From 9b3b2e78f1a2fa9f2693588fd0d1ced55dc4f306 Mon Sep 17 00:00:00 2001 From: Laura Trotta Date: Tue, 9 Jul 2024 17:46:51 +0200 Subject: [PATCH] Spec for the new Query Role API (#2676) --- output/openapi/elasticsearch-openapi.json | 213 ++++++++ .../elasticsearch-serverless-openapi.json | 3 + output/schema/schema-serverless.json | 13 +- output/schema/schema.json | 455 +++++++++++++++++- output/schema/validation-errors.json | 6 - output/typescript/types.ts | 37 ++ .../security/_types/RoleDescriptor.ts | 2 + .../security/query_role/QueryRolesRequest.ts | 67 +++ .../security/query_role/QueryRolesResponse.ts | 38 ++ specification/security/query_role/types.ts | 109 +++++ 10 files changed, 929 insertions(+), 14 deletions(-) create mode 100644 specification/security/query_role/QueryRolesRequest.ts create mode 100644 specification/security/query_role/QueryRolesResponse.ts create mode 100644 specification/security/query_role/types.ts diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index 0a0e891531..6be718ff12 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -30301,6 +30301,46 @@ } } }, + "/_security/_query/role": { + "get": { + "tags": [ + "security.query_role" + ], + "summary": "Retrieves roles in a paginated manner", + "description": "You can optionally filter the results with a query.", + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-query-role.html" + }, + "operationId": "security-query-role", + "requestBody": { + "$ref": "#/components/requestBodies/security.query_role" + }, + "responses": { + "200": { + "$ref": "#/components/responses/security.query_role#200" + } + } + }, + "post": { + "tags": [ + "security.query_role" + ], + "summary": "Retrieves roles in a paginated manner", + "description": "You can optionally filter the results with a query.", + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-query-role.html" + }, + "operationId": "security-query-role-1", + "requestBody": { + "$ref": "#/components/requestBodies/security.query_role" + }, + "responses": { + "200": { + "$ref": "#/components/responses/security.query_role#200" + } + } + } + }, "/_security/saml/authenticate": { "post": { "tags": [ @@ -39413,6 +39453,38 @@ } } }, + "security.query_role#200": { + "description": "", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "total": { + "description": "The total number of roles found.", + "type": "number" + }, + "count": { + "description": "The number of roles returned in the response.", + "type": "number" + }, + "roles": { + "description": "The list of roles.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security.query_role:QueryRole" + } + } + }, + "required": [ + "total", + "count", + "roles" + ] + } + } + } + }, "security.suggest_user_profiles#200": { "description": "", "content": { @@ -51464,6 +51536,34 @@ } } }, + "security.query_role": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "query": { + "$ref": "#/components/schemas/security.query_role:RoleQueryContainer" + }, + "from": { + "description": "Starting document offset.\nBy default, you cannot page through more than 10,000 hits using the from and size parameters.\nTo page through more hits, use the `search_after` parameter.", + "type": "number" + }, + "sort": { + "$ref": "#/components/schemas/_types:Sort" + }, + "size": { + "description": "The number of hits to return.\nBy default, you cannot page through more than 10,000 hits using the `from` and `size` parameters.\nTo page through more hits, use the `search_after` parameter.", + "type": "number" + }, + "search_after": { + "$ref": "#/components/schemas/_types:SortResults" + } + } + } + } + } + }, "security.suggest_user_profiles": { "content": { "application/json": { @@ -94928,6 +95028,9 @@ "type": "string" } }, + "description": { + "type": "string" + }, "transient_metadata": { "type": "object", "additionalProperties": { @@ -95474,6 +95577,9 @@ "type": "string" } }, + "description": { + "type": "string" + }, "transient_metadata": { "type": "object", "additionalProperties": { @@ -96159,6 +96265,113 @@ } ] }, + "security.query_role:RoleQueryContainer": { + "type": "object", + "properties": { + "bool": { + "$ref": "#/components/schemas/_types.query_dsl:BoolQuery" + }, + "exists": { + "$ref": "#/components/schemas/_types.query_dsl:ExistsQuery" + }, + "ids": { + "$ref": "#/components/schemas/_types.query_dsl:IdsQuery" + }, + "match": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-match-query.html" + }, + "description": "Returns roles that match a provided text, number, date or boolean value.