co.elastic.clients.elasticsearch.security.PutRoleRequest Maven / Gradle / Ivy
Show all versions of org.apache.servicemix.bundles.elasticsearch-java
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package co.elastic.clients.elasticsearch.security;
import co.elastic.clients.elasticsearch._types.ErrorResponse;
import co.elastic.clients.elasticsearch._types.Refresh;
import co.elastic.clients.elasticsearch._types.RequestBase;
import co.elastic.clients.json.JsonData;
import co.elastic.clients.json.JsonpDeserializable;
import co.elastic.clients.json.JsonpDeserializer;
import co.elastic.clients.json.JsonpMapper;
import co.elastic.clients.json.JsonpSerializable;
import co.elastic.clients.json.ObjectBuilderDeserializer;
import co.elastic.clients.json.ObjectDeserializer;
import co.elastic.clients.transport.Endpoint;
import co.elastic.clients.transport.endpoints.SimpleEndpoint;
import co.elastic.clients.util.ApiTypeHelper;
import co.elastic.clients.util.ObjectBuilder;
import jakarta.json.stream.JsonGenerator;
import java.lang.String;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import javax.annotation.Nullable;
//----------------------------------------------------------------
// THIS CODE IS GENERATED. MANUAL EDITS WILL BE LOST.
//----------------------------------------------------------------
//
// This code is generated from the Elasticsearch API specification
// at https://github.com/elastic/elasticsearch-specification
//
// Manual updates to this file will be lost when the code is
// re-generated.
//
// If you find a property that is missing or wrongly typed, please
// open an issue or a PR on the API specification repository.
//
//----------------------------------------------------------------
// typedef: security.put_role.Request
/**
* Create or update roles.
*
* The role management APIs are generally the preferred way to manage roles in
* the native realm, rather than using file-based role management. The create or
* update roles API cannot update roles that are defined in roles files.
* File-based role management is not available in Elastic Serverless.
*
* @see API
* specification
*/
@JsonpDeserializable
public class PutRoleRequest extends RequestBase implements JsonpSerializable {
private final List applications;
private final List cluster;
@Nullable
private final String description;
private final Map global;
private final List indices;
private final Map metadata;
private final String name;
@Nullable
private final Refresh refresh;
private final List remoteCluster;
private final List remoteIndices;
private final List runAs;
private final Map transientMetadata;
// ---------------------------------------------------------------------------------------------
private PutRoleRequest(Builder builder) {
this.applications = ApiTypeHelper.unmodifiable(builder.applications);
this.cluster = ApiTypeHelper.unmodifiable(builder.cluster);
this.description = builder.description;
this.global = ApiTypeHelper.unmodifiable(builder.global);
this.indices = ApiTypeHelper.unmodifiable(builder.indices);
this.metadata = ApiTypeHelper.unmodifiable(builder.metadata);
this.name = ApiTypeHelper.requireNonNull(builder.name, this, "name");
this.refresh = builder.refresh;
this.remoteCluster = ApiTypeHelper.unmodifiable(builder.remoteCluster);
this.remoteIndices = ApiTypeHelper.unmodifiable(builder.remoteIndices);
this.runAs = ApiTypeHelper.unmodifiable(builder.runAs);
this.transientMetadata = ApiTypeHelper.unmodifiable(builder.transientMetadata);
}
public static PutRoleRequest of(Function> fn) {
return fn.apply(new Builder()).build();
}
/**
* A list of application privilege entries.
*
* API name: {@code applications}
*/
public final List applications() {
return this.applications;
}
/**
* A list of cluster privileges. These privileges define the cluster-level
* actions for users with this role.
*
* API name: {@code cluster}
*/
public final List cluster() {
return this.cluster;
}
/**
* Optional description of the role descriptor
*
* API name: {@code description}
*/
@Nullable
public final String description() {
return this.description;
}
/**
* An object defining global privileges. A global privilege is a form of cluster
* privilege that is request-aware. Support for global privileges is currently
* limited to the management of application privileges.
*
* API name: {@code global}
*/
public final Map global() {
return this.global;
}
/**
* A list of indices permissions entries.
