespacedClient):
|
|
|
754
762
|
"""
|
|
755
763
|
Disables a user profile so it's not visible in user profile searches.
|
|
756
764
|
|
|
757
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
765
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-disable-user-profile.html>`_
|
|
758
766
|
|
|
759
767
|
:param uid: Unique identifier for the user profile.
|
|
760
768
|
:param refresh: If 'true', Elasticsearch refreshes the affected shards to make
|
|
@@ -796,7 +804,7 @@ class SecurityClient(NamespacedClient):
|
|
|
796
804
|
"""
|
|
797
805
|
Enables users in the native realm.
|
|
798
806
|
|
|
799
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
807
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-enable-user.html>`_
|
|
800
808
|
|
|
801
809
|
:param username: The username of the user to enable
|
|
802
810
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -838,7 +846,7 @@ class SecurityClient(NamespacedClient):
|
|
|
838
846
|
"""
|
|
839
847
|
Enables a user profile so it's visible in user profile searches.
|
|
840
848
|
|
|
841
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
849
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-enable-user-profile.html>`_
|
|
842
850
|
|
|
843
851
|
:param uid: Unique identifier for the user profile.
|
|
844
852
|
:param refresh: If 'true', Elasticsearch refreshes the affected shards to make
|
|
@@ -877,7 +885,7 @@ class SecurityClient(NamespacedClient):
|
|
|
877
885
|
Allows a kibana instance to configure itself to communicate with a secured elasticsearch
|
|
878
886
|
cluster.
|
|
879
887
|
|
|
880
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
888
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-kibana-enrollment.html>`_
|
|
881
889
|
"""
|
|
882
890
|
__path = "/_security/enroll/kibana"
|
|
883
891
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -906,7 +914,7 @@ class SecurityClient(NamespacedClient):
|
|
|
906
914
|
"""
|
|
907
915
|
Allows a new node to enroll to an existing cluster with security enabled.
|
|
908
916
|
|
|
909
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
917
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-node-enrollment.html>`_
|
|
910
918
|
"""
|
|
911
919
|
__path = "/_security/enroll/node"
|
|
912
920
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -927,6 +935,7 @@ class SecurityClient(NamespacedClient):
|
|
|
927
935
|
def get_api_key(
|
|
928
936
|
self,
|
|
929
937
|
*,
|
|
938
|
+
active_only: t.Optional[bool] = None,
|
|
930
939
|
error_trace: t.Optional[bool] = None,
|
|
931
940
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
932
941
|
human: t.Optional[bool] = None,
|
|
@@ -941,8 +950,13 @@ class SecurityClient(NamespacedClient):
|
|
|
941
950
|
"""
|
|
942
951
|
Retrieves information for one or more API keys.
|
|
943
952
|
|
|
944
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
953
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-api-key.html>`_
|
|
945
954
|
|
|
955
|
+
:param active_only: A boolean flag that can be used to query API keys that are
|
|
956
|
+
currently active. An API key is considered active if it is neither invalidated,
|
|
957
|
+
nor expired at query time. You can specify this together with other parameters
|
|
958
|
+
such as `owner` or `name`. If `active_only` is false, the response will include
|
|
959
|
+
both active and inactive (expired or invalidated) keys.
|
|
946
960
|
:param id: An API key id. This parameter cannot be used with any of `name`, `realm_name`
|
|
947
961
|
or `username`.
|
|
948
962
|
:param name: An API key name. This parameter cannot be used with any of `id`,
|
|
@@ -961,6 +975,8 @@ class SecurityClient(NamespacedClient):
|
|
|
961
975
|
"""
|
|
962
976
|
__path = "/_security/api_key"
|
|
963
977
|
__query: t.Dict[str, t.Any] = {}
|
|
978
|
+
if active_only is not None:
|
|
979
|
+
__query["active_only"] = active_only
|
|
964
980
|
if error_trace is not None:
|
|
965
981
|
__query["error_trace"] = error_trace
|
|
966
982
|
if filter_path is not None:
|
|
@@ -999,7 +1015,7 @@ class SecurityClient(NamespacedClient):
|
|
|
999
1015
|
Retrieves the list of cluster privileges and index privileges that are available
|
|
1000
1016
|
in this version of Elasticsearch.
|
|
1001
1017
|
|
|
1002
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1018
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-builtin-privileges.html>`_
|
|
1003
1019
|
"""
|
|
1004
1020
|
__path = "/_security/privilege/_builtin"
|
|
1005
1021
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -1030,7 +1046,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1030
1046
|
"""
|
|
1031
1047
|
Retrieves application privileges.
|
|
1032
1048
|
|
|
1033
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1049
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-privileges.html>`_
|
|
1034
1050
|
|
|
1035
1051
|
:param application: Application name
|
|
1036
1052
|
:param name: Privilege name
|
|
@@ -1068,7 +1084,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1068
1084
|
"""
|
|
1069
1085
|
Retrieves roles in the native realm.
|
|
1070
1086
|
|
|
1071
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1087
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-role.html>`_
|
|
1072
1088
|
|
|
1073
1089
|
:param name: The name of the role. You can specify multiple roles as a comma-separated
|
|
1074
1090
|
list. If you do not specify this parameter, the API returns information about
|
|
@@ -1105,7 +1121,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1105
1121
|
"""
|
|
1106
1122
|
Retrieves role mappings.
|
|
1107
1123
|
|
|
1108
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1124
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-role-mapping.html>`_
|
|
1109
1125
|
|
|
1110
1126
|
:param name: The distinct name that identifies the role mapping. The name is
|
|
1111
1127
|
used solely as an identifier to facilitate interaction via the API; it does
|
|
@@ -1145,7 +1161,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1145
1161
|
"""
|
|
1146
1162
|
Retrieves information about service accounts.
|
|
1147
1163
|
|
|
1148
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1164
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-service-accounts.html>`_
|
|
1149
1165
|
|
|
1150
1166
|
:param namespace: Name of the namespace. Omit this parameter to retrieve information
|
|
1151
1167
|
about all service accounts. If you omit this parameter, you must also omit
|
|
@@ -1187,7 +1203,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1187
1203
|
"""
|
|
1188
1204
|
Retrieves information of all service credentials for a service account.
|
|
1189
1205
|
|
|
1190
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1206
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-service-credentials.html>`_
|
|
1191
1207
|
|
|
1192
1208
|
:param namespace: Name of the namespace.
|
|
1193
1209
|
:param service: Name of the service name.
|
|
@@ -1212,7 +1228,14 @@ class SecurityClient(NamespacedClient):
|
|
|
1212
1228
|
)
|
|
1213
1229
|
|
|
1214
1230
|
@_rewrite_parameters(
|
|
1215
|
-
body_fields=
|
|
1231
|
+
body_fields=(
|
|
1232
|
+
"grant_type",
|
|
1233
|
+
"kerberos_ticket",
|
|
1234
|
+
"password",
|
|
1235
|
+
"refresh_token",
|
|
1236
|
+
"scope",
|
|
1237
|
+
"username",
|
|
1238
|
+
),
|
|
1216
1239
|
)
|
|
1217
1240
|
def get_token(
|
|
1218
1241
|
self,
|
|
@@ -1232,11 +1255,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1232
1255
|
refresh_token: t.Optional[str] = None,
|
|
1233
1256
|
scope: t.Optional[str] = None,
|
|
1234
1257
|
username: t.Optional[str] = None,
|
|
1258
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1235
1259
|
) -> ObjectApiResponse[t.Any]:
|
|
1236
1260
|
"""
|
|
1237
1261
|
Creates a bearer token for access without requiring basic authentication.
