diff --git a/src/CodeGeneration/ApiGenerator/RestSpecification/_Patches/security.get_api_key.patch.json b/src/CodeGeneration/ApiGenerator/RestSpecification/_Patches/security.get_api_key.patch.json
new file mode 100644
index 00000000000..23ec18593d1
--- /dev/null
+++ b/src/CodeGeneration/ApiGenerator/RestSpecification/_Patches/security.get_api_key.patch.json
@@ -0,0 +1,13 @@
+{
+ "security.get_api_key": {
+ "url": {
+ "params": {
+ "owner": {
+ "type": "boolean",
+ "default": false,
+ "description": "flag to query API keys owned by the currently authenticated user"
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/Elasticsearch.Net/Api/RequestParameters/RequestParameters.Security.cs b/src/Elasticsearch.Net/Api/RequestParameters/RequestParameters.Security.cs
index 125e654e22f..2b1784118cd 100644
--- a/src/Elasticsearch.Net/Api/RequestParameters/RequestParameters.Security.cs
+++ b/src/Elasticsearch.Net/Api/RequestParameters/RequestParameters.Security.cs
@@ -186,6 +186,13 @@ public string Name
set => Q("name", value);
}
+ ///flag to query API keys owned by the currently authenticated user
+ public bool? Owner
+ {
+ get => Q("owner");
+ set => Q("owner", value);
+ }
+
///realm name of the user who created this API key to be retrieved
public string RealmName
{
diff --git a/src/Nest/Descriptors.Security.cs b/src/Nest/Descriptors.Security.cs
index 8be6cf0354e..e2bd7b89915 100644
--- a/src/Nest/Descriptors.Security.cs
+++ b/src/Nest/Descriptors.Security.cs
@@ -42,13 +42,13 @@ public partial class AuthenticateDescriptor : RequestDescriptorBase, IChangePasswordRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityChangePassword;
- ////_security/user/{username}/_password
- ///Optional, accepts null
+ ////_security/user/{username}/_password
+ ///Optional, accepts null
public ChangePasswordDescriptor(Name username): base(r => r.Optional("username", username))
{
}
- ////_security/user/_password
+ ////_security/user/_password
public ChangePasswordDescriptor(): base()
{
}
@@ -66,13 +66,13 @@ public ChangePasswordDescriptor(): base()
public partial class ClearCachedRealmsDescriptor : RequestDescriptorBase, IClearCachedRealmsRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedRealms;
- ////_security/realm/{realms}/_clear_cache
- ///this parameter is required
+ ////_security/realm/{realms}/_clear_cache
+ ///this parameter is required
public ClearCachedRealmsDescriptor(Names realms): base(r => r.Required("realms", realms))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected ClearCachedRealmsDescriptor(): base()
{
@@ -89,13 +89,13 @@ protected ClearCachedRealmsDescriptor(): base()
public partial class ClearCachedRolesDescriptor : RequestDescriptorBase, IClearCachedRolesRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedRoles;
- ////_security/role/{name}/_clear_cache
- ///this parameter is required
+ ////_security/role/{name}/_clear_cache
+ ///this parameter is required
public ClearCachedRolesDescriptor(Names name): base(r => r.Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected ClearCachedRolesDescriptor(): base()
{
@@ -120,14 +120,14 @@ public partial class CreateApiKeyDescriptor : RequestDescriptorBase, IDeletePrivilegesRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityDeletePrivileges;
- ////_security/privilege/{application}/{name}
- ///this parameter is required
- ///this parameter is required
+ ////_security/privilege/{application}/{name}
+ ///this parameter is required
+ ///this parameter is required
public DeletePrivilegesDescriptor(Name application, Name name): base(r => r.Required("application", application).Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected DeletePrivilegesDescriptor(): base()
{
@@ -145,13 +145,13 @@ protected DeletePrivilegesDescriptor(): base()
public partial class DeleteRoleDescriptor : RequestDescriptorBase, IDeleteRoleRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityDeleteRole;
- ////_security/role/{name}
- ///this parameter is required
+ ////_security/role/{name}
+ ///this parameter is required
public DeleteRoleDescriptor(Name name): base(r => r.Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected DeleteRoleDescriptor(): base()
{
@@ -168,13 +168,13 @@ protected DeleteRoleDescriptor(): base()
public partial class DeleteRoleMappingDescriptor : RequestDescriptorBase, IDeleteRoleMappingRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityDeleteRoleMapping;
- ////_security/role_mapping/{name}
- ///this parameter is required
+ ////_security/role_mapping/{name}
