elasticsearch 8.11.1__py3-none-any.whl → 8.12.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- elasticsearch/_async/client/__init__.py +493 -347
- elasticsearch/_async/client/async_search.py +108 -72
- elasticsearch/_async/client/autoscaling.py +13 -8
- elasticsearch/_async/client/cat.py +26 -26
- elasticsearch/_async/client/ccr.py +178 -117
- elasticsearch/_async/client/cluster.py +56 -48
- elasticsearch/_async/client/dangling_indices.py +3 -3
- elasticsearch/_async/client/enrich.py +15 -13
- elasticsearch/_async/client/eql.py +53 -36
- elasticsearch/_async/client/esql.py +99 -0
- elasticsearch/_async/client/features.py +2 -2
- elasticsearch/_async/client/fleet.py +111 -71
- elasticsearch/_async/client/graph.py +13 -11
- elasticsearch/_async/client/ilm.py +33 -27
- elasticsearch/_async/client/indices.py +326 -227
- elasticsearch/_async/client/inference.py +212 -0
- elasticsearch/_async/client/ingest.py +28 -24
- elasticsearch/_async/client/license.py +15 -13
- elasticsearch/_async/client/logstash.py +13 -10
- elasticsearch/_async/client/migration.py +3 -3
- elasticsearch/_async/client/ml.py +758 -538
- elasticsearch/_async/client/monitoring.py +10 -5
- elasticsearch/_async/client/nodes.py +13 -11
- elasticsearch/_async/client/query_ruleset.py +12 -10
- elasticsearch/_async/client/rollup.py +59 -46
- elasticsearch/_async/client/search_application.py +23 -16
- elasticsearch/_async/client/searchable_snapshots.py +23 -16
- elasticsearch/_async/client/security.py +391 -289
- elasticsearch/_async/client/shutdown.py +18 -14
- elasticsearch/_async/client/slm.py +23 -21
- elasticsearch/_async/client/snapshot.py +91 -65
- elasticsearch/_async/client/sql.py +81 -58
- elasticsearch/_async/client/ssl.py +1 -1
- elasticsearch/_async/client/synonyms.py +23 -19
- elasticsearch/_async/client/tasks.py +3 -3
- elasticsearch/_async/client/text_structure.py +10 -5
- elasticsearch/_async/client/transform.py +111 -75
- elasticsearch/_async/client/watcher.py +77 -55
- elasticsearch/_async/client/xpack.py +2 -2
- elasticsearch/_async/helpers.py +1 -1
- elasticsearch/_sync/client/__init__.py +493 -347
- elasticsearch/_sync/client/async_search.py +108 -72
- elasticsearch/_sync/client/autoscaling.py +13 -8
- elasticsearch/_sync/client/cat.py +26 -26
- elasticsearch/_sync/client/ccr.py +178 -117
- elasticsearch/_sync/client/cluster.py +56 -48
- elasticsearch/_sync/client/dangling_indices.py +3 -3
- elasticsearch/_sync/client/enrich.py +15 -13
- elasticsearch/_sync/client/eql.py +53 -36
- elasticsearch/_sync/client/esql.py +99 -0
- elasticsearch/_sync/client/features.py +2 -2
- elasticsearch/_sync/client/fleet.py +111 -71
- elasticsearch/_sync/client/graph.py +13 -11
- elasticsearch/_sync/client/ilm.py +33 -27
- elasticsearch/_sync/client/indices.py +326 -227
- elasticsearch/_sync/client/inference.py +212 -0
- elasticsearch/_sync/client/ingest.py +28 -24
- elasticsearch/_sync/client/license.py +15 -13
- elasticsearch/_sync/client/logstash.py +13 -10
- elasticsearch/_sync/client/migration.py +3 -3
- elasticsearch/_sync/client/ml.py +758 -538
- elasticsearch/_sync/client/monitoring.py +10 -5
- elasticsearch/_sync/client/nodes.py +13 -11
- elasticsearch/_sync/client/query_ruleset.py +12 -10
- elasticsearch/_sync/client/rollup.py +59 -46
- elasticsearch/_sync/client/search_application.py +23 -16
- elasticsearch/_sync/client/searchable_snapshots.py +23 -16
- elasticsearch/_sync/client/security.py +391 -289
- elasticsearch/_sync/client/shutdown.py +18 -14
- elasticsearch/_sync/client/slm.py +23 -21
- elasticsearch/_sync/client/snapshot.py +91 -65
- elasticsearch/_sync/client/sql.py +81 -58
- elasticsearch/_sync/client/ssl.py +1 -1
- elasticsearch/_sync/client/synonyms.py +23 -19
- elasticsearch/_sync/client/tasks.py +3 -3
- elasticsearch/_sync/client/text_structure.py +10 -5
- elasticsearch/_sync/client/transform.py +111 -75
- elasticsearch/_sync/client/utils.py +34 -10
- elasticsearch/_sync/client/watcher.py +77 -55
- elasticsearch/_sync/client/xpack.py +2 -2
- elasticsearch/_version.py +1 -1
- elasticsearch/client.py +2 -0
- elasticsearch/helpers/actions.py +1 -1
- {elasticsearch-8.11.1.dist-info → elasticsearch-8.12.0.dist-info}/METADATA +2 -3
- elasticsearch-8.12.0.dist-info/RECORD +103 -0
- elasticsearch-8.11.1.dist-info/RECORD +0 -99
- {elasticsearch-8.11.1.dist-info → elasticsearch-8.12.0.dist-info}/LICENSE +0 -0
- {elasticsearch-8.11.1.dist-info → elasticsearch-8.12.0.dist-info}/NOTICE +0 -0
- {elasticsearch-8.11.1.dist-info → elasticsearch-8.12.0.dist-info}/WHEEL +0 -0
- {elasticsearch-8.11.1.dist-info → elasticsearch-8.12.0.dist-info}/top_level.txt +0 -0
|
@@ -25,12 +25,14 @@ from .utils import SKIP_IN_PATH, _quote, _rewrite_parameters
|
|
|
25
25
|
|
|
26
26
|
class SecurityClient(NamespacedClient):
|
|
27
27
|
@_rewrite_parameters(
|
|
28
|
-
body_fields=
|
|
28
|
+
body_fields=("grant_type", "access_token", "password", "username"),
|
|
29
29
|
)
|
|
30
30
|
def activate_user_profile(
|
|
31
31
|
self,
|
|
32
32
|
*,
|
|
33
|
-
grant_type: t.
|
|
33
|
+
grant_type: t.Optional[
|
|
34
|
+
t.Union["t.Literal['access_token', 'password']", str]
|
|
35
|
+
] = None,
|
|
34
36
|
access_token: t.Optional[str] = None,
|
|
35
37
|
error_trace: t.Optional[bool] = None,
|
|
36
38
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
@@ -38,38 +40,40 @@ class SecurityClient(NamespacedClient):
|
|
|
38
40
|
password: t.Optional[str] = None,
|
|
39
41
|
pretty: t.Optional[bool] = None,
|
|
40
42
|
username: t.Optional[str] = None,
|
|
43
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
41
44
|
) -> ObjectApiResponse[t.Any]:
|
|
42
45
|
"""
|
|
43
46
|
Creates or updates the user profile on behalf of another user.
|
|
44
47
|
|
|
45
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
48
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-activate-user-profile.html>`_
|
|
46
49
|
|
|
47
50
|
:param grant_type:
|
|
48
51
|
:param access_token:
|
|
49
52
|
:param password:
|
|
50
53
|
:param username:
|
|
51
54
|
"""
|
|
52
|
-
if grant_type is None:
|
|
55
|
+
if grant_type is None and body is None:
|
|
53
56
|
raise ValueError("Empty value passed for parameter 'grant_type'")
|
|
54
57
|
__path = "/_security/profile/_activate"
|
|
55
|
-
__body: t.Dict[str, t.Any] = {}
|
|
56
58
|
__query: t.Dict[str, t.Any] = {}
|
|
57
|
-
if
|
|
58
|
-
__body["grant_type"] = grant_type
|
|
59
|
-
if access_token is not None:
|
|
60
|
-
__body["access_token"] = access_token
|
|
59
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
61
60
|
if error_trace is not None:
|
|
62
61
|
__query["error_trace"] = error_trace
|
|
63
62
|
if filter_path is not None:
|
|
64
63
|
__query["filter_path"] = filter_path
|
|
65
64
|
if human is not None:
|
|
66
65
|
__query["human"] = human
|
|
67
|
-
if password is not None:
|
|
68
|
-
__body["password"] = password
|
|
69
66
|
if pretty is not None:
|
|
70
67
|
__query["pretty"] = pretty
|
|
71
|
-
if
|
|
72
|
-
|
|
68
|
+
if not __body:
|
|
69
|
+
if grant_type is not None:
|
|
70
|
+
__body["grant_type"] = grant_type
|
|
71
|
+
if access_token is not None:
|
|
72
|
+
__body["access_token"] = access_token
|
|
73
|
+
if password is not None:
|
|
74
|
+
__body["password"] = password
|
|
75
|
+
if username is not None:
|
|
76
|
+
__body["username"] = username
|
|
73
77
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
74
78
|
return self.perform_request( # type: ignore[return-value]
|
|
75
79
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -88,7 +92,7 @@ class SecurityClient(NamespacedClient):
|
|
|
88
92
|
Enables authentication as a user and retrieve information about the authenticated
|
|
89
93
|
user.
|
|
90
94
|
|
|
91
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
95
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-authenticate.html>`_
|
|
92
96
|
"""
|
|
93
97
|
__path = "/_security/_authenticate"
|
|
94
98
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -106,7 +110,7 @@ class SecurityClient(NamespacedClient):
|
|
|
106
110
|
)
|
|
107
111
|
|
|
108
112
|
@_rewrite_parameters(
|
|
109
|
-
body_fields=
|
|
113
|
+
body_fields=("password", "password_hash"),
|
|
110
114
|
)
|
|
111
115
|
def change_password(
|
|
112
116
|
self,
|
|
@@ -121,11 +125,12 @@ class SecurityClient(NamespacedClient):
|
|
|
121
125
|
refresh: t.Optional[
|
|
122
126
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
123
127
|
] = None,
|
|
128
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
124
129
|
) -> ObjectApiResponse[t.Any]:
|
|
125
130
|
"""
|
|
126
131
|
Changes the passwords of users in the native realm and built-in users.
|
|
127
132
|
|
|
128
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
133
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-change-password.html>`_
|
|
129
134
|
|
|
130
135
|
:param username: The user whose password you want to change. If you do not specify
|
|
131
136
|
this parameter, the password is changed for the current user.
