From c3ebee9c7cbce0dccf0f171cf3c393a4d4ab3a83 Mon Sep 17 00:00:00 2001 From: Laura Trotta <153528055+l-trotta@users.noreply.github.com> Date: Thu, 27 Feb 2025 14:54:58 +0100 Subject: [PATCH] avoid extending non base class (#3852) (cherry picked from commit d22ee5ab886929e8205ce2179ada6992c2192862) --- output/openapi/elasticsearch-openapi.json | 60 +++++++++-- output/schema/schema-serverless.json | 14 +-- output/schema/schema.json | 114 +++++++++++++++++--- output/typescript/types.ts | 7 +- specification/security/_types/Privileges.ts | 23 +++- 5 files changed, 181 insertions(+), 37 deletions(-) diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index d23c95931d..cc78a89556 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -88406,24 +88406,62 @@ ] }, "security._types:RemoteUserIndicesPrivileges": { - "allOf": [ - { - "$ref": "#/components/schemas/security._types:UserIndicesPrivileges" + "type": "object", + "properties": { + "field_security": { + "externalDocs": { + "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html" + }, + "description": "The document fields that the owners of the role have read access to.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:FieldSecurity" + } }, - { - "type": "object", - "properties": { - "clusters": { + "names": { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "oneOf": [ + { + "$ref": "#/components/schemas/_types:IndexName" + }, + { "type": "array", "items": { - "type": "string" + "$ref": "#/components/schemas/_types:IndexName" } } - }, - "required": [ - "clusters" ] + }, + "privileges": { + "description": "The index level privileges that owners of the role have on the specified indices.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndexPrivilege" + } + }, + "query": { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:IndicesPrivilegesQuery" + } + }, + "allow_restricted_indices": { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "type": "boolean" + }, + "clusters": { + "type": "array", + "items": { + "type": "string" + } } + }, + "required": [ + "names", + "privileges", + "allow_restricted_indices", + "clusters" ] }, "security.get_user_profile:GetUserProfileErrors": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index 4d810f90df..497f6d8293 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -106284,7 +106284,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "codegenNames": [ @@ -106298,7 +106298,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "items": [ { @@ -106348,7 +106348,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -106436,7 +106436,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "codegenNames": [ @@ -106448,7 +106448,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "items": [ { @@ -144745,7 +144745,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -144808,7 +144808,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index 5e4f214337..b56df3c975 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -195833,7 +195833,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L413-L415" + "specLocation": "security/_types/Privileges.ts#L434-L436" }, { "kind": "interface", @@ -196358,7 +196358,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L409-L411" + "specLocation": "security/_types/Privileges.ts#L430-L432" }, { "kind": "enum", @@ -196471,7 +196471,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L365-L407" + "specLocation": "security/_types/Privileges.ts#L386-L428" }, { "kind": "interface", @@ -196579,7 +196579,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L320-L328", + "specLocation": "security/_types/Privileges.ts#L341-L349", "type": { "kind": "union_of", "items": [ @@ -196629,7 +196629,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L417-L419" + "specLocation": "security/_types/Privileges.ts#L438-L440" }, { "kind": "interface", @@ -196836,17 +196836,97 @@ }, { "kind": "interface", - "inherits": { - "type": { - "name": "UserIndicesPrivileges", - "namespace": "security._types" - } - }, "name": { "name": "RemoteUserIndicesPrivileges", "namespace": "security._types" }, "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "extDocId": "field-and-document-access-control", + "extDocUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "kind": "union_of", + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ] + } + }, + { + "description": "The index level privileges that owners of the role have on the specified indices.", + "name": "privileges", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexPrivilege", + "namespace": "security._types" + } + } + } + }, + { + "description": "Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + }, + { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "name": "allow_restricted_indices", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + }, { "name": "clusters", "required": true, @@ -196862,7 +196942,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L316-L318" + "specLocation": "security/_types/Privileges.ts#L316-L339" }, { "kind": "interface", @@ -196912,7 +196992,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L421-L431" + "specLocation": "security/_types/Privileges.ts#L442-L452" }, { "kind": "interface", @@ -197549,7 +197629,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L362-L363", + "specLocation": "security/_types/Privileges.ts#L383-L384", "type": { "kind": "union_of", "items": [ @@ -197592,7 +197672,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L330-L340" + "specLocation": "security/_types/Privileges.ts#L351-L361" }, { "kind": "interface", @@ -197680,7 +197760,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L342-L360" + "specLocation": "security/_types/Privileges.ts#L363-L381" }, { "kind": "interface", @@ -197759,7 +197839,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L433-L453" + "specLocation": "security/_types/Privileges.ts#L454-L474" }, { "kind": "interface", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 8143fe21b4..698ff692b4 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -18310,7 +18310,12 @@ export interface SecurityRemoteIndicesPrivileges { allow_restricted_indices?: boolean } -export interface SecurityRemoteUserIndicesPrivileges extends SecurityUserIndicesPrivileges { +export interface SecurityRemoteUserIndicesPrivileges { + field_security?: SecurityFieldSecurity[] + names: IndexName | IndexName[] + privileges: SecurityIndexPrivilege[] + query?: SecurityIndicesPrivilegesQuery[] + allow_restricted_indices: boolean clusters: string[] } diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index ff5618da41..6223ef9cfd 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -313,7 +313,28 @@ export class UserIndicesPrivileges { allow_restricted_indices: boolean } -export class RemoteUserIndicesPrivileges extends UserIndicesPrivileges { +export class RemoteUserIndicesPrivileges { + /** + * The document fields that the owners of the role have read access to. + * @ext_doc_id field-and-document-access-control + */ + field_security?: FieldSecurity[] + /** + * A list of indices (or index name patterns) to which the permissions in this entry apply. + */ + names: IndexName | IndexName[] + /** + * The index level privileges that owners of the role have on the specified indices. + */ + privileges: IndexPrivilege[] + /** + * Search queries that define the documents the user has access to. A document within the specified indices must match these queries for it to be accessible by the owners of the role. + */ + query?: IndicesPrivilegesQuery[] + /** + * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`. + */ + allow_restricted_indices: boolean clusters: string[] }