+ ///this parameter is required
public DeleteRoleMappingDescriptor(Name name): base(r => r.Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected DeleteRoleMappingDescriptor(): base()
{
@@ -191,13 +191,13 @@ protected DeleteRoleMappingDescriptor(): base()
public partial class DeleteUserDescriptor : RequestDescriptorBase, IDeleteUserRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityDeleteUser;
- ////_security/user/{username}
- ///this parameter is required
+ ////_security/user/{username}
+ ///this parameter is required
public DeleteUserDescriptor(Name username): base(r => r.Required("username", username))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected DeleteUserDescriptor(): base()
{
@@ -214,13 +214,13 @@ protected DeleteUserDescriptor(): base()
public partial class DisableUserDescriptor : RequestDescriptorBase, IDisableUserRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityDisableUser;
- ////_security/user/{username}/_disable
- ///this parameter is required
+ ////_security/user/{username}/_disable
+ ///this parameter is required
public DisableUserDescriptor(Name username): base(r => r.Required("username", username))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected DisableUserDescriptor(): base()
{
@@ -237,13 +237,13 @@ protected DisableUserDescriptor(): base()
public partial class EnableUserDescriptor : RequestDescriptorBase, IEnableUserRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityEnableUser;
- ////_security/user/{username}/_enable
- ///this parameter is required
+ ////_security/user/{username}/_enable
+ ///this parameter is required
public EnableUserDescriptor(Name username): base(r => r.Required("username", username))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected EnableUserDescriptor(): base()
{
@@ -266,6 +266,8 @@ public partial class GetApiKeyDescriptor : RequestDescriptorBase Qs("id", id);
///API key name of the API key to be retrieved
public GetApiKeyDescriptor Name(string name) => Qs("name", name);
+ ///flag to query API keys owned by the currently authenticated user
+ public GetApiKeyDescriptor Owner(bool? owner = true) => Qs("owner", owner);
///realm name of the user who created this API key to be retrieved
public GetApiKeyDescriptor RealmName(string realmname) => Qs("realm_name", realmname);
///user name of the user who created this API key to be retrieved
@@ -276,20 +278,20 @@ public partial class GetApiKeyDescriptor : RequestDescriptorBase, IGetPrivilegesRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityGetPrivileges;
- ////_security/privilege
+ ////_security/privilege
public GetPrivilegesDescriptor(): base()
{
}
- ////_security/privilege/{application}
- ///Optional, accepts null
+ ////_security/privilege/{application}
+ ///Optional, accepts null
public GetPrivilegesDescriptor(Name application): base(r => r.Optional("application", application))
{
}
- ////_security/privilege/{application}/{name}
- ///Optional, accepts null
- ///Optional, accepts null
+ ////_security/privilege/{application}/{name}
+ ///Optional, accepts null
+ ///Optional, accepts null
public GetPrivilegesDescriptor(Name application, Name name): base(r => r.Optional("application", application).Optional("name", name))
{
}
@@ -308,13 +310,13 @@ public GetPrivilegesDescriptor(Name application, Name name): base(r => r.Optiona
public partial class GetRoleDescriptor : RequestDescriptorBase, IGetRoleRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityGetRole;
- ////_security/role/{name}
- ///Optional, accepts null
+ ////_security/role/{name}
+ ///Optional, accepts null
public GetRoleDescriptor(Name name): base(r => r.Optional("name", name))
{
}
- ////_security/role
+ ////_security/role
public GetRoleDescriptor(): base()
{
}
@@ -330,13 +332,13 @@ public GetRoleDescriptor(): base()
public partial class GetRoleMappingDescriptor : RequestDescriptorBase, IGetRoleMappingRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityGetRoleMapping;
- ////_security/role_mapping/{name}
- ///Optional, accepts null
+ ////_security/role_mapping/{name}
+ ///Optional, accepts null
public GetRoleMappingDescriptor(Name name): base(r => r.Optional("name", name))
{
}
- ////_security/role_mapping
+ ////_security/role_mapping
public GetRoleMappingDescriptor(): base()
{
}
@@ -360,13 +362,13 @@ public partial class GetUserAccessTokenDescriptor : RequestDescriptorBase, IGetUserRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityGetUser;
- ////_security/user/{username}
- ///Optional, accepts null
+ ////_security/user/{username}