\nThe provided text is analyzed before matching.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types.query_dsl:MatchQuery" + }, + "minProperties": 1, + "maxProperties": 1 + }, + "match_all": { + "$ref": "#/components/schemas/_types.query_dsl:MatchAllQuery" + }, + "prefix": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-prefix-query.html" + }, + "description": "Returns roles that contain a specific prefix in a provided field.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types.query_dsl:PrefixQuery" + }, + "minProperties": 1, + "maxProperties": 1 + }, + "range": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-range-query.html" + }, + "description": "Returns roles that contain terms within a provided range.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types.query_dsl:RangeQuery" + }, + "minProperties": 1, + "maxProperties": 1 + }, + "simple_query_string": { + "$ref": "#/components/schemas/_types.query_dsl:SimpleQueryStringQuery" + }, + "term": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-term-query.html" + }, + "description": "Returns roles that contain an exact term in a provided field.\nTo return a document, the query term must exactly match the queried field's value, including whitespace and capitalization.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types.query_dsl:TermQuery" + }, + "minProperties": 1, + "maxProperties": 1 + }, + "terms": { + "$ref": "#/components/schemas/_types.query_dsl:TermsQuery" + }, + "wildcard": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-wildcard-query.html" + }, + "description": "Returns roles that contain terms matching a wildcard pattern.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types.query_dsl:WildcardQuery" + }, + "minProperties": 1, + "maxProperties": 1 + } + }, + "minProperties": 1, + "maxProperties": 1 + }, + "security.query_role:QueryRole": { + "allOf": [ + { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + }, + { + "type": "object", + "properties": { + "_sort": { + "$ref": "#/components/schemas/_types:SortResults" + }, + "name": { + "description": "Name of the role.", + "type": "string" + } + }, + "required": [ + "name" + ] + } + ] + }, "security.suggest_user_profiles:Hint": { "type": "object", "properties": { diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index 11b4aa1852..3e68389fc8 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -60895,6 +60895,9 @@ "type": "string" } }, + "description": { + "type": "string" + }, "transient_metadata": { "type": "object", "additionalProperties": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index 01087838d4..1722f207f5 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -134907,6 +134907,17 @@ } } }, + { + "name": "description", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, { "name": "transient_metadata", "required": false, @@ -134926,7 +134937,7 @@ } } ], - "specLocation": "security/_types/RoleDescriptor.ts#L28-L56" + "specLocation": "security/_types/RoleDescriptor.ts#L28-L57" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index 5ace9af977..4e709d5593 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -17869,23 +17869,39 @@ }, { "availability": { - "stack": { + "serverless": { "stability": "stable", - "visibility": "public" + "visibility": "private" + }, + "stack": { + "since": "8.15.0", + "stability": "stable" } }, - "description": "Retrieves information for Roles using a subset of query DSL", + "description": "Retrieves roles in a paginated manner. You can optionally filter the results with a query.", "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-query-role.html", "name": "security.query_role", - "request": null, + "privileges": { + "cluster": [ + "read_security" + ] + }, + "request": { + "name": "Request", + "namespace": "security.query_role" + }, "requestBodyRequired": false, "requestMediaType": [ "application/json" ], - "response": null, + "response": { + "name": "Response", + "namespace": "security.query_role" + }, "responseMediaType": [ "application/json" ], + "since": "8.15.0", "stability": "stable", "urls": [ { @@ -181112,6 +181128,17 @@ } } }, + { + "name": "description", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, { "name": "transient_metadata", "required": false, @@ -181131,7 +181158,7 @@ } } ], - "specLocation": "security/_types/RoleDescriptor.ts#L28-L56" + "specLocation": "security/_types/RoleDescriptor.ts#L28-L57" }, { "attachedBehaviors": [ @@ -181264,6 +181291,17 @@ } } }, + { + "name": "description", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, { "name": "transient_metadata", "required": false, @@ -181283,7 +181321,7 @@ } } ], - "specLocation": "security/_types/RoleDescriptor.ts#L58-L86" + "specLocation": "security/_types/RoleDescriptor.ts#L59-L88" }, { "kind": "interface", @@ -188497,6 +188535,409 @@ }, "specLocation": "security/query_api_keys/QueryApiKeysResponse.ts#L26-L45" }, + { + "inherits": { + "type": { + "name": "RoleDescriptor", + "namespace": "security._types" + } + }, + "kind": "interface", + "name": { + "name": "QueryRole", + "namespace": "security.query_role" + }, + "properties": [ + { + "name": "_sort", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SortResults", + "namespace": "_types" + } + } + }, + { + "description": "Name of the role.", + "name": "name", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + } + ], + "specLocation": "security/query_role/types.ts#L103-L109" + }, + { + "attachedBehaviors": [ + "CommonQueryParameters" + ], + "body": { + "kind": "properties", + "properties": [ + { + "description": "A query to filter which roles to return.\nIf the query parameter is missing, it is equivalent to a `match_all` query.\nThe query supports a subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,\n`ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.\nYou can query the following information associated with roles: `name`, `description`, `metadata`,\n`applications.application`, `applications.privileges`, `applications.resources`.", + "name": "query", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "RoleQueryContainer", + "namespace": "security.query_role" + } + } + }, + { + "description": "Starting document offset.\nBy default, you cannot page through more than 10,000 hits using the from and size parameters.\nTo page through more hits, use the `search_after` parameter.", + "name": "from", + "required": false, + "serverDefault": 0, + "type": { + "kind": "instance_of", + "type": { + "name": "integer", + "namespace": "_types" + } + } + }, + { + "description": "All public fields of a role are eligible for sorting.\nIn addition, sort can also be applied to the `_doc` field to sort by index order.", + "docId": "sort-search-results", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/sort-search-results.html", + "name": "sort", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Sort", + "namespace": "_types" + } + } + }, + { + "description": "The number of hits to return.\nBy default, you cannot page through more than 10,000 hits using the `from` and `size` parameters.\nTo page through more hits, use the `search_after` parameter.", + "name": "size", + "required": false, + "serverDefault": 10, + "type": { + "kind": "instance_of", + "type": { + "name": "integer", + "namespace": "_types" + } + } + }, + { + "description": "Search after definition", + "name": "search_after", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SortResults", + "namespace": "_types" + } + } + } + ] + }, + "description": "Retrieves roles in a paginated manner. You can optionally filter the results with a query.", + "inherits": { + "type": { + "name": "RequestBase", + "namespace": "_types" + } + }, + "kind": "request", + "name": { + "name": "Request", + "namespace": "security.query_role" + }, + "path": [], + "query": [], + "specLocation": "security/query_role/QueryRolesRequest.ts#L25-L67" + }, + { + "body": { + "kind": "properties", + "properties": [ + { + "description": "The total number of roles found.", + "name": "total", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "integer", + "namespace": "_types" + } + } + }, + { + "description": "The number of roles returned in the response.", + "name": "count", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "integer", + "namespace": "_types" + } + } + }, + { + "description": "The list of roles.", + "name": "roles", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "QueryRole", + "namespace": "security.query_role" + } + } + } + } + ] + }, + "kind": "response", + "name": { + "name": "Response", + "namespace": "security.query_role" + }, + "specLocation": "security/query_role/QueryRolesResponse.ts#L23-L38" + }, + { + "kind": "interface", + "name": { + "name": "RoleQueryContainer", + "namespace": "security.query_role" + }, + "properties": [ + { + "description": "matches roles matching boolean combinations of other queries.", + "docId": "query-dsl-bool-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-bool-query.html", + "name": "bool", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "BoolQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles that contain an indexed value for a field.", + "docId": "query-dsl-exists-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-exists-query.html", + "name": "exists", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "ExistsQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles based on their IDs.\nThis query uses role document IDs stored in the `_id` field.", + "docId": "query-dsl-ids-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-ids-query.html", + "name": "ids", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "IdsQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles that match a provided text, number, date or boolean value.\nThe provided text is analyzed before matching.", + "docId": "query-dsl-match-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-match-query.html", + "name": "match", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "Field", + "namespace": "_types" + } + }, + "kind": "dictionary_of", + "singleKey": true, + "value": { + "kind": "instance_of", + "type": { + "name": "MatchQuery", + "namespace": "_types.query_dsl" + } + } + } + }, + { + "description": "Matches all roles, giving them all a `_score` of 1.0.", + "docId": "query-dsl-match-all-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-match-all-query.html", + "name": "match_all", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "MatchAllQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles that contain a specific prefix in a provided field.", + "docId": "query-dsl-prefix-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-prefix-query.html", + "name": "prefix", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "Field", + "namespace": "_types" + } + }, + "kind": "dictionary_of", + "singleKey": true, + "value": { + "kind": "instance_of", + "type": { + "name": "PrefixQuery", + "namespace": "_types.query_dsl" + } + } + } + }, + { + "description": "Returns roles that contain terms within a provided range.", + "docId": "query-dsl-range-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-range-query.html", + "name": "range", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "Field", + "namespace": "_types" + } + }, + "kind": "dictionary_of", + "singleKey": true, + "value": { + "kind": "instance_of", + "type": { + "name": "RangeQuery", + "namespace": "_types.query_dsl" + } + } + } + }, + { + "description": "Returns roles based on a provided query string, using a parser with a limited but fault-tolerant syntax.", + "docId": "query-dsl-simple-query-string-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-simple-query-string-query.html", + "name": "simple_query_string", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SimpleQueryStringQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles that contain an exact term in a provided field.\nTo return a document, the query term must exactly match the queried field's value, including whitespace and capitalization.", + "docId": "query-dsl-term-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-term-query.html", + "name": "term", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "Field", + "namespace": "_types" + } + }, + "kind": "dictionary_of", + "singleKey": true, + "value": { + "kind": "instance_of", + "type": { + "name": "TermQuery", + "namespace": "_types.query_dsl" + } + } + } + }, + { + "description": "Returns roles that contain one or more exact terms in a provided field.