|
|
1238
1262
|
|
|
1239
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1263
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-token.html>`_
|
|
1240
1264
|
|
|
1241
1265
|
:param grant_type:
|
|
1242
1266
|
:param kerberos_ticket:
|
|
@@ -1247,27 +1271,28 @@ class SecurityClient(NamespacedClient):
|
|
|
1247
1271
|
"""
|
|
1248
1272
|
__path = "/_security/oauth2/token"
|
|
1249
1273
|
__query: t.Dict[str, t.Any] = {}
|
|
1250
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1274
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1251
1275
|
if error_trace is not None:
|
|
1252
1276
|
__query["error_trace"] = error_trace
|
|
1253
1277
|
if filter_path is not None:
|
|
1254
1278
|
__query["filter_path"] = filter_path
|
|
1255
|
-
if grant_type is not None:
|
|
1256
|
-
__body["grant_type"] = grant_type
|
|
1257
1279
|
if human is not None:
|
|
1258
1280
|
__query["human"] = human
|
|
1259
|
-
if kerberos_ticket is not None:
|
|
1260
|
-
__body["kerberos_ticket"] = kerberos_ticket
|
|
1261
|
-
if password is not None:
|
|
1262
|
-
__body["password"] = password
|
|
1263
1281
|
if pretty is not None:
|
|
1264
1282
|
__query["pretty"] = pretty
|
|
1265
|
-
if
|
|
1266
|
-
|
|
1267
|
-
|
|
1268
|
-
|
|
1269
|
-
|
|
1270
|
-
|
|
1283
|
+
if not __body:
|
|
1284
|
+
if grant_type is not None:
|
|
1285
|
+
__body["grant_type"] = grant_type
|
|
1286
|
+
if kerberos_ticket is not None:
|
|
1287
|
+
__body["kerberos_ticket"] = kerberos_ticket
|
|
1288
|
+
if password is not None:
|
|
1289
|
+
__body["password"] = password
|
|
1290
|
+
if refresh_token is not None:
|
|
1291
|
+
__body["refresh_token"] = refresh_token
|
|
1292
|
+
if scope is not None:
|
|
1293
|
+
__body["scope"] = scope
|
|
1294
|
+
if username is not None:
|
|
1295
|
+
__body["username"] = username
|
|
1271
1296
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1272
1297
|
return self.perform_request( # type: ignore[return-value]
|
|
1273
1298
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -1287,7 +1312,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1287
1312
|
"""
|
|
1288
1313
|
Retrieves information about users in the native realm and built-in users.
|
|
1289
1314
|
|
|
1290
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1315
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user.html>`_
|
|
1291
1316
|
|
|
1292
1317
|
:param username: An identifier for the user. You can specify multiple usernames
|
|
1293
1318
|
as a comma-separated list. If you omit this parameter, the API retrieves
|
|
@@ -1330,7 +1355,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1330
1355
|
"""
|
|
1331
1356
|
Retrieves security privileges for the logged in user.
|
|
1332
1357
|
|
|
1333
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1358
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user-privileges.html>`_
|
|
1334
1359
|
|
|
1335
1360
|
:param application: The name of the application. Application privileges are always
|
|
1336
1361
|
associated with exactly one application. If you do not specify this parameter,
|
|
@@ -1374,7 +1399,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1374
1399
|
"""
|
|
1375
1400
|
Retrieves user profiles for the given unique ID(s).
|
|
1376
1401
|
|
|
1377
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1402
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user-profile.html>`_
|
|
1378
1403
|
|
|
1379
1404
|
:param uid: A unique identifier for the user profile.
|
|
1380
1405
|
:param data: List of filters for the `data` field of the profile document. To
|
|
@@ -1402,14 +1427,23 @@ class SecurityClient(NamespacedClient):
|
|
|
1402
1427
|
)
|
|
1403
1428
|
|
|
1404
1429
|
@_rewrite_parameters(
|
|
1405
|
-
body_fields=
|
|
1430
|
+
body_fields=(
|
|
1431
|
+
"api_key",
|
|
1432
|
+
"grant_type",
|
|
1433
|
+
"access_token",
|
|
1434
|
+
"password",
|
|
1435
|
+
"run_as",
|
|
1436
|
+
"username",
|
|
1437
|
+
),
|
|
1406
1438
|
ignore_deprecated_options={"api_key"},
|
|
1407
1439
|
)
|
|
1408
1440
|
def grant_api_key(
|
|
1409
1441
|
self,
|
|
1410
1442
|
*,
|
|
1411
|
-
api_key: t.Mapping[str, t.Any],
|
|
1412
|
-
grant_type: t.
|
|
1443
|
+
api_key: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1444
|
+
grant_type: t.Optional[
|
|
1445
|
+
t.Union["t.Literal['access_token', 'password']", str]
|
|
1446
|
+
] = None,
|
|
1413
1447
|
access_token: t.Optional[str] = None,
|
|
1414
1448
|
error_trace: t.Optional[bool] = None,
|
|
1415
1449
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
@@ -1418,11 +1452,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1418
1452
|
pretty: t.Optional[bool] = None,
|
|
1419
1453
|
run_as: t.Optional[str] = None,
|
|
1420
1454
|
username: t.Optional[str] = None,
|
|
1455
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1421
1456
|
) -> ObjectApiResponse[t.Any]:
|
|
1422
1457
|
"""
|
|
1423
1458
|
Creates an API key on behalf of another user.
|
|
1424
1459
|
|
|
1425
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1460
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-grant-api-key.html>`_
|
|
1426
1461
|
|
|
1427
1462
|
:param api_key: Defines the API key.
|
|
1428
1463
|
:param grant_type: The type of grant. Supported grant types are: `access_token`,
|
|
@@ -1437,40 +1472,41 @@ class SecurityClient(NamespacedClient):
|
|
|
1437
1472
|
grant type, this parameter is required. It is not valid with other grant
|
|
1438
1473
|
types.
|
|
1439
1474
|
"""
|
|
1440
|
-
if api_key is None:
|
|
1475
|
+
if api_key is None and body is None:
|
|
1441
1476
|
raise ValueError("Empty value passed for parameter 'api_key'")
|
|
1442
|
-
if grant_type is None:
|
|
1477
|
+
if grant_type is None and body is None:
|
|
1443
1478
|
raise ValueError("Empty value passed for parameter 'grant_type'")
|
|
1444
1479
|
__path = "/_security/api_key/grant"
|
|
1445
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1446
1480
|
__query: t.Dict[str, t.Any] = {}
|
|
1447
|
-
if
|
|
1448
|
-
__body["api_key"] = api_key
|
|
1449
|
-
if grant_type is not None:
|
|
1450
|
-
__body["grant_type"] = grant_type
|
|
1451
|
-
if access_token is not None:
|
|
1452
|
-
__body["access_token"] = access_token
|
|
1481
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1453
1482
|
if error_trace is not None:
|
|
1454
1483
|
__query["error_trace"] = error_trace
|
|
1455
1484
|
if filter_path is not None:
|
|
1456
1485
|
__query["filter_path"] = filter_path
|
|
1457
1486
|
if human is not None:
|
|
1458
1487
|
__query["human"] = human
|
|
1459
|
-
if password is not None:
|
|
1460
|
-
__body["password"] = password
|
|
1461
1488
|
if pretty is not None:
|
|
1462
1489
|
__query["pretty"] = pretty
|
|
1463
|
-
if
|
|
1464
|
-
|
|
1465
|
-
|
|
1466
|
-
|
|
1490
|
+
if not __body:
|
|
1491
|
+
if api_key is not None:
|
|
1492
|
+
__body["api_key"] = api_key
|
|
1493
|
+
if grant_type is not None:
|
|
1494
|
+
__body["grant_type"] = grant_type
|
|
1495
|
+
if access_token is not None:
|
|
1496
|
+
__body["access_token"] = access_token
|
|
1497
|
+
if password is not None:
|
|
1498
|
+
__body["password"] = password
|
|
1499
|
+
if run_as is not None:
|
|
1500
|
+
__body["run_as"] = run_as
|
|
1501
|
+
if username is not None:
|
|
1502
|
+
__body["username"] = username
|
|
1467
1503
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1468
1504
|
return self.perform_request( # type: ignore[return-value]
|
|
1469
1505
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1470
1506
|
)
|
|
1471
1507
|
|
|
1472
1508
|
@_rewrite_parameters(
|
|
1473
|
-
body_fields=
|
|
1509
|
+
body_fields=("application", "cluster", "index"),
|
|
1474
1510
|
)
|
|
1475
1511
|
def has_privileges(
|
|
1476
1512
|
self,
|
|
@@ -1490,11 +1526,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1490
1526
|
human: t.Optional[bool] = None,
|
|
1491
1527
|
index: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None,
|
|
1492
1528
|
pretty: t.Optional[bool] = None,
|
|
1529
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1493
1530
|
) -> ObjectApiResponse[t.Any]:
|
|
1494
1531
|
"""
|
|
1495
1532
|
Determines whether the specified user has a specified list of privileges.