|
|
@@ -144,21 +149,22 @@ class SecurityClient(NamespacedClient):
|
|
|
144
149
|
else:
|
|
145
150
|
__path = "/_security/user/_password"
|
|
146
151
|
__query: t.Dict[str, t.Any] = {}
|
|
147
|
-
__body: t.Dict[str, t.Any] = {}
|
|
152
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
148
153
|
if error_trace is not None:
|
|
149
154
|
__query["error_trace"] = error_trace
|
|
150
155
|
if filter_path is not None:
|
|
151
156
|
__query["filter_path"] = filter_path
|
|
152
157
|
if human is not None:
|
|
153
158
|
__query["human"] = human
|
|
154
|
-
if password is not None:
|
|
155
|
-
__body["password"] = password
|
|
156
|
-
if password_hash is not None:
|
|
157
|
-
__body["password_hash"] = password_hash
|
|
158
159
|
if pretty is not None:
|
|
159
160
|
__query["pretty"] = pretty
|
|
160
161
|
if refresh is not None:
|
|
161
162
|
__query["refresh"] = refresh
|
|
163
|
+
if not __body:
|
|
164
|
+
if password is not None:
|
|
165
|
+
__body["password"] = password
|
|
166
|
+
if password_hash is not None:
|
|
167
|
+
__body["password_hash"] = password_hash
|
|
162
168
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
163
169
|
return self.perform_request( # type: ignore[return-value]
|
|
164
170
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
@@ -177,7 +183,7 @@ class SecurityClient(NamespacedClient):
|
|
|
177
183
|
"""
|
|
178
184
|
Clear a subset or all entries from the API key cache.
|
|
179
185
|
|
|
180
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
186
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-api-key-cache.html>`_
|
|
181
187
|
|
|
182
188
|
:param ids: Comma-separated list of API key IDs to evict from the API key cache.
|
|
183
189
|
To evict all API keys, use `*`. Does not support other wildcard patterns.
|
|
@@ -212,7 +218,7 @@ class SecurityClient(NamespacedClient):
|
|
|
212
218
|
"""
|
|
213
219
|
Evicts application privileges from the native application privileges cache.
|
|
214
220
|
|
|
215
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
221
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-privilege-cache.html>`_
|
|
216
222
|
|
|
217
223
|
:param application: A comma-separated list of application names
|
|
218
224
|
"""
|
|
@@ -248,7 +254,7 @@ class SecurityClient(NamespacedClient):
|
|
|
248
254
|
Evicts users from the user cache. Can completely clear the cache or evict specific
|
|
249
255
|
users.
|
|
250
256
|
|
|
251
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
257
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-cache.html>`_
|
|
252
258
|
|
|
253
259
|
:param realms: Comma-separated list of realms to clear
|
|
254
260
|
:param usernames: Comma-separated list of usernames to clear from the cache
|
|
@@ -285,7 +291,7 @@ class SecurityClient(NamespacedClient):
|
|
|
285
291
|
"""
|
|
286
292
|
Evicts roles from the native role cache.
|
|
287
293
|
|
|
288
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
294
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-role-cache.html>`_
|
|
289
295
|
|
|
290
296
|
:param name: Role name
|
|
291
297
|
"""
|
|
@@ -321,7 +327,7 @@ class SecurityClient(NamespacedClient):
|
|
|
321
327
|
"""
|
|
322
328
|
Evicts tokens from the service account token caches.
|
|
323
329
|
|
|
324
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
330
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-clear-service-token-caches.html>`_
|
|
325
331
|
|
|
326
332
|
:param namespace: An identifier for the namespace
|
|
327
333
|
:param service: An identifier for the service name
|
|
@@ -349,7 +355,7 @@ class SecurityClient(NamespacedClient):
|
|
|
349
355
|
)
|
|
350
356
|
|
|
351
357
|
@_rewrite_parameters(
|
|
352
|
-
body_fields=
|
|
358
|
+
body_fields=("expiration", "metadata", "name", "role_descriptors"),
|
|
353
359
|
)
|
|
354
360
|
def create_api_key(
|
|
355
361
|
self,
|
|
@@ -365,11 +371,12 @@ class SecurityClient(NamespacedClient):
|
|
|
365
371
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
366
372
|
] = None,
|
|
367
373
|
role_descriptors: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
|
|
374
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
368
375
|
) -> ObjectApiResponse[t.Any]:
|
|
369
376
|
"""
|
|
370
377
|
Creates an API key for access without requiring basic authentication.
|
|
371
378
|
|
|
372
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
379
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-create-api-key.html>`_
|
|
373
380
|
|
|
374
381
|
:param expiration: Expiration time for the API key. By default, API keys never
|
|
375
382
|
expire.
|
|
@@ -391,25 +398,26 @@ class SecurityClient(NamespacedClient):
|
|
|
391
398
|
"""
|
|
392
399
|
__path = "/_security/api_key"
|
|
393
400
|
__query: t.Dict[str, t.Any] = {}
|
|
394
|
-
__body: t.Dict[str, t.Any] = {}
|
|
401
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
395
402
|
if error_trace is not None:
|
|
396
403
|
__query["error_trace"] = error_trace
|
|
397
|
-
if expiration is not None:
|
|
398
|
-
__body["expiration"] = expiration
|
|
399
404
|
if filter_path is not None:
|
|
400
405
|
__query["filter_path"] = filter_path
|
|
401
406
|
if human is not None:
|
|
402
407
|
__query["human"] = human
|
|
403
|
-
if metadata is not None:
|
|
404
|
-
__body["metadata"] = metadata
|
|
405
|
-
if name is not None:
|
|
406
|
-
__body["name"] = name
|
|
407
408
|
if pretty is not None:
|
|
408
409
|
__query["pretty"] = pretty
|
|
409
410
|
if refresh is not None:
|
|
410
411
|
__query["refresh"] = refresh
|
|
411
|
-
if
|
|
412
|
-
|
|
412
|
+
if not __body:
|
|
413
|
+
if expiration is not None:
|
|
414
|
+
__body["expiration"] = expiration
|
|
415
|
+
if metadata is not None:
|
|
416
|
+
__body["metadata"] = metadata
|
|
417
|
+
if name is not None:
|
|
418
|
+
__body["name"] = name
|
|
419
|
+
if role_descriptors is not None:
|
|
420
|
+
__body["role_descriptors"] = role_descriptors
|
|
413
421
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
414
422
|
return self.perform_request( # type: ignore[return-value]
|
|
415
423
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
@@ -433,7 +441,7 @@ class SecurityClient(NamespacedClient):
|
|
|
433
441
|
"""
|
|
434
442
|
Creates a service account token for access without requiring basic authentication.
|
|
435
443
|
|
|
436
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
444
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-create-service-token.html>`_
|
|
437
445
|
|
|
438
446
|
:param namespace: An identifier for the namespace
|
|
439
447
|
:param service: An identifier for the service name
|
|
@@ -491,7 +499,7 @@ class SecurityClient(NamespacedClient):
|
|
|
491
499
|
"""
|
|
492
500
|
Removes application privileges.
|
|
493
501
|
|
|
494
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
502
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-privilege.html>`_
|
|
495
503
|
|
|
496
504
|
:param application: Application name
|
|
497
505
|
:param name: Privilege name
|
|
@@ -536,7 +544,7 @@ class SecurityClient(NamespacedClient):
|
|
|
536
544
|
"""
|
|
537
545
|
Removes roles in the native realm.
|
|
538
546
|
|
|
539
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
547
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-role.html>`_
|
|
540
548
|
|
|
541
549
|
:param name: Role name
|
|
542
550
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -578,7 +586,7 @@ class SecurityClient(NamespacedClient):
|
|
|
578
586
|
"""
|
|
579
587
|
Removes role mappings.
|
|
580
588
|
|
|
581
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
589
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-role-mapping.html>`_
|
|
582
590
|
|
|
583
591
|
:param name: Role-mapping name
|
|
584
592
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -622,7 +630,7 @@ class SecurityClient(NamespacedClient):
|
|
|
622
630
|
"""
|
|
623
631
|
Deletes a service account token.
|
|
624
632
|
|
|
625
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
633
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-service-token.html>`_
|
|
626
634
|
|
|
627
635
|
:param namespace: An identifier for the namespace
|
|
628
636
|
:param service: An identifier for the service name
|
|
@@ -670,7 +678,7 @@ class SecurityClient(NamespacedClient):
|
|
|
670
678
|
"""
|
|
671
679
|
Deletes users from the native realm.
|
|
672
680
|
|
|
673
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
681
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-delete-user.html>`_
|
|
674
682
|
|
|
675
683
|
:param username: username
|
|
676
684
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -712,7 +720,7 @@ class SecurityClient(NamespacedClient):
|
|
|
712
720
|
"""
|
|
713
721
|
Disables users in the native realm.
|
|
714
722
|
|
|
715
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
723
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-disable-user.html>`_
|
|
716
724
|
|
|
717
725
|
:param username: The username of the user to disable
|
|
718
726
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -754,7 +762,7 @@ class SecurityClient(NamespacedClient):
|
|
|
754
762
|
"""
|
|
755
763
|
Disables a user profile so it's not visible in user profile searches.
|
|
756
764
|
|
|
757
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
765
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-disable-user-profile.html>`_
|
|
758
766
|
|
|
759
767
|
:param uid: Unique identifier for the user profile.
|
|
760
768
|
:param refresh: If 'true', Elasticsearch refreshes the affected shards to make
|
|
@@ -796,7 +804,7 @@ class SecurityClient(NamespacedClient):
|
|
|
796
804
|
"""
|
|
797
805
|
Enables users in the native realm.
|
|
798
806
|
|
|
799
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
807
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-enable-user.html>`_
|
|
800
808
|
|
|
801
809
|
:param username: The username of the user to enable
|
|
802
810
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
@@ -838,7 +846,7 @@ class SecurityClient(NamespacedClient):
|
|
|
838
846
|
"""
|
|
839
847
|
Enables a user profile so it's visible in user profile searches.
|
|
840
848
|
|
|
841
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
849
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-enable-user-profile.html>`_
|
|
842
850
|
|
|
843
851
|
:param uid: Unique identifier for the user profile.
|
|
844
852
|
:param refresh: If 'true', Elasticsearch refreshes the affected shards to make
|
|
@@ -877,7 +885,7 @@ class SecurityClient(NamespacedClient):
|
|
|
877
885
|
Allows a kibana instance to configure itself to communicate with a secured elasticsearch
|
|
878
886
|
cluster.
|
|
879
887
|
|
|
880
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
888
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-kibana-enrollment.html>`_
|
|
881
889
|
"""
|
|
882
890
|
__path = "/_security/enroll/kibana"
|
|
883
891
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -906,7 +914,7 @@ class SecurityClient(NamespacedClient):
|
|
|
906
914
|
"""
|
|
907
915
|
Allows a new node to enroll to an existing cluster with security enabled.
|
|
908
916
|
|
|
909
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
917
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-node-enrollment.html>`_
|
|
910
918
|
"""
|
|
911
919
|
__path = "/_security/enroll/node"
|
|
912
920
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -927,6 +935,7 @@ class SecurityClient(NamespacedClient):
|
|
|
927
935
|
def get_api_key(
|
|
928
936
|
self,
|
|
929
937
|
*,
|
|
938
|
+
active_only: t.Optional[bool] = None,
|
|
930
939
|
error_trace: t.Optional[bool] = None,
|
|
931
940
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
932
941
|
human: t.Optional[bool] = None,
|
|
@@ -941,8 +950,13 @@ class SecurityClient(NamespacedClient):
|
|
|
941
950
|
"""
|
|
942
951
|
Retrieves information for one or more API keys.
|
|
943
952
|
|
|
944
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
953
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-api-key.html>`_
|
|
945
954
|
|
|
955
|
+
:param active_only: A boolean flag that can be used to query API keys that are
|
|
956
|
+
currently active. An API key is considered active if it is neither invalidated,
|
|
957
|
+
nor expired at query time. You can specify this together with other parameters
|
|
958
|
+
such as `owner` or `name`. If `active_only` is false, the response will include
|
|
959
|
+
both active and inactive (expired or invalidated) keys.
