Module: ElasticsearchServerless::API::Security::Actions

Defined in:

lib/elasticsearch-serverless/api/security/get_api_key.rb,
lib/elasticsearch-serverless/api/security/authenticate.rb,
lib/elasticsearch-serverless/api/security/create_api_key.rb,
lib/elasticsearch-serverless/api/security/has_privileges.rb,
lib/elasticsearch-serverless/api/security/query_api_keys.rb,
lib/elasticsearch-serverless/api/security/invalidate_api_key.rb

Instance Method Summary

• #authenticate(arguments = {}) ⇒ Object

  Enables authentication as a user and retrieve information about the authenticated user.

• #create_api_key(arguments = {}) ⇒ Object

  Creates an API key for access without requiring basic authentication.

• #get_api_key(arguments = {}) ⇒ Object

  Retrieves information for one or more API keys.

• #has_privileges(arguments = {}) ⇒ Object

  Determines whether the specified user has a specified list of privileges.

• #invalidate_api_key(arguments = {}) ⇒ Object

  Invalidates one or more API keys.

• #query_api_keys(arguments = {}) ⇒ Object

  Retrieves information for API keys using a subset of query DSL.

Instance Method Details

#authenticate(arguments = {}) ⇒ Object

Enables authentication as a user and retrieve information about the authenticated user.

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html

# File 'lib/elasticsearch-serverless/api/security/authenticate.rb', line 31

def authenticate(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  method = ElasticsearchServerless::API::HTTP_GET
  path   = "_security/_authenticate"
  params = {}

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#create_api_key(arguments = {}) ⇒ Object

Creates an API key for access without requiring basic authentication.

Options Hash (arguments):

• :refresh (String) —

  If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  request body

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html

# File 'lib/elasticsearch-serverless/api/security/create_api_key.rb', line 33

def create_api_key(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  method = ElasticsearchServerless::API::HTTP_PUT
  path   = "_security/api_key"
  params = Utils.process_params(arguments)

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#get_api_key(arguments = {}) ⇒ Object

Retrieves information for one or more API keys.

Options Hash (arguments):

• :id (String) —

  An API key id. This parameter cannot be used with any of name, realm_name or username.

• :name (String) —

  An API key name. This parameter cannot be used with any of id, realm_name or username. It supports prefix search with wildcard.

• :owner (Boolean) —

  A boolean flag that can be used to query API keys owned by the currently authenticated user. The realm_name or username parameters cannot be specified when this parameter is set to true as they are assumed to be the currently authenticated ones.

• :realm_name (String) —

  The name of an authentication realm. This parameter cannot be used with either id or name or when owner flag is set to true.

• :username (String) —

  The username of a user. This parameter cannot be used with either id or name or when owner flag is set to true.

• :with_limited_by (Boolean) —

  Return the snapshot of the owner user’s role descriptors associated with the API key. An API key’s actual permission is the intersection of its assigned role descriptors and the owner user’s role descriptors.

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-api-key.html

# File 'lib/elasticsearch-serverless/api/security/get_api_key.rb', line 37

def get_api_key(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  method = ElasticsearchServerless::API::HTTP_GET
  path   = "_security/api_key"
  params = Utils.process_params(arguments)

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#has_privileges(arguments = {}) ⇒ Object

Determines whether the specified user has a specified list of privileges.

Options Hash (arguments):

• :user (String) —

  Username

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  request body

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-has-privileges.html

# File 'lib/elasticsearch-serverless/api/security/has_privileges.rb', line 33

def has_privileges(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _user = arguments.delete(:user)

  method = ElasticsearchServerless::API::HTTP_POST
  path   = if _user
             "_security/user/#{Utils.listify(_user)}/_has_privileges"
           else
             "_security/user/_has_privileges"
           end
  params = {}

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#invalidate_api_key(arguments = {}) ⇒ Object

Invalidates one or more API keys.

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  request body

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-invalidate-api-key.html

# File 'lib/elasticsearch-serverless/api/security/invalidate_api_key.rb', line 32

def invalidate_api_key(arguments = {})
  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  method = ElasticsearchServerless::API::HTTP_DELETE
  path   = "_security/api_key"
  params = {}

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end

#query_api_keys(arguments = {}) ⇒ Object

Retrieves information for API keys using a subset of query DSL

Options Hash (arguments):

• :with_limited_by (Boolean) —

  Return the snapshot of the owner user’s role descriptors associated with the API key. An API key’s actual permission is the intersection of its assigned role descriptors and the owner user’s role descriptors.

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  request body

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-query-api-key.html

# File 'lib/elasticsearch-serverless/api/security/query_api_keys.rb', line 33

def query_api_keys(arguments = {})
  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  method = if body
             ElasticsearchServerless::API::HTTP_POST
           else
             ElasticsearchServerless::API::HTTP_GET
           end

  path   = "_security/_query/api_key"
  params = Utils.process_params(arguments)

  ElasticsearchServerless::API::Response.new(
    perform_request(method, path, params, body, headers)
  )
end