|
|
1496
1533
|
|
|
1497
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1534
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-has-privileges.html>`_
|
|
1498
1535
|
|
|
1499
1536
|
:param user: Username
|
|
1500
1537
|
:param application:
|
|
@@ -1505,61 +1542,59 @@ class SecurityClient(NamespacedClient):
|
|
|
1505
1542
|
__path = f"/_security/user/{_quote(user)}/_has_privileges"
|
|
1506
1543
|
else:
|
|
1507
1544
|
__path = "/_security/user/_has_privileges"
|
|
1508
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1509
1545
|
__query: t.Dict[str, t.Any] = {}
|
|
1510
|
-
if
|
|
1511
|
-
__body["application"] = application
|
|
1512
|
-
if cluster is not None:
|
|
1513
|
-
__body["cluster"] = cluster
|
|
1546
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1514
1547
|
if error_trace is not None:
|
|
1515
1548
|
__query["error_trace"] = error_trace
|
|
1516
1549
|
if filter_path is not None:
|
|
1517
1550
|
__query["filter_path"] = filter_path
|
|
1518
1551
|
if human is not None:
|
|
1519
1552
|
__query["human"] = human
|
|
1520
|
-
if index is not None:
|
|
1521
|
-
__body["index"] = index
|
|
1522
1553
|
if pretty is not None:
|
|
1523
1554
|
__query["pretty"] = pretty
|
|
1555
|
+
if not __body:
|
|
1556
|
+
if application is not None:
|
|
1557
|
+
__body["application"] = application
|
|
1558
|
+
if cluster is not None:
|
|
1559
|
+
__body["cluster"] = cluster
|
|
1560
|
+
if index is not None:
|
|
1561
|
+
__body["index"] = index
|
|
1524
1562
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1525
1563
|
return self.perform_request( # type: ignore[return-value]
|
|
1526
1564
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1527
1565
|
)
|
|
1528
1566
|
|
|
1529
1567
|
@_rewrite_parameters(
|
|
1530
|
-
body_fields=
|
|
1568
|
+
body_fields=("privileges", "uids"),
|
|
1531
1569
|
)
|
|
1532
1570
|
def has_privileges_user_profile(
|
|
1533
1571
|
self,
|
|
1534
1572
|
*,
|
|
1535
|
-
privileges: t.Mapping[str, t.Any],
|
|
1536
|
-
uids: t.Sequence[str],
|
|
1573
|
+
privileges: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1574
|
+
uids: t.Optional[t.Sequence[str]] = None,
|
|
1537
1575
|
error_trace: t.Optional[bool] = None,
|
|
1538
1576
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
1539
1577
|
human: t.Optional[bool] = None,
|
|
1540
1578
|
pretty: t.Optional[bool] = None,
|
|
1579
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1541
1580
|
) -> ObjectApiResponse[t.Any]:
|
|
1542
1581
|
"""
|
|
1543
1582
|
Determines whether the users associated with the specified profile IDs have all
|
|
1544
1583
|
the requested privileges.
|
|
1545
1584
|
|
|
1546
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1585
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-has-privileges-user-profile.html>`_
|
|
1547
1586
|
|
|
1548
1587
|
:param privileges:
|
|
1549
1588
|
:param uids: A list of profile IDs. The privileges are checked for associated
|
|
1550
1589
|
users of the profiles.
|
|
1551
1590
|
"""
|
|
1552
|
-
if privileges is None:
|
|
1591
|
+
if privileges is None and body is None:
|
|
1553
1592
|
raise ValueError("Empty value passed for parameter 'privileges'")
|
|
1554
|
-
if uids is None:
|
|
1593
|
+
if uids is None and body is None:
|
|
1555
1594
|
raise ValueError("Empty value passed for parameter 'uids'")
|
|
1556
1595
|
__path = "/_security/profile/_has_privileges"
|
|
1557
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1558
1596
|
__query: t.Dict[str, t.Any] = {}
|
|
1559
|
-
if
|
|
1560
|
-
__body["privileges"] = privileges
|
|
1561
|
-
if uids is not None:
|
|
1562
|
-
__body["uids"] = uids
|
|
1597
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1563
1598
|
if error_trace is not None:
|
|
1564
1599
|
__query["error_trace"] = error_trace
|
|
1565
1600
|
if filter_path is not None:
|
|
@@ -1568,13 +1603,18 @@ class SecurityClient(NamespacedClient):
|
|
|
1568
1603
|
__query["human"] = human
|
|
1569
1604
|
if pretty is not None:
|
|
1570
1605
|
__query["pretty"] = pretty
|
|
1606
|
+
if not __body:
|
|
1607
|
+
if privileges is not None:
|
|
1608
|
+
__body["privileges"] = privileges
|
|
1609
|
+
if uids is not None:
|
|
1610
|
+
__body["uids"] = uids
|
|
1571
1611
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1572
1612
|
return self.perform_request( # type: ignore[return-value]
|
|
1573
1613
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1574
1614
|
)
|
|
1575
1615
|
|
|
1576
1616
|
@_rewrite_parameters(
|
|
1577
|
-
body_fields=
|
|
1617
|
+
body_fields=("id", "ids", "name", "owner", "realm_name", "username"),
|
|
1578
1618
|
)
|
|
1579
1619
|
def invalidate_api_key(
|
|
1580
1620
|
self,
|
|
@@ -1589,11 +1629,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1589
1629
|
pretty: t.Optional[bool] = None,
|
|
1590
1630
|
realm_name: t.Optional[str] = None,
|
|
1591
1631
|
username: t.Optional[str] = None,
|
|
1632
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1592
1633
|
) -> ObjectApiResponse[t.Any]:
|
|
1593
1634
|
"""
|
|
1594
1635
|
Invalidates one or more API keys.
|
|
1595
1636
|
|
|
1596
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1637
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-invalidate-api-key.html>`_
|
|
1597
1638
|
|
|
1598
1639
|
:param id:
|
|
1599
1640
|
:param ids: A list of API key ids. This parameter cannot be used with any of
|
|
@@ -1611,34 +1652,35 @@ class SecurityClient(NamespacedClient):
|
|
|
1611
1652
|
"""
|
|
1612
1653
|
__path = "/_security/api_key"
|
|
1613
1654
|
__query: t.Dict[str, t.Any] = {}
|
|
1614
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1655
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1615
1656
|
if error_trace is not None:
|
|
1616
1657
|
__query["error_trace"] = error_trace
|
|
1617
1658
|
if filter_path is not None:
|
|
1618
1659
|
__query["filter_path"] = filter_path
|
|
1619
1660
|
if human is not None:
|
|
1620
1661
|
__query["human"] = human
|
|
1621
|
-
if id is not None:
|
|
1622
|
-
__body["id"] = id
|
|
1623
|
-
if ids is not None:
|
|
1624
|
-
__body["ids"] = ids
|
|
1625
|
-
if name is not None:
|
|
1626
|
-
__body["name"] = name
|
|
1627
|
-
if owner is not None:
|
|
1628
|
-
__body["owner"] = owner
|
|
1629
1662
|
if pretty is not None:
|
|
1630
1663
|
__query["pretty"] = pretty
|
|
1631
|
-
if
|
|
1632
|
-
|
|
1633
|
-
|
|
1634
|
-
|
|
1664
|
+
if not __body:
|
|
1665
|
+
if id is not None:
|
|
1666
|
+
__body["id"] = id
|
|
1667
|
+
if ids is not None:
|
|
1668
|
+
__body["ids"] = ids
|
|
1669
|
+
if name is not None:
|
|
1670
|
+
__body["name"] = name
|
|
1671
|
+
if owner is not None:
|
|
1672
|
+
__body["owner"] = owner
|
|
1673
|
+
if realm_name is not None:
|
|
1674
|
+
__body["realm_name"] = realm_name
|
|
1675
|
+
if username is not None:
|
|
1676
|
+
__body["username"] = username
|
|
1635
1677
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1636
1678
|
return self.perform_request( # type: ignore[return-value]
|
|
1637
1679
|
"DELETE", __path, params=__query, headers=__headers, body=__body
|
|
1638
1680
|
)
|
|
1639
1681
|
|
|
1640
1682
|
@_rewrite_parameters(
|
|
1641
|
-
body_fields=
|
|
1683
|
+
body_fields=("realm_name", "refresh_token", "token", "username"),
|
|
1642
1684
|
)
|
|
1643
1685
|
def invalidate_token(
|
|
1644
1686
|
self,
|
|
@@ -1651,11 +1693,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1651
1693
|
refresh_token: t.Optional[str] = None,
|
|
1652
1694
|
token: t.Optional[str] = None,
|
|
1653
1695
|
username: t.Optional[str] = None,
|
|
1696
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1654
1697
|
) -> ObjectApiResponse[t.Any]:
|
|
1655
1698
|
"""
|
|
1656
1699
|
Invalidates one or more access tokens or refresh tokens.
