diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index bb72976135..e8c7cb9185 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -88412,24 +88412,62 @@ ] }, "security._types:RemoteUserIndicesPrivileges": { - "allOf": [ - { - "$ref": "#/components/schemas/security._types:UserIndicesPrivileges" + "type": "object", + "properties": { + "field_security": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html" + }, + "description": "The document fields that the owners of the role have read access to.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:FieldSecurity" + } }, - { - "type": "object", - "properties": { - "clusters": { + "names": { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "oneOf": [ + { + "$ref": "#/components/schemas/_types:IndexName" + }, + { "type": "array", "items": { - "type": "string" + "$ref": "#/components/schemas/_types:IndexName" } } - }, - "required": [ - "clusters" ] + }, + "privileges": { + "description": "The index level privileges that owners of the role have on the specified indices.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndexPrivilege" + } + }, + "query": { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndicesPrivilegesQuery" + } + }, + "allow_restricted_indices": { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "type": "boolean" + }, + "clusters": { + "type": "array", + "items": { + "type": "string" + } } + }, + "required": [ + "names", + "privileges", + "allow_restricted_indices", + "clusters" ] }, "security.get_user_profile:GetUserProfileErrors": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index 458285f0a8..4be5ba4003 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -106154,7 +106154,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "codegenNames": [ @@ -106168,7 +106168,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "items": [ { @@ -106218,7 +106218,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -106306,7 +106306,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "codegenNames": [ @@ -106318,7 +106318,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "items": [ { @@ -144640,7 +144640,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -144703,7 +144703,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index dca5043db6..ddb39e5aa2 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -195835,7 +195835,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L413-L415" + "specLocation": "security/_types/Privileges.ts#L434-L436" }, { "kind": "interface", @@ -196360,7 +196360,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L409-L411" + "specLocation": "security/_types/Privileges.ts#L430-L432" }, { "kind": "enum", @@ -196473,7 +196473,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "kind": "interface", @@ -196569,7 +196569,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "kind": "union_of", "items": [ @@ -196619,7 +196619,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L417-L419" + "specLocation": "security/_types/Privileges.ts#L438-L440" }, { "kind": "interface", @@ -196814,17 +196814,97 @@ }, { "kind": "interface", - "inherits": { - "type": { - "name": "UserIndicesPrivileges", - "namespace": "security._types" - } - }, "name": { "name": "RemoteUserIndicesPrivileges", "namespace": "security._types" }, "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "extDocId": "field-and-document-access-control", + "extDocUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "kind": "union_of", + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ] + } + }, + { + "description": "The index level privileges that owners of the role have on the specified indices.", + "name": "privileges", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexPrivilege", + "namespace": "security._types" + } + } + } + }, + { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + }, + { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "name": "allow_restricted_indices", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + }, { "name": "clusters", "required": true, @@ -196840,7 +196920,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L316-L318" + "specLocation": "security/_types/Privileges.ts#L316-L339" }, { "kind": "interface", @@ -196890,7 +196970,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -197527,7 +197607,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "kind": "union_of", "items": [ @@ -197570,7 +197650,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -197658,7 +197738,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "kind": "interface", @@ -197737,7 +197817,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 3fa24e8c45..911de2f5b3 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -18310,7 +18310,12 @@ export interface SecurityRemoteIndicesPrivileges { allow_restricted_indices?: boolean } -export interface SecurityRemoteUserIndicesPrivileges extends SecurityUserIndicesPrivileges { +export interface SecurityRemoteUserIndicesPrivileges { + field_security?: SecurityFieldSecurity[] + names: IndexName | IndexName[] + privileges: SecurityIndexPrivilege[] + query?: SecurityIndicesPrivilegesQuery[] + allow_restricted_indices: boolean clusters: string[] } diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index caa3cc8b04..bfdcf8e143 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -313,7 +313,28 @@ export class UserIndicesPrivileges { allow_restricted_indices: boolean } -export class RemoteUserIndicesPrivileges extends UserIndicesPrivileges { +export class RemoteUserIndicesPrivileges { + /** + * The document fields that the owners of the role have read access to. + * @ext_doc_id field-and-document-access-control + */ + field_security?: FieldSecurity[] + /** + * A list of indices (or index name patterns) to which the permissions in this entry apply. + */ + names: IndexName | IndexName[] + /** + * The index level privileges that owners of the role have on the specified indices. + */ + privileges: IndexPrivilege[] + /** + * Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role. + */ + query?: IndicesPrivilegesQuery[] + /** + * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`. + */ + allow_restricted_indices: boolean clusters: string[] }