Skip to content

Commit

Permalink
Add security.clear_cached_privileges API (#4916) (#4935)
Browse files Browse the repository at this point in the history
Relates: elastic/elasticsearch#55836

Derive ClearCachedRealmsResponse from NodesResponseBase to
expose NodeStatistics.

Co-authored-by: Russ Cam <[email protected]>
  • Loading branch information
github-actions[bot] and russcam authored Aug 5, 2020
1 parent 69fab71 commit 3142130
Show file tree
Hide file tree
Showing 11 changed files with 196 additions and 6 deletions.
2 changes: 0 additions & 2 deletions src/ApiGenerator/Configuration/CodeConfiguration.cs
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,6 @@ public static class CodeConfiguration

public static string[] IgnoredApisHighLevel { get; } =
{
"security.clear_cached_privileges.json", // TODO: implement

"autoscaling.get_autoscaling_decision.json", // 7.7 experimental
"autoscaling.delete_autoscaling_decision.json", // experimental
"autoscaling.get_autoscaling_policy.json", // experimental
Expand Down
21 changes: 21 additions & 0 deletions src/Nest/Descriptors.Security.cs
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,27 @@ public ChangePasswordDescriptor(): base()
public ChangePasswordDescriptor Refresh(Refresh? refresh) => Qs("refresh", refresh);
}

///<summary>Descriptor for ClearCachedPrivileges <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</para></summary>
public partial class ClearCachedPrivilegesDescriptor : RequestDescriptorBase<ClearCachedPrivilegesDescriptor, ClearCachedPrivilegesRequestParameters, IClearCachedPrivilegesRequest>, IClearCachedPrivilegesRequest
{
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedPrivileges;
///<summary>/_security/privilege/{application}/_clear_cache</summary>
///<param name = "application">this parameter is required</param>
public ClearCachedPrivilegesDescriptor(Names application): base(r => r.Required("application", application))
{
}

///<summary>Used for serialization purposes, making sure we have a parameterless constructor</summary>
[SerializationConstructor]
protected ClearCachedPrivilegesDescriptor(): base()
{
}

// values part of the url path
Names IClearCachedPrivilegesRequest.Application => Self.RouteValues.Get<Names>("application");
// Request parameters
}

///<summary>Descriptor for ClearCachedRealms <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html</para></summary>
public partial class ClearCachedRealmsDescriptor : RequestDescriptorBase<ClearCachedRealmsDescriptor, ClearCachedRealmsRequestParameters, IClearCachedRealmsRequest>, IClearCachedRealmsRequest
{
Expand Down
24 changes: 24 additions & 0 deletions src/Nest/ElasticClient.Security.cs
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,30 @@ internal SecurityNamespace(ElasticClient client): base(client)
/// </summary>
public Task<ChangePasswordResponse> ChangePasswordAsync(IChangePasswordRequest request, CancellationToken ct = default) => DoRequestAsync<IChangePasswordRequest, ChangePasswordResponse>(request, request.RequestParameters, ct);
/// <summary>
/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
/// <para></para>
/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
/// </summary>
public ClearCachedPrivilegesResponse ClearCachedPrivileges(Names application, Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> selector = null) => ClearCachedPrivileges(selector.InvokeOrDefault(new ClearCachedPrivilegesDescriptor(application: application)));
/// <summary>
/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
/// <para></para>
/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
/// </summary>
public Task<ClearCachedPrivilegesResponse> ClearCachedPrivilegesAsync(Names application, Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> selector = null, CancellationToken ct = default) => ClearCachedPrivilegesAsync(selector.InvokeOrDefault(new ClearCachedPrivilegesDescriptor(application: application)), ct);
/// <summary>
/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
/// <para></para>
/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
/// </summary>
public ClearCachedPrivilegesResponse ClearCachedPrivileges(IClearCachedPrivilegesRequest request) => DoRequest<IClearCachedPrivilegesRequest, ClearCachedPrivilegesResponse>(request, request.RequestParameters);
/// <summary>
/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
/// <para></para>
/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
/// </summary>
public Task<ClearCachedPrivilegesResponse> ClearCachedPrivilegesAsync(IClearCachedPrivilegesRequest request, CancellationToken ct = default) => DoRequestAsync<IClearCachedPrivilegesRequest, ClearCachedPrivilegesResponse>(request, request.RequestParameters, ct);
/// <summary>
/// <c>POST</c> request to the <c>security.clear_cached_realms</c> API, read more about this API online:
/// <para></para>
/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html</a>
Expand Down
33 changes: 33 additions & 0 deletions src/Nest/Requests.Security.cs
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,39 @@ public Refresh? Refresh
}
}