\nTo return a document, one or more terms must exactly match a field value, including whitespace and capitalization.", + "docId": "query-dsl-terms-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-terms-query.html", + "name": "terms", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "TermsQuery", + "namespace": "_types.query_dsl" + } + } + }, + { + "description": "Returns roles that contain terms matching a wildcard pattern.", + "docId": "query-dsl-wildcard-query", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/query-dsl-wildcard-query.html", + "name": "wildcard", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "Field", + "namespace": "_types" + } + }, + "kind": "dictionary_of", + "singleKey": true, + "value": { + "kind": "instance_of", + "type": { + "name": "WildcardQuery", + "namespace": "_types.query_dsl" + } + } + } + } + ], + "specLocation": "security/query_role/types.ts#L37-L101", + "variants": { + "kind": "container", + "nonExhaustive": true + } + }, { "attachedBehaviors": [ "CommonQueryParameters" diff --git a/output/schema/validation-errors.json b/output/schema/validation-errors.json index 10be605598..6ac8eadcba 100644 --- a/output/schema/validation-errors.json +++ b/output/schema/validation-errors.json @@ -1111,12 +1111,6 @@ ], "response": [] }, - "security.query_role": { - "request": [ - "Missing request & response" - ], - "response": [] - }, "security.query_user": { "request": [ "Missing request & response" diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 83268925fc..e0287a98e3 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -16894,6 +16894,7 @@ export interface SecurityRoleDescriptor { applications?: SecurityApplicationPrivileges[] metadata?: Metadata run_as?: string[] + description?: string transient_metadata?: Record } @@ -16905,6 +16906,7 @@ export interface SecurityRoleDescriptorRead { applications?: SecurityApplicationPrivileges[] metadata?: Metadata run_as?: string[] + description?: string transient_metadata?: Record } @@ -17639,6 +17641,41 @@ export interface SecurityQueryApiKeysResponse { aggregations?: Record } +export interface SecurityQueryRoleQueryRole extends SecurityRoleDescriptor { + _sort?: SortResults + name: string +} + +export interface SecurityQueryRoleRequest extends RequestBase { + body?: { + query?: SecurityQueryRoleRoleQueryContainer + from?: integer + sort?: Sort + size?: integer + search_after?: SortResults + } +} + +export interface SecurityQueryRoleResponse { + total: integer + count: integer + roles: SecurityQueryRoleQueryRole[] +} + +export interface SecurityQueryRoleRoleQueryContainer { + bool?: QueryDslBoolQuery + exists?: QueryDslExistsQuery + ids?: QueryDslIdsQuery + match?: Partial> + match_all?: QueryDslMatchAllQuery + prefix?: Partial> + range?: Partial> + simple_query_string?: QueryDslSimpleQueryStringQuery + term?: Partial> + terms?: QueryDslTermsQuery + wildcard?: Partial> +} + export interface SecuritySamlAuthenticateRequest extends RequestBase { body?: { content: string diff --git a/specification/security/_types/RoleDescriptor.ts b/specification/security/_types/RoleDescriptor.ts index 466c651f51..332e2912f6 100644 --- a/specification/security/_types/RoleDescriptor.ts +++ b/specification/security/_types/RoleDescriptor.ts @@ -52,6 +52,7 @@ export class RoleDescriptor { * @doc_id run-as-privilege */ run_as?: string[] + description?: string transient_metadata?: Dictionary } @@ -82,5 +83,6 @@ export class RoleDescriptorRead implements OverloadOf { * @doc_id run-as-privilege */ run_as?: string[] + description?: string transient_metadata?: Dictionary } diff --git a/specification/security/query_role/QueryRolesRequest.ts b/specification/security/query_role/QueryRolesRequest.ts new file mode 100644 index 0000000000..f6ec334868 --- /dev/null +++ b/specification/security/query_role/QueryRolesRequest.ts @@ -0,0 +1,67 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { RoleQueryContainer } from './types' +import { RequestBase } from '@_types/Base' +import { integer } from '@_types/Numeric' +import { Sort, SortResults } from '@_types/sort' + +/** + * Retrieves roles in a paginated manner. You can optionally filter the results with a query. + * @rest_spec_name security.query_role + * @availability stack since=8.15.0 stability=stable + * @availability serverless stability=stable visibility=private + * @cluster_privileges read_security + */ +export interface Request extends RequestBase { + body: { + /** + * A query to filter which roles to return. + * If the query parameter is missing, it is equivalent to a `match_all` query. + * The query supports a subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`, + * `ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`. + * You can query the following information associated with roles: `name`, `description`, `metadata`, + * `applications.application`, `applications.privileges`, `applications.resources`. + */ + query?: RoleQueryContainer + /** + * Starting document offset. + * By default, you cannot page through more than 10,000 hits using the from and size parameters. + * To page through more hits, use the `search_after` parameter. + * @server_default 0 + */ + from?: integer + /** + * All public fields of a role are eligible for sorting. + * In addition, sort can also be applied to the `_doc` field to sort by index order. + * @doc_id sort-search-results */ + sort?: Sort + /** + * The number of hits to return. + * By default, you cannot page through more than 10,000 hits using the `from` and `size` parameters. + * To page through more hits, use the `search_after` parameter. + * @server_default 10 + */ + size?: integer + /** + * Search after definition + */ + search_after?: SortResults + } +} diff --git a/specification/security/query_role/QueryRolesResponse.ts b/specification/security/query_role/QueryRolesResponse.ts new file mode 100644 index 0000000000..c71f50638c --- /dev/null +++ b/specification/security/query_role/QueryRolesResponse.ts @@ -0,0 +1,38 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { integer } from '@_types/Numeric' +import { QueryRole } from './types' + +export class Response { + body: { + /** + * The total number of roles found. + */ + total: integer + /** + * The number of roles returned in the response. + */ + count: integer + /** + * The list of roles. + */ + roles: QueryRole[] + } +} diff --git a/specification/security/query_role/types.ts b/specification/security/query_role/types.ts new file mode 100644 index 0000000000..c1d2804620 --- /dev/null +++ b/specification/security/query_role/types.ts @@ -0,0 +1,109 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { SingleKeyDictionary } from '@spec_utils/Dictionary' +import { Field } from '@_types/common' +import { BoolQuery } from '@_types/query_dsl/compound' +import { SortResults } from '@_types/sort' +import { + ExistsQuery, + IdsQuery, + PrefixQuery, + RangeQuery, + TermQuery, + TermsQuery, + WildcardQuery +} from '@_types/query_dsl/term' +import { MatchQuery, SimpleQueryStringQuery } from '@_types/query_dsl/fulltext' +import { MatchAllQuery } from '@_types/query_dsl/MatchAllQuery' +import { RoleDescriptor } from '@security/_types/RoleDescriptor' + +/** + * @variants container + * @non_exhaustive + */ +export class RoleQueryContainer { + /** + * matches roles matching boolean combinations of other queries. + * @doc_id query-dsl-bool-query + */ + bool?: BoolQuery + /** + * Returns roles that contain an indexed value for a field. + * @doc_id query-dsl-exists-query + */ + exists?: ExistsQuery + /** + * Returns roles based on their IDs. + * This query uses role document IDs stored in the `_id` field. + * @doc_id query-dsl-ids-query + */ + ids?: IdsQuery + /** + * Returns roles that match a provided text, number, date or boolean value. + * The provided text is analyzed before matching. + * @doc_id query-dsl-match-query + */ + match?: SingleKeyDictionary + /** + * Matches all roles, giving them all a `_score` of 1.0. + * @doc_id query-dsl-match-all-query + */ + match_all?: MatchAllQuery + /** + * Returns roles that contain a specific prefix in a provided field. + * @doc_id query-dsl-prefix-query + */ + prefix?: SingleKeyDictionary + /** + * Returns roles that contain terms within a provided range. + * @doc_id query-dsl-range-query + */ + range?: SingleKeyDictionary + /** + * Returns roles based on a provided query string, using a parser with a limited but fault-tolerant syntax. + * @doc_id query-dsl-simple-query-string-query + */ + simple_query_string?: SimpleQueryStringQuery + /** + * Returns roles that contain an exact term in a provided field. + * To return a document, the query term must exactly match the queried field's value, including whitespace and capitalization. + * @doc_id query-dsl-term-query + */ + term?: SingleKeyDictionary + /** + * Returns roles that contain one or more exact terms in a provided field. + * To return a document, one or more terms must exactly match a field value, including whitespace and capitalization. + * @doc_id query-dsl-terms-query + */ + terms?: TermsQuery + /** + * Returns roles that contain terms matching a wildcard pattern. + * @doc_id query-dsl-wildcard-query + */ + wildcard?: SingleKeyDictionary +} + +export class QueryRole extends RoleDescriptor { + _sort?: SortResults + /** + * Name of the role. + */ + name: string +}