From 86e050b4ee3b1d35b329e21716df52beff1bd254 Mon Sep 17 00:00:00 2001 From: Elastic Machine Date: Mon, 14 Oct 2024 15:22:56 +0200 Subject: [PATCH] Auto-generated code for main (#90) Auto-generated API code --- .../_async/client/enrich.py | 36 -- .../_async/client/indices.py | 160 --------- .../_async/client/security.py | 315 ++++++++++++++++++ .../_sync/client/enrich.py | 36 -- .../_sync/client/indices.py | 160 --------- .../_sync/client/security.py | 315 ++++++++++++++++++ 6 files changed, 630 insertions(+), 392 deletions(-) diff --git a/elasticsearch_serverless/_async/client/enrich.py b/elasticsearch_serverless/_async/client/enrich.py index 6663826..f884076 100644 --- a/elasticsearch_serverless/_async/client/enrich.py +++ b/elasticsearch_serverless/_async/client/enrich.py @@ -213,39 +213,3 @@ async def put_policy( endpoint_id="enrich.put_policy", path_parts=__path_parts, ) - - @_rewrite_parameters() - async def stats( - self, - *, - error_trace: t.Optional[bool] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - pretty: t.Optional[bool] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Get enrich stats. Returns enrich coordinator statistics and information about - enrich policies that are currently executing. - - ``_ - """ - __path_parts: t.Dict[str, str] = {} - __path = "/_enrich/_stats" - __query: t.Dict[str, t.Any] = {} - if error_trace is not None: - __query["error_trace"] = error_trace - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if pretty is not None: - __query["pretty"] = pretty - __headers = {"accept": "application/json"} - return await self.perform_request( # type: ignore[return-value] - "GET", - __path, - params=__query, - headers=__headers, - endpoint_id="enrich.stats", - path_parts=__path_parts, - ) diff --git a/elasticsearch_serverless/_async/client/indices.py b/elasticsearch_serverless/_async/client/indices.py index b992182..4562271 100644 --- a/elasticsearch_serverless/_async/client/indices.py +++ b/elasticsearch_serverless/_async/client/indices.py @@ -487,68 +487,6 @@ async def delete_alias( path_parts=__path_parts, ) - @_rewrite_parameters() - async def delete_data_lifecycle( - self, - *, - name: t.Union[str, t.Sequence[str]], - error_trace: t.Optional[bool] = None, - expand_wildcards: t.Optional[ - t.Union[ - t.Sequence[ - t.Union[str, t.Literal["all", "closed", "hidden", "none", "open"]] - ], - t.Union[str, t.Literal["all", "closed", "hidden", "none", "open"]], - ] - ] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - master_timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - pretty: t.Optional[bool] = None, - timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Delete data stream lifecycles. Removes the data stream lifecycle from a data - stream, rendering it not managed by the data stream lifecycle. - - ``_ - - :param name: A comma-separated list of data streams of which the data stream - lifecycle will be deleted; use `*` to get all data streams - :param expand_wildcards: Whether wildcard expressions should get expanded to - open or closed indices (default: open) - :param master_timeout: Specify timeout for connection to master - :param timeout: Explicit timestamp for the document - """ - if name in SKIP_IN_PATH: - raise ValueError("Empty value passed for parameter 'name'") - __path_parts: t.Dict[str, str] = {"name": _quote(name)} - __path = f'/_data_stream/{__path_parts["name"]}/_lifecycle' - __query: t.Dict[str, t.Any] = {} - if error_trace is not None: - __query["error_trace"] = error_trace - if expand_wildcards is not None: - __query["expand_wildcards"] = expand_wildcards - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if master_timeout is not None: - __query["master_timeout"] = master_timeout - if pretty is not None: - __query["pretty"] = pretty - if timeout is not None: - __query["timeout"] = timeout - __headers = {"accept": "application/json"} - return await self.perform_request( # type: ignore[return-value] - "DELETE", - __path, - params=__query, - headers=__headers, - endpoint_id="indices.delete_data_lifecycle", - path_parts=__path_parts, - ) - @_rewrite_parameters() async def delete_data_stream( self, @@ -2196,104 +2134,6 @@ async def