|
|
946
960
|
:param id: An API key id. This parameter cannot be used with any of `name`, `realm_name`
|
|
947
961
|
or `username`.
|
|
948
962
|
:param name: An API key name. This parameter cannot be used with any of `id`,
|
|
@@ -961,6 +975,8 @@ class SecurityClient(NamespacedClient):
|
|
|
961
975
|
"""
|
|
962
976
|
__path = "/_security/api_key"
|
|
963
977
|
__query: t.Dict[str, t.Any] = {}
|
|
978
|
+
if active_only is not None:
|
|
979
|
+
__query["active_only"] = active_only
|
|
964
980
|
if error_trace is not None:
|
|
965
981
|
__query["error_trace"] = error_trace
|
|
966
982
|
if filter_path is not None:
|
|
@@ -999,7 +1015,7 @@ class SecurityClient(NamespacedClient):
|
|
|
999
1015
|
Retrieves the list of cluster privileges and index privileges that are available
|
|
1000
1016
|
in this version of Elasticsearch.
|
|
1001
1017
|
|
|
1002
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1018
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-builtin-privileges.html>`_
|
|
1003
1019
|
"""
|
|
1004
1020
|
__path = "/_security/privilege/_builtin"
|
|
1005
1021
|
__query: t.Dict[str, t.Any] = {}
|
|
@@ -1030,7 +1046,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1030
1046
|
"""
|
|
1031
1047
|
Retrieves application privileges.
|
|
1032
1048
|
|
|
1033
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1049
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-privileges.html>`_
|
|
1034
1050
|
|
|
1035
1051
|
:param application: Application name
|
|
1036
1052
|
:param name: Privilege name
|
|
@@ -1068,7 +1084,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1068
1084
|
"""
|
|
1069
1085
|
Retrieves roles in the native realm.
|
|
1070
1086
|
|
|
1071
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1087
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-role.html>`_
|
|
1072
1088
|
|
|
1073
1089
|
:param name: The name of the role. You can specify multiple roles as a comma-separated
|
|
1074
1090
|
list. If you do not specify this parameter, the API returns information about
|
|
@@ -1105,7 +1121,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1105
1121
|
"""
|
|
1106
1122
|
Retrieves role mappings.
|
|
1107
1123
|
|
|
1108
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1124
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-role-mapping.html>`_
|
|
1109
1125
|
|
|
1110
1126
|
:param name: The distinct name that identifies the role mapping. The name is
|
|
1111
1127
|
used solely as an identifier to facilitate interaction via the API; it does
|
|
@@ -1145,7 +1161,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1145
1161
|
"""
|
|
1146
1162
|
Retrieves information about service accounts.
|
|
1147
1163
|
|
|
1148
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1164
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-service-accounts.html>`_
|
|
1149
1165
|
|
|
1150
1166
|
:param namespace: Name of the namespace. Omit this parameter to retrieve information
|
|
1151
1167
|
about all service accounts. If you omit this parameter, you must also omit
|
|
@@ -1187,7 +1203,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1187
1203
|
"""
|
|
1188
1204
|
Retrieves information of all service credentials for a service account.
|
|
1189
1205
|
|
|
1190
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1206
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-service-credentials.html>`_
|
|
1191
1207
|
|
|
1192
1208
|
:param namespace: Name of the namespace.
|
|
1193
1209
|
:param service: Name of the service name.
|
|
@@ -1212,7 +1228,14 @@ class SecurityClient(NamespacedClient):
|
|
|
1212
1228
|
)
|
|
1213
1229
|
|
|
1214
1230
|
@_rewrite_parameters(
|
|
1215
|
-
body_fields=
|
|
1231
|
+
body_fields=(
|
|
1232
|
+
"grant_type",
|
|
1233
|
+
"kerberos_ticket",
|
|
1234
|
+
"password",
|
|
1235
|
+
"refresh_token",
|
|
1236
|
+
"scope",
|
|
1237
|
+
"username",
|
|
1238
|
+
),
|
|
1216
1239
|
)
|
|
1217
1240
|
def get_token(
|
|
1218
1241
|
self,
|
|
@@ -1232,11 +1255,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1232
1255
|
refresh_token: t.Optional[str] = None,
|
|
1233
1256
|
scope: t.Optional[str] = None,
|
|
1234
1257
|
username: t.Optional[str] = None,
|
|
1258
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1235
1259
|
) -> ObjectApiResponse[t.Any]:
|
|
1236
1260
|
"""
|
|
1237
1261
|
Creates a bearer token for access without requiring basic authentication.
|
|
1238
1262
|
|
|
1239
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1263
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-token.html>`_
|
|
1240
1264
|
|
|
1241
1265
|
:param grant_type:
|
|
1242
1266
|
:param kerberos_ticket:
|
|
@@ -1247,27 +1271,28 @@ class SecurityClient(NamespacedClient):
|
|
|
1247
1271
|
"""
|
|
1248
1272
|
__path = "/_security/oauth2/token"
|
|
1249
1273
|
__query: t.Dict[str, t.Any] = {}
|
|
1250
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1274
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1251
1275
|
if error_trace is not None:
|
|
1252
1276
|
__query["error_trace"] = error_trace
|
|
1253
1277
|
if filter_path is not None:
|
|
1254
1278
|
__query["filter_path"] = filter_path
|
|
1255
|
-
if grant_type is not None:
|
|
1256
|
-
__body["grant_type"] = grant_type
|
|
1257
1279
|
if human is not None:
|
|
1258
1280
|
__query["human"] = human
|
|
1259
|
-
if kerberos_ticket is not None:
|
|
1260
|
-
__body["kerberos_ticket"] = kerberos_ticket
|
|
1261
|
-
if password is not None:
|
|
1262
|
-
__body["password"] = password
|
|
1263
1281
|
if pretty is not None:
|
|
1264
1282
|
__query["pretty"] = pretty
|
|
1265
|
-
if
|
|
1266
|
-
|
|
1267
|
-
|
|
1268
|
-
|
|
1269
|
-
|
|
1270
|
-
|
|
1283
|
+
if not __body:
|
|
1284
|
+
if grant_type is not None:
|
|
1285
|
+
__body["grant_type"] = grant_type
|
|
1286
|
+
if kerberos_ticket is not None:
|
|
1287
|
+
__body["kerberos_ticket"] = kerberos_ticket
|
|
1288
|
+
if password is not None:
|
|
1289
|
+
__body["password"] = password
|
|
1290
|
+
if refresh_token is not None:
|
|
1291
|
+
__body["refresh_token"] = refresh_token
|
|
1292
|
+
if scope is not None:
|
|
1293
|
+
__body["scope"] = scope
|
|
1294
|
+
if username is not None:
|
|
1295
|
+
__body["username"] = username
|
|
1271
1296
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1272
1297
|
return self.perform_request( # type: ignore[return-value]
|
|
1273
1298
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -1287,7 +1312,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1287
1312
|
"""
|
|
1288
1313
|
Retrieves information about users in the native realm and built-in users.
|
|
1289
1314
|
|
|
1290
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1315
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user.html>`_
|
|
1291
1316
|
|
|
1292
1317
|
:param username: An identifier for the user. You can specify multiple usernames
|
|
1293
1318
|
as a comma-separated list. If you omit this parameter, the API retrieves
|
|
@@ -1330,7 +1355,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1330
1355
|
"""
|
|
1331
1356
|
Retrieves security privileges for the logged in user.
|
|
1332
1357
|
|
|
1333
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1358
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user-privileges.html>`_
|
|
1334
1359
|
|
|
1335
1360
|
:param application: The name of the application. Application privileges are always
|
|
1336
1361
|
associated with exactly one application. If you do not specify this parameter,
|
|
@@ -1374,7 +1399,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1374
1399
|
"""
|
|
1375
1400
|
Retrieves user profiles for the given unique ID(s).
|
|
1376
1401
|
|
|
1377
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1402
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-get-user-profile.html>`_
|
|
1378
1403
|
|
|
1379
1404
|
:param uid: A unique identifier for the user profile.
|
|
1380
1405
|
:param data: List of filters for the `data` field of the profile document. To
|
|
@@ -1402,14 +1427,23 @@ class SecurityClient(NamespacedClient):
|
|
|
1402
1427
|
)
|
|
1403
1428
|
|
|
1404
1429
|
@_rewrite_parameters(
|
|
1405
|
-
body_fields=
|
|
1430
|
+
body_fields=(
|
|
1431
|
+
"api_key",
|
|
1432
|
+
"grant_type",
|
|
1433
|
+
"access_token",
|
|
1434
|
+
"password",
|
|
1435
|
+
"run_as",
|
|
1436
|
+
"username",
|
|
1437
|
+
),
|
|
1406
1438
|
ignore_deprecated_options={"api_key"},
|
|
1407
1439
|
)
|
|
1408
1440
|
def grant_api_key(
|
|
1409
1441
|
self,
|
|
1410
1442
|
*,
|
|
1411
|
-
api_key: t.Mapping[str, t.Any],
|
|
1412
|
-
grant_type: t.
|
|
1443
|
+
api_key: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1444
|
+
grant_type: t.Optional[
|
|
1445
|
+
t.Union["t.Literal['access_token', 'password']", str]
|
|
1446
|
+
] = None,
|
|
1413
1447
|
access_token: t.Optional[str] = None,
|
|
1414
1448
|
error_trace: t.Optional[bool] = None,
|
|
1415
1449
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
@@ -1418,11 +1452,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1418
1452
|
pretty: t.Optional[bool] = None,
|
|
1419
1453
|
run_as: t.Optional[str] = None,
|
|
1420
1454
|
username: t.Optional[str] = None,
|
|
1455
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1421
1456
|
) -> ObjectApiResponse[t.Any]:
|
|
1422
1457
|
"""
|
|
1423
1458
|
Creates an API key on behalf of another user.
|
|
1424
1459
|
|
|
1425
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1460
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-grant-api-key.html>`_
|
|
1426
1461
|
|
|
1427
1462
|
:param api_key: Defines the API key.
|
|
1428
1463
|
:param grant_type: The type of grant. Supported grant types are: `access_token`,
|
|
@@ -1437,40 +1472,41 @@ class SecurityClient(NamespacedClient):
|
|
|
1437
1472
|
grant type, this parameter is required. It is not valid with other grant
|
|
1438
1473
|
types.
