From a086c665a35af32e60e6d23ab6ca75fcf085b46f Mon Sep 17 00:00:00 2001 From: Boaz Leskes Date: Fri, 26 Oct 2018 20:16:44 +0200 Subject: [PATCH] HLREST: Add Clear Roles Cache API (#34187) Adds support for the Clear Roles Cache API to the High Level Rest Client. As part of this a helper class, NodesResponseHeader, has been added that enables parsing the nodes header from responses that are node requests. Relates to #29827 --- .../client/NodesResponseHeader.java | 136 ++++++++++++++++++ .../elasticsearch/client/SecurityClient.java | 34 ++++- .../client/SecurityRequestConverters.java | 10 ++ .../security/ClearRolesCacheRequest.java | 65 +++++++++ .../security/ClearRolesCacheResponse.java | 109 ++++++++++++++ .../SecurityDocumentationIT.java | 54 ++++++- .../ClearRolesCacheResponseTests.java | 74 ++++++++++ .../security/clear-roles-cache.asciidoc | 32 +++++ .../high-level/supported-apis.asciidoc | 2 + 9 files changed, 513 insertions(+), 3 deletions(-) create mode 100644 client/rest-high-level/src/main/java/org/elasticsearch/client/NodesResponseHeader.java create mode 100644 client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheRequest.java create mode 100644 client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheResponse.java create mode 100644 client/rest-high-level/src/test/java/org/elasticsearch/client/security/ClearRolesCacheResponseTests.java create mode 100644 docs/java-rest/high-level/security/clear-roles-cache.asciidoc diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/NodesResponseHeader.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/NodesResponseHeader.java new file mode 100644 index 00000000000..bda36de42a3 --- /dev/null +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/NodesResponseHeader.java @@ -0,0 +1,136 @@ +/* + * Licensed to Elasticsearch under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.elasticsearch.client; + +import org.elasticsearch.ElasticsearchException; +import org.elasticsearch.action.support.nodes.BaseNodesResponse; +import org.elasticsearch.common.Nullable; +import org.elasticsearch.common.ParseField; +import org.elasticsearch.common.xcontent.ConstructingObjectParser; +import org.elasticsearch.common.xcontent.ToXContent; +import org.elasticsearch.common.xcontent.XContentBuilder; +import org.elasticsearch.common.xcontent.XContentParser; +import org.elasticsearch.rest.action.RestActions; + +import java.io.IOException; +import java.util.Collections; +import java.util.List; +import java.util.Objects; + +/** + * A utility class to parse the Nodes Header returned by + * {@link RestActions#buildNodesHeader(XContentBuilder, ToXContent.Params, BaseNodesResponse)}. + */ +public final class NodesResponseHeader { + + public static final ParseField TOTAL = new ParseField("total"); + public static final ParseField SUCCESSFUL = new ParseField("successful"); + public static final ParseField FAILED = new ParseField("failed"); + public static final ParseField FAILURES = new ParseField("failures"); + + @SuppressWarnings("unchecked") + public static final ConstructingObjectParser PARSER = + new ConstructingObjectParser<>("nodes_response_header", true, + (a) -> { + int i = 0; + int total = (Integer) a[i++]; + int successful = (Integer) a[i++]; + int failed = (Integer) a[i++]; + List failures = (List) a[i++]; + return new NodesResponseHeader(total, successful, failed, failures); + }); + + static { + PARSER.declareInt(ConstructingObjectParser.constructorArg(), TOTAL); + PARSER.declareInt(ConstructingObjectParser.constructorArg(), SUCCESSFUL); + PARSER.declareInt(ConstructingObjectParser.constructorArg(), FAILED); + PARSER.declareObjectArray(ConstructingObjectParser.optionalConstructorArg(), + (p, c) -> ElasticsearchException.fromXContent(p), FAILURES); + } + + private final int total; + private final int successful; + private final int failed; + private final List failures; + + public NodesResponseHeader(int total, int successful, int failed, @Nullable List failures) { + this.total = total; + this.successful = successful; + this.failed = failed; + this.failures = failures == null ? Collections.emptyList() : failures; + } + + public static NodesResponseHeader fromXContent(XContentParser parser, Void context) throws IOException { + return PARSER.parse(parser, context); + } + + /** the total number of nodes that the operation was carried on */ + public int getTotal() { + return total; + } + + /** the