[InterfaceDataContract]
public partial interface IClearCachedPrivilegesRequest : IRequest<ClearCachedPrivilegesRequestParameters>
{
[IgnoreDataMember]
Names Application
{
get;
}
}

///<summary>Request for ClearCachedPrivileges <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</para></summary>
public partial class ClearCachedPrivilegesRequest : PlainRequestBase<ClearCachedPrivilegesRequestParameters>, IClearCachedPrivilegesRequest
{
protected IClearCachedPrivilegesRequest Self => this;
internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedPrivileges;
///<summary>/_security/privilege/{application}/_clear_cache</summary>
///<param name = "application">this parameter is required</param>
public ClearCachedPrivilegesRequest(Names application): base(r => r.Required("application", application))
{
}

///<summary>Used for serialization purposes, making sure we have a parameterless constructor</summary>
[SerializationConstructor]
protected ClearCachedPrivilegesRequest(): base()
{
}

// values part of the url path
[IgnoreDataMember]
Names IClearCachedPrivilegesRequest.Application => Self.RouteValues.Get<Names>("application");
// Request parameters
}

[InterfaceDataContract]
public partial interface IClearCachedRealmsRequest : IRequest<ClearCachedRealmsRequestParameters>
{
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
// Licensed to Elasticsearch B.V under one or more agreements.
// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
// See the LICENSE file in the project root for more information

namespace Nest
{
[MapsApi("security.clear_cached_privileges.json")]
public partial interface IClearCachedPrivilegesRequest { }

public partial class ClearCachedPrivilegesRequest { }

public partial class ClearCachedPrivilegesDescriptor { }
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
// Licensed to Elasticsearch B.V under one or more agreements.
// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
// See the LICENSE file in the project root for more information

using System.Collections.Generic;
using System.Runtime.Serialization;
using Elasticsearch.Net;

namespace Nest
{
public class ClearCachedPrivilegesResponse : NodesResponseBase
{
[DataMember(Name ="cluster_name")]
public string ClusterName { get; internal set; }

[DataMember(Name ="nodes")]
public IReadOnlyDictionary<string, SecurityNode> Nodes { get; internal set; } = EmptyReadOnly<string, SecurityNode>.Dictionary;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

namespace Nest
{
public class ClearCachedRealmsResponse : ResponseBase
public class ClearCachedRealmsResponse : NodesResponseBase
{
[DataMember(Name ="cluster_name")]
public string ClusterName { get; internal set; }
Expand Down
1 change: 1 addition & 0 deletions src/Nest/_Generated/ApiUrlsLookup.generated.cs
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,7 @@ internal static class ApiUrlsLookups
internal static ApiUrls NoNamespaceSearchTemplate = new ApiUrls(new[]{"_search/template", "{index}/_search/template"});
internal static ApiUrls SecurityAuthenticate = new ApiUrls(new[]{"_security/_authenticate"});
internal static ApiUrls SecurityChangePassword = new ApiUrls(new[]{"_security/user/{username}/_password", "_security/user/_password"});
internal static ApiUrls SecurityClearCachedPrivileges = new ApiUrls(new[]{"_security/privilege/{application}/_clear_cache"});
internal static ApiUrls SecurityClearCachedRealms = new ApiUrls(new[]{"_security/realm/{realms}/_clear_cache"});
internal static ApiUrls SecurityClearCachedRoles = new ApiUrls(new[]{"_security/role/{name}/_clear_cache"});
internal static ApiUrls SecurityCreateApiKey = new ApiUrls(new[]{"_security/api_key"});
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
// Licensed to Elasticsearch B.V under one or more agreements.
// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
// See the LICENSE file in the project root for more information

using System;
using System.Linq;
using Elastic.Elasticsearch.Ephemeral;
using Elastic.Elasticsearch.Xunit.XunitPlumbing;
using Elasticsearch.Net;
using FluentAssertions;
using Nest;
using Tests.Core.Extensions;
using Tests.Core.ManagedElasticsearch.Clusters;
using Tests.Framework.EndpointTests;
using Tests.Framework.EndpointTests.TestState;