|
|
1439
1474
|
"""
|
|
1440
|
-
if api_key is None:
|
|
1475
|
+
if api_key is None and body is None:
|
|
1441
1476
|
raise ValueError("Empty value passed for parameter 'api_key'")
|
|
1442
|
-
if grant_type is None:
|
|
1477
|
+
if grant_type is None and body is None:
|
|
1443
1478
|
raise ValueError("Empty value passed for parameter 'grant_type'")
|
|
1444
1479
|
__path = "/_security/api_key/grant"
|
|
1445
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1446
1480
|
__query: t.Dict[str, t.Any] = {}
|
|
1447
|
-
if
|
|
1448
|
-
__body["api_key"] = api_key
|
|
1449
|
-
if grant_type is not None:
|
|
1450
|
-
__body["grant_type"] = grant_type
|
|
1451
|
-
if access_token is not None:
|
|
1452
|
-
__body["access_token"] = access_token
|
|
1481
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1453
1482
|
if error_trace is not None:
|
|
1454
1483
|
__query["error_trace"] = error_trace
|
|
1455
1484
|
if filter_path is not None:
|
|
1456
1485
|
__query["filter_path"] = filter_path
|
|
1457
1486
|
if human is not None:
|
|
1458
1487
|
__query["human"] = human
|
|
1459
|
-
if password is not None:
|
|
1460
|
-
__body["password"] = password
|
|
1461
1488
|
if pretty is not None:
|
|
1462
1489
|
__query["pretty"] = pretty
|
|
1463
|
-
if
|
|
1464
|
-
|
|
1465
|
-
|
|
1466
|
-
|
|
1490
|
+
if not __body:
|
|
1491
|
+
if api_key is not None:
|
|
1492
|
+
__body["api_key"] = api_key
|
|
1493
|
+
if grant_type is not None:
|
|
1494
|
+
__body["grant_type"] = grant_type
|
|
1495
|
+
if access_token is not None:
|
|
1496
|
+
__body["access_token"] = access_token
|
|
1497
|
+
if password is not None:
|
|
1498
|
+
__body["password"] = password
|
|
1499
|
+
if run_as is not None:
|
|
1500
|
+
__body["run_as"] = run_as
|
|
1501
|
+
if username is not None:
|
|
1502
|
+
__body["username"] = username
|
|
1467
1503
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1468
1504
|
return self.perform_request( # type: ignore[return-value]
|
|
1469
1505
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1470
1506
|
)
|
|
1471
1507
|
|
|
1472
1508
|
@_rewrite_parameters(
|
|
1473
|
-
body_fields=
|
|
1509
|
+
body_fields=("application", "cluster", "index"),
|
|
1474
1510
|
)
|
|
1475
1511
|
def has_privileges(
|
|
1476
1512
|
self,
|
|
@@ -1490,11 +1526,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1490
1526
|
human: t.Optional[bool] = None,
|
|
1491
1527
|
index: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None,
|
|
1492
1528
|
pretty: t.Optional[bool] = None,
|
|
1529
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1493
1530
|
) -> ObjectApiResponse[t.Any]:
|
|
1494
1531
|
"""
|
|
1495
1532
|
Determines whether the specified user has a specified list of privileges.
|
|
1496
1533
|
|
|
1497
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1534
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-has-privileges.html>`_
|
|
1498
1535
|
|
|
1499
1536
|
:param user: Username
|
|
1500
1537
|
:param application:
|
|
@@ -1505,61 +1542,59 @@ class SecurityClient(NamespacedClient):
|
|
|
1505
1542
|
__path = f"/_security/user/{_quote(user)}/_has_privileges"
|
|
1506
1543
|
else:
|
|
1507
1544
|
__path = "/_security/user/_has_privileges"
|
|
1508
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1509
1545
|
__query: t.Dict[str, t.Any] = {}
|
|
1510
|
-
if
|
|
1511
|
-
__body["application"] = application
|
|
1512
|
-
if cluster is not None:
|
|
1513
|
-
__body["cluster"] = cluster
|
|
1546
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1514
1547
|
if error_trace is not None:
|
|
1515
1548
|
__query["error_trace"] = error_trace
|
|
1516
1549
|
if filter_path is not None:
|
|
1517
1550
|
__query["filter_path"] = filter_path
|
|
1518
1551
|
if human is not None:
|
|
1519
1552
|
__query["human"] = human
|
|
1520
|
-
if index is not None:
|
|
1521
|
-
__body["index"] = index
|
|
1522
1553
|
if pretty is not None:
|
|
1523
1554
|
__query["pretty"] = pretty
|
|
1555
|
+
if not __body:
|
|
1556
|
+
if application is not None:
|
|
1557
|
+
__body["application"] = application
|
|
1558
|
+
if cluster is not None:
|
|
1559
|
+
__body["cluster"] = cluster
|
|
1560
|
+
if index is not None:
|
|
1561
|
+
__body["index"] = index
|
|
1524
1562
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1525
1563
|
return self.perform_request( # type: ignore[return-value]
|
|
1526
1564
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1527
1565
|
)
|
|
1528
1566
|
|
|
1529
1567
|
@_rewrite_parameters(
|
|
1530
|
-
body_fields=
|
|
1568
|
+
body_fields=("privileges", "uids"),
|
|
1531
1569
|
)
|
|
1532
1570
|
def has_privileges_user_profile(
|
|
1533
1571
|
self,
|
|
1534
1572
|
*,
|
|
1535
|
-
privileges: t.Mapping[str, t.Any],
|
|
1536
|
-
uids: t.Sequence[str],
|
|
1573
|
+
privileges: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1574
|
+
uids: t.Optional[t.Sequence[str]] = None,
|
|
1537
1575
|
error_trace: t.Optional[bool] = None,
|
|
1538
1576
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
1539
1577
|
human: t.Optional[bool] = None,
|
|
1540
1578
|
pretty: t.Optional[bool] = None,
|
|
1579
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1541
1580
|
) -> ObjectApiResponse[t.Any]:
|
|
1542
1581
|
"""
|
|
1543
1582
|
Determines whether the users associated with the specified profile IDs have all
|
|
1544
1583
|
the requested privileges.
|
|
1545
1584
|
|
|
1546
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1585
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-has-privileges-user-profile.html>`_
|
|
1547
1586
|
|
|
1548
1587
|
:param privileges:
|
|
1549
1588
|
:param uids: A list of profile IDs. The privileges are checked for associated
|
|
1550
1589
|
users of the profiles.
|
|
1551
1590
|
"""
|
|
1552
|
-
if privileges is None:
|
|
1591
|
+
if privileges is None and body is None:
|
|
1553
1592
|
raise ValueError("Empty value passed for parameter 'privileges'")
|
|
1554
|
-
if uids is None:
|
|
1593
|
+
if uids is None and body is None:
|
|
1555
1594
|
raise ValueError("Empty value passed for parameter 'uids'")
|
|
1556
1595
|
__path = "/_security/profile/_has_privileges"
|
|
1557
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1558
1596
|
__query: t.Dict[str, t.Any] = {}
|
|
1559
|
-
if
|
|
1560
|
-
__body["privileges"] = privileges
|
|
1561
|
-
if uids is not None:
|
|
1562
|
-
__body["uids"] = uids
|
|
1597
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1563
1598
|
if error_trace is not None:
|
|
1564
1599
|
__query["error_trace"] = error_trace
|
|
1565
1600
|
if filter_path is not None:
|
|
@@ -1568,13 +1603,18 @@ class SecurityClient(NamespacedClient):
|
|
|
1568
1603
|
__query["human"] = human
|
|
1569
1604
|
if pretty is not None:
|
|
1570
1605
|
__query["pretty"] = pretty
|
|
1606
|
+
if not __body:
|
|
1607
|
+
if privileges is not None:
|
|
1608
|
+
__body["privileges"] = privileges
|
|
1609
|
+
if uids is not None:
|
|
1610
|
+
__body["uids"] = uids
|
|
1571
1611
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1572
1612
|
return self.perform_request( # type: ignore[return-value]
|
|
1573
1613
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
1574
1614
|
)
|
|
1575
1615
|
|
|
1576
1616
|
@_rewrite_parameters(
|
|
1577
|
-
body_fields=
|
|
1617
|
+
body_fields=("id", "ids", "name", "owner", "realm_name", "username"),
|
|
1578
1618
|
)
|
|
1579
1619
|
def invalidate_api_key(
|
|
1580
1620
|
self,
|
|
@@ -1589,11 +1629,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1589
1629
|
pretty: t.Optional[bool] = None,
|
|
1590
1630
|
realm_name: t.Optional[str] = None,
|
|
1591
1631
|
username: t.Optional[str] = None,
|
|
1632
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1592
1633
|
) -> ObjectApiResponse[t.Any]:
|
|
1593
1634
|
"""
|
|
1594
1635
|
Invalidates one or more API keys.
|
|
1595
1636
|
|
|
1596
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1637
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-invalidate-api-key.html>`_
|
|
1597
1638
|
|
|
1598
1639
|
:param id:
|
|
1599
1640
|
:param ids: A list of API key ids. This parameter cannot be used with any of
|
|
@@ -1611,34 +1652,35 @@ class SecurityClient(NamespacedClient):
|
|
|
1611
1652
|
"""
|
|
1612
1653
|
__path = "/_security/api_key"
|
|
1613
1654
|
__query: t.Dict[str, t.Any] = {}
|
|
1614
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1655
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1615
1656
|
if error_trace is not None:
|
|
1616
1657
|
__query["error_trace"] = error_trace
|
|
1617
1658
|
if filter_path is not None:
|
|
1618
1659
|
__query["filter_path"] = filter_path
|
|
1619
1660
|
if human is not None:
|
|
1620
1661
|
__query["human"] = human
|
|
1621
|
-
if id is not None:
|
|
1622
|
-
__body["id"] = id
|
|
1623
|
-
if ids is not None:
|
|
1624
|
-
__body["ids"] = ids
|
|
1625
|
-
if name is not None:
|
|
1626
|
-
__body["name"] = name
|
|
1627
|
-
if owner is not None:
|
|
1628
|
-
__body["owner"] = owner
|
|
1629
1662
|
if pretty is not None:
|
|
1630
1663
|
__query["pretty"] = pretty
|
|
1631
|
-
if
|
|
1632
|
-
|
|
1633
|
-
|
|
1634
|
-
|
|
1664
|
+
if not __body:
|
|
1665
|
+
if id is not None:
|
|
1666
|
+
__body["id"] = id
|
|
1667
|
+
if ids is not None:
|
|
1668
|
+
__body["ids"] = ids
|
|
1669
|
+
if name is not None:
|
|
1670
|
+
__body["name"] = name
|
|
1671
|
+
if owner is not None:
|
|
1672
|
+
__body["owner"] = owner
|
|
1673
|
+
if realm_name is not None:
|
|
1674
|
+
__body["realm_name"] = realm_name
|
|
1675
|
+
if username is not None:
|
|
1676
|
+
__body["username"] = username
|
|
1635
1677
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1636
1678
|
return self.perform_request( # type: ignore[return-value]
|
|
1637
1679
|
"DELETE", __path, params=__query, headers=__headers, body=__body
|
|
1638
1680
|
)
|
|
1639
1681
|
|
|
1640
1682
|
@_rewrite_parameters(
|
|
1641
|
-
body_fields=
|
|
1683
|
+
body_fields=("realm_name", "refresh_token", "token", "username"),
|
|
1642
1684
|
)
|
|
1643
1685
|
def invalidate_token(
|
|
1644
1686
|
self,
|
|
@@ -1651,11 +1693,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1651
1693
|
refresh_token: t.Optional[str] = None,
|
|
1652
1694
|
token: t.Optional[str] = None,
|
|
1653
1695
|
username: t.Optional[str] = None,
|
|
1696
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1654
1697
|
) -> ObjectApiResponse[t.Any]:
|
|
1655
1698
|
"""
|
|
1656
1699
|
Invalidates one or more access tokens or refresh tokens.
