update path and add more rule mapping functionality

panther-labs · Feb 16, 2023 · 60bb3f9 · 60bb3f9
1 parent 44cd9cd
commit 60bb3f9
Show file tree

Hide file tree

Showing 6 changed files with 209 additions and 34 deletions.
diff --git a/opensearchapi/api._.go b/opensearchapi/api._.go
@@ -203,7 +203,7 @@ type Remote struct {
 // Security contains the Security APIs
 type Security struct {
 	Create CreateSecurityRuleMapping
-	Update UpdateSecurityRuleMapping
+	Patch  PatchSecurityRuleMapping
 	Delete DeleteSecurityRuleMapping
 	Get    GetSecurityRuleMapping
 	List   ListSecurityRuleMapping
@@ -381,7 +381,7 @@ func New(t Transport) *API {
 		Remote: &Remote{},
 		Security: &Security{
 			Create: newCreateSecurityRuleMappingFunc(t),
-			Update: newUpdateSecurityRuleMappingFunc(t),
+			Patch:  newPatchSecurityRuleMappingFunc(t),
 			Delete: newDeleteSecurityRuleMappingFunc(t),
 			Get:    newGetSecurityRuleMappingFunc(t),
 			List:   newListSecurityRuleMappingFunc(t),

diff --git a/opensearchapi/api.security.create.rule_mapping.go b/opensearchapi/api.security.create.rule_mapping.go
@@ -22,6 +22,8 @@ func newCreateSecurityRuleMappingFunc(t Transport) CreateSecurityRuleMapping {
 // CreateSecurityRuleMapping creates a role mapping
 //
 //	To use this API, you must have at least the manage_security cluster privilege.
+//
+// https://opensearch.org/docs/2.3/security/access-control/api/#create-role-mapping
 type CreateSecurityRuleMapping func(name string, body io.Reader, o ...func(*CreateSecurityRuleMappingRequest)) (*Response, error)
 
 // CreateSecurityRuleMappingRequest configures the Create Security Rule Mapping API request.
@@ -48,10 +50,10 @@ func (r CreateSecurityRuleMappingRequest) Do(ctx context.Context, transport Tran
 		params map[string]string
 	)
 
-	method = http.MethodPost
+	method = http.MethodPut
 
-	path.Grow(len("/_security/role_mapping/") + len(r.Name))
-	path.WriteString("/_security/role_mapping/")
+	path.Grow(len("/_plugins/_security/api/rolesmapping/") + len(r.Name))
+	path.WriteString("/_plugins/_security/api/rolesmapping/")
 	path.WriteString(r.Name)
 
 	params = make(map[string]string)

diff --git a/opensearchapi/api.security.delete.rule_mapping.go b/opensearchapi/api.security.delete.rule_mapping.go
@@ -47,8 +47,8 @@ func (r DeleteSecurityRuleMappingRequest) Do(ctx context.Context, transport Tran
 
 	method = http.MethodDelete
 
-	path.Grow(len("/_security/role_mapping/") + len(r.Name))
-	path.WriteString("/_security/role_mapping/")
+	path.Grow(len("/_plugins/_security/api/rolesmapping/") + len(r.Name))
+	path.WriteString("/_plugins/_security/api/rolesmapping/")
 	path.WriteString(r.Name)
 
 	params = make(map[string]string)

diff --git a/opensearchapi/api.security.get.rule_mappings.go b/opensearchapi/api.security.get.rule_mappings.go
@@ -47,8 +47,8 @@ func (r GetSecurityRuleMappingRequest) Do(ctx context.Context, transport Transpo
 
 	method = http.MethodGet
 
-	path.Grow(len("/_security/role_mapping/") + len(r.Name))
-	path.WriteString("/_security/role_mapping/")
+	path.Grow(len("/_plugins/_security/api/rolesmapping/") + len(r.Name))
+	path.WriteString("/_plugins/_security/api/rolesmapping/")
 	path.WriteString(r.Name)
 
 	params = make(map[string]string)

diff --git a/...chapi/api.security.update.rule_mapping.go → ...rchapi/api.security.patch.rule_mapping.go b/...chapi/api.security.update.rule_mapping.go → ...rchapi/api.security.patch.rule_mapping.go
@@ -7,9 +7,9 @@ import (
 	"strings"
 )
 
-func newUpdateSecurityRuleMappingFunc(t Transport) UpdateSecurityRuleMapping {
-	return func(name string, body io.Reader, o ...func(*UpdateSecurityRuleMappingRequest)) (*Response, error) {
-		var r = UpdateSecurityRuleMappingRequest{Name: name, Body: body}
+func newPatchSecurityRuleMappingFunc(t Transport) PatchSecurityRuleMapping {
+	return func(name string, body io.Reader, o ...func(*PatchSecurityRuleMappingRequest)) (*Response, error) {
+		var r = PatchSecurityRuleMappingRequest{Name: name, Body: body}
 		for _, f := range o {
 			f(&r)
 		}
@@ -19,13 +19,14 @@ func newUpdateSecurityRuleMappingFunc(t Transport) UpdateSecurityRuleMapping {
 