|
|
1657
1700
|
|
|
1658
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1701
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-invalidate-token.html>`_
|
|
1659
1702
|
|
|
1660
1703
|
:param realm_name:
|
|
1661
1704
|
:param refresh_token:
|
|
@@ -1664,7 +1707,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1664
1707
|
"""
|
|
1665
1708
|
__path = "/_security/oauth2/token"
|
|
1666
1709
|
__query: t.Dict[str, t.Any] = {}
|
|
1667
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1710
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1668
1711
|
if error_trace is not None:
|
|
1669
1712
|
__query["error_trace"] = error_trace
|
|
1670
1713
|
if filter_path is not None:
|
|
@@ -1673,14 +1716,15 @@ class SecurityClient(NamespacedClient):
|
|
|
1673
1716
|
__query["human"] = human
|
|
1674
1717
|
if pretty is not None:
|
|
1675
1718
|
__query["pretty"] = pretty
|
|
1676
|
-
if
|
|
1677
|
-
|
|
1678
|
-
|
|
1679
|
-
|
|
1680
|
-
|
|
1681
|
-
|
|
1682
|
-
|
|
1683
|
-
|
|
1719
|
+
if not __body:
|
|
1720
|
+
if realm_name is not None:
|
|
1721
|
+
__body["realm_name"] = realm_name
|
|
1722
|
+
if refresh_token is not None:
|
|
1723
|
+
__body["refresh_token"] = refresh_token
|
|
1724
|
+
if token is not None:
|
|
1725
|
+
__body["token"] = token
|
|
1726
|
+
if username is not None:
|
|
1727
|
+
__body["username"] = username
|
|
1684
1728
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1685
1729
|
return self.perform_request( # type: ignore[return-value]
|
|
1686
1730
|
"DELETE", __path, params=__query, headers=__headers, body=__body
|
|
@@ -1692,7 +1736,10 @@ class SecurityClient(NamespacedClient):
|
|
|
1692
1736
|
def put_privileges(
|
|
1693
1737
|
self,
|
|
1694
1738
|
*,
|
|
1695
|
-
privileges: t.
|
|
1739
|
+
privileges: t.Optional[
|
|
1740
|
+
t.Mapping[str, t.Mapping[str, t.Mapping[str, t.Any]]]
|
|
1741
|
+
] = None,
|
|
1742
|
+
body: t.Optional[t.Mapping[str, t.Mapping[str, t.Mapping[str, t.Any]]]] = None,
|
|
1696
1743
|
error_trace: t.Optional[bool] = None,
|
|
1697
1744
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
1698
1745
|
human: t.Optional[bool] = None,
|
|
@@ -1704,15 +1751,19 @@ class SecurityClient(NamespacedClient):
|
|
|
1704
1751
|
"""
|
|
1705
1752
|
Adds or updates application privileges.
|
|
1706
1753
|
|
|
1707
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1754
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-privileges.html>`_
|
|
1708
1755
|
|
|
1709
1756
|
:param privileges:
|
|
1710
1757
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
1711
1758
|
this operation visible to search, if `wait_for` then wait for a refresh to
|
|
1712
1759
|
make this operation visible to search, if `false` then do nothing with refreshes.
|
|
1713
1760
|
"""
|
|
1714
|
-
if privileges is None:
|
|
1715
|
-
raise ValueError(
|
|
1761
|
+
if privileges is None and body is None:
|
|
1762
|
+
raise ValueError(
|
|
1763
|
+
"Empty value passed for parameters 'privileges' and 'body', one of them should be set."
|
|
1764
|
+
)
|
|
1765
|
+
elif privileges is not None and body is not None:
|
|
1766
|
+
raise ValueError("Cannot set both 'privileges' and 'body'")
|
|
1716
1767
|
__path = "/_security/privilege"
|
|
1717
1768
|
__query: t.Dict[str, t.Any] = {}
|
|
1718
1769
|
if error_trace is not None:
|
|
@@ -1725,14 +1776,22 @@ class SecurityClient(NamespacedClient):
|
|
|
1725
1776
|
__query["pretty"] = pretty
|
|
1726
1777
|
if refresh is not None:
|
|
1727
1778
|
__query["refresh"] = refresh
|
|
1728
|
-
__body = privileges
|
|
1779
|
+
__body = privileges if privileges is not None else body
|
|
1729
1780
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1730
1781
|
return self.perform_request( # type: ignore[return-value]
|
|
1731
1782
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1732
1783
|
)
|
|
1733
1784
|
|
|
1734
1785
|
@_rewrite_parameters(
|
|
1735
|
-
body_fields=
|
|
1786
|
+
body_fields=(
|
|
1787
|
+
"applications",
|
|
1788
|
+
"cluster",
|
|
1789
|
+
"global_",
|
|
1790
|
+
"indices",
|
|
1791
|
+
"metadata",
|
|
1792
|
+
"run_as",
|
|
1793
|
+
"transient_metadata",
|
|
1794
|
+
),
|
|
1736
1795
|
parameter_aliases={"global": "global_"},
|
|
1737
1796
|
)
|
|
1738
1797
|
def put_role(
|
|
@@ -1760,11 +1819,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1760
1819
|
] = None,
|
|
1761
1820
|
run_as: t.Optional[t.Sequence[str]] = None,
|
|
1762
1821
|
transient_metadata: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1822
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1763
1823
|
) -> ObjectApiResponse[t.Any]:
|
|
1764
1824
|
"""
|
|
1765
1825
|
Adds and updates roles in the native realm.
|
|
1766
1826
|
|
|
1767
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1827
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-role.html>`_
|
|
1768
1828
|
|
|
1769
1829
|
:param name: The name of the role.
|
|
1770
1830
|
:param applications: A list of application privilege entries.
|
|
@@ -1790,39 +1850,47 @@ class SecurityClient(NamespacedClient):
|
|
|
1790
1850
|
if name in SKIP_IN_PATH:
|
|
1791
1851
|
raise ValueError("Empty value passed for parameter 'name'")
|
|
1792
1852
|
__path = f"/_security/role/{_quote(name)}"
|
|
1793
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1794
1853
|
__query: t.Dict[str, t.Any] = {}
|
|
1795
|
-
if
|
|
1796
|
-
__body["applications"] = applications
|
|
1797
|
-
if cluster is not None:
|
|
1798
|
-
__body["cluster"] = cluster
|
|
1854
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1799
1855
|
if error_trace is not None:
|
|
1800
1856
|
__query["error_trace"] = error_trace
|
|
1801
1857
|
if filter_path is not None:
|
|
1802
1858
|
__query["filter_path"] = filter_path
|
|
1803
|
-
if global_ is not None:
|
|
1804
|
-
__body["global"] = global_
|
|
1805
1859
|
if human is not None:
|
|
1806
1860
|
__query["human"] = human
|
|
1807
|
-
if indices is not None:
|
|
1808
|
-
__body["indices"] = indices
|
|
1809
|
-
if metadata is not None:
|
|
1810
|
-
__body["metadata"] = metadata
|
|
1811
1861
|
if pretty is not None:
|
|
1812
1862
|
__query["pretty"] = pretty
|
|
1813
1863
|
if refresh is not None:
|
|
1814
1864
|
__query["refresh"] = refresh
|
|
1815
|
-
if
|
|
1816
|
-
|
|
1817
|
-
|
|
1818
|
-
|
|
1865
|
+
if not __body:
|
|
1866
|
+
if applications is not None:
|
|
1867
|
+
__body["applications"] = applications
|
|
1868
|
+
if cluster is not None:
|
|
1869
|
+
__body["cluster"] = cluster
|
|
1870
|
+
if global_ is not None:
|
|
1871
|
+
__body["global"] = global_
|
|
1872
|
+
if indices is not None:
|
|
1873
|
+
__body["indices"] = indices
|
|
1874
|
+
if metadata is not None:
|
|
1875
|
+
__body["metadata"] = metadata
|
|
1876
|
+
if run_as is not None:
|
|
1877
|
+
__body["run_as"] = run_as
|
|
1878
|
+
if transient_metadata is not None:
|
|
1879
|
+
__body["transient_metadata"] = transient_metadata
|
|
1819
1880
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1820
1881
|
return self.perform_request( # type: ignore[return-value]
|
|
1821
1882
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1822
1883
|
)
|
|
1823
1884
|
|
|
1824
1885
|
@_rewrite_parameters(
|
|
1825
|
-
body_fields=
|
|
1886
|
+
body_fields=(
|
|
1887
|
+
"enabled",
|
|
1888
|
+
"metadata",
|
|
1889
|
+
"role_templates",
|
|
1890
|
+
"roles",
|
|
1891
|
+
"rules",
|
|
1892
|
+
"run_as",
|
|
1893
|
+
),
|
|
1826
1894
|
)
|
|
1827
1895
|
def put_role_mapping(
|
|
1828
1896
|
self,
|
|
@@ -1837,14 +1905,16 @@ class SecurityClient(NamespacedClient):
|
|
|
1837
1905
|
refresh: t.Optional[
|
|
1838
1906
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
1839
1907
|
] = None,
|
|
1908
|
+
role_templates: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None,
|
|
1840
1909
|
roles: t.Optional[t.Sequence[str]] = None,
|
|
1841
1910
|
rules: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1842
1911
|
run_as: t.Optional[t.Sequence[str]] = None,
|
|
1912
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1843
1913
|
) -> ObjectApiResponse[t.Any]:
|
|
1844
1914
|
"""
|
|
1845
1915
|
Creates and updates role mappings.