|
|
1657
1700
|
|
|
1658
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1701
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-invalidate-token.html>`_
|
|
1659
1702
|
|
|
1660
1703
|
:param realm_name:
|
|
1661
1704
|
:param refresh_token:
|
|
@@ -1664,7 +1707,7 @@ class SecurityClient(NamespacedClient):
|
|
|
1664
1707
|
"""
|
|
1665
1708
|
__path = "/_security/oauth2/token"
|
|
1666
1709
|
__query: t.Dict[str, t.Any] = {}
|
|
1667
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1710
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1668
1711
|
if error_trace is not None:
|
|
1669
1712
|
__query["error_trace"] = error_trace
|
|
1670
1713
|
if filter_path is not None:
|
|
@@ -1673,14 +1716,15 @@ class SecurityClient(NamespacedClient):
|
|
|
1673
1716
|
__query["human"] = human
|
|
1674
1717
|
if pretty is not None:
|
|
1675
1718
|
__query["pretty"] = pretty
|
|
1676
|
-
if
|
|
1677
|
-
|
|
1678
|
-
|
|
1679
|
-
|
|
1680
|
-
|
|
1681
|
-
|
|
1682
|
-
|
|
1683
|
-
|
|
1719
|
+
if not __body:
|
|
1720
|
+
if realm_name is not None:
|
|
1721
|
+
__body["realm_name"] = realm_name
|
|
1722
|
+
if refresh_token is not None:
|
|
1723
|
+
__body["refresh_token"] = refresh_token
|
|
1724
|
+
if token is not None:
|
|
1725
|
+
__body["token"] = token
|
|
1726
|
+
if username is not None:
|
|
1727
|
+
__body["username"] = username
|
|
1684
1728
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1685
1729
|
return self.perform_request( # type: ignore[return-value]
|
|
1686
1730
|
"DELETE", __path, params=__query, headers=__headers, body=__body
|
|
@@ -1692,7 +1736,10 @@ class SecurityClient(NamespacedClient):
|
|
|
1692
1736
|
def put_privileges(
|
|
1693
1737
|
self,
|
|
1694
1738
|
*,
|
|
1695
|
-
privileges: t.
|
|
1739
|
+
privileges: t.Optional[
|
|
1740
|
+
t.Mapping[str, t.Mapping[str, t.Mapping[str, t.Any]]]
|
|
1741
|
+
] = None,
|
|
1742
|
+
body: t.Optional[t.Mapping[str, t.Mapping[str, t.Mapping[str, t.Any]]]] = None,
|
|
1696
1743
|
error_trace: t.Optional[bool] = None,
|
|
1697
1744
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
1698
1745
|
human: t.Optional[bool] = None,
|
|
@@ -1704,15 +1751,19 @@ class SecurityClient(NamespacedClient):
|
|
|
1704
1751
|
"""
|
|
1705
1752
|
Adds or updates application privileges.
|
|
1706
1753
|
|
|
1707
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1754
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-privileges.html>`_
|
|
1708
1755
|
|
|
1709
1756
|
:param privileges:
|
|
1710
1757
|
:param refresh: If `true` (the default) then refresh the affected shards to make
|
|
1711
1758
|
this operation visible to search, if `wait_for` then wait for a refresh to
|
|
1712
1759
|
make this operation visible to search, if `false` then do nothing with refreshes.
|
|
1713
1760
|
"""
|
|
1714
|
-
if privileges is None:
|
|
1715
|
-
raise ValueError(
|
|
1761
|
+
if privileges is None and body is None:
|
|
1762
|
+
raise ValueError(
|
|
1763
|
+
"Empty value passed for parameters 'privileges' and 'body', one of them should be set."
|
|
1764
|
+
)
|
|
1765
|
+
elif privileges is not None and body is not None:
|
|
1766
|
+
raise ValueError("Cannot set both 'privileges' and 'body'")
|
|
1716
1767
|
__path = "/_security/privilege"
|
|
1717
1768
|
__query: t.Dict[str, t.Any] = {}
|
|
1718
1769
|
if error_trace is not None:
|
|
@@ -1725,14 +1776,22 @@ class SecurityClient(NamespacedClient):
|
|
|
1725
1776
|
__query["pretty"] = pretty
|
|
1726
1777
|
if refresh is not None:
|
|
1727
1778
|
__query["refresh"] = refresh
|
|
1728
|
-
__body = privileges
|
|
1779
|
+
__body = privileges if privileges is not None else body
|
|
1729
1780
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1730
1781
|
return self.perform_request( # type: ignore[return-value]
|
|
1731
1782
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1732
1783
|
)
|
|
1733
1784
|
|
|
1734
1785
|
@_rewrite_parameters(
|
|
1735
|
-
body_fields=
|
|
1786
|
+
body_fields=(
|
|
1787
|
+
"applications",
|
|
1788
|
+
"cluster",
|
|
1789
|
+
"global_",
|
|
1790
|
+
"indices",
|
|
1791
|
+
"metadata",
|
|
1792
|
+
"run_as",
|
|
1793
|
+
"transient_metadata",
|
|
1794
|
+
),
|
|
1736
1795
|
parameter_aliases={"global": "global_"},
|
|
1737
1796
|
)
|
|
1738
1797
|
def put_role(
|
|
@@ -1760,11 +1819,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1760
1819
|
] = None,
|
|
1761
1820
|
run_as: t.Optional[t.Sequence[str]] = None,
|
|
1762
1821
|
transient_metadata: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1822
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1763
1823
|
) -> ObjectApiResponse[t.Any]:
|
|
1764
1824
|
"""
|
|
1765
1825
|
Adds and updates roles in the native realm.
|
|
1766
1826
|
|
|
1767
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1827
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-role.html>`_
|
|
1768
1828
|
|
|
1769
1829
|
:param name: The name of the role.
|
|
1770
1830
|
:param applications: A list of application privilege entries.
|
|
@@ -1790,39 +1850,47 @@ class SecurityClient(NamespacedClient):
|
|
|
1790
1850
|
if name in SKIP_IN_PATH:
|
|
1791
1851
|
raise ValueError("Empty value passed for parameter 'name'")
|
|
1792
1852
|
__path = f"/_security/role/{_quote(name)}"
|
|
1793
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1794
1853
|
__query: t.Dict[str, t.Any] = {}
|
|
1795
|
-
if
|
|
1796
|
-
__body["applications"] = applications
|
|
1797
|
-
if cluster is not None:
|
|
1798
|
-
__body["cluster"] = cluster
|
|
1854
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1799
1855
|
if error_trace is not None:
|
|
1800
1856
|
__query["error_trace"] = error_trace
|
|
1801
1857
|
if filter_path is not None:
|
|
1802
1858
|
__query["filter_path"] = filter_path
|
|
1803
|
-
if global_ is not None:
|
|
1804
|
-
__body["global"] = global_
|
|
1805
1859
|
if human is not None:
|
|
1806
1860
|
__query["human"] = human
|
|
1807
|
-
if indices is not None:
|
|
1808
|
-
__body["indices"] = indices
|
|
1809
|
-
if metadata is not None:
|
|
1810
|
-
__body["metadata"] = metadata
|
|
1811
1861
|
if pretty is not None:
|
|
1812
1862
|
__query["pretty"] = pretty
|
|
1813
1863
|
if refresh is not None:
|
|
1814
1864
|
__query["refresh"] = refresh
|
|
1815
|
-
if
|
|
1816
|
-
|
|
1817
|
-
|
|
1818
|
-
|
|
1865
|
+
if not __body:
|
|
1866
|
+
if applications is not None:
|
|
1867
|
+
__body["applications"] = applications
|
|
1868
|
+
if cluster is not None:
|
|
1869
|
+
__body["cluster"] = cluster
|
|
1870
|
+
if global_ is not None:
|
|
1871
|
+
__body["global"] = global_
|
|
1872
|
+
if indices is not None:
|
|
1873
|
+
__body["indices"] = indices
|
|
1874
|
+
if metadata is not None:
|
|
1875
|
+
__body["metadata"] = metadata
|
|
1876
|
+
if run_as is not None:
|
|
1877
|
+
__body["run_as"] = run_as
|
|
1878
|
+
if transient_metadata is not None:
|
|
1879
|
+
__body["transient_metadata"] = transient_metadata
|
|
1819
1880
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1820
1881
|
return self.perform_request( # type: ignore[return-value]
|
|
1821
1882
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1822
1883
|
)
|
|
1823
1884
|
|
|
1824
1885
|
@_rewrite_parameters(
|
|
1825
|
-
body_fields=
|
|
1886
|
+
body_fields=(
|
|
1887
|
+
"enabled",
|
|
1888
|
+
"metadata",
|
|
1889
|
+
"role_templates",
|
|
1890
|
+
"roles",
|
|
1891
|
+
"rules",
|
|
1892
|
+
"run_as",
|
|
1893
|
+
),
|
|
1826
1894
|
)
|
|
1827
1895
|
def put_role_mapping(
|
|
1828
1896
|
self,
|
|
@@ -1841,11 +1909,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1841
1909
|
roles: t.Optional[t.Sequence[str]] = None,
|
|
1842
1910
|
rules: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
1843
1911
|
run_as: t.Optional[t.Sequence[str]] = None,
|
|
1912
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1844
1913
|
) -> ObjectApiResponse[t.Any]:
|
|
1845
1914
|
"""
|
|
1846
1915
|
Creates and updates role mappings.
|
|
1847
1916
|
|
|
1848
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1917
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-role-mapping.html>`_
|
|
1849
1918
|
|
|
1850
1919
|
:param name: Role-mapping name
|
|
1851
1920
|
:param enabled:
|
|
@@ -1861,37 +1930,46 @@ class SecurityClient(NamespacedClient):
|
|
|
1861
1930
|
if name in SKIP_IN_PATH:
|
|
1862
1931
|
raise ValueError("Empty value passed for parameter 'name'")
|
|
1863
1932
|
__path = f"/_security/role_mapping/{_quote(name)}"
|
|
1864
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1865
1933
|
__query: t.Dict[str, t.Any] = {}
|
|
1866
|
-
if
|
|
1867
|
-
__body["enabled"] = enabled
|
|
1934
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1868
1935
|
if error_trace is not None:
|
|
1869
1936
|
__query["error_trace"] = error_trace
|
|
1870
1937
|
if filter_path is not None:
|
|
1871
1938
|
__query["filter_path"] = filter_path
|
|
1872
1939
|
if human is not None:
|
|
1873
1940
|
__query["human"] = human
|
|
1874
|
-
if metadata is not None:
|
|
1875
|
-
__body["metadata"] = metadata
|
|
1876
1941
|
if pretty is not None:
|
|
1877
1942
|
__query["pretty"] = pretty
|
|
1878
1943
|
if refresh is not None:
|
|
1879
1944
|
__query["refresh"] = refresh
|
|
1880
|
-
if
|
|
1881
|
-
|
|
1882
|
-
|
|
1883
|
-
|
|
1884
|
-
|
|
1885
|
-
|
|
1886
|
-
|
|
1887
|
-
|
|
1945
|
+
if not __body:
|
|
1946
|
+
if enabled is not None:
|
|
1947
|
+
__body["enabled"] = enabled
|
|
1948
|
+
if metadata is not None:
|
|
1949
|
+
__body["metadata"] = metadata
|
|
1950
|
+
if role_templates is not None:
|
|
1951
|
+
__body["role_templates"] = role_templates
|
|
1952
|
+
if roles is not None:
|
|
1953
|
+
__body["roles"] = roles
|
|
1954
|
+
if rules is not None:
|
|
1955
|
+
__body["rules"] = rules
|
|
1956
|
+
if run_as is not None:
|
|
1957
|
+
__body["run_as"] = run_as
|
|
1888
1958
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1889
1959
|
return self.perform_request( # type: ignore[return-value]
|
|
1890
1960
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1891
1961
|
)
|
|
1892
1962
|
|
|
1893
1963
|
@_rewrite_parameters(
|
|
1894
|
-
body_fields=
|
|
1964
|
+
body_fields=(
|
|
1965
|
+
"email",
|
|
1966
|
+
"enabled",
|
|
1967
|
+
"full_name",
|
|
1968
|
+
"metadata",
|
|
1969
|
+
"password",
|
|
1970
|
+
"password_hash",
|
|
1971
|
+
"roles",
|
|
1972
|
+
),
|
|
1895
1973
|
)
|
|
1896
1974
|
def put_user(
|
|
1897
1975
|
self,
|
|
@@ -1911,12 +1989,13 @@ class SecurityClient(NamespacedClient):
|
|
|
1911
1989
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
1912
1990
|
] = None,
|
|
1913
1991
|
roles: t.Optional[t.Sequence[str]] = None,
|
|
1992
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1914
1993
|
) -> ObjectApiResponse[t.Any]:
|
|
1915
1994
|
"""
|
|
1916
1995
|
Adds and updates users in the native realm. These users are commonly referred
|
|
1917
1996
|
to as native users.
