@@ -127,6 +127,122 @@ async def authenticate(
127127 path_parts = __path_parts ,
128128 )
129129
130+ @_rewrite_parameters (
131+ body_fields = ("names" ,),
132+ )
133+ async def bulk_delete_role (
134+ self ,
135+ * ,
136+ names : t .Optional [t .Sequence [str ]] = None ,
137+ error_trace : t .Optional [bool ] = None ,
138+ filter_path : t .Optional [t .Union [str , t .Sequence [str ]]] = None ,
139+ human : t .Optional [bool ] = None ,
140+ pretty : t .Optional [bool ] = None ,
141+ refresh : t .Optional [
142+ t .Union ["t.Literal['false', 'true', 'wait_for']" , bool , str ]
143+ ] = None ,
144+ body : t .Optional [t .Dict [str , t .Any ]] = None ,
145+ ) -> ObjectApiResponse [t .Any ]:
146+ """
147+ The role management APIs are generally the preferred way to manage roles, rather
148+ than using file-based role management. The bulk delete roles API cannot delete
149+ roles that are defined in roles files.
150+
151+ `<https://www.elastic.co/guide/en/elasticsearch/reference/8.15/security-api-bulk-delete-role.html>`_
152+
153+ :param names: An array of role names to delete
154+ :param refresh: If `true` (the default) then refresh the affected shards to make
155+ this operation visible to search, if `wait_for` then wait for a refresh to
156+ make this operation visible to search, if `false` then do nothing with refreshes.
157+ """
158+ if names is None and body is None :
159+ raise ValueError ("Empty value passed for parameter 'names'" )
160+ __path_parts : t .Dict [str , str ] = {}
161+ __path = "/_security/role"
162+ __query : t .Dict [str , t .Any ] = {}
163+ __body : t .Dict [str , t .Any ] = body if body is not None else {}
164+ if error_trace is not None :
165+ __query ["error_trace" ] = error_trace
166+ if filter_path is not None :
167+ __query ["filter_path" ] = filter_path
168+ if human is not None :
169+ __query ["human" ] = human
170+ if pretty is not None :
171+ __query ["pretty" ] = pretty
172+ if refresh is not None :
173+ __query ["refresh" ] = refresh
174+ if not __body :
175+ if names is not None :
176+ __body ["names" ] = names
177+ __headers = {"accept" : "application/json" , "content-type" : "application/json" }
178+ return await self .perform_request ( # type: ignore[return-value]
179+ "DELETE" ,
180+ __path ,
181+ params = __query ,
182+ headers = __headers ,
183+ body = __body ,
184+ endpoint_id = "security.bulk_delete_role" ,
185+ path_parts = __path_parts ,
186+ )
187+
188+ @_rewrite_parameters (
189+ body_fields = ("roles" ,),
190+ )
191+ async def bulk_put_role (
192+ self ,
193+ * ,
194+ roles : t .Optional [t .Mapping [str , t .Mapping [str , t .Any ]]] = None ,
195+ error_trace : t .Optional [bool ] = None ,
196+ filter_path : t .Optional [t .Union [str , t .Sequence [str ]]] = None ,
197+ human : t .Optional [bool ] = None ,
198+ pretty : t .Optional [bool ] = None ,
199+ refresh : t .Optional [
200+ t .Union ["t.Literal['false', 'true', 'wait_for']" , bool , str ]
201+ ] = None ,
202+ body : t .Optional [t .Dict [str , t .Any ]] = None ,
203+ ) -> ObjectApiResponse [t .Any ]:
204+ """
205+ The role management APIs are generally the preferred way to manage roles, rather
206+ than using file-based role management. The bulk create or update roles API cannot
207+ update roles that are defined in roles files.
208+
209+ `<https://www.elastic.co/guide/en/elasticsearch/reference/8.15/security-api-bulk-put-role.html>`_
210+
211+ :param roles: A dictionary of role name to RoleDescriptor objects to add or update
212+ :param refresh: If `true` (the default) then refresh the affected shards to make
213+ this operation visible to search, if `wait_for` then wait for a refresh to
214+ make this operation visible to search, if `false` then do nothing with refreshes.