number of nodes that the operation has failed on */ + public int getFailed() { + return failed; + } + + /** the number of nodes that the operation was successful on */ + public int getSuccessful() { + return successful; + } + + /** + * Get the failed node exceptions. + * + * @return Never {@code null}. Can be empty. + */ + public List getFailures() { + return failures; + } + + /** + * Determine if there are any node failures in {@link #failures}. + * + * @return {@code true} if {@link #failures} contains at least 1 exception. + */ + public boolean hasFailures() { + return failures.isEmpty() == false; + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + NodesResponseHeader that = (NodesResponseHeader) o; + return total == that.total && + successful == that.successful && + failed == that.failed && + Objects.equals(failures, that.failures); + } + + @Override + public int hashCode() { + return Objects.hash(total, successful, failed, failures); + } + +} diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java index 1d773a9d7ee..e528116da6c 100644 --- a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java @@ -20,17 +20,19 @@ package org.elasticsearch.client; import org.elasticsearch.action.ActionListener; +import org.elasticsearch.client.security.ClearRolesCacheRequest; +import org.elasticsearch.client.security.ClearRolesCacheResponse; import org.elasticsearch.client.security.DeleteRoleRequest; import org.elasticsearch.client.security.DeleteRoleResponse; import org.elasticsearch.client.security.PutRoleMappingRequest; import org.elasticsearch.client.security.PutRoleMappingResponse; import org.elasticsearch.client.security.DisableUserRequest; +import org.elasticsearch.client.security.EmptyResponse; import org.elasticsearch.client.security.EnableUserRequest; import org.elasticsearch.client.security.GetSslCertificatesRequest; import org.elasticsearch.client.security.GetSslCertificatesResponse; import org.elasticsearch.client.security.PutUserRequest; import org.elasticsearch.client.security.PutUserResponse; -import org.elasticsearch.client.security.EmptyResponse; import org.elasticsearch.client.security.ChangePasswordRequest; import org.elasticsearch.client.security.DeleteRoleMappingRequest; import org.elasticsearch.client.security.DeleteRoleMappingResponse; @@ -170,6 +172,36 @@ public final class SecurityClient { EmptyResponse::fromXContent, listener, emptySet()); } + /** + * Clears the native roles cache for a set of roles. + * See + * the docs for more. + * + * @param request the request with the roles for which the cache should be cleared. + * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized + * @return the response from the enable user call + * @throws IOException in case there is a problem sending the request or parsing back the response + */ + public ClearRolesCacheResponse clearRolesCache(ClearRolesCacheRequest request, RequestOptions options) throws IOException { + return restHighLevelClient.performRequestAndParseEntity(request, SecurityRequestConverters::clearRolesCache, options, + ClearRolesCacheResponse::fromXContent, emptySet()); + } + + /** + * Clears the native roles cache for a set of roles asynchronously. + * See + * the docs for more. + * + * @param request the request with the roles for which the cache should be cleared. + * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized + * @param listener the listener to be notified upon request completion + */ + public void clearRolesCacheAsync(ClearRolesCacheRequest request, RequestOptions options, + ActionListener listener) { + restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::clearRolesCache, options, + ClearRolesCacheResponse::fromXContent, listener, emptySet()); + } + /** * Synchronously retrieve the X.509 certificates that are used to encrypt communications in an Elasticsearch cluster. * See diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java index a8a975d28ad..e3acda9313a 100644 --- a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java @@ -22,6 +22,7 @@ package org.elasticsearch.client; import org.apache.http.client.methods.HttpDelete; import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPut; +import org.elasticsearch.client.security.ClearRolesCacheRequest; import org.elasticsearch.client.security.DeleteRoleMappingRequest; import org.elasticsearch.client.security.DeleteRoleRequest; import