put_settings( path_parts=__path_parts, ) - @_rewrite_parameters( - body_fields=( - "aliases", - "index_patterns", - "mappings", - "order", - "settings", - "version", - ), - ) - async def put_template( - self, - *, - name: str, - aliases: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None, - cause: t.Optional[str] = None, - create: t.Optional[bool] = None, - error_trace: t.Optional[bool] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - index_patterns: t.Optional[t.Union[str, t.Sequence[str]]] = None, - mappings: t.Optional[t.Mapping[str, t.Any]] = None, - master_timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - order: t.Optional[int] = None, - pretty: t.Optional[bool] = None, - settings: t.Optional[t.Mapping[str, t.Any]] = None, - version: t.Optional[int] = None, - body: t.Optional[t.Dict[str, t.Any]] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Create or update an index template. Index templates define settings, mappings, - and aliases that can be applied automatically to new indices. - - ``_ - - :param name: The name of the template - :param aliases: Aliases for the index. - :param cause: - :param create: If true, this request cannot replace or update existing index - templates. - :param index_patterns: Array of wildcard expressions used to match the names - of indices during creation. - :param mappings: Mapping for fields in the index. - :param master_timeout: Period to wait for a connection to the master node. If - no response is received before the timeout expires, the request fails and - returns an error. - :param order: Order in which Elasticsearch applies this template if index matches - multiple templates. Templates with lower 'order' values are merged first. - Templates with higher 'order' values are merged later, overriding templates - with lower values. - :param settings: Configuration options for the index. - :param version: Version number used to manage index templates externally. This - number is not automatically generated by Elasticsearch. - """ - if name in SKIP_IN_PATH: - raise ValueError("Empty value passed for parameter 'name'") - __path_parts: t.Dict[str, str] = {"name": _quote(name)} - __path = f'/_template/{__path_parts["name"]}' - __query: t.Dict[str, t.Any] = {} - __body: t.Dict[str, t.Any] = body if body is not None else {} - if cause is not None: - __query["cause"] = cause - if create is not None: - __query["create"] = create - if error_trace is not None: - __query["error_trace"] = error_trace - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if master_timeout is not None: - __query["master_timeout"] = master_timeout - if pretty is not None: - __query["pretty"] = pretty - if not __body: - if aliases is not None: - __body["aliases"] = aliases - if index_patterns is not None: - __body["index_patterns"] = index_patterns - if mappings is not None: - __body["mappings"] = mappings - if order is not None: - __body["order"] = order - if settings is not None: - __body["settings"] = settings - if version is not None: - __body["version"] = version - __headers = {"accept": "application/json", "content-type": "application/json"} - return await self.perform_request( # type: ignore[return-value] - "PUT", - __path, - params=__query, - headers=__headers, - body=__body, - endpoint_id="indices.put_template", - path_parts=__path_parts, - ) - @_rewrite_parameters() async def refresh( self, diff --git a/elasticsearch_serverless/_async/client/security.py b/elasticsearch_serverless/_async/client/security.py index 761dc6a..7d48c06 100644 --- a/elasticsearch_serverless/_async/client/security.py +++ b/elasticsearch_serverless/_async/client/security.py @@ -145,6 +145,54 @@ async def create_api_key( path_parts=__path_parts, ) + @_rewrite_parameters() + async def delete_role( + self, + *, + name: str, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + refresh: t.Optional[ + t.Union[bool, str, t.Literal["false", "true", "wait_for"]] + ] = None, + ) -> ObjectApiResponse[t.Any]: + """ + Removes roles in the native realm. + + ``_ + + :param name: Role name + :param refresh: If `true` (the default) then refresh the affected shards to make + this operation visible to search, if `wait_for` then wait for a refresh to + make this operation visible to search, if `false` then