 // ----- API Definition -------------------------------------------------------
 
-// UpdateSecurityRuleMapping Updates a role mapping
+// PatchSecurityRuleMapping Patches a role mapping
 //
 //	To use this API, you must have at least the manage_security cluster privilege.
-type UpdateSecurityRuleMapping func(name string, body io.Reader, o ...func(*UpdateSecurityRuleMappingRequest)) (*Response, error)
+//		https://opensearch.org/docs/2.3/security/access-control/api/#patch-role-mapping
+type PatchSecurityRuleMapping func(name string, body io.Reader, o ...func(*PatchSecurityRuleMappingRequest)) (*Response, error)
 
-// UpdateSecurityRuleMappingRequest configures the Update Security Rule Mapping API request.
-type UpdateSecurityRuleMappingRequest struct {
+// PatchSecurityRuleMappingRequest configures the Patch Security Rule Mapping API request.
+type PatchSecurityRuleMappingRequest struct {
 	Name string
 
 	Body io.Reader
@@ -41,17 +42,17 @@ type UpdateSecurityRuleMappingRequest struct {
 }
 
 // Do will execute the request and returns response or error.
-func (r UpdateSecurityRuleMappingRequest) Do(ctx context.Context, transport Transport) (*Response, error) {
+func (r PatchSecurityRuleMappingRequest) Do(ctx context.Context, transport Transport) (*Response, error) {
 	var (
 		method string
 		path   strings.Builder
 		params map[string]string
 	)
 
-	method = http.MethodPut
+	method = http.MethodPatch
 
-	path.Grow(len("/_security/role_mapping/") + len(r.Name))
-	path.WriteString("/_security/role_mapping/")
+	path.Grow(len("/_plugins/_security/api/rolesmapping/") + len(r.Name))
+	path.WriteString("/_plugins/_security/api/rolesmapping/")
 	path.WriteString(r.Name)
 
 	params = make(map[string]string)
@@ -115,43 +116,43 @@ func (r UpdateSecurityRuleMappingRequest) Do(ctx context.Context, transport Tran
 }
 
 // WithContext sets the request context.
-func (f UpdateSecurityRuleMapping) WithContext(v context.Context) func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithContext(v context.Context) func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		r.ctx = v
 	}
 }
 
 // WithPretty makes the response body pretty-printed.
-func (f UpdateSecurityRuleMapping) WithPretty() func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithPretty() func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		r.Pretty = true
 	}
 }
 
 // WithHuman makes statistical values human-readable.
-func (f UpdateSecurityRuleMapping) WithHuman() func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithHuman() func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		r.Human = true
 	}
 }
 
 // WithErrorTrace includes the stack trace for errors in the response body.
-func (f UpdateSecurityRuleMapping) WithErrorTrace() func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithErrorTrace() func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		r.ErrorTrace = true
 	}
 }
 
 // WithFilterPath filters the properties of the response body.
-func (f UpdateSecurityRuleMapping) WithFilterPath(v ...string) func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithFilterPath(v ...string) func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		r.FilterPath = v
 	}
 }
 
 // WithHeader adds the headers to the HTTP request.
-func (f UpdateSecurityRuleMapping) WithHeader(h map[string]string) func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithHeader(h map[string]string) func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		if r.Header == nil {
 			r.Header = make(http.Header)
 		}
@@ -162,8 +163,8 @@ func (f UpdateSecurityRuleMapping) WithHeader(h map[string]string) func(*UpdateS
 }
 
 // WithOpaqueID adds the X-Opaque-Id header to the HTTP request.
-func (f UpdateSecurityRuleMapping) WithOpaqueID(s string) func(*UpdateSecurityRuleMappingRequest) {
-	return func(r *UpdateSecurityRuleMappingRequest) {
+func (f PatchSecurityRuleMapping) WithOpaqueID(s string) func(*PatchSecurityRuleMappingRequest) {
+	return func(r *PatchSecurityRuleMappingRequest) {
 		if r.Header == nil {
 			r.Header = make(http.Header)
 		}