|
|
1846
1916
|
|
|
1847
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1917
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-role-mapping.html>`_
|
|
1848
1918
|
|
|
1849
1919
|
:param name: Role-mapping name
|
|
1850
1920
|
:param enabled:
|
|
@@ -1852,6 +1922,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1852
1922
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
1853
1923
|
this operation visible to search, if `wait_for` then wait for a refresh to
|
|
1854
1924
|
make this operation visible to search, if `false` then do nothing with refreshes.
|
|
1925
|
+
:param role_templates:
|
|
1855
1926
|
:param roles:
|
|
1856
1927
|
:param rules:
|
|
1857
1928
|
:param run_as:
|
|
@@ -1859,35 +1930,46 @@ class SecurityClient(NamespacedClient):
|
|
|
1859
1930
|
if name in SKIP_IN_PATH:
|
|
1860
1931
|
raise ValueError("Empty value passed for parameter 'name'")
|
|
1861
1932
|
__path = f"/_security/role_mapping/{_quote(name)}"
|
|
1862
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1863
1933
|
__query: t.Dict[str, t.Any] = {}
|
|
1864
|
-
if
|
|
1865
|
-
__body["enabled"] = enabled
|
|
1934
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1866
1935
|
if error_trace is not None:
|
|
1867
1936
|
__query["error_trace"] = error_trace
|
|
1868
1937
|
if filter_path is not None:
|
|
1869
1938
|
__query["filter_path"] = filter_path
|
|
1870
1939
|
if human is not None:
|
|
1871
1940
|
__query["human"] = human
|
|
1872
|
-
if metadata is not None:
|
|
1873
|
-
__body["metadata"] = metadata
|
|
1874
1941
|
if pretty is not None:
|
|
1875
1942
|
__query["pretty"] = pretty
|
|
1876
1943
|
if refresh is not None:
|
|
1877
1944
|
__query["refresh"] = refresh
|
|
1878
|
-
if
|
|
1879
|
-
|
|
1880
|
-
|
|
1881
|
-
|
|
1882
|
-
|
|
1883
|
-
|
|
1945
|
+
if not __body:
|
|
1946
|
+
if enabled is not None:
|
|
1947
|
+
__body["enabled"] = enabled
|
|
1948
|
+
if metadata is not None:
|
|
1949
|
+
__body["metadata"] = metadata
|
|
1950
|
+
if role_templates is not None:
|
|
1951
|
+
__body["role_templates"] = role_templates
|
|
1952
|
+
if roles is not None:
|
|
1953
|
+
__body["roles"] = roles
|
|
1954
|
+
if rules is not None:
|
|
1955
|
+
__body["rules"] = rules
|
|
1956
|
+
if run_as is not None:
|
|
1957
|
+
__body["run_as"] = run_as
|
|
1884
1958
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1885
1959
|
return self.perform_request( # type: ignore[return-value]
|
|
1886
1960
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1887
1961
|
)
|
|
1888
1962
|
|
|
1889
1963
|
@_rewrite_parameters(
|
|
1890
|
-
body_fields=
|
|
1964
|
+
body_fields=(
|
|
1965
|
+
"email",
|
|
1966
|
+
"enabled",
|
|
1967
|
+
"full_name",
|
|
1968
|
+
"metadata",
|
|
1969
|
+
"password",
|
|
1970
|
+
"password_hash",
|
|
1971
|
+
"roles",
|
|
1972
|
+
),
|
|
1891
1973
|
)
|
|
1892
1974
|
def put_user(
|
|
1893
1975
|
self,
|
|
@@ -1907,12 +1989,13 @@ class SecurityClient(NamespacedClient):
|
|
|
1907
1989
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
1908
1990
|
] = None,
|
|
1909
1991
|
roles: t.Optional[t.Sequence[str]] = None,
|
|
1992
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1910
1993
|
) -> ObjectApiResponse[t.Any]:
|
|
1911
1994
|
"""
|
|
1912
1995
|
Adds and updates users in the native realm. These users are commonly referred
|
|
1913
1996
|
to as native users.
|
|
1914
1997
|
|
|
1915
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1998
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-user.html>`_
|
|
1916
1999
|
|
|
1917
2000
|
:param username: The username of the User
|
|
1918
2001
|
:param email:
|
|
@@ -1929,39 +2012,40 @@ class SecurityClient(NamespacedClient):
|
|
|
1929
2012
|
if username in SKIP_IN_PATH:
|
|
1930
2013
|
raise ValueError("Empty value passed for parameter 'username'")
|
|
1931
2014
|
__path = f"/_security/user/{_quote(username)}"
|
|
1932
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1933
2015
|
__query: t.Dict[str, t.Any] = {}
|
|
1934
|
-
if
|
|
1935
|
-
__body["email"] = email
|
|
1936
|
-
if enabled is not None:
|
|
1937
|
-
__body["enabled"] = enabled
|
|
2016
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1938
2017
|
if error_trace is not None:
|
|
1939
2018
|
__query["error_trace"] = error_trace
|
|
1940
2019
|
if filter_path is not None:
|
|
1941
2020
|
__query["filter_path"] = filter_path
|
|
1942
|
-
if full_name is not None:
|
|
1943
|
-
__body["full_name"] = full_name
|
|
1944
2021
|
if human is not None:
|
|
1945
2022
|
__query["human"] = human
|
|
1946
|
-
if metadata is not None:
|
|
1947
|
-
__body["metadata"] = metadata
|
|
1948
|
-
if password is not None:
|
|
1949
|
-
__body["password"] = password
|
|
1950
|
-
if password_hash is not None:
|
|
1951
|
-
__body["password_hash"] = password_hash
|
|
1952
2023
|
if pretty is not None:
|
|
1953
2024
|
__query["pretty"] = pretty
|
|
1954
2025
|
if refresh is not None:
|
|
1955
2026
|
__query["refresh"] = refresh
|
|
1956
|
-
if
|
|
1957
|
-
|
|
2027
|
+
if not __body:
|
|
2028
|
+
if email is not None:
|
|
2029
|
+
__body["email"] = email
|
|
2030
|
+
if enabled is not None:
|
|
2031
|
+
__body["enabled"] = enabled
|
|
2032
|
+
if full_name is not None:
|
|
2033
|
+
__body["full_name"] = full_name
|
|
2034
|
+
if metadata is not None:
|
|
2035
|
+
__body["metadata"] = metadata
|
|
2036
|
+
if password is not None:
|
|
2037
|
+
__body["password"] = password
|
|
2038
|
+
if password_hash is not None:
|
|
2039
|
+
__body["password_hash"] = password_hash
|
|
2040
|
+
if roles is not None:
|
|
2041
|
+
__body["roles"] = roles
|
|
1958
2042
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1959
2043
|
return self.perform_request( # type: ignore[return-value]
|
|
1960
2044
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1961
2045
|
)
|
|
1962
2046
|
|
|
1963
2047
|
@_rewrite_parameters(
|
|
1964
|
-
body_fields=
|
|
2048
|
+
body_fields=("from_", "query", "search_after", "size", "sort"),
|
|
1965
2049
|
parameter_aliases={"from": "from_"},
|
|
1966
2050
|
)
|
|
1967
2051
|
def query_api_keys(
|
|
@@ -1984,11 +2068,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1984
2068
|
]
|
|
1985
2069
|
] = None,
|
|
1986
2070
|
with_limited_by: t.Optional[bool] = None,
|
|
2071
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1987
2072
|
) -> ObjectApiResponse[t.Any]:
|
|
1988
2073
|
"""
|
|
1989
2074
|
Retrieves information for API keys using a subset of query DSL
|
|
1990
2075
|
|
|
1991
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2076
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-query-api-key.html>`_
|
|
1992
2077
|
|
|
1993
2078
|
:param from_: Starting document offset. By default, you cannot page through more
|
|
1994
2079
|
than 10,000 hits using the from and size parameters. To page through more
|
|
@@ -2010,7 +2095,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2010
2095
|
"""