|
|
1918
1997
|
|
|
1919
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
1998
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-put-user.html>`_
|
|
1920
1999
|
|
|
1921
2000
|
:param username: The username of the User
|
|
1922
2001
|
:param email:
|
|
@@ -1933,39 +2012,40 @@ class SecurityClient(NamespacedClient):
|
|
|
1933
2012
|
if username in SKIP_IN_PATH:
|
|
1934
2013
|
raise ValueError("Empty value passed for parameter 'username'")
|
|
1935
2014
|
__path = f"/_security/user/{_quote(username)}"
|
|
1936
|
-
__body: t.Dict[str, t.Any] = {}
|
|
1937
2015
|
__query: t.Dict[str, t.Any] = {}
|
|
1938
|
-
if
|
|
1939
|
-
__body["email"] = email
|
|
1940
|
-
if enabled is not None:
|
|
1941
|
-
__body["enabled"] = enabled
|
|
2016
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
1942
2017
|
if error_trace is not None:
|
|
1943
2018
|
__query["error_trace"] = error_trace
|
|
1944
2019
|
if filter_path is not None:
|
|
1945
2020
|
__query["filter_path"] = filter_path
|
|
1946
|
-
if full_name is not None:
|
|
1947
|
-
__body["full_name"] = full_name
|
|
1948
2021
|
if human is not None:
|
|
1949
2022
|
__query["human"] = human
|
|
1950
|
-
if metadata is not None:
|
|
1951
|
-
__body["metadata"] = metadata
|
|
1952
|
-
if password is not None:
|
|
1953
|
-
__body["password"] = password
|
|
1954
|
-
if password_hash is not None:
|
|
1955
|
-
__body["password_hash"] = password_hash
|
|
1956
2023
|
if pretty is not None:
|
|
1957
2024
|
__query["pretty"] = pretty
|
|
1958
2025
|
if refresh is not None:
|
|
1959
2026
|
__query["refresh"] = refresh
|
|
1960
|
-
if
|
|
1961
|
-
|
|
2027
|
+
if not __body:
|
|
2028
|
+
if email is not None:
|
|
2029
|
+
__body["email"] = email
|
|
2030
|
+
if enabled is not None:
|
|
2031
|
+
__body["enabled"] = enabled
|
|
2032
|
+
if full_name is not None:
|
|
2033
|
+
__body["full_name"] = full_name
|
|
2034
|
+
if metadata is not None:
|
|
2035
|
+
__body["metadata"] = metadata
|
|
2036
|
+
if password is not None:
|
|
2037
|
+
__body["password"] = password
|
|
2038
|
+
if password_hash is not None:
|
|
2039
|
+
__body["password_hash"] = password_hash
|
|
2040
|
+
if roles is not None:
|
|
2041
|
+
__body["roles"] = roles
|
|
1962
2042
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
1963
2043
|
return self.perform_request( # type: ignore[return-value]
|
|
1964
2044
|
"PUT", __path, params=__query, headers=__headers, body=__body
|
|
1965
2045
|
)
|
|
1966
2046
|
|
|
1967
2047
|
@_rewrite_parameters(
|
|
1968
|
-
body_fields=
|
|
2048
|
+
body_fields=("from_", "query", "search_after", "size", "sort"),
|
|
1969
2049
|
parameter_aliases={"from": "from_"},
|
|
1970
2050
|
)
|
|
1971
2051
|
def query_api_keys(
|
|
@@ -1988,11 +2068,12 @@ class SecurityClient(NamespacedClient):
|
|
|
1988
2068
|
]
|
|
1989
2069
|
] = None,
|
|
1990
2070
|
with_limited_by: t.Optional[bool] = None,
|
|
2071
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
1991
2072
|
) -> ObjectApiResponse[t.Any]:
|
|
1992
2073
|
"""
|
|
1993
2074
|
Retrieves information for API keys using a subset of query DSL
|
|
1994
2075
|
|
|
1995
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2076
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-query-api-key.html>`_
|
|
1996
2077
|
|
|
1997
2078
|
:param from_: Starting document offset. By default, you cannot page through more
|
|
1998
2079
|
than 10,000 hits using the from and size parameters. To page through more
|
|
@@ -2014,7 +2095,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2014
2095
|
"""
|
|
2015
2096
|
__path = "/_security/_query/api_key"
|
|
2016
2097
|
__query: t.Dict[str, t.Any] = {}
|
|
2017
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2098
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2018
2099
|
# The 'sort' parameter with a colon can't be encoded to the body.
|
|
2019
2100
|
if sort is not None and (
|
|
2020
2101
|
(isinstance(sort, str) and ":" in sort)
|
|
@@ -2030,22 +2111,23 @@ class SecurityClient(NamespacedClient):
|
|
|
2030
2111
|
__query["error_trace"] = error_trace
|
|
2031
2112
|
if filter_path is not None:
|
|
2032
2113
|
__query["filter_path"] = filter_path
|
|
2033
|
-
if from_ is not None:
|
|
2034
|
-
__body["from"] = from_
|
|
2035
2114
|
if human is not None:
|
|
2036
2115
|
__query["human"] = human
|
|
2037
2116
|
if pretty is not None:
|
|
2038
2117
|
__query["pretty"] = pretty
|
|
2039
|
-
if query is not None:
|
|
2040
|
-
__body["query"] = query
|
|
2041
|
-
if search_after is not None:
|
|
2042
|
-
__body["search_after"] = search_after
|
|
2043
|
-
if size is not None:
|
|
2044
|
-
__body["size"] = size
|
|
2045
|
-
if sort is not None:
|
|
2046
|
-
__body["sort"] = sort
|
|
2047
2118
|
if with_limited_by is not None:
|
|
2048
2119
|
__query["with_limited_by"] = with_limited_by
|
|
2120
|
+
if not __body:
|
|
2121
|
+
if from_ is not None:
|
|
2122
|
+
__body["from"] = from_
|
|
2123
|
+
if query is not None:
|
|
2124
|
+
__body["query"] = query
|
|
2125
|
+
if search_after is not None:
|
|
2126
|
+
__body["search_after"] = search_after
|
|
2127
|
+
if size is not None:
|
|
2128
|
+
__body["size"] = size
|
|
2129
|
+
if sort is not None:
|
|
2130
|
+
__body["sort"] = sort
|
|
2049
2131
|
if not __body:
|
|
2050
2132
|
__body = None # type: ignore[assignment]
|
|
2051
2133
|
__headers = {"accept": "application/json"}
|
|
@@ -2056,24 +2138,25 @@ class SecurityClient(NamespacedClient):
|
|
|
2056
2138
|
)
|
|
2057
2139
|
|
|
2058
2140
|
@_rewrite_parameters(
|
|
2059
|
-
body_fields=
|
|
2141
|
+
body_fields=("content", "ids", "realm"),
|
|
2060
2142
|
)
|
|
2061
2143
|
def saml_authenticate(
|
|
2062
2144
|
self,
|
|
2063
2145
|
*,
|
|
2064
|
-
content: str,
|
|
2065
|
-
ids: t.Union[str, t.Sequence[str]],
|
|
2146
|
+
content: t.Optional[str] = None,
|
|
2147
|
+
ids: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2066
2148
|
error_trace: t.Optional[bool] = None,
|
|
2067
2149
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2068
2150
|
human: t.Optional[bool] = None,
|
|
2069
2151
|
pretty: t.Optional[bool] = None,
|
|
2070
2152
|
realm: t.Optional[str] = None,
|
|
2153
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2071
2154
|
) -> ObjectApiResponse[t.Any]:
|
|
2072
2155
|
"""
|
|
2073
2156
|
Exchanges a SAML Response message for an Elasticsearch access token and refresh
|
|
2074
2157
|
token pair
|
|
2075
2158
|
|
|
2076
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2159
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-authenticate.html>`_
|
|
2077
2160
|
|
|
2078
2161
|
:param content: The SAML response as it was sent by the user’s browser, usually
|
|
2079
2162
|
a Base64 encoded XML document.
|
|
@@ -2082,17 +2165,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2082
2165
|
:param realm: The name of the realm that should authenticate the SAML response.
|
|
2083
2166
|
Useful in cases where many SAML realms are defined.
|
|
2084
2167
|
"""
|
|
2085
|
-
if content is None:
|
|
2168
|
+
if content is None and body is None:
|
|
2086
2169
|
raise ValueError("Empty value passed for parameter 'content'")
|
|
2087
|
-
if ids is None:
|
|
2170
|
+
if ids is None and body is None:
|
|
2088
2171
|
raise ValueError("Empty value passed for parameter 'ids'")
|
|
2089
2172
|
__path = "/_security/saml/authenticate"
|
|
2090
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2091
2173
|
__query: t.Dict[str, t.Any] = {}
|
|
2092
|
-
if
|
|
2093
|
-
__body["content"] = content
|
|
2094
|
-
if ids is not None:
|
|
2095
|
-
__body["ids"] = ids
|
|
2174
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2096
2175
|
if error_trace is not None:
|
|
2097
2176
|
__query["error_trace"] = error_trace
|
|
2098
2177
|
if filter_path is not None:
|
|
@@ -2101,32 +2180,38 @@ class SecurityClient(NamespacedClient):
|
|
|
2101
2180
|
__query["human"] = human
|
|
2102
2181
|
if pretty is not None:
|
|
2103
2182
|
__query["pretty"] = pretty
|
|
2104
|
-
if
|
|
2105
|
-
|
|
2183
|
+
if not __body:
|
|
2184
|
+
if content is not None:
|
|
2185
|
+
__body["content"] = content
|
|
2186
|
+
if ids is not None:
|
|
2187
|
+
__body["ids"] = ids
|
|
2188
|
+
if realm is not None:
|
|
2189
|
+
__body["realm"] = realm
|
|
2106
2190
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2107
2191
|
return self.perform_request( # type: ignore[return-value]
|
|
2108
2192
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2109
2193
|
)
|
|
2110
2194
|
|
|
2111
2195
|
@_rewrite_parameters(
|
|
2112
|
-
body_fields=
|
|
2196
|
+
body_fields=("ids", "realm", "content", "query_string"),
|
|
2113
2197
|
)
|
|
2114
2198
|
def saml_complete_logout(
|
|
2115
2199
|
self,
|
|
2116
2200
|
*,
|
|
2117
|
-
ids: t.Union[str, t.Sequence[str]],
|
|
2118
|
-
realm: str,
|
|
2201
|
+
ids: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2202
|
+
realm: t.Optional[str] = None,
|
|
2119
2203
|
content: t.Optional[str] = None,
|
|
2120
2204
|
error_trace: t.Optional[bool] = None,
|
|
2121
2205
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2122
2206
|
human: t.Optional[bool] = None,
|
|
2123
2207
|
pretty: t.Optional[bool] = None,
|
|
2124
2208
|
query_string: t.Optional[str] = None,
|
|
2209
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2125
2210
|
) -> ObjectApiResponse[t.Any]:
|
|
2126
2211
|
"""
|
|
2127
2212
|
Verifies the logout response sent from the SAML IdP
|
|
2128
2213
|
|
|
2129
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2214
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-complete-logout.html>`_
|
|
2130
2215
|
|
|
2131
2216
|
:param ids: A json array with all the valid SAML Request Ids that the caller
|
|
2132
2217
|
of the API has for the current user.