org.elasticsearch.client.security.PutRoleMappingRequest; @@ -97,6 +98,15 @@ final class SecurityRequestConverters { return request; } + static Request clearRolesCache(ClearRolesCacheRequest disableCacheRequest) { + String endpoint = new RequestConverters.EndpointBuilder() + .addPathPartAsIs("_xpack/security/role") + .addCommaSeparatedPathParts(disableCacheRequest.names()) + .addPathPart("_clear_cache") + .build(); + return new Request(HttpPost.METHOD_NAME, endpoint); + } + static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingRequest) { final String endpoint = new RequestConverters.EndpointBuilder() .addPathPartAsIs("_xpack/security/role_mapping") diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheRequest.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheRequest.java new file mode 100644 index 00000000000..16980584950 --- /dev/null +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheRequest.java @@ -0,0 +1,65 @@ +/* + * Licensed to Elasticsearch under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.elasticsearch.client.security; + +import org.elasticsearch.client.Validatable; + +import java.util.Arrays; + +/** + * The request used to clear the cache for native roles stored in an index. + */ +public final class ClearRolesCacheRequest implements Validatable { + + private final String[] names; + + /** + * Sets the roles for which caches will be evicted. When not set all the roles will be evicted from the cache. + * + * @param names The role names + */ + public ClearRolesCacheRequest(String... names) { + this.names = names; + } + + /** + * @return an array of role names that will have the cache evicted or null if all + */ + public String[] names() { + return names; + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ClearRolesCacheRequest that = (ClearRolesCacheRequest) o; + return Arrays.equals(names, that.names); + } + + @Override + public int hashCode() { + return Arrays.hashCode(names); + } +} diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheResponse.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheResponse.java new file mode 100644 index 00000000000..b6b864a37e2 --- /dev/null +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/ClearRolesCacheResponse.java @@ -0,0 +1,109 @@ +/* + * Licensed to Elasticsearch under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.elasticsearch.client.security; + +import org.elasticsearch.client.NodesResponseHeader; +import org.elasticsearch.common.ParseField; +import org.elasticsearch.common.xcontent.ConstructingObjectParser; +import org.elasticsearch.common.xcontent.XContentParser; + +import java.io.IOException; +import java.util.List; +import java.util.Objects; + +/** + * The response object that will be returned when clearing the cache of native roles + */ +public final class ClearRolesCacheResponse { + + @SuppressWarnings("unchecked") + private static final ConstructingObjectParser PARSER = + new ConstructingObjectParser<>("clear_roles_cache_response", false, + args -> new ClearRolesCacheResponse((List)args[0], (NodesResponseHeader) args[1], (String) args[2])); + + static { + PARSER.declareNamedObjects(ConstructingObjectParser.constructorArg(), (p, c, n) -> Node.PARSER.apply(p, n), + new ParseField("nodes")); + PARSER.declareObject(ConstructingObjectParser.constructorArg(), NodesResponseHeader::fromXContent, new ParseField("_nodes")); + PARSER.declareString(ConstructingObjectParser.constructorArg(), new ParseField("cluster_name")); + } + + private final List nodes; + private final NodesResponseHeader header; + private final String clusterName; + + public ClearRolesCacheResponse(List nodes, NodesResponseHeader header, String clusterName) { + this.nodes = nodes; + this.header = header; + this.clusterName = Objects.requireNonNull(clusterName, "cluster name must be provided"); + } + + /** returns a list of nodes in which the cache was cleared */ + public List getNodes() { + return nodes; + } + + /** + * Get the cluster name associated with all of the nodes. + * + * @return Never {@code null}. + */ + public String getClusterName() { + return clusterName; + } + + /** + * Gets information about the number of total, successful and failed nodes the request was run on. + * Also includes exceptions if relevant. + */ + public NodesResponseHeader getHeader() { + return header; + } + + public static class Node { + + private static final ConstructingObjectParser PARSER = + new