do nothing with refreshes. + """ + if name in SKIP_IN_PATH: + raise ValueError("Empty value passed for parameter 'name'") + __path_parts: t.Dict[str, str] = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + if refresh is not None: + __query["refresh"] = refresh + __headers = {"accept": "application/json"} + return await self.perform_request( # type: ignore[return-value] + "DELETE", + __path, + params=__query, + headers=__headers, + endpoint_id="security.delete_role", + path_parts=__path_parts, + ) + @_rewrite_parameters() async def get_api_key( self, @@ -231,6 +279,89 @@ async def get_api_key( path_parts=__path_parts, ) + @_rewrite_parameters() + async def get_builtin_privileges( + self, + *, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + ) -> ObjectApiResponse[t.Any]: + """ + Retrieves the list of cluster privileges and index privileges that are available + in this version of Elasticsearch. + + ``_ + """ + __path_parts: t.Dict[str, str] = {} + __path = "/_security/privilege/_builtin" + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + __headers = {"accept": "application/json"} + return await self.perform_request( # type: ignore[return-value] + "GET", + __path, + params=__query, + headers=__headers, + endpoint_id="security.get_builtin_privileges", + path_parts=__path_parts, + ) + + @_rewrite_parameters() + async def get_role( + self, + *, + name: t.Optional[t.Union[str, t.Sequence[str]]] = None, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + ) -> ObjectApiResponse[t.Any]: + """ + The role management APIs are generally the preferred way to manage roles, rather + than using file-based role management. The get roles API cannot retrieve roles + that are defined in roles files. + + ``_ + + :param name: The name of the role. You can specify multiple roles as a comma-separated + list. If you do not specify this parameter, the API returns information about + all roles. + """ + __path_parts: t.Dict[str, str] + if name not in SKIP_IN_PATH: + __path_parts = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + else: + __path_parts = {} + __path = "/_security/role" + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + __headers = {"accept": "application/json"} + return await self.perform_request( # type: ignore[return-value] + "GET", + __path, + params=__query, + headers=__headers, + endpoint_id="security.get_role", + path_parts=__path_parts, + ) + @_rewrite_parameters( body_fields=("application", "cluster", "index"), ) @@ -438,6 +569,190 @@ async def invalidate_api_key( path_parts=__path_parts, ) + @_rewrite_parameters( + body_fields=( + "applications", + "cluster", + "description", + "global_", + "indices", + "metadata", + "remote_indices", + "run_as", + "transient_metadata", + ), + parameter_aliases={"global": "global_"}, + ) + async def put_role( + self, + *, + name: str, + applications: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + cluster: t.Optional[ + t.Sequence[ + t.Union[ + str, + t.Literal[ + "all", + "cancel_task", + "create_snapshot", + "cross_cluster_replication", + "cross_cluster_search", + "delegate_pki", + "grant_api_key", + "manage", + "manage_api_key", + "manage_autoscaling", + "manage_behavioral_analytics", + "manage_ccr", + "manage_data_frame_transforms", + "manage_data_stream_global_retention", + "manage_enrich", + "manage_ilm", + "manage_index_templates", + "manage_inference", + "manage_ingest_pipelines", + "manage_logstash_pipelines", + "manage_ml", + "manage_oidc", + "manage_own_api_key", + "manage_pipeline", + "manage_rollup", + "manage_saml", + "manage_search_application", + "manage_search_query_rules", + "manage_search_synonyms", + "manage_security", + "manage_service_account", + "manage_slm", + "manage_token", + "manage_transform", + "manage_user_profile", + "manage_watcher", + "monitor", + "monitor_data_frame_transforms", + "monitor_data_stream_global_retention", + "monitor_enrich", + "monitor_inference", + "monitor_ml", + "monitor_rollup", + "monitor_snapshot", + "monitor_text_structure", + "monitor_transform", + "monitor_watcher", + "none", + "post_behavioral_analytics_event", + "read_ccr", + "read_fleet_secrets", + "read_ilm", + "read_pipeline", + "read_security", + "read_slm", + "transport_client", + "write_connector_secrets", + "write_fleet_secrets", + ], + ] + ] + ] = None, + description: t.Optional[str] = None, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + global_: t.Optional[t.Mapping[str, t.Any]] = None, + human: t.Optional[bool] = None, + indices: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + metadata: t.Optional[t.Mapping[str, t.Any]] = None, + pretty: t.Optional[bool] = None, + refresh: t.Optional[ + t.Union[bool, str, t.Literal["false", "true", "wait_for"]] + ] = None, + remote_indices: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + run_as: t.Optional[t.Sequence[str]] = None, + transient_metadata: t.Optional[t.Mapping[str, t.Any]] = None, + body: t.Optional[t.Dict[str, t.Any]] = None, + ) -> ObjectApiResponse[t.Any]: + """ + The role management APIs are generally the preferred way to manage roles, rather + than using file-based role management. The create or update roles API cannot + update roles that are defined in roles files. + + ``_ + + :param name: The name of the role that is being created or updated. On Elasticsearch + Serverless, the role name must begin with a letter or digit and can only + contain letters, digits and the characters '_', '-', and '.'. Each role must + have a unique name, as this will serve as the identifier for that role. + :param applications: A list of application privilege entries. + :param cluster: A list of cluster privileges. These privileges define the cluster-level + actions for users with this role. + :param description: Optional description of the role descriptor + :param global_: An object defining global privileges. A global privilege is a + form of cluster privilege that is request-aware. Support for global privileges + is currently limited to the management of application privileges. + :param indices: A list of indices permissions entries. + :param metadata: Optional metadata. Within the metadata object, keys that begin + with an underscore (`_`) are reserved for system use. + :param refresh: If `true` (the default) then refresh the affected shards to make + this operation visible to search, if `wait_for` then wait for a refresh to + make this operation visible to search, if `false` then do nothing with refreshes. + :param remote_indices: A list of remote indices permissions entries. + :param run_as: A list of users that the owners of this role can impersonate. + *Note*: in Serverless, the run-as feature is disabled. For API compatibility, + you can still specify an empty `run_as` field, but a non-empty list will + be rejected. + :param transient_metadata: Indicates roles that might be incompatible with the + current cluster license, specifically roles with document and field level + security. When the cluster license doesn’t allow certain features for a given + role, this parameter is updated dynamically to list the incompatible features. + If `enabled` is `false`, the role is ignored, but is still listed in the + response from the authenticate API. + """ + if name in SKIP_IN_PATH: + raise ValueError("Empty value passed for parameter 'name'") + __path_parts: t.Dict[str, str] = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + __query: t.Dict[str, t.Any] = {} + __body: t.Dict[str, t.Any] = body if body is not None else {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + if refresh is not None: + __query["refresh"] = refresh + if not __body: + if applications is not None: + __body["applications"] = applications + if cluster is not None: + __body["cluster"] = cluster + if description is not None: + __body["description"] = description + if global_ is not None: + __body["global"] = global_ + if indices is not None: + __body["indices"] = indices + if metadata is not None: + __body["metadata"] = metadata + if remote_indices is not None: + __body["remote_indices"] = remote_indices + if run_as is not None: + __body["run_as"] = run_as + if transient_metadata is not None: + __body["transient_metadata"] = transient_metadata + __headers = {"accept": "application/json", "content-type": "application/json"} + return await self.perform_request( # type: ignore[return-value] + "PUT", + __path, + params=__query, + headers=__headers, + body=__body, + endpoint_id="security.put_role", + path_parts=__path_parts, + ) + @_rewrite_parameters( body_fields=( "aggregations", diff --git a/elasticsearch_serverless/_sync/client/enrich.py b/elasticsearch_serverless/_sync/client/enrich.py index 6a855c4..adfd510 100644 --- a/elasticsearch_serverless/_sync/client/enrich.py +++ b/elasticsearch_serverless/_sync/client/enrich.py @@ -213,39 +213,3 @@ def put_policy( endpoint_id="enrich.put_policy", path_parts=__path_parts, ) - - @_rewrite_parameters() - def stats( - self, - *, - error_trace: t.Optional[bool] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - pretty: t.Optional[bool] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Get enrich stats. Returns enrich coordinator statistics and information about - enrich policies that are currently executing. - - ``_ - """ - __path_parts: t.Dict[str, str] = {} - __path = "/_enrich/_stats" - __query: t.Dict[str, t.Any] = {} - if error_trace is not None: - __query["error_trace"] = error_trace - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if pretty is not None: - __query["pretty"] = pretty - __headers = {"accept": "application/json"} - return self.perform_request( # type: ignore[return-value] - "GET", - __path, - params=__query, - headers=__headers, - endpoint_id="enrich.stats", - path_parts=__path_parts, - ) diff --git a/elasticsearch_serverless/_sync/client/indices.py b/elasticsearch_serverless/_sync/client/indices.py index 015a524..e3d63bc 100644 --- a/elasticsearch_serverless/_sync/client/indices.py +++ b/elasticsearch_serverless/_sync/client/indices.py @@ -487,68 +487,6 @@ def delete_alias( path_parts=__path_parts, ) - @_rewrite_parameters() - def delete_data_lifecycle( - self, - *, - name: t.Union[str, t.Sequence[str]], - error_trace: t.Optional[bool] = None, - expand_wildcards: t.Optional[ - t.Union[ - t.Sequence[ - t.Union[str, t.Literal["all", "closed", "hidden", "none", "open"]] - ], - t.Union[str, t.Literal["all", "closed", "hidden", "none", "open"]], - ] - ] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - master_timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - pretty: t.Optional[bool] = None, - timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Delete data stream lifecycles. Removes the data stream lifecycle from a data - stream, rendering it not managed by the data stream lifecycle. - - ``_ - - :param name: A comma-separated list of data streams of which the data stream - lifecycle will be deleted; use `*` to get all data streams - :param expand_wildcards: Whether wildcard expressions should get expanded to - open or closed indices (default: open) - :param master_timeout: Specify timeout for connection to master - :param timeout: Explicit timestamp for the document - """ - if name in SKIP_IN_PATH: - raise ValueError("Empty value passed for parameter 'name'") - __path_parts: t.Dict[str, str] = {"name": _quote(name)} - __path = f'/_data_stream/{__path_parts["name"]}/_lifecycle' - __query: t.Dict[str, t.Any] = {} - if error_trace is not None: - __query["error_trace"] = error_trace - if expand_wildcards is not None: - __query["expand_wildcards"] = expand_wildcards - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if master_timeout is not None: - __query["master_timeout"] = master_timeout - if pretty is not None: - __query["pretty"] = pretty - if timeout is not None: - __query["timeout"] = timeout - __headers = {"accept": "application/json"} - return self.perform_request( # type: ignore[return-value] - "DELETE", - __path, - params=__query, - headers=__headers, - endpoint_id="indices.delete_data_lifecycle", - path_parts=__path_parts, - ) - @_rewrite_parameters() def delete_data_stream( self, @@ -2196,104 +2134,6 @@ def put_settings( path_parts=__path_parts, ) - @_rewrite_parameters( - body_fields=( - "aliases", - "index_patterns", - "mappings", - "order", - "settings", - "version", - ), - ) - def put_template( - self, - *, - name: str, - aliases: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None, - cause: t.Optional[str] = None, - create: t.Optional[bool] = None, - error_trace: t.Optional[bool] = None, - filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, - human: t.Optional[bool] = None, - index_patterns: t.Optional[t.Union[str, t.Sequence[str]]] = None, - mappings: t.Optional[t.Mapping[str, t.Any]] = None, - master_timeout: t.Optional[t.Union[str, t.Literal[-1], t.Literal[0]]] = None, - order: t.Optional[int] = None, - pretty: t.Optional[bool] = None, - settings: t.Optional[t.Mapping[str, t.Any]] = None, - version: t.Optional[int] = None, - body: t.Optional[t.Dict[str, t.Any]] = None, - ) -> ObjectApiResponse[t.Any]: - """ - Create or update an index template. Index templates define settings, mappings, - and aliases that can be applied automatically to new indices. - - ``_ - - :param name: The name of the template - :param aliases: Aliases for the index. - :param cause: - :param create: If true, this request cannot replace or update existing index - templates. - :param index_patterns: Array of wildcard expressions used to match the names - of indices during creation. - :param mappings: Mapping for fields in the index. - :param master_timeout: Period to wait for a connection to the master node. If - no response is received before the timeout expires, the request fails and - returns an error. - :param order: Order in which Elasticsearch applies this template if index matches - multiple templates. Templates with lower 'order' values are merged first. - Templates with higher 'order' values are merged later, overriding templates - with lower values. - :param settings: Configuration options for the index. - :param version: Version number used to manage index templates externally. This - number is not automatically generated by Elasticsearch. - """ - if name in SKIP_IN_PATH: - raise ValueError("Empty value passed for parameter 'name'") - __path_parts: t.Dict[str, str] = {"name": _quote(name)} - __path = f'/_template/{__path_parts["name"]}' - __query: t.Dict[str, t.Any] = {} - __body: t.Dict[str, t.Any] = body if body is not None else {} - if cause is not None: - __query["cause"] = cause - if create is not None: - __query["create"] = create - if error_trace is not None: - __query["error_trace"] = error_trace - if filter_path is not None: - __query["filter_path"] = filter_path - if human is not None: - __query["human"] = human - if master_timeout is not None: - __query["master_timeout"] = master_timeout - if pretty is not None: - __query["pretty"] = pretty - if not __body: - if aliases is not None: - __body["aliases"] = aliases - if index_patterns is not None: - __body["index_patterns"] = index_patterns - if mappings is not None: - __body["mappings"] = mappings - if order is not None: - __body["order"] = order - if settings is not None: - __body["settings"] = settings - if version is not None: - __body["version"] = version - __headers = {"accept": "application/json", "content-type": "application/json"} - return self.perform_request( # type: ignore[return-value] - "PUT", - __path, - params=__query, - headers=__headers, - body=__body, - endpoint_id="indices.put_template", - path_parts=__path_parts, - ) - @_rewrite_parameters() def refresh( self, diff --git a/elasticsearch_serverless/_sync/client/security.py b/elasticsearch_serverless/_sync/client/security.py index 40f7021..b21d795 100644 --- a/elasticsearch_serverless/_sync/client/security.py +++ b/elasticsearch_serverless/_sync/client/security.py @@ -145,6 +145,54 @@ def create_api_key( path_parts=__path_parts, ) + @_rewrite_parameters() + def delete_role( + self, + *, + name: str, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + refresh: t.Optional[ + t.Union[bool, str, t.Literal["false", "true", "wait_for"]] + ] = None, + ) -> ObjectApiResponse[t.Any]: + """ + Removes roles in the native realm. + + ``_ + + :param name: Role name + :param refresh: If `true` (the default) then refresh the affected shards to make + this operation visible to search, if `wait_for` then wait for a refresh to + make this operation visible to search, if `false` then do nothing with refreshes. + """ + if name in SKIP_IN_PATH: + raise ValueError("Empty value passed for parameter 'name'") + __path_parts: t.Dict[str, str] = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + if refresh is not None: + __query["refresh"] = refresh + __headers = {"accept": "application/json"} + return self.perform_request( # type: ignore[return-value] + "DELETE", + __path, + params=__query, + headers=__headers, + endpoint_id="security.delete_role", + path_parts=__path_parts, + ) + @_rewrite_parameters() def get_api_key( self, @@ -231,6 +279,89 @@ def get_api_key( path_parts=__path_parts, ) + @_rewrite_parameters() + def get_builtin_privileges( + self, + *, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + ) -> ObjectApiResponse[t.Any]: + """ + Retrieves the list of cluster privileges and index privileges that are available + in this version of Elasticsearch. + + ``_ + """ + __path_parts: t.Dict[str, str] = {} + __path = "/_security/privilege/_builtin" + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + __headers = {"accept": "application/json"} + return self.perform_request( # type: ignore[return-value] + "GET", + __path, + params=__query, + headers=__headers, + endpoint_id="security.get_builtin_privileges", + path_parts=__path_parts, + ) + + @_rewrite_parameters() + def get_role( + self, + *, + name: t.Optional[t.Union[str, t.Sequence[str]]] = None, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + human: t.Optional[bool] = None, + pretty: t.Optional[bool] = None, + ) -> ObjectApiResponse[t.Any]: + """ + The role management APIs are generally the preferred way to manage roles, rather + than using file-based role management. The get roles API cannot retrieve roles + that are defined in roles files. + + ``_ + + :param name: The name of the role. You can specify multiple roles as a comma-separated + list. If you do not specify this parameter, the API returns information about + all roles. + """ + __path_parts: t.Dict[str, str] + if name not in SKIP_IN_PATH: + __path_parts = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + else: + __path_parts = {} + __path = "/_security/role" + __query: t.Dict[str, t.Any] = {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + __headers = {"accept": "application/json"} + return self.perform_request( # type: ignore[return-value] + "GET", + __path, + params=__query, + headers=__headers, + endpoint_id="security.get_role", + path_parts=__path_parts, + ) + @_rewrite_parameters( body_fields=("application", "cluster", "index"), ) @@ -438,6 +569,190 @@ def invalidate_api_key( path_parts=__path_parts, ) + @_rewrite_parameters( + body_fields=( + "applications", + "cluster", + "description", + "global_", + "indices", + "metadata", + "remote_indices", + "run_as", + "transient_metadata", + ), + parameter_aliases={"global": "global_"}, + ) + def put_role( + self, + *, + name: str, + applications: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + cluster: t.Optional[ + t.Sequence[ + t.Union[ + str, + t.Literal[ + "all", + "cancel_task", + "create_snapshot", + "cross_cluster_replication", + "cross_cluster_search", + "delegate_pki", + "grant_api_key", + "manage", + "manage_api_key", + "manage_autoscaling", + "manage_behavioral_analytics", + "manage_ccr", + "manage_data_frame_transforms", + "manage_data_stream_global_retention", + "manage_enrich", + "manage_ilm", + "manage_index_templates", + "manage_inference", + "manage_ingest_pipelines", + "manage_logstash_pipelines", + "manage_ml", + "manage_oidc", + "manage_own_api_key", + "manage_pipeline", + "manage_rollup", + "manage_saml", + "manage_search_application", + "manage_search_query_rules", + "manage_search_synonyms", + "manage_security", + "manage_service_account", + "manage_slm", + "manage_token", + "manage_transform", + "manage_user_profile", + "manage_watcher", + "monitor", + "monitor_data_frame_transforms", + "monitor_data_stream_global_retention", + "monitor_enrich", + "monitor_inference", + "monitor_ml", + "monitor_rollup", + "monitor_snapshot", + "monitor_text_structure", + "monitor_transform", + "monitor_watcher", + "none", + "post_behavioral_analytics_event", + "read_ccr", + "read_fleet_secrets", + "read_ilm", + "read_pipeline", + "read_security", + "read_slm", + "transport_client", + "write_connector_secrets", + "write_fleet_secrets", + ], + ] + ] + ] = None, + description: t.Optional[str] = None, + error_trace: t.Optional[bool] = None, + filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None, + global_: t.Optional[t.Mapping[str, t.Any]] = None, + human: t.Optional[bool] = None, + indices: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + metadata: t.Optional[t.Mapping[str, t.Any]] = None, + pretty: t.Optional[bool] = None, + refresh: t.Optional[ + t.Union[bool, str, t.Literal["false", "true", "wait_for"]] + ] = None, + remote_indices: t.Optional[t.Sequence[t.Mapping[str, t.Any]]] = None, + run_as: t.Optional[t.Sequence[str]] = None, + transient_metadata: t.Optional[t.Mapping[str, t.Any]] = None, + body: t.Optional[t.Dict[str, t.Any]] = None, + ) -> ObjectApiResponse[t.Any]: + """ + The role management APIs are generally the preferred way to manage roles, rather + than using file-based role management. The create or update roles API cannot + update roles that are defined in roles files. + + ``_ + + :param name: The name of the role that is being created or updated. On Elasticsearch + Serverless, the role name must begin with a letter or digit and can only + contain letters, digits and the characters '_', '-', and '.'. Each role must + have a unique name, as this will serve as the identifier for that role. + :param applications: A list of application privilege entries. + :param cluster: A list of cluster privileges. These privileges define the cluster-level + actions for users with this role. + :param description: Optional description of the role descriptor + :param global_: An object defining global privileges. A global privilege is a + form of cluster privilege that is request-aware. Support for global privileges + is currently limited to the management of application privileges. + :param indices: A list of indices permissions entries. + :param metadata: Optional metadata. Within the metadata object, keys that begin + with an underscore (`_`) are reserved for system use. + :param refresh: If `true` (the default) then refresh the affected shards to make + this operation visible to search, if `wait_for` then wait for a refresh to + make this operation visible to search, if `false` then do nothing with refreshes. + :param remote_indices: A list of remote indices permissions entries. + :param run_as: A list of users that the owners of this role can impersonate. + *Note*: in Serverless, the run-as feature is disabled. For API compatibility, + you can still specify an empty `run_as` field, but a non-empty list will + be rejected. + :param transient_metadata: Indicates roles that might be incompatible with the + current cluster license, specifically roles with document and field level + security. When the cluster license doesn’t allow certain features for a given + role, this parameter is updated dynamically to list the incompatible features. + If `enabled` is `false`, the role is ignored, but is still listed in the + response from the authenticate API. + """ + if name in SKIP_IN_PATH: + raise ValueError("Empty value passed for parameter 'name'") + __path_parts: t.Dict[str, str] = {"name": _quote(name)} + __path = f'/_security/role/{__path_parts["name"]}' + __query: t.Dict[str, t.Any] = {} + __body: t.Dict[str, t.Any] = body if body is not None else {} + if error_trace is not None: + __query["error_trace"] = error_trace + if filter_path is not None: + __query["filter_path"] = filter_path + if human is not None: + __query["human"] = human + if pretty is not None: + __query["pretty"] = pretty + if refresh is not None: + __query["refresh"] = refresh + if not __body: + if applications is not None: + __body["applications"] = applications + if cluster is not None: + __body["cluster"] = cluster + if description is not None: + __body["description"] = description + if global_ is not None: + __body["global"] = global_ + if indices is not None: + __body["indices"] = indices + if metadata is not None: + __body["metadata"] = metadata + if remote_indices is not None: + __body["remote_indices"] = remote_indices + if run_as is not None: + __body["run_as"] = run_as + if transient_metadata is not None: + __body["transient_metadata"] = transient_metadata + __headers = {"accept": "application/json", "content-type": "application/json"} + return self.perform_request( # type: ignore[return-value] + "PUT", + __path, + params=__query, + headers=__headers, + body=__body, + endpoint_id="security.put_role", + path_parts=__path_parts, + ) + @_rewrite_parameters( body_fields=( "aggregations",