namespace Tests.XPack.Security.ClearCachedPrivileges
{
[SkipVersion("<7.9.0", "Introduced in 7.9.0")]
public class ClearCachedPrivilegesApiTests
: ApiIntegrationTestBase<XPackCluster, ClearCachedPrivilegesResponse, IClearCachedPrivilegesRequest, ClearCachedPrivilegesDescriptor,
ClearCachedPrivilegesRequest>
{
public ClearCachedPrivilegesApiTests(XPackCluster cluster, EndpointUsage usage) : base(cluster, usage) { }

protected override bool ExpectIsValid => true;
protected override int ExpectStatusCode => 200;

protected override Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> Fluent => d => d;
protected override HttpMethod HttpMethod => HttpMethod.POST;

protected override ClearCachedPrivilegesRequest Initializer => new ClearCachedPrivilegesRequest(Application);

protected override bool SupportsDeserialization => false;

protected override string UrlPath => $"/_security/privilege/{U(Application)}/_clear_cache";

private string Application => "myapp";

protected override LazyResponses ClientUsage() => Calls(
(client, f) => client.Security.ClearCachedPrivileges(Application, f),
(client, f) => client.Security.ClearCachedPrivilegesAsync(Application, f),
(client, r) => client.Security.ClearCachedPrivileges(r),
(client, r) => client.Security.ClearCachedPrivilegesAsync(r)
);

protected override ClearCachedPrivilegesDescriptor NewDescriptor() => new ClearCachedPrivilegesDescriptor(Application);

protected override void ExpectResponse(ClearCachedPrivilegesResponse response)
{
response.ClusterName.Should().NotBeNullOrWhiteSpace();
response.Nodes.Should().NotBeEmpty().And.HaveCount(1);
response.NodeStatistics.Should().NotBeNull();
var node = response.Nodes.First().Value;
node.Should().NotBeNull();
node.Name.Should().NotBeNullOrEmpty();
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
// Licensed to Elasticsearch B.V under one or more agreements.
// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
// See the LICENSE file in the project root for more information

using System.Threading.Tasks;
using Elastic.Elasticsearch.Xunit.XunitPlumbing;
using Nest;
using Tests.Framework.EndpointTests;
using static Tests.Framework.EndpointTests.UrlTester;

namespace Tests.XPack.Security.ClearCachedPrivileges
{
public class ClearCachedPrivilegesUrlTests : UrlTestsBase
{
[U] public override async Task Urls() =>
await POST("/_security/privilege/myapp/_clear_cache")
.Fluent(c => c.Security.ClearCachedPrivileges("myapp"))
.Request(c => c.Security.ClearCachedPrivileges(new ClearCachedPrivilegesRequest("myapp")))
.FluentAsync(c => c.Security.ClearCachedPrivilegesAsync("myapp"))
.RequestAsync(c => c.Security.ClearCachedPrivilegesAsync(new ClearCachedPrivilegesRequest("myapp")));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@

using System;
using System.Linq;
using Elastic.Elasticsearch.Ephemeral;
using Elastic.Elasticsearch.Xunit.XunitPlumbing;
using Elastic.Elasticsearch.Ephemeral;
using Elastic.Elasticsearch.Xunit.XunitPlumbing;
using Elasticsearch.Net;
using FluentAssertions;
using Nest;
Expand Down Expand Up @@ -35,7 +35,6 @@ public ClearCachedRealmsApiTests(XPackCluster cluster, EndpointUsage usage) : ba

protected override string UrlPath => $"/_security/realm/{U(Realm)}/_clear_cache";

//callisolated value can sometimes start with a digit which is not allowed for rolenames
private string Realm => SecurityRealms.FileRealm;

protected override LazyResponses ClientUsage() => Calls(
Expand All @@ -51,6 +50,7 @@ protected override void ExpectResponse(ClearCachedRealmsResponse response)
{
response.ClusterName.Should().NotBeNullOrWhiteSpace();
response.Nodes.Should().NotBeEmpty().And.HaveCount(1);
response.NodeStatistics.Should().NotBeNull();
var node = response.Nodes.First().Value;
node.Should().NotBeNull();
node.Name.Should().NotBeNullOrEmpty();
Expand Down

0 comments on commit 3142130

Please sign in to comment.