diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index 2366e8ef26..862c9f976a 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -88401,24 +88401,62 @@ ] }, "security._types:RemoteUserIndicesPrivileges": { - "allOf": [ - { - "$ref": "#/components/schemas/security._types:UserIndicesPrivileges" + "type": "object", + "properties": { + "field_security": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html" + }, + "description": "The document fields that the owners of the role have read access to.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:FieldSecurity" + } }, - { - "type": "object", - "properties": { - "clusters": { + "names": { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "oneOf": [ + { + "$ref": "#/components/schemas/_types:IndexName" + }, + { "type": "array", "items": { - "type": "string" + "$ref": "#/components/schemas/_types:IndexName" } } - }, - "required": [ - "clusters" ] + }, + "privileges": { + "description": "The index level privileges that owners of the role have on the specified indices.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndexPrivilege" + } + }, + "query": { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndicesPrivilegesQuery" + } + }, + "allow_restricted_indices": { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "type": "boolean" + }, + "clusters": { + "type": "array", + "items": { + "type": "string" + } } + }, + "required": [ + "names", + "privileges", + "allow_restricted_indices", + "clusters" ] }, "security.get_user_profile:GetUserProfileErrors": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index 56989f47f6..e57c7813c6 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -106292,7 +106292,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "codegenNames": [ @@ -106306,7 +106306,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "items": [ { @@ -106356,7 +106356,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -106444,7 +106444,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "codegenNames": [ @@ -106456,7 +106456,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "items": [ { @@ -144753,7 +144753,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -144816,7 +144816,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index 544dc43cf6..3d259c6bbd 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -195828,7 +195828,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L413-L415" + "specLocation": "security/_types/Privileges.ts#L434-L436" }, { "kind": "interface", @@ -196353,7 +196353,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L409-L411" + "specLocation": "security/_types/Privileges.ts#L430-L432" }, { "kind": "enum", @@ -196466,7 +196466,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "kind": "interface", @@ -196574,7 +196574,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "kind": "union_of", "items": [ @@ -196624,7 +196624,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L417-L419" + "specLocation": "security/_types/Privileges.ts#L438-L440" }, { "kind": "interface", @@ -196831,17 +196831,97 @@ }, { "kind": "interface", - "inherits": { - "type": { - "name": "UserIndicesPrivileges", - "namespace": "security._types" - } - }, "name": { "name": "RemoteUserIndicesPrivileges", "namespace": "security._types" }, "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "extDocId": "field-and-document-access-control", + "extDocUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "kind": "union_of", + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ] + } + }, + { + "description": "The index level privileges that owners of the role have on the specified indices.", + "name": "privileges", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexPrivilege", + "namespace": "security._types" + } + } + } + }, + { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + }, + { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "name": "allow_restricted_indices", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + }, { "name": "clusters", "required": true, @@ -196857,7 +196937,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L316-L318" + "specLocation": "security/_types/Privileges.ts#L316-L339" }, { "kind": "interface", @@ -196907,7 +196987,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -197544,7 +197624,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "kind": "union_of", "items": [ @@ -197587,7 +197667,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -197675,7 +197755,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "kind": "interface", @@ -197754,7 +197834,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 142caa31d7..5cad42a45a 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -18309,7 +18309,12 @@ export interface SecurityRemoteIndicesPrivileges { allow_restricted_indices?: boolean } -export interface SecurityRemoteUserIndicesPrivileges extends SecurityUserIndicesPrivileges { +export interface SecurityRemoteUserIndicesPrivileges { + field_security?: SecurityFieldSecurity[] + names: IndexName | IndexName[] + privileges: SecurityIndexPrivilege[] + query?: SecurityIndicesPrivilegesQuery[] + allow_restricted_indices: boolean clusters: string[] } diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index ff5618da41..6223ef9cfd 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -313,7 +313,28 @@ export class UserIndicesPrivileges { allow_restricted_indices: boolean } -export class RemoteUserIndicesPrivileges extends UserIndicesPrivileges { +export class RemoteUserIndicesPrivileges { + /** + * The document fields that the owners of the role have read access to. + * @ext_doc_id field-and-document-access-control + */ + field_security?: FieldSecurity[] + /** + * A list of indices (or index name patterns) to which the permissions in this entry apply. + */ + names: IndexName | IndexName[] + /** + * The index level privileges that owners of the role have on the specified indices. + */ + privileges: IndexPrivilege[] + /** + * Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role. + */ + query?: IndicesPrivilegesQuery[] + /** + * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`. + */ + allow_restricted_indices: boolean clusters: string[] }