[Backport 7.9] Add security.clear_cached_privileges API

src/ApiGenerator/Configuration/CodeConfiguration.cs

@@ -35,8 +35,6 @@ public static class CodeConfiguration
 
 		public static string[] IgnoredApisHighLevel { get; } =
 		{
-			"security.clear_cached_privileges.json", // TODO: implement
-
 			"autoscaling.get_autoscaling_decision.json", // 7.7 experimental
 			"autoscaling.delete_autoscaling_decision.json", // experimental
 			"autoscaling.get_autoscaling_policy.json", // experimental

src/Nest/Descriptors.Security.cs

@@ -62,6 +62,27 @@ public ChangePasswordDescriptor(): base()
 		public ChangePasswordDescriptor Refresh(Refresh? refresh) => Qs("refresh", refresh);
 	}
 
+	///<summary>Descriptor for ClearCachedPrivileges <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</para></summary>
+	public partial class ClearCachedPrivilegesDescriptor : RequestDescriptorBase<ClearCachedPrivilegesDescriptor, ClearCachedPrivilegesRequestParameters, IClearCachedPrivilegesRequest>, IClearCachedPrivilegesRequest
+	{
+		internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedPrivileges;
+		///<summary>/_security/privilege/{application}/_clear_cache</summary>
+		///<param name = "application">this parameter is required</param>
+		public ClearCachedPrivilegesDescriptor(Names application): base(r => r.Required("application", application))
+		{
+		}
+
+		///<summary>Used for serialization purposes, making sure we have a parameterless constructor</summary>
+		[SerializationConstructor]
+		protected ClearCachedPrivilegesDescriptor(): base()
+		{
+		}
+
+		// values part of the url path
+		Names IClearCachedPrivilegesRequest.Application => Self.RouteValues.Get<Names>("application");
+	// Request parameters
+	}
+
 	///<summary>Descriptor for ClearCachedRealms <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html</para></summary>
 	public partial class ClearCachedRealmsDescriptor : RequestDescriptorBase<ClearCachedRealmsDescriptor, ClearCachedRealmsRequestParameters, IClearCachedRealmsRequest>, IClearCachedRealmsRequest
 	{

src/Nest/ElasticClient.Security.cs

@@ -85,6 +85,30 @@ internal SecurityNamespace(ElasticClient client): base(client)
 		/// </summary>
 		public Task<ChangePasswordResponse> ChangePasswordAsync(IChangePasswordRequest request, CancellationToken ct = default) => DoRequestAsync<IChangePasswordRequest, ChangePasswordResponse>(request, request.RequestParameters, ct);
 		/// <summary>
+		/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
+		/// <para></para>
+		/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
+		/// </summary>
+		public ClearCachedPrivilegesResponse ClearCachedPrivileges(Names application, Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> selector = null) => ClearCachedPrivileges(selector.InvokeOrDefault(new ClearCachedPrivilegesDescriptor(application: application)));
+		/// <summary>
+		/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
+		/// <para></para>
+		/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
+		/// </summary>
+		public Task<ClearCachedPrivilegesResponse> ClearCachedPrivilegesAsync(Names application, Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> selector = null, CancellationToken ct = default) => ClearCachedPrivilegesAsync(selector.InvokeOrDefault(new ClearCachedPrivilegesDescriptor(application: application)), ct);
+		/// <summary>
+		/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
+		/// <para></para>
+		/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
+		/// </summary>
+		public ClearCachedPrivilegesResponse ClearCachedPrivileges(IClearCachedPrivilegesRequest request) => DoRequest<IClearCachedPrivilegesRequest, ClearCachedPrivilegesResponse>(request, request.RequestParameters);
+		/// <summary>
+		/// <c>POST</c> request to the <c>security.clear_cached_privileges</c> API, read more about this API online:
+		/// <para></para>
+		/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</a>
+		/// </summary>
+		public Task<ClearCachedPrivilegesResponse> ClearCachedPrivilegesAsync(IClearCachedPrivilegesRequest request, CancellationToken ct = default) => DoRequestAsync<IClearCachedPrivilegesRequest, ClearCachedPrivilegesResponse>(request, request.RequestParameters, ct);
+		/// <summary>
 		/// <c>POST</c> request to the <c>security.clear_cached_realms</c> API, read more about this API online:
 		/// <para></para>
 		/// <a href = "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html">https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html</a>