*
* API name: {@code indices}
*/
public final List indices() {
return this.indices;
}
/**
* Optional metadata. Within the metadata object, keys that begin with an
* underscore (_) are reserved for system use.
*
* API name: {@code metadata}
*/
public final Map metadata() {
return this.metadata;
}
/**
* Required - The name of the role that is being created or updated. On
* Elasticsearch Serverless, the role name must begin with a letter or digit and
* can only contain letters, digits and the characters '_', '-', and '.'. Each
* role must have a unique name, as this will serve as the identifier for that
* role.
*
* API name: {@code name}
*/
public final String name() {
return this.name;
}
/**
* If true (the default) then refresh the affected shards to make
* this operation visible to search, if wait_for then wait for a
* refresh to make this operation visible to search, if false then
* do nothing with refreshes.
*
* API name: {@code refresh}
*/
@Nullable
public final Refresh refresh() {
return this.refresh;
}
/**
* A list of remote cluster permissions entries.
*
* API name: {@code remote_cluster}
*/
public final List remoteCluster() {
return this.remoteCluster;
}
/**
* A list of remote indices permissions entries.
*
* NOTE: Remote indices are effective for remote clusters configured with the
* API key based model. They have no effect for remote clusters configured with
* the certificate based model.
*
* API name: {@code remote_indices}
*/
public final List remoteIndices() {
return this.remoteIndices;
}
/**
* A list of users that the owners of this role can impersonate. Note:
* in Serverless, the run-as feature is disabled. For API compatibility, you can
* still specify an empty run_as field, but a non-empty list will
* be rejected.
*
* API name: {@code run_as}
*/
public final List runAs() {
return this.runAs;
}
/**
* Indicates roles that might be incompatible with the current cluster license,
* specifically roles with document and field level security. When the cluster
* license doesn’t allow certain features for a given role, this parameter is
* updated dynamically to list the incompatible features. If
* enabled is false, the role is ignored, but is still
* listed in the response from the authenticate API.
*
* API name: {@code transient_metadata}
*/
public final Map transientMetadata() {
return this.transientMetadata;
}
/**
* Serialize this object to JSON.
*/
public void serialize(JsonGenerator generator, JsonpMapper mapper) {
generator.writeStartObject();
serializeInternal(generator, mapper);
generator.writeEnd();
}
protected void serializeInternal(JsonGenerator generator, JsonpMapper mapper) {
if (ApiTypeHelper.isDefined(this.applications)) {
generator.writeKey("applications");
generator.writeStartArray();
for (ApplicationPrivileges item0 : this.applications) {
item0.serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.cluster)) {
generator.writeKey("cluster");
generator.writeStartArray();
for (String item0 : this.cluster) {
generator.write(item0);
}
generator.writeEnd();
}
if (this.description != null) {
generator.writeKey("description");
generator.write(this.description);
}
if (ApiTypeHelper.isDefined(this.global)) {
generator.writeKey("global");
generator.writeStartObject();
for (Map.Entry item0 : this.global.entrySet()) {
generator.writeKey(item0.getKey());
item0.getValue().serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.indices)) {
generator.writeKey("indices");
generator.writeStartArray();
for (IndicesPrivileges item0 : this.indices) {
item0.serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.metadata)) {
generator.writeKey("metadata");
generator.writeStartObject();
for (Map.Entry item0 : this.metadata.entrySet()) {
generator.writeKey(item0.getKey());
item0.getValue().serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.remoteCluster)) {
generator.writeKey("remote_cluster");
generator.writeStartArray();
for (RemoteClusterPrivileges item0 : this.remoteCluster) {
item0.serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.remoteIndices)) {
generator.writeKey("remote_indices");
generator.writeStartArray();
for (RemoteIndicesPrivileges item0 : this.remoteIndices) {
item0.serialize(generator, mapper);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.runAs)) {
generator.writeKey("run_as");
generator.writeStartArray();
for (String item0 : this.runAs) {
generator.write(item0);
}
generator.writeEnd();
}
if (ApiTypeHelper.isDefined(this.transientMetadata)) {
generator.writeKey("transient_metadata");
generator.writeStartObject();
for (Map.Entry item0 : this.transientMetadata.entrySet()) {
generator.writeKey(item0.getKey());
item0.getValue().serialize(generator, mapper);
}
generator.writeEnd();
}
}
// ---------------------------------------------------------------------------------------------
/**
* Builder for {@link PutRoleRequest}.