215+ """
216+ if roles is None and body is None :
217+ raise ValueError ("Empty value passed for parameter 'roles'" )
218+ __path_parts : t .Dict [str , str ] = {}
219+ __path = "/_security/role"
220+ __query : t .Dict [str , t .Any ] = {}
221+ __body : t .Dict [str , t .Any ] = body if body is not None else {}
222+ if error_trace is not None :
223+ __query ["error_trace" ] = error_trace
224+ if filter_path is not None :
225+ __query ["filter_path" ] = filter_path
226+ if human is not None :
227+ __query ["human" ] = human
228+ if pretty is not None :
229+ __query ["pretty" ] = pretty
230+ if refresh is not None :
231+ __query ["refresh" ] = refresh
232+ if not __body :
233+ if roles is not None :
234+ __body ["roles" ] = roles
235+ __headers = {"accept" : "application/json" , "content-type" : "application/json" }
236+ return await self .perform_request ( # type: ignore[return-value]
237+ "POST" ,
238+ __path ,
239+ params = __query ,
240+ headers = __headers ,
241+ body = __body ,
242+ endpoint_id = "security.bulk_put_role" ,
243+ path_parts = __path_parts ,
244+ )
245+
130246 @_rewrite_parameters (
131247 body_fields = ("password" , "password_hash" ),
132248 )
@@ -2102,6 +2218,7 @@ async def put_privileges(
21022218 body_fields = (
21032219 "applications" ,
21042220 "cluster" ,
2221+ "description" ,
21052222 "global_" ,
21062223 "indices" ,
21072224 "metadata" ,
@@ -2123,6 +2240,7 @@ async def put_role(
21232240 ]
21242241 ]
21252242 ] = None ,
2243+ description : t .Optional [str ] = None ,
21262244 error_trace : t .Optional [bool ] = None ,
21272245 filter_path : t .Optional [t .Union [str , t .Sequence [str ]]] = None ,
21282246 global_ : t .Optional [t .Mapping [str , t .Any ]] = None ,
@@ -2148,6 +2266,7 @@ async def put_role(
21482266 :param applications: A list of application privilege entries.
21492267 :param cluster: A list of cluster privileges. These privileges define the cluster-level
21502268 actions for users with this role.
2269+ :param description: Optional description of the role descriptor
21512270 :param global_: An object defining global privileges. A global privilege is a
21522271 form of cluster privilege that is request-aware. Support for global privileges
21532272 is currently limited to the management of application privileges.
@@ -2189,6 +2308,8 @@ async def put_role(
21892308 __body ["applications" ] = applications
21902309 if cluster is not None :
21912310 __body ["cluster" ] = cluster
2311+ if description is not None :
2312+ __body ["description" ] = description
21922313 if global_ is not None :
21932314 __body ["global" ] = global_
21942315 if indices is not None :
@@ -2526,6 +2647,181 @@ async def query_api_keys(
25262647 path_parts = __path_parts ,
25272648 )
25282649
2650+ @_rewrite_parameters (
2651+ body_fields = ("from_" , "query" , "search_after" , "size" , "sort" ),
2652+ parameter_aliases = {"from" : "from_" },
2653+ )
2654+ async def query_role (
2655+ self ,
2656+ * ,
2657+ error_trace : t .Optional [bool ] = None ,
2658+ filter_path : t .Optional [t .Union [str , t .Sequence [str ]]] = None ,
2659+ from_ : t .Optional [int ] = None ,
2660+ human : t .Optional [bool ] = None ,
2661+ pretty : t .Optional [bool ] = None ,
2662+ query : t .Optional [t .Mapping [str , t .Any ]] = None ,
2663+ search_after : t .Optional [
2664+ t .Sequence [t .Union [None , bool , float , int , str , t .Any ]]
2665+ ] = None ,
2666+ size : t .Optional [int ] = None ,
2667+ sort : t .Optional [
2668+ t .Union [
2669+ t .Sequence [t .Union [str , t .Mapping [str , t .Any ]]],
2670+ t .Union [str , t .Mapping [str , t .Any ]],
2671+ ]
2672+ ] = None ,
2673+ body : t .Optional [t .Dict [str , t .Any ]] = None ,
2674+ ) -> ObjectApiResponse [t .Any ]:
2675+ """
2676+ Retrieves roles in a paginated manner. You can optionally filter the results
2677+ with a query.
2678+
2679+ `<https://www.elastic.co/guide/en/elasticsearch/reference/8.15/security-api-query-role.html>`_
2680+
2681+ :param from_: Starting document offset. By default, you cannot page through more
2682+ than 10,000 hits using the from and size parameters. To page through more
2683+ hits, use the `search_after` parameter.
2684+ :param query: A query to filter which roles to return. If the query parameter
2685+ is missing, it is equivalent to a `match_all` query. The query supports a
2686+ subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,
2687+ `ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.
2688+ You can query the following information associated with roles: `name`, `description`,
2689+ `metadata`, `applications.application`, `applications.privileges`, `applications.resources`.
2690+ :param search_after: Search after definition
2691+ :param size: The number of hits to return. By default, you cannot page through
2692+ more than 10,000 hits using the `from` and `size` parameters. To page through
2693+ more hits, use the `search_after` parameter.
2694+ :param sort: All public fields of a role are eligible for sorting. In addition,
2695+ sort can also be applied to the `_doc` field to sort by index order.