|
|
@@ -2138,19 +2223,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2138
2223
|
:param query_string: If the SAML IdP sends the logout response with the HTTP-Redirect
|
|
2139
2224
|
binding, this field must be set to the query string of the redirect URI.
|
|
2140
2225
|
"""
|
|
2141
|
-
if ids is None:
|
|
2226
|
+
if ids is None and body is None:
|
|
2142
2227
|
raise ValueError("Empty value passed for parameter 'ids'")
|
|
2143
|
-
if realm is None:
|
|
2228
|
+
if realm is None and body is None:
|
|
2144
2229
|
raise ValueError("Empty value passed for parameter 'realm'")
|
|
2145
2230
|
__path = "/_security/saml/complete_logout"
|
|
2146
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2147
2231
|
__query: t.Dict[str, t.Any] = {}
|
|
2148
|
-
if
|
|
2149
|
-
__body["ids"] = ids
|
|
2150
|
-
if realm is not None:
|
|
2151
|
-
__body["realm"] = realm
|
|
2152
|
-
if content is not None:
|
|
2153
|
-
__body["content"] = content
|
|
2232
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2154
2233
|
if error_trace is not None:
|
|
2155
2234
|
__query["error_trace"] = error_trace
|
|
2156
2235
|
if filter_path is not None:
|
|
@@ -2159,31 +2238,39 @@ class SecurityClient(NamespacedClient):
|
|
|
2159
2238
|
__query["human"] = human
|
|
2160
2239
|
if pretty is not None:
|
|
2161
2240
|
__query["pretty"] = pretty
|
|
2162
|
-
if
|
|
2163
|
-
|
|
2241
|
+
if not __body:
|
|
2242
|
+
if ids is not None:
|
|
2243
|
+
__body["ids"] = ids
|
|
2244
|
+
if realm is not None:
|
|
2245
|
+
__body["realm"] = realm
|
|
2246
|
+
if content is not None:
|
|
2247
|
+
__body["content"] = content
|
|
2248
|
+
if query_string is not None:
|
|
2249
|
+
__body["query_string"] = query_string
|
|
2164
2250
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2165
2251
|
return self.perform_request( # type: ignore[return-value]
|
|
2166
2252
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2167
2253
|
)
|
|
2168
2254
|
|
|
2169
2255
|
@_rewrite_parameters(
|
|
2170
|
-
body_fields=
|
|
2256
|
+
body_fields=("query_string", "acs", "realm"),
|
|
2171
2257
|
)
|
|
2172
2258
|
def saml_invalidate(
|
|
2173
2259
|
self,
|
|
2174
2260
|
*,
|
|
2175
|
-
query_string: str,
|
|
2261
|
+
query_string: t.Optional[str] = None,
|
|
2176
2262
|
acs: t.Optional[str] = None,
|
|
2177
2263
|
error_trace: t.Optional[bool] = None,
|
|
2178
2264
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2179
2265
|
human: t.Optional[bool] = None,
|
|
2180
2266
|
pretty: t.Optional[bool] = None,
|
|
2181
2267
|
realm: t.Optional[str] = None,
|
|
2268
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2182
2269
|
) -> ObjectApiResponse[t.Any]:
|
|
2183
2270
|
"""
|
|
2184
2271
|
Consumes a SAML LogoutRequest
|
|
2185
2272
|
|
|
2186
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2273
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-invalidate.html>`_
|
|
2187
2274
|
|
|
2188
2275
|
:param query_string: The query part of the URL that the user was redirected to
|
|
2189
2276
|
by the SAML IdP to initiate the Single Logout. This query should include
|
|
@@ -2201,15 +2288,11 @@ class SecurityClient(NamespacedClient):
|
|
|
2201
2288
|
:param realm: The name of the SAML realm in Elasticsearch the configuration.
|
|
2202
2289
|
You must specify either this parameter or the acs parameter.
|
|
2203
2290
|
"""
|
|
2204
|
-
if query_string is None:
|
|
2291
|
+
if query_string is None and body is None:
|
|
2205
2292
|
raise ValueError("Empty value passed for parameter 'query_string'")
|
|
2206
2293
|
__path = "/_security/saml/invalidate"
|
|
2207
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2208
2294
|
__query: t.Dict[str, t.Any] = {}
|
|
2209
|
-
if
|
|
2210
|
-
__body["query_string"] = query_string
|
|
2211
|
-
if acs is not None:
|
|
2212
|
-
__body["acs"] = acs
|
|
2295
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2213
2296
|
if error_trace is not None:
|
|
2214
2297
|
__query["error_trace"] = error_trace
|
|
2215
2298
|
if filter_path is not None:
|
|
@@ -2218,31 +2301,37 @@ class SecurityClient(NamespacedClient):
|
|
|
2218
2301
|
__query["human"] = human
|
|
2219
2302
|
if pretty is not None:
|
|
2220
2303
|
__query["pretty"] = pretty
|
|
2221
|
-
if
|
|
2222
|
-
|
|
2304
|
+
if not __body:
|
|
2305
|
+
if query_string is not None:
|
|
2306
|
+
__body["query_string"] = query_string
|
|
2307
|
+
if acs is not None:
|
|
2308
|
+
__body["acs"] = acs
|
|
2309
|
+
if realm is not None:
|
|
2310
|
+
__body["realm"] = realm
|
|
2223
2311
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2224
2312
|
return self.perform_request( # type: ignore[return-value]
|
|
2225
2313
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2226
2314
|
)
|
|
2227
2315
|
|
|
2228
2316
|
@_rewrite_parameters(
|
|
2229
|
-
body_fields=
|
|
2317
|
+
body_fields=("token", "refresh_token"),
|
|
2230
2318
|
)
|
|
2231
2319
|
def saml_logout(
|
|
2232
2320
|
self,
|
|
2233
2321
|
*,
|
|
2234
|
-
token: str,
|
|
2322
|
+
token: t.Optional[str] = None,
|
|
2235
2323
|
error_trace: t.Optional[bool] = None,
|
|
2236
2324
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2237
2325
|
human: t.Optional[bool] = None,
|
|
2238
2326
|
pretty: t.Optional[bool] = None,
|
|
2239
2327
|
refresh_token: t.Optional[str] = None,
|
|
2328
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2240
2329
|
) -> ObjectApiResponse[t.Any]:
|
|
2241
2330
|
"""
|
|
2242
2331
|
Invalidates an access token and a refresh token that were generated via the SAML
|
|
2243
2332
|
Authenticate API
|
|
2244
2333
|
|
|
2245
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2334
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-logout.html>`_
|
|
2246
2335
|
|
|
2247
2336
|
:param token: The access token that was returned as a response to calling the
|
|
2248
2337
|
SAML authenticate API. Alternatively, the most recent token that was received
|
|
@@ -2251,13 +2340,11 @@ class SecurityClient(NamespacedClient):
|
|
|
2251
2340
|
the SAML authenticate API. Alternatively, the most recent refresh token that
|
|
2252
2341
|
was received after refreshing the original access token.
|
|
2253
2342
|
"""
|
|
2254
|
-
if token is None:
|
|
2343
|
+
if token is None and body is None:
|
|
2255
2344
|
raise ValueError("Empty value passed for parameter 'token'")
|
|
2256
2345
|
__path = "/_security/saml/logout"
|
|
2257
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2258
2346
|
__query: t.Dict[str, t.Any] = {}
|
|
2259
|
-
if
|
|
2260
|
-
__body["token"] = token
|
|
2347
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2261
2348
|
if error_trace is not None:
|
|
2262
2349
|
__query["error_trace"] = error_trace
|
|
2263
2350
|
if filter_path is not None:
|
|
@@ -2266,15 +2353,18 @@ class SecurityClient(NamespacedClient):
|
|
|
2266
2353
|
__query["human"] = human
|
|
2267
2354
|
if pretty is not None:
|
|
2268
2355
|
__query["pretty"] = pretty
|
|
2269
|
-
if
|
|
2270
|
-
|
|
2356
|
+
if not __body:
|
|
2357
|
+
if token is not None:
|
|
2358
|
+
__body["token"] = token
|
|
2359
|
+
if refresh_token is not None:
|
|
2360
|
+
__body["refresh_token"] = refresh_token
|
|
2271
2361
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2272
2362
|
return self.perform_request( # type: ignore[return-value]
|
|
2273
2363
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
2274
2364
|
)
|
|
2275
2365
|
|
|
2276
2366
|
@_rewrite_parameters(
|
|
2277
|
-
body_fields=
|
|
2367
|
+
body_fields=("acs", "realm", "relay_state"),
|
|
2278
2368
|
)
|
|
2279
2369
|
def saml_prepare_authentication(
|
|
2280
2370
|
self,
|
|
@@ -2286,11 +2376,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2286
2376
|
pretty: t.Optional[bool] = None,
|
|
2287
2377
|
realm: t.Optional[str] = None,
|
|
2288
2378
|
relay_state: t.Optional[str] = None,
|
|
2379
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2289
2380
|
) -> ObjectApiResponse[t.Any]:
|
|
2290
2381
|
"""
|
|
2291
2382
|
Creates a SAML authentication request
|
|
2292
2383
|
|
|
2293
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2384
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-prepare-authentication.html>`_
|
|
2294
2385
|
|
|
2295
2386
|
:param acs: The Assertion Consumer Service URL that matches the one of the SAML
|
|
2296
2387
|
realms in Elasticsearch. The realm is used to generate the authentication
|
|
@@ -2303,10 +2394,8 @@ class SecurityClient(NamespacedClient):
|
|
|
2303
2394
|
is signed, this value is used as part of the signature computation.