*/
public static class Builder extends RequestBase.AbstractBuilder implements ObjectBuilder {
@Nullable
private List applications;
@Nullable
private List cluster;
@Nullable
private String description;
@Nullable
private Map global;
@Nullable
private List indices;
@Nullable
private Map metadata;
private String name;
@Nullable
private Refresh refresh;
@Nullable
private List remoteCluster;
@Nullable
private List remoteIndices;
@Nullable
private List runAs;
@Nullable
private Map transientMetadata;
/**
* A list of application privilege entries.
*
* API name: {@code applications}
*
* Adds all elements of list to applications.
*/
public final Builder applications(List list) {
this.applications = _listAddAll(this.applications, list);
return this;
}
/**
* A list of application privilege entries.
*
* API name: {@code applications}
*
* Adds one or more values to applications.
*/
public final Builder applications(ApplicationPrivileges value, ApplicationPrivileges... values) {
this.applications = _listAdd(this.applications, value, values);
return this;
}
/**
* A list of application privilege entries.
*
* API name: {@code applications}
*
* Adds a value to applications using a builder lambda.
*/
public final Builder applications(
Function> fn) {
return applications(fn.apply(new ApplicationPrivileges.Builder()).build());
}
/**
* A list of cluster privileges. These privileges define the cluster-level
* actions for users with this role.
*
* API name: {@code cluster}
*
* Adds all elements of list to cluster.
*/
public final Builder cluster(List list) {
this.cluster = _listAddAll(this.cluster, list);
return this;
}
/**
* A list of cluster privileges. These privileges define the cluster-level
* actions for users with this role.
*
* API name: {@code cluster}
*
* Adds one or more values to cluster.
*/
public final Builder cluster(String value, String... values) {
this.cluster = _listAdd(this.cluster, value, values);
return this;
}
/**
* Optional description of the role descriptor
*
* API name: {@code description}
*/
public final Builder description(@Nullable String value) {
this.description = value;
return this;
}
/**
* An object defining global privileges. A global privilege is a form of cluster
* privilege that is request-aware. Support for global privileges is currently
* limited to the management of application privileges.
*
* API name: {@code global}
*
* Adds all entries of map to global.
*/
public final Builder global(Map map) {
this.global = _mapPutAll(this.global, map);
return this;
}
/**
* An object defining global privileges. A global privilege is a form of cluster
* privilege that is request-aware. Support for global privileges is currently
* limited to the management of application privileges.
*
* API name: {@code global}
*
* Adds an entry to global.
*/
public final Builder global(String key, JsonData value) {
this.global = _mapPut(this.global, key, value);
return this;
}
/**
* A list of indices permissions entries.
*
* API name: {@code indices}
*
* Adds all elements of list to indices.
*/
public final Builder indices(List list) {
this.indices = _listAddAll(this.indices, list);
return this;
}
/**
* A list of indices permissions entries.
*
* API name: {@code indices}
*
* Adds one or more values to indices.
*/
public final Builder indices(IndicesPrivileges value, IndicesPrivileges... values) {
this.indices = _listAdd(this.indices, value, values);
return this;
}
/**
* A list of indices permissions entries.
*
* API name: {@code indices}
*
* Adds a value to indices using a builder lambda.
*/
public final Builder indices(Function> fn) {
return indices(fn.apply(new IndicesPrivileges.Builder()).build());
}
/**
* Optional metadata. Within the metadata object, keys that begin with an
* underscore (_) are reserved for system use.
*
* API name: {@code metadata}
*
* Adds all entries of map to metadata.
*/
public final Builder metadata(Map map) {
this.metadata = _mapPutAll(this.metadata, map);
return this;
}
/**
* Optional metadata. Within the metadata object, keys that begin with an
* underscore (_) are reserved for system use.
