Module: Elasticsearch::API::Security::Actions

Included in:
SecurityClient
Defined in:
lib/elasticsearch/api/namespace/security.rb,
lib/elasticsearch/api/actions/security/get_role.rb,
lib/elasticsearch/api/actions/security/get_user.rb,
lib/elasticsearch/api/actions/security/put_role.rb,
lib/elasticsearch/api/actions/security/put_user.rb,
lib/elasticsearch/api/actions/security/get_token.rb,
lib/elasticsearch/api/actions/security/delete_role.rb,
lib/elasticsearch/api/actions/security/delete_user.rb,
lib/elasticsearch/api/actions/security/enable_user.rb,
lib/elasticsearch/api/actions/security/enroll_node.rb,
lib/elasticsearch/api/actions/security/get_api_key.rb,
lib/elasticsearch/api/actions/security/oidc_logout.rb,
lib/elasticsearch/api/actions/security/saml_logout.rb,
lib/elasticsearch/api/actions/security/authenticate.rb,
lib/elasticsearch/api/actions/security/disable_user.rb,
lib/elasticsearch/api/actions/security/enroll_kibana.rb,
lib/elasticsearch/api/actions/security/grant_api_key.rb,
lib/elasticsearch/api/actions/security/create_api_key.rb,
lib/elasticsearch/api/actions/security/get_privileges.rb,
lib/elasticsearch/api/actions/security/has_privileges.rb,
lib/elasticsearch/api/actions/security/put_privileges.rb,
lib/elasticsearch/api/actions/security/query_api_keys.rb,
lib/elasticsearch/api/actions/security/change_password.rb,
lib/elasticsearch/api/actions/security/saml_invalidate.rb,
lib/elasticsearch/api/actions/security/get_role_mapping.rb,
lib/elasticsearch/api/actions/security/get_user_profile.rb,
lib/elasticsearch/api/actions/security/invalidate_token.rb,
lib/elasticsearch/api/actions/security/put_role_mapping.rb,
lib/elasticsearch/api/actions/security/delete_privileges.rb,
lib/elasticsearch/api/actions/security/oidc_authenticate.rb,
lib/elasticsearch/api/actions/security/saml_authenticate.rb,
lib/elasticsearch/api/actions/security/clear_cached_roles.rb,
lib/elasticsearch/api/actions/security/invalidate_api_key.rb,
lib/elasticsearch/api/actions/security/clear_api_key_cache.rb,
lib/elasticsearch/api/actions/security/clear_cached_realms.rb,
lib/elasticsearch/api/actions/security/delete_role_mapping.rb,
lib/elasticsearch/api/actions/security/enable_user_profile.rb,
lib/elasticsearch/api/actions/security/get_user_privileges.rb,
lib/elasticsearch/api/actions/security/create_service_token.rb,
lib/elasticsearch/api/actions/security/delete_service_token.rb,
lib/elasticsearch/api/actions/security/disable_user_profile.rb,
lib/elasticsearch/api/actions/security/get_service_accounts.rb,
lib/elasticsearch/api/actions/security/saml_complete_logout.rb,
lib/elasticsearch/api/actions/security/activate_user_profile.rb,
lib/elasticsearch/api/actions/security/suggest_user_profiles.rb,
lib/elasticsearch/api/actions/security/get_builtin_privileges.rb,
lib/elasticsearch/api/actions/security/clear_cached_privileges.rb,
lib/elasticsearch/api/actions/security/get_service_credentials.rb,
lib/elasticsearch/api/actions/security/update_user_profile_data.rb,
lib/elasticsearch/api/actions/security/clear_cached_service_tokens.rb,
lib/elasticsearch/api/actions/security/oidc_prepare_authentication.rb,
lib/elasticsearch/api/actions/security/saml_prepare_authentication.rb,
lib/elasticsearch/api/actions/security/saml_service_provider_metadata.rb

Instance Method Summary collapse

Instance Method Details

#activate_user_profile(arguments = {}) ⇒ Object

Creates or updates the user profile on behalf of another user. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The grant type and user’s credential (Required)

Raises:

  • (ArgumentError)

See Also:


33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/elasticsearch/api/actions/security/activate_user_profile.rb', line 33

def (arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/profile/_activate"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#authenticate(arguments = {}) ⇒ Object

Enables authentication as a user and retrieve information about the authenticated user.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

See Also:


28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/elasticsearch/api/actions/security/authenticate.rb', line 28

def authenticate(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/_authenticate"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#change_password(arguments = {}) ⇒ Object

Changes the passwords of users in the native realm and built-in users.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (String)

    The username of the user to change the password for

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    the new password for the user (Required)

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/elasticsearch/api/actions/security/change_password.rb', line 31

def change_password(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = if _username
             "_security/user/#{Utils.__listify(_username)}/_password"
           else
             "_security/user/_password"
           end
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#clear_api_key_cache(arguments = {}) ⇒ Object

Clear a subset or all entries from the API key cache.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :ids (List)

    A comma-separated list of IDs of API keys to clear from the cache

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/elasticsearch/api/actions/security/clear_api_key_cache.rb', line 29

def clear_api_key_cache(arguments = {})
  raise ArgumentError, "Required argument 'ids' missing" unless arguments[:ids]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _ids = arguments.delete(:ids)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/api_key/#{Utils.__listify(_ids)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#clear_cached_privileges(arguments = {}) ⇒ Object

Evicts application privileges from the native application privileges cache.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :application (List)

    A comma-separated list of application names

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/elasticsearch/api/actions/security/clear_cached_privileges.rb', line 29

def clear_cached_privileges(arguments = {})
  raise ArgumentError, "Required argument 'application' missing" unless arguments[:application]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/privilege/#{Utils.__listify(_application)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#clear_cached_realms(arguments = {}) ⇒ Object

Evicts users from the user cache. Can completely clear the cache or evict specific users.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :realms (List)

    Comma-separated list of realms to clear

  • :usernames (List)

    Comma-separated list of usernames to clear from the cache

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/clear_cached_realms.rb', line 30

def clear_cached_realms(arguments = {})
  raise ArgumentError, "Required argument 'realms' missing" unless arguments[:realms]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _realms = arguments.delete(:realms)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/realm/#{Utils.__listify(_realms)}/_clear_cache"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#clear_cached_roles(arguments = {}) ⇒ Object

Evicts roles from the native role cache.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (List)

    Role name

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/elasticsearch/api/actions/security/clear_cached_roles.rb', line 29

def clear_cached_roles(arguments = {})
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/role/#{Utils.__listify(_name)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#clear_cached_service_tokens(arguments = {}) ⇒ Object

Evicts tokens from the service account token caches.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :namespace (String)

    An identifier for the namespace

  • :service (String)

    An identifier for the service name

  • :name (List)

    A comma-separated list of service token names

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/elasticsearch/api/actions/security/clear_cached_service_tokens.rb', line 31

def clear_cached_service_tokens(arguments = {})
  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#create_api_key(arguments = {}) ⇒ Object

Creates an API key for access without requiring basic authentication.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The api key request to create an API key (Required)

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/elasticsearch/api/actions/security/create_api_key.rb', line 30

def create_api_key(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/api_key"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#create_service_token(arguments = {}) ⇒ Object

Creates a service account token for access without requiring basic authentication.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :namespace (String)

    An identifier for the namespace

  • :service (String)

    An identifier for the service name

  • :name (String)

    An identifier for the token name

  • :refresh (String)

    If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/elasticsearch/api/actions/security/create_service_token.rb', line 32

def create_service_token(arguments = {})
  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_PUT
  path   = if _namespace && _service && _name
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}"
           else
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token"
           end
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#delete_privileges(arguments = {}) ⇒ Object

Removes application privileges.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :application (String)

    Application name

  • :name (String)

    Privilege name

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/elasticsearch/api/actions/security/delete_privileges.rb', line 31

def delete_privileges(arguments = {})
  raise ArgumentError, "Required argument 'application' missing" unless arguments[:application]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/privilege/#{Utils.__listify(_application)}/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#delete_role(arguments = {}) ⇒ Object

Removes roles in the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (String)

    Role name

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/delete_role.rb', line 30

def delete_role(arguments = {})
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/role/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#delete_role_mapping(arguments = {}) ⇒ Object

Removes role mappings.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (String)

    Role-mapping name

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/delete_role_mapping.rb', line 30

def delete_role_mapping(arguments = {})
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/role_mapping/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#delete_service_token(arguments = {}) ⇒ Object

Deletes a service account token.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :namespace (String)

    An identifier for the namespace

  • :service (String)

    An identifier for the service name

  • :name (String)

    An identifier for the token name

  • :refresh (String)