diff --git a/opensearchapi/api.security.patch.rule_mappings.go b/opensearchapi/api.security.patch.rule_mappings.go
@@ -0,0 +1,172 @@
+package opensearchapi
+
+import (
+	"context"
+	"io"
+	"net/http"
+	"strings"
+)
+
+func newBulkUpsertSecurityRuleMappingFunc(t Transport) BulkUpsertSecurityRuleMapping {
+	return func(name string, body io.Reader, o ...func(*BulkUpsertSecurityRuleMappingRequest)) (*Response, error) {
+		var r = BulkUpsertSecurityRuleMappingRequest{Name: name, Body: body}
+		for _, f := range o {
+			f(&r)
+		}
+		return r.Do(r.ctx, t)
+	}
+}
+
+// ----- API Definition -------------------------------------------------------
+
+// BulkUpsertSecurityRuleMapping Bulk Upsert multiple role mappings
+//
+//	To use this API, you must have at least the manage_security cluster privilege.
+//		https://opensearch.org/docs/2.3/security/access-control/api/#BulkUpsert-role-mapping
+type BulkUpsertSecurityRuleMapping func(name string, body io.Reader, o ...func(*BulkUpsertSecurityRuleMappingRequest)) (*Response, error)
+
+// BulkUpsertSecurityRuleMappingRequest configures the BulkUpsert Security Rule Mapping API request.
+type BulkUpsertSecurityRuleMappingRequest struct {
+	Name string
+
+	Body io.Reader
+
+	Pretty     bool
+	Human      bool
+	ErrorTrace bool
+	FilterPath []string
+
+	Header http.Header
+
+	ctx context.Context
+}
+
+// Do will execute the request and returns response or error.
+func (r BulkUpsertSecurityRuleMappingRequest) Do(ctx context.Context, transport Transport) (*Response, error) {
+	var (
+		method string
+		path   strings.Builder
+		params map[string]string
+	)
+
+	method = http.MethodPatch
+
+	path.Grow(len("/_plugins/_security/api/rolesmapping/"))
+	path.WriteString("/_plugins/_security/api/rolesmapping/")
+
+	params = make(map[string]string)
+	if r.Pretty {
+		params["pretty"] = "true"
+	}
+
+	if r.Human {
+		params["human"] = "true"
+	}
+
+	if r.ErrorTrace {
+		params["error_trace"] = "true"
+	}
+
+	if len(r.FilterPath) > 0 {
+		params["filter_path"] = strings.Join(r.FilterPath, ",")
+	}
+
+	req, err := newRequest(method, path.String(), r.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(params) > 0 {
+		q := req.URL.Query()
+		for k, v := range params {
+			q.Set(k, v)
+		}
+		req.URL.RawQuery = q.Encode()
+	}
+
+	if len(r.Header) > 0 {
+		if len(req.Header) == 0 {
+			req.Header = r.Header
+		} else {
+			for k, vv := range r.Header {
+				for _, v := range vv {
+					req.Header.Add(k, v)
+				}
+			}
+		}
+	}
+
+	if ctx != nil {
+		req = req.WithContext(ctx)
+	}
+
+	res, err := transport.Perform(req)
+	if err != nil {
+		return nil, err
+	}
+
+	response := Response{
+		StatusCode: res.StatusCode,
+		Body:       res.Body,
+		Header:     res.Header,
+	}
+
+	return &response, nil
+}
+
+// WithContext sets the request context.
+func (f BulkUpsertSecurityRuleMapping) WithContext(v context.Context) func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		r.ctx = v
+	}
+}
+
+// WithPretty makes the response body pretty-printed.
+func (f BulkUpsertSecurityRuleMapping) WithPretty() func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		r.Pretty = true
+	}
+}
+
+// WithHuman makes statistical values human-readable.
+func (f BulkUpsertSecurityRuleMapping) WithHuman() func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		r.Human = true
+	}
+}
+
+// WithErrorTrace includes the stack trace for errors in the response body.
+func (f BulkUpsertSecurityRuleMapping) WithErrorTrace() func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		r.ErrorTrace = true
+	}
+}
+
+// WithFilterPath filters the properties of the response body.
+func (f BulkUpsertSecurityRuleMapping) WithFilterPath(v ...string) func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		r.FilterPath = v
+	}
+}
+
+// WithHeader adds the headers to the HTTP request.
+func (f BulkUpsertSecurityRuleMapping) WithHeader(h map[string]string) func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		if r.Header == nil {
+			r.Header = make(http.Header)
+		}
+		for k, v := range h {
+			r.Header.Add(k, v)
+		}
+	}
+}
+
+// WithOpaqueID adds the X-Opaque-Id header to the HTTP request.
+func (f BulkUpsertSecurityRuleMapping) WithOpaqueID(s string) func(*BulkUpsertSecurityRuleMappingRequest) {
+	return func(r *BulkUpsertSecurityRuleMappingRequest) {
+		if r.Header == nil {
+			r.Header = make(http.Header)
+		}
+		r.Header.Set("X-Opaque-Id", s)
+	}
+}