*
* API name: {@code metadata}
*
* Adds an entry to metadata.
*/
public final Builder metadata(String key, JsonData value) {
this.metadata = _mapPut(this.metadata, key, value);
return this;
}
/**
* Required - The name of the role that is being created or updated. On
* Elasticsearch Serverless, the role name must begin with a letter or digit and
* can only contain letters, digits and the characters '_', '-', and '.'. Each
* role must have a unique name, as this will serve as the identifier for that
* role.
*
* API name: {@code name}
*/
public final Builder name(String value) {
this.name = value;
return this;
}
/**
* If true (the default) then refresh the affected shards to make
* this operation visible to search, if wait_for then wait for a
* refresh to make this operation visible to search, if false then
* do nothing with refreshes.
*
* API name: {@code refresh}
*/
public final Builder refresh(@Nullable Refresh value) {
this.refresh = value;
return this;
}
/**
* A list of remote cluster permissions entries.
*
* API name: {@code remote_cluster}
*
* Adds all elements of list to remoteCluster.
*/
public final Builder remoteCluster(List list) {
this.remoteCluster = _listAddAll(this.remoteCluster, list);
return this;
}
/**
* A list of remote cluster permissions entries.
*
* API name: {@code remote_cluster}
*
* Adds one or more values to remoteCluster.
*/
public final Builder remoteCluster(RemoteClusterPrivileges value, RemoteClusterPrivileges... values) {
this.remoteCluster = _listAdd(this.remoteCluster, value, values);
return this;
}
/**
* A list of remote cluster permissions entries.
*
* API name: {@code remote_cluster}
*
* Adds a value to remoteCluster using a builder lambda.
*/
public final Builder remoteCluster(
Function> fn) {
return remoteCluster(fn.apply(new RemoteClusterPrivileges.Builder()).build());
}
/**
* A list of remote indices permissions entries.
*
* NOTE: Remote indices are effective for remote clusters configured with the
* API key based model. They have no effect for remote clusters configured with
* the certificate based model.
*
* API name: {@code remote_indices}
*
* Adds all elements of list to remoteIndices.
*/
public final Builder remoteIndices(List list) {
this.remoteIndices = _listAddAll(this.remoteIndices, list);
return this;
}
/**
* A list of remote indices permissions entries.
*
* NOTE: Remote indices are effective for remote clusters configured with the
* API key based model. They have no effect for remote clusters configured with
* the certificate based model.
*
* API name: {@code remote_indices}
*
* Adds one or more values to remoteIndices.
*/
public final Builder remoteIndices(RemoteIndicesPrivileges value, RemoteIndicesPrivileges... values) {
this.remoteIndices = _listAdd(this.remoteIndices, value, values);
return this;
}
/**
* A list of remote indices permissions entries.
*
* NOTE: Remote indices are effective for remote clusters configured with the
* API key based model. They have no effect for remote clusters configured with
* the certificate based model.
*
* API name: {@code remote_indices}
*
* Adds a value to remoteIndices using a builder lambda.
*/
public final Builder remoteIndices(
Function> fn) {
return remoteIndices(fn.apply(new RemoteIndicesPrivileges.Builder()).build());
}
/**
* A list of users that the owners of this role can impersonate. Note:
* in Serverless, the run-as feature is disabled. For API compatibility, you can
* still specify an empty run_as field, but a non-empty list will
* be rejected.
*
* API name: {@code run_as}
*
* Adds all elements of list to runAs.
*/
public final Builder runAs(List list) {
this.runAs = _listAddAll(this.runAs, list);
return this;
}
/**
* A list of users that the owners of this role can impersonate. Note:
* in Serverless, the run-as feature is disabled. For API compatibility, you can
* still specify an empty run_as field, but a non-empty list will
* be rejected.
*
* API name: {@code run_as}
*
* Adds one or more values to runAs.
*/
public final Builder runAs(String value, String... values) {
this.runAs = _listAdd(this.runAs, value, values);
return this;
}
/**
* Indicates roles that might be incompatible with the current cluster license,
* specifically roles with document and field level security. When the cluster
* license doesn’t allow certain features for a given role, this parameter is
* updated dynamically to list the incompatible features. If
* enabled is false, the role is ignored, but is still
* listed in the response from the authenticate API.