    If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/elasticsearch/api/actions/security/delete_service_token.rb', line 32

def delete_service_token(arguments = {})
  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#delete_user(arguments = {}) ⇒ Object

Deletes users from the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (String)

    username

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/delete_user.rb', line 30

def delete_user(arguments = {})
  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/user/#{Utils.__listify(_username)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#disable_user(arguments = {}) ⇒ Object

Disables users in the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (String)

    The username of the user to disable

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/disable_user.rb', line 30

def disable_user(arguments = {})
  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}/_disable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#disable_user_profile(arguments = {}) ⇒ Object

Disables a user profile so it’s not visible in user profile searches. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :uid (String)

    Unique identifier for the user profile

  • :refresh (String)

    If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/elasticsearch/api/actions/security/disable_user_profile.rb', line 34

def (arguments = {})
  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_disable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#enable_user(arguments = {}) ⇒ Object

Enables users in the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (String)

    The username of the user to enable

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/enable_user.rb', line 30

def enable_user(arguments = {})
  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}/_enable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#enable_user_profile(arguments = {}) ⇒ Object

Enables a user profile so it’s visible in user profile searches. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :uid (String)

    An unique identifier of the user profile

  • :refresh (String)

    If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/elasticsearch/api/actions/security/enable_user_profile.rb', line 34

def (arguments = {})
  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_enable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#enroll_kibana(arguments = {}) ⇒ Object

Allows a kibana instance to configure itself to communicate with a secured elasticsearch cluster.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

See Also:


28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/elasticsearch/api/actions/security/enroll_kibana.rb', line 28

def enroll_kibana(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/enroll/kibana"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#enroll_node(arguments = {}) ⇒ Object

Allows a new node to enroll to an existing cluster with security enabled.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

See Also:


28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/elasticsearch/api/actions/security/enroll_node.rb', line 28

def enroll_node(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/enroll/node"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_api_key(arguments = {}) ⇒ Object

Retrieves information for one or more API keys.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :id (String)

    API key id of the API key to be retrieved

  • :name (String)

    API key name of the API key to be retrieved

  • :username (String)

    user name of the user who created this API key to be retrieved

  • :realm_name (String)

    realm name of the user who created this API key to be retrieved

  • :owner (Boolean)

    flag to query API keys owned by the currently authenticated user

  • :headers (Hash)

    Custom HTTP headers

See Also:


33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/elasticsearch/api/actions/security/get_api_key.rb', line 33

def get_api_key(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/api_key"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_builtin_privileges(arguments = {}) ⇒ Object

Retrieves the list of cluster privileges and index privileges that are available in this version of Elasticsearch.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

See Also:


28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/elasticsearch/api/actions/security/get_builtin_privileges.rb', line 28

def get_builtin_privileges(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/privilege/_builtin"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_privileges(arguments = {}) ⇒ Object

Retrieves application privileges.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :application (String)

    Application name

  • :name (String)

    Privilege name

  • :headers (Hash)

    Custom HTTP headers

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/elasticsearch/api/actions/security/get_privileges.rb', line 30

def get_privileges(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _application && _name
             "_security/privilege/#{Utils.__listify(_application)}/#{Utils.__listify(_name)}"
           elsif _application
             "_security/privilege/#{Utils.__listify(_application)}"
           else
             "_security/privilege"
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_role(arguments = {}) ⇒ Object

Retrieves roles in the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (List)

    A comma-separated list of role names

  • :headers (Hash)

    Custom HTTP headers

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/elasticsearch/api/actions/security/get_role.rb', line 29

def get_role(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _name
             "_security/role/#{Utils.__listify(_name)}"
           else
             "_security/role"
           end
  params = {}

  if Array(arguments[:ignore]).include?(404)
    Utils.__rescue_from_not_found {
      Elasticsearch::API::Response.new(
        perform_request(method, path, params, body, headers)
      )
    }
  else
    Elasticsearch::API::Response.new(
      perform_request(method, path, params, body, headers)
    )
  end
end

#get_role_mapping(arguments = {}) ⇒ Object

Retrieves role mappings.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (List)

    A comma-separated list of role-mapping names

  • :headers (Hash)

    Custom HTTP headers

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/elasticsearch/api/actions/security/get_role_mapping.rb', line 29

def get_role_mapping(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _name
             "_security/role_mapping/#{Utils.__listify(_name)}"
           else
             "_security/role_mapping"
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_service_accounts(arguments = {}) ⇒ Object