src/Nest/Requests.Security.cs

@@ -86,6 +86,39 @@ public Refresh? Refresh
 		}
 	}
 
+	[InterfaceDataContract]
+	public partial interface IClearCachedPrivilegesRequest : IRequest<ClearCachedPrivilegesRequestParameters>
+	{
+		[IgnoreDataMember]
+		Names Application
+		{
+			get;
+		}
+	}
+
+	///<summary>Request for ClearCachedPrivileges <para>https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-privilege-cache.html</para></summary>
+	public partial class ClearCachedPrivilegesRequest : PlainRequestBase<ClearCachedPrivilegesRequestParameters>, IClearCachedPrivilegesRequest
+	{
+		protected IClearCachedPrivilegesRequest Self => this;
+		internal override ApiUrls ApiUrls => ApiUrlsLookups.SecurityClearCachedPrivileges;
+		///<summary>/_security/privilege/{application}/_clear_cache</summary>
+		///<param name = "application">this parameter is required</param>
+		public ClearCachedPrivilegesRequest(Names application): base(r => r.Required("application", application))
+		{
+		}
+
+		///<summary>Used for serialization purposes, making sure we have a parameterless constructor</summary>
+		[SerializationConstructor]
+		protected ClearCachedPrivilegesRequest(): base()
+		{
+		}
+
+		// values part of the url path
+		[IgnoreDataMember]
+		Names IClearCachedPrivilegesRequest.Application => Self.RouteValues.Get<Names>("application");
+	// Request parameters
+	}
+
 	[InterfaceDataContract]
 	public partial interface IClearCachedRealmsRequest : IRequest<ClearCachedRealmsRequestParameters>
 	{

src/Nest/XPack/Security/ClearCachedPrivileges/ClearCachedPrivilegesRequest.cs

@@ -0,0 +1,13 @@
+// Licensed to Elasticsearch B.V under one or more agreements.
+// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
+// See the LICENSE file in the project root for more information
+
+ namespace Nest
+{
+	[MapsApi("security.clear_cached_privileges.json")]
+	public partial interface IClearCachedPrivilegesRequest { }
+
+	public partial class ClearCachedPrivilegesRequest { }
+
+	public partial class ClearCachedPrivilegesDescriptor { }
+}

src/Nest/XPack/Security/ClearCachedPrivileges/ClearCachedPrivilegesResponse.cs

@@ -0,0 +1,19 @@
+// Licensed to Elasticsearch B.V under one or more agreements.
+// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
+// See the LICENSE file in the project root for more information
+
+ using System.Collections.Generic;
+using System.Runtime.Serialization;
+using Elasticsearch.Net;
+
+namespace Nest
+{
+	public class ClearCachedPrivilegesResponse : NodesResponseBase
+	{
+		[DataMember(Name ="cluster_name")]
+		public string ClusterName { get; internal set; }
+
+		[DataMember(Name ="nodes")]
+		public IReadOnlyDictionary<string, SecurityNode> Nodes { get; internal set; } = EmptyReadOnly<string, SecurityNode>.Dictionary;
+	}
+}

src/Nest/XPack/Security/ClearCachedRealms/ClearCachedRealmsResponse.cs

@@ -8,7 +8,7 @@
 
 namespace Nest
 {
-	public class ClearCachedRealmsResponse : ResponseBase
+	public class ClearCachedRealmsResponse : NodesResponseBase
 	{
 		[DataMember(Name ="cluster_name")]
 		public string ClusterName { get; internal set; }

src/Nest/_Generated/ApiUrlsLookup.generated.cs

@@ -235,6 +235,7 @@ internal static class ApiUrlsLookups
 		internal static ApiUrls NoNamespaceSearchTemplate = new ApiUrls(new[]{"_search/template", "{index}/_search/template"});
 		internal static ApiUrls SecurityAuthenticate = new ApiUrls(new[]{"_security/_authenticate"});
 		internal static ApiUrls SecurityChangePassword = new ApiUrls(new[]{"_security/user/{username}/_password", "_security/user/_password"});
+		internal static ApiUrls SecurityClearCachedPrivileges = new ApiUrls(new[]{"_security/privilege/{application}/_clear_cache"});
 		internal static ApiUrls SecurityClearCachedRealms = new ApiUrls(new[]{"_security/realm/{realms}/_clear_cache"});
 		internal static ApiUrls SecurityClearCachedRoles = new ApiUrls(new[]{"_security/role/{name}/_clear_cache"});
 		internal static ApiUrls SecurityCreateApiKey = new ApiUrls(new[]{"_security/api_key"});

tests/Tests/XPack/Security/ClearCachedPrivileges/ClearCachedPrivilegesApiTests.cs