|
|
2011
2096
|
__path = "/_security/_query/api_key"
|
|
2012
2097
|
__query: t.Dict[str, t.Any] = {}
|
|
2013
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2098
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2014
2099
|
# The 'sort' parameter with a colon can't be encoded to the body.
|
|
2015
2100
|
if sort is not None and (
|
|
2016
2101
|
(isinstance(sort, str) and ":" in sort)
|
|
@@ -2026,22 +2111,23 @@ class SecurityClient(NamespacedClient):
|
|
|
2026
2111
|
__query["error_trace"] = error_trace
|
|
2027
2112
|
if filter_path is not None:
|
|
2028
2113
|
__query["filter_path"] = filter_path
|
|
2029
|
-
if from_ is not None:
|
|
2030
|
-
__body["from"] = from_
|
|
2031
2114
|
if human is not None:
|
|
2032
2115
|
__query["human"] = human
|
|
2033
2116
|
if pretty is not None:
|
|
2034
2117
|
__query["pretty"] = pretty
|
|
2035
|
-
if query is not None:
|
|
2036
|
-
__body["query"] = query
|
|
2037
|
-
if search_after is not None:
|
|
2038
|
-
__body["search_after"] = search_after
|
|
2039
|
-
if size is not None:
|
|
2040
|
-
__body["size"] = size
|
|
2041
|
-
if sort is not None:
|
|
2042
|
-
__body["sort"] = sort
|
|
2043
2118
|
if with_limited_by is not None:
|
|
2044
2119
|
__query["with_limited_by"] = with_limited_by
|
|
2120
|
+
if not __body:
|
|
2121
|
+
if from_ is not None:
|
|
2122
|
+
__body["from"] = from_
|
|
2123
|
+
if query is not None:
|
|
2124
|
+
__body["query"] = query
|
|
2125
|
+
if search_after is not None:
|
|
2126
|
+
__body["search_after"] = search_after
|
|
2127
|
+
if size is not None:
|
|
2128
|
+
__body["size"] = size
|
|
2129
|
+
if sort is not None:
|
|
2130
|
+
__body["sort"] = sort
|
|
2045
2131
|
if not __body:
|
|
2046
2132
|
__body = None # type: ignore[assignment]
|
|
2047
2133
|
__headers = {"accept": "application/json"}
|
|
@@ -2052,24 +2138,25 @@ class SecurityClient(NamespacedClient):
|
|
|
2052
2138
|
)
|
|
2053
2139
|
|
|
2054
2140
|
@_rewrite_parameters(
|
|
2055
|
-
body_fields=
|
|
2141
|
+
body_fields=("content", "ids", "realm"),
|
|
2056
2142
|
)
|
|
2057
2143
|
def saml_authenticate(
|
|
2058
2144
|
self,
|
|
2059
2145
|
*,
|
|
2060
|
-
content: str,
|
|
2061
|
-
ids: t.Union[str, t.Sequence[str]],
|
|
2146
|
+
content: t.Optional[str] = None,
|
|
2147
|
+
ids: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2062
2148
|
error_trace: t.Optional[bool] = None,
|
|
2063
2149
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2064
2150
|
human: t.Optional[bool] = None,
|
|
2065
2151
|
pretty: t.Optional[bool] = None,
|
|
2066
2152
|
realm: t.Optional[str] = None,
|
|
2153
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2067
2154
|
) -> ObjectApiResponse[t.Any]:
|
|
2068
2155
|
"""
|
|
2069
2156
|
Exchanges a SAML Response message for an Elasticsearch access token and refresh
|
|
2070
2157
|
token pair
|
|
2071
2158
|
|
|
2072
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2159
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-authenticate.html>`_
|
|
2073
2160
|
|
|
2074
2161
|
:param content: The SAML response as it was sent by the user’s browser, usually
|
|
2075
2162
|
a Base64 encoded XML document.
|
|
@@ -2078,17 +2165,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2078
2165
|
:param realm: The name of the realm that should authenticate the SAML response.
|
|
2079
2166
|
Useful in cases where many SAML realms are defined.
|
|
2080
2167
|
"""
|
|
2081
|
-
if content is None:
|
|
2168
|
+
if content is None and body is None:
|
|
2082
2169
|
raise ValueError("Empty value passed for parameter 'content'")
|
|
2083
|
-
if ids is None:
|
|
2170
|
+
if ids is None and body is None:
|
|
2084
2171
|
raise ValueError("Empty value passed for parameter 'ids'")
|
|
2085
2172
|
__path = "/_security/saml/authenticate"
|
|
2086
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2087
2173
|
__query: t.Dict[str, t.Any] = {}
|
|
2088
|
-
if
|
|
2089
|
-
__body["content"] = content
|
|
2090
|
-
if ids is not None:
|
|
2091
|
-
__body["ids"] = ids
|
|
2174
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2092
2175
|
if error_trace is not None:
|
|
2093
2176
|
__query["error_trace"] = error_trace
|
|
2094
2177
|
if filter_path is not None:
|
|
@@ -2097,32 +2180,38 @@ class SecurityClient(NamespacedClient):
|
|
|
2097
2180
|
__query["human"] = human
|
|
2098
2181
|
if pretty is not None:
|
|
2099
2182
|
__query["pretty"] = pretty
|
|
2100
|
-
if
|
|
2101
|
-
|
|
2183
|
+
if not __body:
|
|
2184
|
+
if content is not None:
|
|
2185
|
+
__body["content"] = content
|
|
2186
|
+
if ids is not None:
|
|
2187
|
+
__body["ids"] = ids
|
|
2188
|
+
if realm is not None:
|
|
2189
|
+
__body["realm"] = realm
|
|
2102
2190
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2103
2191
|
return self.perform_request( # type: ignore[return-value]
|
|
2104
2192
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2105
2193
|
)
|
|
2106
2194
|
|
|
2107
2195
|
@_rewrite_parameters(
|
|
2108
|
-
body_fields=
|
|
2196
|
+
body_fields=("ids", "realm", "content", "query_string"),
|
|
2109
2197
|
)
|
|
2110
2198
|
def saml_complete_logout(
|
|
2111
2199
|
self,
|
|
2112
2200
|
*,
|
|
2113
|
-
ids: t.Union[str, t.Sequence[str]],
|
|
2114
|
-
realm: str,
|
|
2201
|
+
ids: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2202
|
+
realm: t.Optional[str] = None,
|
|
2115
2203
|
content: t.Optional[str] = None,
|
|
2116
2204
|
error_trace: t.Optional[bool] = None,
|
|
2117
2205
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2118
2206
|
human: t.Optional[bool] = None,
|
|
2119
2207
|
pretty: t.Optional[bool] = None,
|
|
2120
2208
|
query_string: t.Optional[str] = None,
|
|
2209
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2121
2210
|
) -> ObjectApiResponse[t.Any]:
|
|
2122
2211
|
"""
|
|
2123
2212
|
Verifies the logout response sent from the SAML IdP
|
|
2124
2213
|
|
|
2125
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2214
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-complete-logout.html>`_
|
|
2126
2215
|
|
|
2127
2216
|
:param ids: A json array with all the valid SAML Request Ids that the caller
|
|
2128
2217
|
of the API has for the current user.
|
|
@@ -2134,19 +2223,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2134
2223
|
:param query_string: If the SAML IdP sends the logout response with the HTTP-Redirect
|
|
2135
2224
|
binding, this field must be set to the query string of the redirect URI.
|
|
2136
2225
|
"""
|
|
2137
|
-
if ids is None:
|
|
2226
|
+
if ids is None and body is None:
|
|
2138
2227
|
raise ValueError("Empty value passed for parameter 'ids'")
|
|
2139
|
-
if realm is None:
|
|
2228
|
+
if realm is None and body is None:
|
|
2140
2229
|
raise ValueError("Empty value passed for parameter 'realm'")
|
|
2141
2230
|
__path = "/_security/saml/complete_logout"
|
|
2142
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2143
2231
|
__query: t.Dict[str, t.Any] = {}
|
|
2144
|
-
if
|
|
2145
|
-
__body["ids"] = ids
|
|
2146
|
-
if realm is not None:
|
|
2147
|
-
__body["realm"] = realm
|
|
2148
|
-
if content is not None:
|
|
2149
|
-
__body["content"] = content
|
|
2232
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2150
2233
|
if error_trace is not None:
|
|
2151
2234
|
__query["error_trace"] = error_trace
|
|
2152
2235
|
if filter_path is not None:
|
|
@@ -2155,31 +2238,39 @@ class SecurityClient(NamespacedClient):
|
|
|
2155
2238
|
__query["human"] = human
|
|
2156
2239
|
if pretty is not None:
|
|
2157
2240
|
__query["pretty"] = pretty
|
|
2158
|
-
if
|
|
2159
|
-
|
|
2241
|
+
if not __body:
|
|
2242
|
+
if ids is not None:
|
|
2243
|
+
__body["ids"] = ids
|
|
2244
|
+
if realm is not None:
|
|
2245
|
+
__body["realm"] = realm
|
|
2246
|
+
if content is not None:
|
|
2247
|
+
__body["content"] = content
|
|
2248
|
+
if query_string is not None:
|
|
2249
|
+
__body["query_string"] = query_string
|
|
2160
2250
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2161
2251
|
return self.perform_request( # type: ignore[return-value]
|
|
2162
2252
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2163
2253
|
)
|
|
2164
2254
|
|
|
2165
2255
|
@_rewrite_parameters(
|
|
2166
|
-
body_fields=
|
|
2256
|
+
body_fields=("query_string", "acs", "realm"),
|
|
2167
2257
|
)
|
|
2168
2258
|
def saml_invalidate(
|
|
2169
2259
|
self,
|
|
2170
2260
|
*,
|
|
2171
|
-
query_string: str,
|
|
2261
|
+
query_string: t.Optional[str] = None,
|
|
2172
2262
|
acs: t.Optional[str] = None,
|
|
2173
2263
|
error_trace: t.Optional[bool] = None,
|
|
2174
2264
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2175
2265
|
human: t.Optional[bool] = None,
|
|
2176
2266
|
pretty: t.Optional[bool] = None,
|
|
2177
2267
|
realm: t.Optional[str] = None,
|
|
2268
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2178
2269
|
) -> ObjectApiResponse[t.Any]:
|
|
2179
2270
|
"""
|
|
2180
2271
|
Consumes a SAML LogoutRequest
|
|
2181
2272
|
|
|
2182
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2273
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-invalidate.html>`_
|
|
2183
2274
|
|
|
2184
2275
|
:param query_string: The query part of the URL that the user was redirected to
|
|
2185
2276
|
by the SAML IdP to initiate the Single Logout. This query should include
|
|
@@ -2197,15 +2288,11 @@ class SecurityClient(NamespacedClient):
|
|
|
2197
2288
|
:param realm: The name of the SAML realm in Elasticsearch the configuration.