Retrieves information about service accounts.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :namespace (String)

    An identifier for the namespace

  • :service (String)

    An identifier for the service name

  • :headers (Hash)

    Custom HTTP headers

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/elasticsearch/api/actions/security/get_service_accounts.rb', line 30

def get_service_accounts(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  method = Elasticsearch::API::HTTP_GET
  path   = if _namespace && _service
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}"
           elsif _namespace
             "_security/service/#{Utils.__listify(_namespace)}"
           else
             "_security/service"
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_service_credentials(arguments = {}) ⇒ Object

Retrieves information of all service credentials for a service account.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :namespace (String)

    An identifier for the namespace

  • :service (String)

    An identifier for the service name

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/elasticsearch/api/actions/security/get_service_credentials.rb', line 30

def get_service_credentials(arguments = {})
  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_token(arguments = {}) ⇒ Object

Creates a bearer token for access without requiring basic authentication.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The token request to get (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/get_token.rb', line 29

def get_token(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/oauth2/token"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_user(arguments = {}) ⇒ Object

Retrieves information about users in the native realm and built-in users.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (List)

    A comma-separated list of usernames

  • :headers (Hash)

    Custom HTTP headers

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/elasticsearch/api/actions/security/get_user.rb', line 29

def get_user(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_GET
  path   = if _username
             "_security/user/#{Utils.__listify(_username)}"
           else
             "_security/user"
           end
  params = {}

  if Array(arguments[:ignore]).include?(404)
    Utils.__rescue_from_not_found {
      Elasticsearch::API::Response.new(
        perform_request(method, path, params, body, headers)
      )
    }
  else
    Elasticsearch::API::Response.new(
      perform_request(method, path, params, body, headers)
    )
  end
end

#get_user_privileges(arguments = {}) ⇒ Object

Retrieves security privileges for the logged in user.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

See Also:


28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/elasticsearch/api/actions/security/get_user_privileges.rb', line 28

def get_user_privileges(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/user/_privileges"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_user_profile(arguments = {}) ⇒ Object

Retrieves user profile for the given unique ID. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :uid (String)

    An unique identifier of the user profile

  • :data (List)

    A comma-separated list of keys for which the corresponding application data are retrieved.

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/elasticsearch/api/actions/security/get_user_profile.rb', line 34

def (arguments = {})
  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/profile/#{Utils.__listify(_uid)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#grant_api_key(arguments = {}) ⇒ Object

Creates an API key on behalf of another user.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The api key request to create an API key (Required)

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/elasticsearch/api/actions/security/grant_api_key.rb', line 30

def grant_api_key(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/api_key/grant"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#has_privileges(arguments = {}) ⇒ Object

Determines whether the specified user has a specified list of privileges.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :user (String)

    Username

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The privileges to test (Required)

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/elasticsearch/api/actions/security/has_privileges.rb', line 30

def has_privileges(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _user = arguments.delete(:user)

  method = Elasticsearch::API::HTTP_POST
  path   = if _user
             "_security/user/#{Utils.__listify(_user)}/_has_privileges"
           else
             "_security/user/_has_privileges"
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#invalidate_api_key(arguments = {}) ⇒ Object

Invalidates one or more API keys.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The api key request to invalidate API key(s) (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/invalidate_api_key.rb', line 29

def invalidate_api_key(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/api_key"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#invalidate_token(arguments = {}) ⇒ Object

Invalidates one or more access tokens or refresh tokens.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The token to invalidate (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/invalidate_token.rb', line 29

def invalidate_token(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/oauth2/token"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#oidc_authenticate(arguments = {}) ⇒ Object

Exchanges an OpenID Connection authentication response message for an Elasticsearch access token and refresh token pair

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The OpenID Connect response to authenticate (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/oidc_authenticate.rb', line 29

def oidc_authenticate(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/oidc/authenticate"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#oidc_logout(arguments = {}) ⇒ Object

Invalidates a refresh token and access token that was generated from the OpenID Connect Authenticate API

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    Access token and refresh token to invalidate (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/oidc_logout.rb', line 29

def oidc_logout(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/oidc/logout"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#oidc_prepare_authentication(arguments = {}) ⇒ Object

Creates an OAuth 2.0 authentication request as a URL string

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The OpenID Connect authentication realm configuration (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/oidc_prepare_authentication.rb', line 29

def oidc_prepare_authentication(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/oidc/prepare"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#put_privileges(arguments = {}) ⇒ Object

