diff --git a/output/schema/schema.json b/output/schema/schema.json index 1b35567b6d..fd269cdc1c 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -151088,7 +151088,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L154-L156" + "specLocation": "security/_types/Privileges.ts#L163-L165" }, { "kind": "interface", @@ -151417,7 +151417,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L150-L152" + "specLocation": "security/_types/Privileges.ts#L159-L161" }, { "kind": "enum", @@ -151500,7 +151500,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L128-L148" + "specLocation": "security/_types/Privileges.ts#L137-L157" }, { "kind": "interface", @@ -151570,33 +151570,11 @@ "name": "query", "required": false, "type": { - "items": [ - { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "kind": "instance_of", - "type": { - "name": "QueryContainer", - "namespace": "_types.query_dsl" - } - }, - { - "kind": "instance_of", - "type": { - "name": "RoleTemplateQueryContainer", - "namespace": "security._types" - } - } - ], - "kind": "union_of" + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } } }, { @@ -151615,6 +151593,46 @@ ], "specLocation": "security/_types/Privileges.ts#L80-L103" }, + { + "codegenNames": [ + "json_text", + "query", + "template" + ], + "description": "While creating or updating a role you can provide either a JSON structure or a string to the API.\nHowever, the response provided by Elasticsearch will only be string with a json-as-text content.\n\nSince this is embedded in `IndicesPrivileges`, the same structure is used for clarity in both contexts.", + "kind": "type_alias", + "name": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + }, + "specLocation": "security/_types/Privileges.ts#L105-L113", + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + }, + { + "kind": "instance_of", + "type": { + "name": "QueryContainer", + "namespace": "_types.query_dsl" + } + }, + { + "kind": "instance_of", + "type": { + "name": "RoleTemplateQuery", + "namespace": "security._types" + } + } + ], + "kind": "union_of" + } + }, { "kind": "interface", "name": { @@ -151637,7 +151655,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L158-L160" + "specLocation": "security/_types/Privileges.ts#L167-L169" }, { "kind": "interface", @@ -151897,12 +151915,12 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L118-L123" + "specLocation": "security/_types/Privileges.ts#L127-L132" }, { "kind": "interface", "name": { - "name": "RoleTemplateQueryContainer", + "name": "RoleTemplateQuery", "namespace": "security._types" }, "properties": [ @@ -151921,10 +151939,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L105-L116", - "variants": { - "kind": "container" - } + "specLocation": "security/_types/Privileges.ts#L115-L125" }, { "codegenNames": [ @@ -151936,7 +151951,7 @@ "name": "RoleTemplateScript", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L125-L126", + "specLocation": "security/_types/Privileges.ts#L134-L135", "type": { "items": [ { @@ -156060,6 +156075,7 @@ } }, { + "description": "In this context `IndicesPrivileges.query` property can only be a string, see `IndicesPrivileges` documentation for detail.", "name": "indices", "required": true, "type": { @@ -156094,7 +156110,7 @@ "name": "Response", "namespace": "security.get_user_privileges" }, - "specLocation": "security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts#L26-L34" + "specLocation": "security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts#L26-L37" }, { "attachedBehaviors": [ diff --git a/output/schema/validation-errors.json b/output/schema/validation-errors.json index 7aa362ba2b..43040fa396 100644 --- a/output/schema/validation-errors.json +++ b/output/schema/validation-errors.json @@ -1840,12 +1840,6 @@ ], "response": [] }, - "security.create_api_key": { - "request": [ - "interface definition security._types:RoleTemplateQueryContainer - Property template is a single-variant and must be required" - ], - "response": [] - }, "security.create_service_token": { "request": [ "Request: should not have a body" diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 105b5ffb42..d0ee54f54a 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -15132,10 +15132,12 @@ export interface SecurityIndicesPrivileges { field_security?: SecurityFieldSecurity | SecurityFieldSecurity[] names: Indices privileges: SecurityIndexPrivilege[] - query?: string[] | QueryDslQueryContainer | SecurityRoleTemplateQueryContainer + query?: SecurityIndicesPrivilegesQuery allow_restricted_indices?: boolean } +export type SecurityIndicesPrivilegesQuery = string | QueryDslQueryContainer | SecurityRoleTemplateQuery + export interface SecurityManageUserPrivileges { applications: string[] } @@ -15170,7 +15172,7 @@ export interface SecurityRoleTemplateInlineScript extends ScriptBase { source: string | QueryDslQueryContainer } -export interface SecurityRoleTemplateQueryContainer { +export interface SecurityRoleTemplateQuery { template?: SecurityRoleTemplateScript } diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index c42d1dde03..f847cc971c 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -94,7 +94,7 @@ export class IndicesPrivileges { /** * A search query that defines the documents the owners of the role have read access to. A document within the specified indices must match this query for it to be accessible by the owners of the role. */ - query?: string[] | QueryContainer | RoleTemplateQueryContainer + query?: IndicesPrivilegesQuery /** * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`. * @server_default false @@ -102,8 +102,17 @@ export class IndicesPrivileges { allow_restricted_indices?: boolean } -/** @variants container */ -export class RoleTemplateQueryContainer { +/** + * While creating or updating a role you can provide either a JSON structure or a string to the API. + * However, the response provided by Elasticsearch will only be string with a json-as-text content. + * + * Since this is embedded in `IndicesPrivileges`, the same structure is used for clarity in both contexts. + * + * @codegen_names json_text, query, template + */ +export type IndicesPrivilegesQuery = string | QueryContainer | RoleTemplateQuery + +export class RoleTemplateQuery { /** * When you create a role, you can specify a query that defines the document level security permissions. You can optionally * use Mustache templates in the role query to insert the username of the current authenticated user into the role. diff --git a/specification/security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts b/specification/security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts index d7a798a07b..06617521de 100644 --- a/specification/security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts +++ b/specification/security/get_user_privileges/SecurityGetUserPrivilegesResponse.ts @@ -28,6 +28,9 @@ export class Response { applications: ApplicationPrivileges[] cluster: string[] global: GlobalPrivilege[] + /** + * In this context `IndicesPrivileges.query` property can only be a string, see `IndicesPrivileges` documentation for detail. + */ indices: IndicesPrivileges[] run_as: string[] }