|
|
2304
2395
|
"""
|
|
2305
2396
|
__path = "/_security/saml/prepare"
|
|
2306
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2307
2397
|
__query: t.Dict[str, t.Any] = {}
|
|
2308
|
-
if
|
|
2309
|
-
__body["acs"] = acs
|
|
2398
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2310
2399
|
if error_trace is not None:
|
|
2311
2400
|
__query["error_trace"] = error_trace
|
|
2312
2401
|
if filter_path is not None:
|
|
@@ -2315,10 +2404,13 @@ class SecurityClient(NamespacedClient):
|
|
|
2315
2404
|
__query["human"] = human
|
|
2316
2405
|
if pretty is not None:
|
|
2317
2406
|
__query["pretty"] = pretty
|
|
2318
|
-
if
|
|
2319
|
-
|
|
2320
|
-
|
|
2321
|
-
|
|
2407
|
+
if not __body:
|
|
2408
|
+
if acs is not None:
|
|
2409
|
+
__body["acs"] = acs
|
|
2410
|
+
if realm is not None:
|
|
2411
|
+
__body["realm"] = realm
|
|
2412
|
+
if relay_state is not None:
|
|
2413
|
+
__body["relay_state"] = relay_state
|
|
2322
2414
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2323
2415
|
return self.perform_request( # type: ignore[return-value]
|
|
2324
2416
|
"POST", __path, params=__query, headers=__headers, body=__body
|
|
@@ -2337,7 +2429,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2337
2429
|
"""
|
|
2338
2430
|
Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider
|
|
2339
2431
|
|
|
2340
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2432
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-saml-sp-metadata.html>`_
|
|
2341
2433
|
|
|
2342
2434
|
:param realm_name: The name of the SAML realm in Elasticsearch.
|
|
2343
2435
|
"""
|
|
@@ -2359,7 +2451,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2359
2451
|
)
|
|
2360
2452
|
|
|
2361
2453
|
@_rewrite_parameters(
|
|
2362
|
-
body_fields=
|
|
2454
|
+
body_fields=("data", "hint", "name", "size"),
|
|
2363
2455
|
)
|
|
2364
2456
|
def suggest_user_profiles(
|
|
2365
2457
|
self,
|
|
@@ -2372,11 +2464,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2372
2464
|
name: t.Optional[str] = None,
|
|
2373
2465
|
pretty: t.Optional[bool] = None,
|
|
2374
2466
|
size: t.Optional[int] = None,
|
|
2467
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2375
2468
|
) -> ObjectApiResponse[t.Any]:
|
|
2376
2469
|
"""
|
|
2377
2470
|
Get suggestions for user profiles that match specified search criteria.
|
|
2378
2471
|
|
|
2379
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2472
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-suggest-user-profile.html>`_
|
|
2380
2473
|
|
|
2381
2474
|
:param data: List of filters for the `data` field of the profile document. To
|
|
2382
2475
|
return all content use `data=*`. To return a subset of content use `data=<key>`
|
|
@@ -2391,24 +2484,25 @@ class SecurityClient(NamespacedClient):
|
|
|
2391
2484
|
:param size: Number of profiles to return.
|
|
2392
2485
|
"""
|
|
2393
2486
|
__path = "/_security/profile/_suggest"
|
|
2394
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2395
2487
|
__query: t.Dict[str, t.Any] = {}
|
|
2396
|
-
if
|
|
2397
|
-
__body["data"] = data
|
|
2488
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2398
2489
|
if error_trace is not None:
|
|
2399
2490
|
__query["error_trace"] = error_trace
|
|
2400
2491
|
if filter_path is not None:
|
|
2401
2492
|
__query["filter_path"] = filter_path
|
|
2402
|
-
if hint is not None:
|
|
2403
|
-
__body["hint"] = hint
|
|
2404
2493
|
if human is not None:
|
|
2405
2494
|
__query["human"] = human
|
|
2406
|
-
if name is not None:
|
|
2407
|
-
__body["name"] = name
|
|
2408
2495
|
if pretty is not None:
|
|
2409
2496
|
__query["pretty"] = pretty
|
|
2410
|
-
if
|
|
2411
|
-
|
|
2497
|
+
if not __body:
|
|
2498
|
+
if data is not None:
|
|
2499
|
+
__body["data"] = data
|
|
2500
|
+
if hint is not None:
|
|
2501
|
+
__body["hint"] = hint
|
|
2502
|
+
if name is not None:
|
|
2503
|
+
__body["name"] = name
|
|
2504
|
+
if size is not None:
|
|
2505
|
+
__body["size"] = size
|
|
2412
2506
|
if not __body:
|
|
2413
2507
|
__body = None # type: ignore[assignment]
|
|
2414
2508
|
__headers = {"accept": "application/json"}
|
|
@@ -2419,25 +2513,28 @@ class SecurityClient(NamespacedClient):
|
|
|
2419
2513
|
)
|
|
2420
2514
|
|
|
2421
2515
|
@_rewrite_parameters(
|
|
2422
|
-
body_fields=
|
|
2516
|
+
body_fields=("expiration", "metadata", "role_descriptors"),
|
|
2423
2517
|
)
|
|
2424
2518
|
def update_api_key(
|
|
2425
2519
|
self,
|
|
2426
2520
|
*,
|
|
2427
2521
|
id: str,
|
|
2428
2522
|
error_trace: t.Optional[bool] = None,
|
|
2523
|
+
expiration: t.Optional[t.Union["t.Literal[-1]", "t.Literal[0]", str]] = None,
|
|
2429
2524
|
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
|
|
2430
2525
|
human: t.Optional[bool] = None,
|
|
2431
2526
|
metadata: t.Optional[t.Mapping[str, t.Any]] = None,
|
|
2432
2527
|
pretty: t.Optional[bool] = None,
|
|
2433
2528
|
role_descriptors: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
|
|
2529
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2434
2530
|
) -> ObjectApiResponse[t.Any]:
|
|
2435
2531
|
"""
|
|
2436
2532
|
Updates attributes of an existing API key.
|
|
2437
2533
|
|
|
2438
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2534
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-update-api-key.html>`_
|
|
2439
2535
|
|
|
2440
2536
|
:param id: The ID of the API key to update.
|
|
2537
|
+
:param expiration: Expiration time for the API key.
|
|
2441
2538
|
:param metadata: Arbitrary metadata that you want to associate with the API key.
|
|
2442
2539
|
It supports nested data structure. Within the metadata object, keys beginning
|
|
2443
2540
|
with _ are reserved for system usage.
|
|
@@ -2454,19 +2551,22 @@ class SecurityClient(NamespacedClient):
|
|
|
2454
2551
|
raise ValueError("Empty value passed for parameter 'id'")
|
|
2455
2552
|
__path = f"/_security/api_key/{_quote(id)}"
|
|
2456
2553
|
__query: t.Dict[str, t.Any] = {}
|
|
2457
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2554
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2458
2555
|
if error_trace is not None:
|
|
2459
2556
|
__query["error_trace"] = error_trace
|
|
2460
2557
|
if filter_path is not None:
|
|
2461
2558
|
__query["filter_path"] = filter_path
|
|
2462
2559
|
if human is not None:
|
|
2463
2560
|
__query["human"] = human
|
|
2464
|
-
if metadata is not None:
|
|
2465
|
-
__body["metadata"] = metadata
|
|
2466
2561
|
if pretty is not None:
|
|
2467
2562
|
__query["pretty"] = pretty
|
|
2468
|
-
if
|
|
2469
|
-
|
|
2563
|
+
if not __body:
|
|
2564
|
+
if expiration is not None:
|
|
2565
|
+
__body["expiration"] = expiration
|
|
2566
|
+
if metadata is not None:
|
|
2567
|
+
__body["metadata"] = metadata
|
|
2568
|
+
if role_descriptors is not None:
|
|
2569
|
+
__body["role_descriptors"] = role_descriptors
|
|
2470
2570
|
if not __body:
|
|
2471
2571
|
__body = None # type: ignore[assignment]
|
|
2472
2572
|
__headers = {"accept": "application/json"}
|
|
@@ -2477,7 +2577,7 @@ class SecurityClient(NamespacedClient):
|
|
|
2477
2577
|
)
|
|
2478
2578
|
|
|
2479
2579
|
@_rewrite_parameters(
|
|
2480
|
-
body_fields=
|
|
2580
|
+
body_fields=("data", "labels"),
|
|
2481
2581
|
)
|
|
2482
2582
|
def update_user_profile_data(
|
|
2483
2583
|
self,
|
|
@@ -2494,11 +2594,12 @@ class SecurityClient(NamespacedClient):
|
|
|
2494
2594
|
refresh: t.Optional[
|
|
2495
2595
|
t.Union["t.Literal['false', 'true', 'wait_for']", bool, str]
|
|
2496
2596
|
] = None,
|
|
2597
|
+
body: t.Optional[t.Dict[str, t.Any]] = None,
|
|
2497
2598
|
) -> ObjectApiResponse[t.Any]:
|
|
2498
2599
|
"""
|
|
2499
2600
|
Update application specific data for the user profile of the given unique ID.
|
|
2500
2601
|
|
|
2501
|
-
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.
|
|
2602
|
+
`<https://www.elastic.co/guide/en/elasticsearch/reference/8.12/security-api-update-user-profile-data.html>`_
|
|
2502
2603
|
|
|
2503
2604
|
:param uid: A unique identifier for the user profile.
|
|
2504
2605
|
:param data: Non-searchable data that you want to associate with the user profile.
|
|
@@ -2516,10 +2617,8 @@ class SecurityClient(NamespacedClient):
|
|
|
2516
2617
|
if uid in SKIP_IN_PATH:
|
|
2517
2618
|
raise ValueError("Empty value passed for parameter 'uid'")
|
|
2518
2619
|
__path = f"/_security/profile/{_quote(uid)}/_data"
|
|
2519
|
-
__body: t.Dict[str, t.Any] = {}
|
|
2520
2620
|
__query: t.Dict[str, t.Any] = {}
|
|
2521
|
-
if
|
|
2522
|
-
__body["data"] = data
|
|
2621
|
+
__body: t.Dict[str, t.Any] = body if body is not None else {}
|
|
2523
2622
|
if error_trace is not None:
|
|
2524
2623
|
__query["error_trace"] = error_trace
|
|
2525
2624
|
if filter_path is not None:
|
|
@@ -2530,12 +2629,15 @@ class SecurityClient(NamespacedClient):
|
|
|
2530
2629
|
__query["if_primary_term"] = if_primary_term
|
|
2531
2630
|
if if_seq_no is not None:
|
|
2532
2631
|
__query["if_seq_no"] = if_seq_no
|
|
2533
|
-
if labels is not None:
|
|
2534
|
-
__body["labels"] = labels
|
|
2535
2632
|
if pretty is not None:
|
|
2536
2633
|
__query["pretty"] = pretty
|
|
2537
2634
|
if refresh is not None:
|
|
2538
2635
|
__query["refresh"] = refresh
|
|
2636
|
+
if not __body:
|
|
2637
|
+
if data is not None:
|
|
2638
|
+
__body["data"] = data
|
|
2639
|
+
if labels is not None:
|
|
2640
|
+
__body["labels"] = labels
|
|
2539
2641
|
__headers = {"accept": "application/json", "content-type": "application/json"}
|
|
2540
2642
|
return self.perform_request( # type: ignore[return-value]
|
|
2541
2643
|
"PUT", __path, params=__query, headers=__headers, body=__body
|