Adds or updates application privileges.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The privilege(s) to add (Required)

Raises:

  • (ArgumentError)

See Also:


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/elasticsearch/api/actions/security/put_privileges.rb', line 30

def put_privileges(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/privilege"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#put_role(arguments = {}) ⇒ Object

Adds and updates roles in the native realm.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (String)

    Role name

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The role to add (Required)

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/elasticsearch/api/actions/security/put_role.rb', line 31

def put_role(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/role/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#put_role_mapping(arguments = {}) ⇒ Object

Creates and updates role mappings.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :name (String)

    Role-mapping name

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The role mapping to add (Required)

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/elasticsearch/api/actions/security/put_role_mapping.rb', line 31

def put_role_mapping(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/role_mapping/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#put_user(arguments = {}) ⇒ Object

Adds and updates users in the native realm. These users are commonly referred to as native users.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :username (String)

    The username of the User

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The user to add (Required)

Raises:

  • (ArgumentError)

See Also:


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/elasticsearch/api/actions/security/put_user.rb', line 31

def put_user(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#query_api_keys(arguments = {}) ⇒ Object

Retrieves information for API keys using a subset of query DSL

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    From, size, query, sort and search_after

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/elasticsearch/api/actions/security/query_api_keys.rb', line 29

def query_api_keys(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = if body
             Elasticsearch::API::HTTP_POST
           else
             Elasticsearch::API::HTTP_GET
           end

  path   = "_security/_query/api_key"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_authenticate(arguments = {}) ⇒ Object

Exchanges a SAML Response message for an Elasticsearch access token and refresh token pair

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The SAML response to authenticate (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/saml_authenticate.rb', line 29

def saml_authenticate(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/saml/authenticate"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_complete_logout(arguments = {}) ⇒ Object

Verifies the logout response sent from the SAML IdP

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The logout response to verify (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/saml_complete_logout.rb', line 29

def saml_complete_logout(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/saml/complete_logout"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_invalidate(arguments = {}) ⇒ Object

Consumes a SAML LogoutRequest

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The LogoutRequest message (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/saml_invalidate.rb', line 29

def saml_invalidate(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/saml/invalidate"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_logout(arguments = {}) ⇒ Object

Invalidates an access token and a refresh token that were generated via the SAML Authenticate API

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The tokens to invalidate (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/saml_logout.rb', line 29

def saml_logout(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/saml/logout"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_prepare_authentication(arguments = {}) ⇒ Object

Creates a SAML authentication request

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The realm for which to create the authentication request, identified by either its name or the ACS URL (Required)

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/elasticsearch/api/actions/security/saml_prepare_authentication.rb', line 29

def saml_prepare_authentication(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/saml/prepare"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#saml_service_provider_metadata(arguments = {}) ⇒ Object

Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :realm_name (String)

    The name of the SAML realm to get the metadata for

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/elasticsearch/api/actions/security/saml_service_provider_metadata.rb', line 29

def saml_service_provider_metadata(arguments = {})
  raise ArgumentError, "Required argument 'realm_name' missing" unless arguments[:realm_name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _realm_name = arguments.delete(:realm_name)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/saml/metadata/#{Utils.__listify(_realm_name)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#suggest_user_profiles(arguments = {}) ⇒ Object

Get suggestions for user profiles that match specified search criteria. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :data (List)

    A comma-separated list of keys for which the corresponding application data are retrieved.

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The suggestion definition for user profiles

See Also:


34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/elasticsearch/api/actions/security/suggest_user_profiles.rb', line 34

def suggest_user_profiles(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = if body
             Elasticsearch::API::HTTP_POST
           else
             Elasticsearch::API::HTTP_GET
           end

  path   = "_security/profile/_suggest"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#update_user_profile_data(arguments = {}) ⇒ Object

Update application specific data for the user profile of the given unique ID. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :uid (String)

    An unique identifier of the user profile

  • :if_seq_no (Number)

    only perform the update operation if the last operation that has changed the document has the specified sequence number

  • :if_primary_term (Number)

    only perform the update operation if the last operation that has changed the document has the specified primary term

  • :refresh (String)

    If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    The application data to update (Required)

Raises:

  • (ArgumentError)

See Also:


37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/elasticsearch/api/actions/security/update_user_profile_data.rb', line 37

def (arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_data"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end