mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-03-09 14:34:43 +00:00
08fdac5a93
* [DOCS] Move security APIs to Elasticsearch Ref * [DOCS] Update links to security APIs * [DOCS] Fix link to security APIs Original commit: elastic/x-pack-elasticsearch@d7a9d3f1ab
65 lines
1.5 KiB
Plaintext
65 lines
1.5 KiB
Plaintext
[role="xpack"]
|
|
[[security-api-privileges]]
|
|
=== Privilege APIs
|
|
|
|
[[security-api-has-privilege]]
|
|
|
|
The `has_privileges` API allows you to determine whether the logged in user has
|
|
a specified list of privileges.
|
|
|
|
All users can use this API, but only to determine their own privileges.
|
|
To check the privileges of other users, you must use the run as feature. For
|
|
more information, see
|
|
{xpack-ref}/run-as-privilege.html[Submitting Requests on Behalf of Other Users].
|
|
|
|
To check you privileges, submit a GET request to the
|
|
`_xpack/security/user/_has_privileges` endpoint:
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
GET _xpack/security/user/_has_privileges
|
|
{
|
|
"cluster": [ "monitor", "manage" ],
|
|
"index" : [
|
|
{
|
|
"names": [ "suppliers", "products" ],
|
|
"privileges": [ "read" ]
|
|
},
|
|
{
|
|
"names": [ "inventory" ],
|
|
"privileges" : [ "read", "write" ]
|
|
}
|
|
]
|
|
}
|
|
--------------------------------------------------
|
|
// CONSOLE
|
|
|
|
A successful call returns a JSON structure that shows whether each specified
|
|
privilege is assigned to the user
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
{
|
|
"username": "rdeniro",
|
|
"has_all_requested" : false,
|
|
"cluster" : {
|
|
"monitor" : true,
|
|
"manage" : false
|
|
},
|
|
"index" : {
|
|
"suppliers" : {
|
|
"read" : true
|
|
},
|
|
"products" : {
|
|
"read" : true
|
|
},
|
|
"inventory" : {
|
|
"read" : true,
|
|
"write" : false
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE[s/"rdeniro"/"$body.username"/]
|
|
// TESTRESPONSE[s/: false/: true/]
|