ConstructingObjectParser<>("clear_roles_cache_response_node", false, (args, id) -> new Node(id, (String) args[0])); + + static { + PARSER.declareString(ConstructingObjectParser.constructorArg(), new ParseField("name")); + } + + private final String id; + private final String name; + + public Node(String id, String name) { + this.id = id; + this.name = name; + } + + public String getId() { + return id; + } + + public String getName() { + return name; + } + } + + public static ClearRolesCacheResponse fromXContent(XContentParser parser) throws IOException { + return PARSER.parse(parser, null); + } +} diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java index ac1b9b6753a..96b4b311490 100644 --- a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java @@ -29,6 +29,8 @@ import org.elasticsearch.client.Request; import org.elasticsearch.client.RequestOptions; import org.elasticsearch.client.RestHighLevelClient; import org.elasticsearch.client.security.ChangePasswordRequest; +import org.elasticsearch.client.security.ClearRolesCacheRequest; +import org.elasticsearch.client.security.ClearRolesCacheResponse; import org.elasticsearch.client.security.DeleteRoleMappingRequest; import org.elasticsearch.client.security.DeleteRoleMappingResponse; import org.elasticsearch.client.security.DeleteRoleRequest; @@ -57,6 +59,8 @@ import java.util.List; import java.util.concurrent.CountDownLatch; import java.util.concurrent.TimeUnit; +import static org.hamcrest.Matchers.empty; +import static org.hamcrest.Matchers.not; import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder; public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { @@ -250,6 +254,53 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { } } + + public void testClearRolesCache() throws Exception { + RestHighLevelClient client = highLevelClient(); + { + //tag::clear-roles-cache-request + ClearRolesCacheRequest request = new ClearRolesCacheRequest("my_role"); + //end::clear-roles-cache-request + //tag::clear-roles-cache-execute + ClearRolesCacheResponse response = client.security().clearRolesCache(request, RequestOptions.DEFAULT); + //end::clear-roles-cache-execute + + assertNotNull(response); + assertThat(response.getNodes(), not(empty())); + + //tag::clear-roles-cache-response + List nodes = response.getNodes(); // <1> + //end::clear-roles-cache-response + } + + { + //tag::clear-roles-cache-execute-listener + ClearRolesCacheRequest request = new ClearRolesCacheRequest("my_role"); + ActionListener listener = new ActionListener() { + @Override + public void onResponse(ClearRolesCacheResponse clearRolesCacheResponse) { + // <1> + } + + @Override + public void onFailure(Exception e) { + // <2> + } + }; + //end::clear-roles-cache-execute-listener + + // Replace the empty listener by a blocking listener in test + final CountDownLatch latch = new CountDownLatch(1); + listener = new LatchedActionListener<>(listener, latch); + + // tag::clear-roles-cache-execute-async + client.security().clearRolesCacheAsync(request, RequestOptions.DEFAULT, listener); // <1> + // end::clear-roles-cache-execute-async + + assertTrue(latch.await(30L, TimeUnit.SECONDS)); + } + } + public void testGetSslCertificates() throws Exception { RestHighLevelClient client = highLevelClient(); { @@ -316,7 +367,6 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { // <2> } }; - // end::get-certificates-execute-listener // Replace the empty listener by a blocking listener in test @@ -352,7 +402,7 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { ChangePasswordRequest request = new ChangePasswordRequest("change_password_user", password, RefreshPolicy.NONE); ActionListener listener = new ActionListener() { @Override - public void onResponse(EmptyResponse emptyResponse) { + public void onResponse(EmptyResponse response) { // <1> } diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/security/ClearRolesCacheResponseTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/ClearRolesCacheResponseTests.java new file mode 100644 index 00000000000..068b6ec4529 --- /dev/null +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/ClearRolesCacheResponseTests.java @@ -0,0 +1,74 @@ +/* + * Licensed to Elasticsearch under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.elasticsearch.client.security; + +import org.elasticsearch.ElasticsearchException; +import org.elasticsearch.common.Strings; +import