|
|
2198
2289
|
You must specify either this parameter or the acs parameter.
|
|
2199
2290
|
"""
|
|
2200
|
-
if query_string is None:
|
|
2291
|
+
if query_string is None and body is None:
|
|
2201
2292
|
raise ValueError("Empty value passed for parameter 'query_string'")
|
|
2202
2293
|
__path = "/_security/saml/invalidate"
|
|
2203
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2204
2294
|
__query: t.Dict[str, t.Any] = {}
|
|
2205
|
-
if
|
|
2206
|
-
__body["query_string"] = query_string
|
|
2207
|
-
if acs is not None:
|
|
2208
|
-
__body["acs"] = acs
|
|
2295
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2209
2296
|
if error_trace is not None:
|
|
2210
2297
|
__query["error_trace"] = error_trace
|
|
2211
2298
|
if filter_path is not None:
|
|
@@ -2214,31 +2301,37 @@ class SecurityClient(NamespacedClient):
|
|
|
2214
2301
|
__query["human"] = human
|
|
2215
2302
|
if pretty is not None:
|
|
2216
2303
|
__query["pretty"] = pretty
|
|
2217
|
-
if
|
|
2218
|
-
|
|
2304
|
+
if not __body:
|
|
2305
|
+
if query_string is not None:
|
|
2306
|
+
__body["query_string"] = query_string
|
|
2307
|
+
if acs is not None:
|
|
2308
|
+
__body["acs"] = acs
|
|
2309
|
+
if realm is not None:
|
|
2310
|
+
__body["realm"] = realm
|
|
2219
2311
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2220
2312
|
return self.perform_request( # type: ignore[return-value]
|
|
2221
2313
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2222
2314
|
)
|
|
2223
2315
|
|
|
2224
2316
|
@_rewrite_parameters(
|
|
2225
|
-
body_fields=
|
|
2317
|
+
body_fields=("token", "refresh_token"),
|
|
2226
2318
|
)
|
|
2227
2319
|
def saml_logout(
|
|
2228
2320
|
self,
|
|
2229
2321
|
*,
|
|
2230
|
-
token: str,
|
|
2322
|
+
token: t.Optional[str] = None,
|
|
2231
2323
|
error_trace: t.Optional[bool] = None,
|
|
2232
2324
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2233
2325
|
human: t.Optional[bool] = None,
|
|
2234
2326
|
pretty: t.Optional[bool] = None,
|
|
2235
2327
|
refresh_token: t.Optional[str] = None,
|
|
2328
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2236
2329
|
) -> ObjectApiResponse[t.Any]:
|
|
2237
2330
|
"""
|
|
2238
2331
|
Invalidates an access token and a refresh token that were generated via the SAML
|
|
2239
2332
|
Authenticate API
|
|
2240
2333
|
|
|
2241
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2334
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-logout.html>`_
|
|
2242
2335
|
|
|
2243
2336
|
:param token: The access token that was returned as a response to calling the
|
|
2244
2337
|
SAML authenticate API. Alternatively, the most recent token that was received
|
|
@@ -2247,13 +2340,11 @@ class SecurityClient(NamespacedClient):
|
|
|
2247
2340
|
the SAML authenticate API. Alternatively, the most recent refresh token that
|
|
2248
2341
|
was received after refreshing the original access token.
|
|
2249
2342
|
"""
|
|
2250
|
-
if token is None:
|
|
2343
|
+
if token is None and body is None:
|
|
2251
2344
|
raise ValueError("Empty value passed for parameter 'token'")
|
|
2252
2345
|
__path = "/_security/saml/logout"
|
|
2253
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2254
2346
|
__query: t.Dict[str, t.Any] = {}
|
|
2255
|
-
if
|
|
2256
|
-
__body["token"] = token
|
|
2347
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2257
2348
|
if error_trace is not None:
|
|
2258
2349
|
__query["error_trace"] = error_trace
|
|
2259
2350
|
if filter_path is not None:
|
|
@@ -2262,15 +2353,18 @@ class SecurityClient(NamespacedClient):
|
|
|
2262
2353
|
__query["human"] = human
|
|
2263
2354
|
if pretty is not None:
|
|
2264
2355
|
__query["pretty"] = pretty
|
|
2265
|
-
if
|
|
2266
|
-
|
|
2356
|
+
if not __body:
|
|
2357
|
+
if token is not None:
|
|
2358
|
+
__body["token"] = token
|
|
2359
|
+
if refresh_token is not None:
|
|
2360
|
+
__body["refresh_token"] = refresh_token
|
|
2267
2361
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2268
2362
|
return self.perform_request( # type: ignore[return-value]
|
|
2269
2363
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2270
2364
|
)
|
|
2271
2365
|
|
|
2272
2366
|
@_rewrite_parameters(
|
|
2273
|
-
body_fields=
|
|
2367
|
+
body_fields=("acs", "realm", "relay_state"),
|
|
2274
2368
|
)
|
|
2275
2369
|
def saml_prepare_authentication(
|
|
2276
2370
|
self,
|
|
@@ -2282,11 +2376,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2282
2376
|
pretty: t.Optional[bool] = None,
|
|
2283
2377
|
realm: t.Optional[str] = None,
|
|
2284
2378
|
relay_state: t.Optional[str] = None,
|
|
2379
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2285
2380
|
) -> ObjectApiResponse[t.Any]:
|
|
2286
2381
|
"""
|
|
2287
2382
|
Creates a SAML authentication request
|
|
2288
2383
|
|
|
2289
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2384
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-prepare-authentication.html>`_
|
|
2290
2385
|
|
|
2291
2386
|
:param acs: The Assertion Consumer Service URL that matches the one of the SAML
|
|
2292
2387
|
realms in Elasticsearch. The realm is used to generate the authentication
|
|
@@ -2299,10 +2394,8 @@ class SecurityClient(NamespacedClient):
|
|
|
2299
2394
|
is signed, this value is used as part of the signature computation.
|
|
2300
2395
|
"""
|
|
2301
2396
|
__path = "/_security/saml/prepare"
|
|
2302
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2303
2397
|
__query: t.Dict[str, t.Any] = {}
|
|
2304
|
-
if
|
|
2305
|
-
__body["acs"] = acs
|
|
2398
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2306
2399
|
if error_trace is not None:
|
|
2307
2400
|
__query["error_trace"] = error_trace
|
|
2308
2401
|
if filter_path is not None:
|
|
@@ -2311,10 +2404,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2311
2404
|
__query["human"] = human
|
|
2312
2405
|
if pretty is not None:
|
|
2313
2406
|
__query["pretty"] = pretty
|
|
2314
|
-
if
|
|
2315
|
-
|
|
2316
|
-
|
|
2317
|
-
|
|
2407
|
+
if not __body:
|
|
2408
|
+
if acs is not None:
|
|
2409
|
+
__body["acs"] = acs
|
|
2410
|
+
if realm is not None:
|
|
2411
|
+
__body["realm"] = realm
|
|
2412
|
+
if relay_state is not None:
|
|
2413
|
+
__body["relay_state"] = relay_state
|
|
2318
2414
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2319
2415
|
return self.perform_request( # type: ignore[return-value]
|
|
2320
2416
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -2333,7 +2429,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2333
2429
|
"""
|
|
2334
2430
|
Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider
|
|
2335
2431
|
|
|
2336
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2432
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-sp-metadata.html>`_
|
|
2337
2433
|
|
|
2338
2434
|
:param realm_name: The name of the SAML realm in Elasticsearch.