2696+ """
2697+ __path_parts : t .Dict [str , str ] = {}
2698+ __path = "/_security/_query/role"
2699+ __query : t .Dict [str , t .Any ] = {}
2700+ __body : t .Dict [str , t .Any ] = body if body is not None else {}
2701+ if error_trace is not None :
2702+ __query ["error_trace" ] = error_trace
2703+ if filter_path is not None :
2704+ __query ["filter_path" ] = filter_path
2705+ if human is not None :
2706+ __query ["human" ] = human
2707+ if pretty is not None :
2708+ __query ["pretty" ] = pretty
2709+ if not __body :
2710+ if from_ is not None :
2711+ __body ["from" ] = from_
2712+ if query is not None :
2713+ __body ["query" ] = query
2714+ if search_after is not None :
2715+ __body ["search_after" ] = search_after
2716+ if size is not None :
2717+ __body ["size" ] = size
2718+ if sort is not None :
2719+ __body ["sort" ] = sort
2720+ if not __body :
2721+ __body = None # type: ignore[assignment]
2722+ __headers = {"accept" : "application/json" }
2723+ if __body is not None :
2724+ __headers ["content-type" ] = "application/json"
2725+ return await self .perform_request ( # type: ignore[return-value]
2726+ "POST" ,
2727+ __path ,
2728+ params = __query ,
2729+ headers = __headers ,
2730+ body = __body ,
2731+ endpoint_id = "security.query_role" ,
2732+ path_parts = __path_parts ,
2733+ )
2734+
2735+ @_rewrite_parameters (
2736+ body_fields = ("from_" , "query" , "search_after" , "size" , "sort" ),
2737+ parameter_aliases = {"from" : "from_" },
2738+ )
2739+ async def query_user (
2740+ self ,
2741+ * ,
2742+ error_trace : t .Optional [bool ] = None ,
2743+ filter_path : t .Optional [t .Union [str , t .Sequence [str ]]] = None ,
2744+ from_ : t .Optional [int ] = None ,
2745+ human : t .Optional [bool ] = None ,
2746+ pretty : t .Optional [bool ] = None ,
2747+ query : t .Optional [t .Mapping [str , t .Any ]] = None ,
2748+ search_after : t .Optional [
2749+ t .Sequence [t .Union [None , bool , float , int , str , t .Any ]]
2750+ ] = None ,
2751+ size : t .Optional [int ] = None ,
2752+ sort : t .Optional [
2753+ t .Union [
2754+ t .Sequence [t .Union [str , t .Mapping [str , t .Any ]]],
2755+ t .Union [str , t .Mapping [str , t .Any ]],
2756+ ]
2757+ ] = None ,
2758+ with_profile_uid : t .Optional [bool ] = None ,
2759+ body : t .Optional [t .Dict [str , t .Any ]] = None ,
2760+ ) -> ObjectApiResponse [t .Any ]:
2761+ """
2762+ Retrieves information for Users in a paginated manner. You can optionally filter
2763+ the results with a query.
2764+
2765+ `<https://www.elastic.co/guide/en/elasticsearch/reference/8.15/security-api-query-user.html>`_
2766+
2767+ :param from_: Starting document offset. By default, you cannot page through more
2768+ than 10,000 hits using the from and size parameters. To page through more
2769+ hits, use the `search_after` parameter.
2770+ :param query: A query to filter which users to return. If the query parameter
2771+ is missing, it is equivalent to a `match_all` query. The query supports a
2772+ subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,
2773+ `ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.
2774+ You can query the following information associated with user: `username`,
2775+ `roles`, `enabled`
2776+ :param search_after: Search after definition
2777+ :param size: The number of hits to return. By default, you cannot page through
2778+ more than 10,000 hits using the `from` and `size` parameters. To page through
2779+ more hits, use the `search_after` parameter.
2780+ :param sort: Fields eligible for sorting are: username, roles, enabled In addition,
2781+ sort can also be applied to the `_doc` field to sort by index order.
2782+ :param with_profile_uid: If true will return the User Profile ID for the users
2783+ in the query result, if any.
2784+ """
2785+ __path_parts : t .Dict [str , str ] = {}
2786+ __path = "/_security/_query/user"
2787+ __query : t .Dict [str , t .Any ] = {}
2788+ __body : t .Dict [str , t .Any ] = body if body is not None else {}
2789+ if error_trace is not None :
2790+ __query ["error_trace" ] = error_trace
2791+ if filter_path is not None :
2792+ __query ["filter_path" ] = filter_path
2793+ if human is not None :
2794+ __query ["human" ] = human
2795+ if pretty is not None :
2796+ __query ["pretty" ] = pretty
2797+ if with_profile_uid is not None :
2798+ __query ["with_profile_uid" ] = with_profile_uid
2799+ if not __body :
2800+ if from_ is not None :
2801+ __body ["from" ] = from_
2802+ if query is not None :
2803+ __body ["query" ] = query
2804+ if search_after is not None :
2805+ __body ["search_after" ] = search_after
2806+ if size is not None :
2807+ __body ["size" ] = size
2808+ if sort is not None :
2809+ __body ["sort" ] = sort
2810+ if not __body :
2811+ __body = None # type: ignore[assignment]
2812+ __headers = {"accept" : "application/json" }
2813+ if __body is not None :
2814+ __headers ["content-type" ] = "application/json"
2815+ return await self .perform_request ( # type: ignore[return-value]
2816+ "POST" ,
2817+ __path ,
2818+ params = __query ,
2819+ headers = __headers ,
2820+ body = __body ,
2821+ endpoint_id = "security.query_user" ,
2822+ path_parts = __path_parts ,
2823+ )
2824+
25292825 @_rewrite_parameters (
25302826 body_fields = ("content" , "ids" , "realm" ),
25312827 )
0 commit comments