@@ -0,0 +1,59 @@
+// Licensed to Elasticsearch B.V under one or more agreements.
+// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
+// See the LICENSE file in the project root for more information
+
+using System;
+using System.Linq;
+using Elastic.Elasticsearch.Ephemeral;
+using Elastic.Elasticsearch.Xunit.XunitPlumbing;
+using Elasticsearch.Net;
+using FluentAssertions;
+using Nest;
+using Tests.Core.Extensions;
+using Tests.Core.ManagedElasticsearch.Clusters;
+using Tests.Framework.EndpointTests;
+using Tests.Framework.EndpointTests.TestState;
+
+namespace Tests.XPack.Security.ClearCachedPrivileges
+{
+	[SkipVersion("<7.9.0", "Introduced in 7.9.0")]
+	public class ClearCachedPrivilegesApiTests
+		: ApiIntegrationTestBase<XPackCluster, ClearCachedPrivilegesResponse, IClearCachedPrivilegesRequest, ClearCachedPrivilegesDescriptor,
+			ClearCachedPrivilegesRequest>
+	{
+		public ClearCachedPrivilegesApiTests(XPackCluster cluster, EndpointUsage usage) : base(cluster, usage) { }
+
+		protected override bool ExpectIsValid => true;
+		protected override int ExpectStatusCode => 200;
+
+		protected override Func<ClearCachedPrivilegesDescriptor, IClearCachedPrivilegesRequest> Fluent => d => d;
+		protected override HttpMethod HttpMethod => HttpMethod.POST;
+
+		protected override ClearCachedPrivilegesRequest Initializer => new ClearCachedPrivilegesRequest(Application);
+
+		protected override bool SupportsDeserialization => false;
+
+		protected override string UrlPath => $"/_security/privilege/{U(Application)}/_clear_cache";
+
+		private string Application => "myapp";
+
+		protected override LazyResponses ClientUsage() => Calls(
+			(client, f) => client.Security.ClearCachedPrivileges(Application, f),
+			(client, f) => client.Security.ClearCachedPrivilegesAsync(Application, f),
+			(client, r) => client.Security.ClearCachedPrivileges(r),
+			(client, r) => client.Security.ClearCachedPrivilegesAsync(r)
+		);
+
+		protected override ClearCachedPrivilegesDescriptor NewDescriptor() => new ClearCachedPrivilegesDescriptor(Application);
+
+		protected override void ExpectResponse(ClearCachedPrivilegesResponse response)
+		{
+			response.ClusterName.Should().NotBeNullOrWhiteSpace();
+			response.Nodes.Should().NotBeEmpty().And.HaveCount(1);
+			response.NodeStatistics.Should().NotBeNull();
+			var node = response.Nodes.First().Value;
+			node.Should().NotBeNull();
+			node.Name.Should().NotBeNullOrEmpty();
+		}
+	}
+}

tests/Tests/XPack/Security/ClearCachedPrivileges/ClearCachedPrivilegesUrlTests.cs

@@ -0,0 +1,22 @@
+// Licensed to Elasticsearch B.V under one or more agreements.
+// Elasticsearch B.V licenses this file to you under the Apache 2.0 License.
+// See the LICENSE file in the project root for more information
+
+ using System.Threading.Tasks;
+using Elastic.Elasticsearch.Xunit.XunitPlumbing;
+using Nest;
+using Tests.Framework.EndpointTests;
+using static Tests.Framework.EndpointTests.UrlTester;
+
+namespace Tests.XPack.Security.ClearCachedPrivileges
+{
+	public class ClearCachedPrivilegesUrlTests : UrlTestsBase
+	{
+		[U] public override async Task Urls() =>
+			await POST("/_security/privilege/myapp/_clear_cache")
+				.Fluent(c => c.Security.ClearCachedPrivileges("myapp"))
+				.Request(c => c.Security.ClearCachedPrivileges(new ClearCachedPrivilegesRequest("myapp")))
+				.FluentAsync(c => c.Security.ClearCachedPrivilegesAsync("myapp"))
+				.RequestAsync(c => c.Security.ClearCachedPrivilegesAsync(new ClearCachedPrivilegesRequest("myapp")));
+	}
+}

tests/Tests/XPack/Security/ClearCachedRealms/ClearCachedRealmsApiTests.cs

@@ -4,8 +4,8 @@
 
 using System;
 using System.Linq;
- using Elastic.Elasticsearch.Ephemeral;
- using Elastic.Elasticsearch.Xunit.XunitPlumbing;
+using Elastic.Elasticsearch.Ephemeral;
+using Elastic.Elasticsearch.Xunit.XunitPlumbing;
 using Elasticsearch.Net;
 using FluentAssertions;
 using Nest;
@@ -35,7 +35,6 @@ public ClearCachedRealmsApiTests(XPackCluster cluster, EndpointUsage usage) : ba
 
 		protected override string UrlPath => $"/_security/realm/{U(Realm)}/_clear_cache";
 
-		//callisolated value can sometimes start with a digit which is not allowed for rolenames
 		private string Realm => SecurityRealms.FileRealm;
 
 		protected override LazyResponses ClientUsage() => Calls(
@@ -51,6 +50,7 @@ protected override void ExpectResponse(ClearCachedRealmsResponse response)
 		{
 			response.ClusterName.Should().NotBeNullOrWhiteSpace();
 			response.Nodes.Should().NotBeEmpty().And.HaveCount(1);
+			response.NodeStatistics.Should().NotBeNull();
 			var node = response.Nodes.First().Value;
 			node.Should().NotBeNull();
 			node.Name.Should().NotBeNullOrEmpty();