|
|
2339
2435
|
"""
|
|
@@ -2355,7 +2451,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2355
2451
|
)
|
|
2356
2452
|
|
|
2357
2453
|
@_rewrite_parameters(
|
|
2358
|
-
body_fields=
|
|
2454
|
+
body_fields=("data", "hint", "name", "size"),
|
|
2359
2455
|
)
|
|
2360
2456
|
def suggest_user_profiles(
|
|
2361
2457
|
self,
|
|
@@ -2368,11 +2464,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2368
2464
|
name: t.Optional[str] = None,
|
|
2369
2465
|
pretty: t.Optional[bool] = None,
|
|
2370
2466
|
size: t.Optional[int] = None,
|
|
2467
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2371
2468
|
) -> ObjectApiResponse[t.Any]:
|
|
2372
2469
|
"""
|
|
2373
2470
|
Get suggestions for user profiles that match specified search criteria.
|
|
2374
2471
|
|
|
2375
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2472
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-suggest-user-profile.html>`_
|
|
2376
2473
|
|
|
2377
2474
|
:param data: List of filters for the `data` field of the profile document. To
|
|
2378
2475
|
return all content use `data=*`. To return a subset of content use `data=<key>`
|
|
@@ -2387,24 +2484,25 @@ class SecurityClient(NamespacedClient):
|
|
|
2387
2484
|
:param size: Number of profiles to return.
|
|
2388
2485
|
"""
|
|
2389
2486
|
__path = "/_security/profile/_suggest"
|
|
2390
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2391
2487
|
__query: t.Dict[str, t.Any] = {}
|
|
2392
|
-
if
|
|
2393
|
-
__body["data"] = data
|
|
2488
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2394
2489
|
if error_trace is not None:
|
|
2395
2490
|
__query["error_trace"] = error_trace
|
|
2396
2491
|
if filter_path is not None:
|
|
2397
2492
|
__query["filter_path"] = filter_path
|
|
2398
|
-
if hint is not None:
|
|
2399
|
-
__body["hint"] = hint
|
|
2400
2493
|
if human is not None:
|
|
2401
2494
|
__query["human"] = human
|
|
2402
|
-
if name is not None:
|
|
2403
|
-
__body["name"] = name
|
|
2404
2495
|
if pretty is not None:
|
|
2405
2496
|
__query["pretty"] = pretty
|
|
2406
|
-
if
|
|
2407
|
-
|
|
2497
|
+
if not __body:
|
|
2498
|
+
if data is not None:
|
|
2499
|
+
__body["data"] = data
|
|
2500
|
+
if hint is not None:
|
|
2501
|
+
__body["hint"] = hint
|
|
2502
|
+
if name is not None:
|
|
2503
|
+
__body["name"] = name
|
|
2504
|
+
if size is not None:
|
|
2505
|
+
__body["size"] = size
|
|
2408
2506
|
if not __body:
|
|
2409
2507
|
__body = None # type: ignore[assignment]
|
|
2410
2508
|
__headers = {"accept": "application/json"}
|
|
@@ -2415,25 +2513,28 @@ class SecurityClient(NamespacedClient):
|
|
|
2415
2513
|
)
|
|
2416
2514
|
|
|
2417
2515
|
@_rewrite_parameters(
|
|
2418
|
-
body_fields=
|
|
2516
|
+
body_fields=("expiration", "metadata", "role_descriptors"),
|
|
2419
2517
|
)
|
|
2420
2518
|
def update_api_key(
|
|
2421
2519
|
self,
|
|
2422
2520
|
*,
|
|
2423
2521
|
id: str,
|
|
2424
2522
|
error_trace: t.Optional[bool] = None,
|
|
2523
|
+
expiration: t.Optional[t.Union["t.Literal[-1]", "t.Literal[0]", str]] = None,
|
|
2425
2524
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2426
2525
|
human: t.Optional[bool] = None,
|
|
2427
2526
|
metadata: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
2428
2527
|
pretty: t.Optional[bool] = None,
|
|
2429
2528
|
role_descriptors: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
|
|
2529
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2430
2530
|
) -> ObjectApiResponse[t.Any]:
|
|
2431
2531
|
"""
|
|
2432
2532
|
Updates attributes of an existing API key.
|
|
2433
2533
|
|
|
2434
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2534
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-update-api-key.html>`_
|
|
2435
2535
|
|
|
2436
2536
|
:param id: The ID of the API key to update.
|
|
2537
|
+
:param expiration: Expiration time for the API key.
|
|
2437
2538
|
:param metadata: Arbitrary metadata that you want to associate with the API key.
|
|
2438
2539
|
It supports nested data structure. Within the metadata object, keys beginning
|
|
2439
2540
|
with _ are reserved for system usage.
|
|
@@ -2450,19 +2551,22 @@ class SecurityClient(NamespacedClient):
|
|
|
2450
2551
|
raise ValueError("Empty value passed for parameter 'id'")
|
|
2451
2552
|
__path = f"/_security/api_key/{_quote(id)}"
|
|
2452
2553
|
__query: t.Dict[str, t.Any] = {}
|
|
2453
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2554
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2454
2555
|
if error_trace is not None:
|
|
2455
2556
|
__query["error_trace"] = error_trace
|
|
2456
2557
|
if filter_path is not None:
|
|
2457
2558
|
__query["filter_path"] = filter_path
|
|
2458
2559
|
if human is not None:
|
|
2459
2560
|
__query["human"] = human
|
|
2460
|
-
if metadata is not None:
|
|
2461
|
-
__body["metadata"] = metadata
|
|
2462
2561
|
if pretty is not None:
|
|
2463
2562
|
__query["pretty"] = pretty
|
|
2464
|
-
if
|
|
2465
|
-
|
|
2563
|
+
if not __body:
|
|
2564
|
+
if expiration is not None:
|
|
2565
|
+
__body["expiration"] = expiration
|
|
2566
|
+
if metadata is not None:
|
|
2567
|
+
__body["metadata"] = metadata
|
|
2568
|
+
if role_descriptors is not None:
|
|
2569
|
+
__body["role_descriptors"] = role_descriptors
|
|
2466
2570
|
if not __body:
|
|
2467
2571
|
__body = None # type: ignore[assignment]
|
|
2468
2572
|
__headers = {"accept": "application/json"}
|
|
@@ -2473,7 +2577,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2473
2577
|
)
|
|
2474
2578
|
|
|
2475
2579
|
@_rewrite_parameters(
|
|
2476
|
-
body_fields=
|
|
2580
|
+
body_fields=("data", "labels"),
|
|
2477
2581
|
)
|
|
2478
2582
|
def update_user_profile_data(
|
|
2479
2583
|
self,
|
|
@@ -2490,11 +2594,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2490
2594
|
refresh: t.Optional[
|
|
2491
2595
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
2492
2596
|
] = None,
|
|
2597
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2493
2598
|
) -> ObjectApiResponse[t.Any]:
|
|
2494
2599
|
"""
|
|
2495
2600
|
Update application specific data for the user profile of the given unique ID.
|
|
2496
2601
|
|
|
2497
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2602
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-update-user-profile-data.html>`_
|
|
2498
2603
|
|
|
2499
2604
|
:param uid: A unique identifier for the user profile.
|
|
2500
2605
|
:param data: Non-searchable data that you want to associate with the user profile.
|
|
@@ -2512,10 +2617,8 @@ class SecurityClient(NamespacedClient):
|
|
|
2512
2617
|
if uid in SKIP_IN_PATH:
|
|
2513
2618
|
raise ValueError("Empty value passed for parameter 'uid'")
|
|
2514
2619
|
__path = f"/_security/profile/{_quote(uid)}/_data"
|
|
2515
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2516
2620
|
__query: t.Dict[str, t.Any] = {}
|
|
2517
|
-
if
|
|
2518
|
-
__body["data"] = data
|
|
2621
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2519
2622
|
if error_trace is not None:
|
|
2520
2623
|
__query["error_trace"] = error_trace
|
|
2521
2624
|
if filter_path is not None:
|
|
@@ -2526,12 +2629,15 @@ class SecurityClient(NamespacedClient):
|
|
|
2526
2629
|
__query["if_primary_term"] = if_primary_term
|
|
2527
2630
|
if if_seq_no is not None:
|
|
2528
2631
|
__query["if_seq_no"] = if_seq_no
|
|
2529
|
-
if labels is not None:
|
|
2530
|
-
__body["labels"] = labels
|
|
2531
2632
|
if pretty is not None:
|
|
2532
2633
|
__query["pretty"] = pretty
|
|
2533
2634
|
if refresh is not None:
|
|
2534
2635
|
__query["refresh"] = refresh
|
|
2636
|
+
if not __body:
|
|
2637
|
+
if data is not None:
|
|
2638
|
+
__body["data"] = data
|
|
2639
|
+
if labels is not None:
|
|
2640
|
+
__body["labels"] = labels
|
|
2535
2641
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2536
2642
|
return self.perform_request( # type: ignore[return-value]
|
|
2537
2643
|
"PUT", __path, params=__query, headers=__headers, body=__body
|