*
* API name: {@code transient_metadata}
*
* Adds all entries of map to transientMetadata.
*/
public final Builder transientMetadata(Map map) {
this.transientMetadata = _mapPutAll(this.transientMetadata, map);
return this;
}
/**
* Indicates roles that might be incompatible with the current cluster license,
* specifically roles with document and field level security. When the cluster
* license doesn’t allow certain features for a given role, this parameter is
* updated dynamically to list the incompatible features. If
* enabled is false, the role is ignored, but is still
* listed in the response from the authenticate API.
*
* API name: {@code transient_metadata}
*
* Adds an entry to transientMetadata.
*/
public final Builder transientMetadata(String key, JsonData value) {
this.transientMetadata = _mapPut(this.transientMetadata, key, value);
return this;
}
@Override
protected Builder self() {
return this;
}
/**
* Builds a {@link PutRoleRequest}.
*
* @throws NullPointerException
* if some of the required fields are null.
*/
public PutRoleRequest build() {
_checkSingleUse();
return new PutRoleRequest(this);
}
}
// ---------------------------------------------------------------------------------------------
/**
* Json deserializer for {@link PutRoleRequest}
*/
public static final JsonpDeserializer _DESERIALIZER = ObjectBuilderDeserializer.lazy(Builder::new,
PutRoleRequest::setupPutRoleRequestDeserializer);
protected static void setupPutRoleRequestDeserializer(ObjectDeserializer op) {
op.add(Builder::applications, JsonpDeserializer.arrayDeserializer(ApplicationPrivileges._DESERIALIZER),
"applications");
op.add(Builder::cluster, JsonpDeserializer.arrayDeserializer(JsonpDeserializer.stringDeserializer()),
"cluster");
op.add(Builder::description, JsonpDeserializer.stringDeserializer(), "description");
op.add(Builder::global, JsonpDeserializer.stringMapDeserializer(JsonData._DESERIALIZER), "global");
op.add(Builder::indices, JsonpDeserializer.arrayDeserializer(IndicesPrivileges._DESERIALIZER), "indices");
op.add(Builder::metadata, JsonpDeserializer.stringMapDeserializer(JsonData._DESERIALIZER), "metadata");
op.add(Builder::remoteCluster, JsonpDeserializer.arrayDeserializer(RemoteClusterPrivileges._DESERIALIZER),
"remote_cluster");
op.add(Builder::remoteIndices, JsonpDeserializer.arrayDeserializer(RemoteIndicesPrivileges._DESERIALIZER),
"remote_indices");
op.add(Builder::runAs, JsonpDeserializer.arrayDeserializer(JsonpDeserializer.stringDeserializer()), "run_as");
op.add(Builder::transientMetadata, JsonpDeserializer.stringMapDeserializer(JsonData._DESERIALIZER),
"transient_metadata");
}
// ---------------------------------------------------------------------------------------------
/**
* Endpoint "{@code security.put_role}".
*/
public static final Endpoint _ENDPOINT = new SimpleEndpoint<>(
"es/security.put_role",
// Request method
request -> {
return "PUT";
},
// Request path
request -> {
final int _name = 1 << 0;
int propsSet = 0;
propsSet |= _name;
if (propsSet == (_name)) {
StringBuilder buf = new StringBuilder();
buf.append("/_security");
buf.append("/role");
buf.append("/");
SimpleEndpoint.pathEncode(request.name, buf);
return buf.toString();
}
throw SimpleEndpoint.noPathTemplateFound("path");
},
// Path parameters
request -> {
Map params = new HashMap<>();
final int _name = 1 << 0;
int propsSet = 0;
propsSet |= _name;
if (propsSet == (_name)) {
params.put("name", request.name);
}
return params;
},
// Request parameters
request -> {
Map params = new HashMap<>();
if (request.refresh != null) {
params.put("refresh", request.refresh.jsonValue());
}
return params;
}, SimpleEndpoint.emptyMap(), true, PutRoleResponse._DESERIALIZER);
}