+ ///Optional, accepts null
public GetUserDescriptor(Names username): base(r => r.Optional("username", username))
{
}
- ////_security/user
+ ////_security/user
public GetUserDescriptor(): base()
{
}
@@ -390,13 +392,13 @@ public partial class GetUserPrivilegesDescriptor : RequestDescriptorBase, IHasPrivilegesRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityHasPrivileges;
- ////_security/user/_has_privileges
+ ////_security/user/_has_privileges
public HasPrivilegesDescriptor(): base()
{
}
- ////_security/user/{user}/_has_privileges
- ///Optional, accepts null
+ ////_security/user/{user}/_has_privileges
+ ///Optional, accepts null
public HasPrivilegesDescriptor(Name user): base(r => r.Optional("user", user))
{
}
@@ -438,13 +440,13 @@ public partial class PutPrivilegesDescriptor : RequestDescriptorBase, IPutRoleRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityPutRole;
- ////_security/role/{name}
- ///this parameter is required
+ ////_security/role/{name}
+ ///this parameter is required
public PutRoleDescriptor(Name name): base(r => r.Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected PutRoleDescriptor(): base()
{
@@ -461,13 +463,13 @@ protected PutRoleDescriptor(): base()
public partial class PutRoleMappingDescriptor : RequestDescriptorBase, IPutRoleMappingRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityPutRoleMapping;
- ////_security/role_mapping/{name}
- ///this parameter is required
+ ////_security/role_mapping/{name}
+ ///this parameter is required
public PutRoleMappingDescriptor(Name name): base(r => r.Required("name", name))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected PutRoleMappingDescriptor(): base()
{
@@ -484,13 +486,13 @@ protected PutRoleMappingDescriptor(): base()
public partial class PutUserDescriptor : RequestDescriptorBase, IPutUserRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityPutUser;
- ////_security/user/{username}
- ///this parameter is required
+ ////_security/user/{username}
+ ///this parameter is required
public PutUserDescriptor(Name username): base(r => r.Required("username", username))
{
}
- ///Used for serialization purposes, making sure we have a parameterless constructor
+ ///Used for serialization purposes, making sure we have a parameterless constructor
[SerializationConstructor]
protected PutUserDescriptor(): base()
{
diff --git a/src/Nest/Requests.Security.cs b/src/Nest/Requests.Security.cs
index a111e13df83..3260ec952f1 100644
--- a/src/Nest/Requests.Security.cs
+++ b/src/Nest/Requests.Security.cs
@@ -468,6 +468,13 @@ public string Name
set => Q("name", value);
}
+ ///flag to query API keys owned by the currently authenticated user
+ public bool? Owner
+ {
+ get => Q("owner");
+ set => Q("owner", value);
+ }
+
///realm name of the user who created this API key to be retrieved
public string RealmName
{
diff --git a/src/Nest/XPack/Security/ApiKey/InvalidateApiKey/InvalidateApiKeyRequest.cs b/src/Nest/XPack/Security/ApiKey/InvalidateApiKey/InvalidateApiKeyRequest.cs
index f93a39087b0..dbd6a69f225 100644
--- a/src/Nest/XPack/Security/ApiKey/InvalidateApiKey/InvalidateApiKeyRequest.cs
+++ b/src/Nest/XPack/Security/ApiKey/InvalidateApiKey/InvalidateApiKeyRequest.cs
@@ -28,6 +28,14 @@ public partial interface IInvalidateApiKeyRequest
///
[DataMember(Name = "username")]
string Username { get; set; }
+
+ ///
+ /// A boolean flag that can be used to query API keys owned by the currently authenticated user. Defaults to false.
+ /// The RealmName or Username parameters cannot be specified when this parameter is set to true as they are
+ /// assumed to be the currently authenticated ones.
+ ///
+ [DataMember(Name = "owner")]
+ bool? Owner { get; set; }
}
public partial class InvalidateApiKeyRequest
@@ -43,6 +51,9 @@ public partial class InvalidateApiKeyRequest
///
public string Username { get; set; }
+
+ ///
+ public bool? Owner { get; set; }
}
public partial class InvalidateApiKeyDescriptor
@@ -59,6 +70,9 @@ public partial class InvalidateApiKeyDescriptor
///
string IInvalidateApiKeyRequest.Username { get; set; }
+ ///
+ bool? IInvalidateApiKeyRequest.Owner { get; set; }
+
///
public InvalidateApiKeyDescriptor Id(string id) => Assign(id, (a, v) => a.Id = v);
@@ -70,5 +84,8 @@ public partial class InvalidateApiKeyDescriptor
///
public InvalidateApiKeyDescriptor Username(string username) => Assign(username, (a, v) => a.Username = v);
+
+ ///
+ public InvalidateApiKeyDescriptor Owner(bool? owner = true) => Assign(owner, (a, v) => a.Owner = v);
}
}