org.elasticsearch.common.xcontent.DeprecationHandler; +import org.elasticsearch.common.xcontent.NamedXContentRegistry; +import org.elasticsearch.common.xcontent.XContentParser; +import org.elasticsearch.common.xcontent.json.JsonXContent; +import org.elasticsearch.test.ESTestCase; + +import java.io.IOException; + +import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.empty; +import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.hasSize; + +public class ClearRolesCacheResponseTests extends ESTestCase { + + public void testParseFromXContent() throws IOException { + final ElasticsearchException exception = new ElasticsearchException("test"); + final String nodesHeader = "\"_nodes\": { \"total\": 2, \"successful\": 1, \"failed\": 1, \"failures\": [ " + + Strings.toString(exception) + "] },"; + final String clusterName = "\"cluster_name\": \"cn\","; + try (XContentParser parser = JsonXContent.jsonXContent.createParser(NamedXContentRegistry.EMPTY, + DeprecationHandler.THROW_UNSUPPORTED_OPERATION, "{" + nodesHeader + clusterName + "\"nodes\" : {} }")) { + + ClearRolesCacheResponse response = ClearRolesCacheResponse.fromXContent(parser); + assertNotNull(response); + assertThat(response.getNodes(), empty()); + assertThat(response.getClusterName(), equalTo("cn")); + assertThat(response.getHeader().getSuccessful(), equalTo(1)); + assertThat(response.getHeader().getFailed(), equalTo(1)); + assertThat(response.getHeader().getTotal(), equalTo(2)); + assertThat(response.getHeader().getFailures(), hasSize(1)); + assertThat(response.getHeader().getFailures().get(0).getMessage(), containsString("reason=test")); + } + + try (XContentParser parser = JsonXContent.jsonXContent.createParser(NamedXContentRegistry.EMPTY, + DeprecationHandler.THROW_UNSUPPORTED_OPERATION, + "{" + nodesHeader + clusterName + "\"nodes\" : { " + + "\"id1\": { \"name\": \"a\"}, " + + "\"id2\": { \"name\": \"b\"}" + + "}}")) { + + ClearRolesCacheResponse response = ClearRolesCacheResponse.fromXContent(parser); + assertNotNull(response); + assertThat(response.getNodes(), hasSize(2)); + assertThat(response.getNodes().get(0).getId(), equalTo("id1")); + assertThat(response.getNodes().get(0).getName(), equalTo("a")); + assertThat(response.getNodes().get(1).getId(), equalTo("id2")); + assertThat(response.getNodes().get(1).getName(), equalTo("b")); + } + } +} diff --git a/docs/java-rest/high-level/security/clear-roles-cache.asciidoc b/docs/java-rest/high-level/security/clear-roles-cache.asciidoc new file mode 100644 index 00000000000..851824bab5f --- /dev/null +++ b/docs/java-rest/high-level/security/clear-roles-cache.asciidoc @@ -0,0 +1,32 @@ + +-- +:api: clear-roles-cache +:request: ClearRolesCacheRequest +:response: ClearRolesCacheResponse +-- + +[id="{upid}-{api}"] +=== Clear Roles Cache API + +[id="{upid}-{api}-request"] +==== Clear Roles Cache Request + +A +{request}+ supports defining the name of roles that the cache should be cleared for. + +["source","java",subs="attributes,callouts,macros"] +-------------------------------------------------- +include-tagged::{doc-tests-file}[{api}-request] +-------------------------------------------------- + +include::../execution.asciidoc[] + +[id="{upid}-{api}-response"] +==== Clear Roles Cache Response + +The returned +{response}+ allows to retrieve information about where the cache was cleared. + +["source","java",subs="attributes,callouts,macros"] +-------------------------------------------------- +include-tagged::{doc-tests-file}[{api}-response] +-------------------------------------------------- +<1> the list of nodes that the cache was cleared on diff --git a/docs/java-rest/high-level/supported-apis.asciidoc b/docs/java-rest/high-level/supported-apis.asciidoc index c8d16954abe..f5aecdc1af1 100644 --- a/docs/java-rest/high-level/supported-apis.asciidoc +++ b/docs/java-rest/high-level/supported-apis.asciidoc @@ -322,6 +322,7 @@ The Java High Level REST Client supports the following Security APIs: * <> * <> * <> +* <<{upid}-clear-roles-cache>> * <> * <> * <> @@ -331,6 +332,7 @@ include::security/enable-user.asciidoc[] include::security/disable-user.asciidoc[] include::security/change-password.asciidoc[] include::security/delete-role.asciidoc[] +include::security/clear-roles-cache.asciidoc[] include::security/get-certificates.asciidoc[] include::security/put-role-mapping.asciidoc[] include::security/delete-role-mapping.asciidoc[]