elastic · bizybot · Oct 19, 2018 · Oct 4, 2018 · Oct 17, 2018 · Oct 17, 2018
diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java
@@ -30,6 +30,8 @@
 import org.elasticsearch.client.security.PutUserResponse;
 import org.elasticsearch.client.security.EmptyResponse;
 import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingResponse;
 
 import java.io.IOException;
 
@@ -221,4 +223,33 @@ public void changePasswordAsync(ChangePasswordRequest request, RequestOptions op
         restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::changePassword, options,
             EmptyResponse::fromXContent, listener, emptySet());
     }
+
+    /**
+     * Delete a role mapping.
+     * See <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role-mapping.html">
+     * the docs</a> for more.
+     * @param request the request with the role mapping name to be deleted.
+     * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized
+     * @return the response from the delete role mapping call
+     * @throws IOException in case there is a problem sending the request or parsing back the response
+     */
+    public DeleteRoleMappingResponse deleteRoleMapping(DeleteRoleMappingRequest request, RequestOptions options) throws IOException {
+        return restHighLevelClient.performRequestAndParseEntity(request, SecurityRequestConverters::deleteRoleMapping, options,
+                DeleteRoleMappingResponse::fromXContent, emptySet());
+    }
+
+    /**
+     * Asynchronously delete a role mapping.
+     * See <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role-mapping.html">
+     * the docs</a> for more.
+     * @param request the request with the role mapping name to be deleted.
+     * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized
+     * @param listener the listener to be notified upon request completion
+     */
+    public void deleteRoleMappingAsync(DeleteRoleMappingRequest request, RequestOptions options,
+            ActionListener<DeleteRoleMappingResponse> listener) {
+        restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::deleteRoleMapping, options,
+                DeleteRoleMappingResponse::fromXContent, listener, emptySet());
+    }
+
 }
diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java
@@ -19,12 +19,14 @@
 
 package org.elasticsearch.client;
 
+import org.apache.http.client.methods.HttpDelete;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.methods.HttpPut;
 import org.elasticsearch.client.security.PutRoleMappingRequest;
 import org.elasticsearch.client.security.DisableUserRequest;
 import org.elasticsearch.client.security.EnableUserRequest;
 import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
 import org.elasticsearch.client.security.PutUserRequest;
 import org.elasticsearch.client.security.SetUserEnabledRequest;
 
@@ -93,4 +95,16 @@ private static Request setUserEnabled(SetUserEnabledRequest setUserEnabledReques
         params.withRefreshPolicy(setUserEnabledRequest.getRefreshPolicy());
         return request;
     }
+
+    static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingRequest) throws IOException {
+        final String endpoint = new RequestConverters.EndpointBuilder()
+            .addPathPartAsIs("_xpack/security/role_mapping")
+            .addPathPart(deleteRoleMappingRequest.getName())
+            .build();
+        final Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
+        final RequestConverters.Params params = new RequestConverters.Params(request);
+        params.withRefreshPolicy(deleteRoleMappingRequest.getRefreshPolicy());
+        return request;
+    }
+
 }
diff --git a/...-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingRequest.java b/...-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingRequest.java
@@ -0,0 +1,79 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.client.Validatable;
+import org.elasticsearch.common.Nullable;
+import org.elasticsearch.common.Strings;
+
+import java.util.Objects;
+
+/**
+ * Request object to delete a role mapping.
+ */
+public final class DeleteRoleMappingRequest implements Validatable {
+    private final String name;
+    private final RefreshPolicy refreshPolicy;
+
+    /**
+     * Constructor for DeleteRoleMappingRequest
+     *
+     * @param name role mapping name to be deleted
+     * @param refreshPolicy refresh policy {@link RefreshPolicy} for the
+     * request, defaults to {@link RefreshPolicy#getDefault()}
+     */
+    public DeleteRoleMappingRequest(final String name, @Nullable final RefreshPolicy refreshPolicy) {
+        if (Strings.hasText(name) == false) {
+            throw new IllegalArgumentException("role-mapping name is required");
+        }
+        this.name = name;
+        this.refreshPolicy = (refreshPolicy == null) ? RefreshPolicy.getDefault() : refreshPolicy;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public RefreshPolicy getRefreshPolicy() {
+        return refreshPolicy;
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(name, refreshPolicy);
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+        if (obj == null) {
+            return false;
+        }
+        if (getClass() != obj.getClass()) {
+            return false;
+        }
+        final DeleteRoleMappingRequest other = (DeleteRoleMappingRequest) obj;
+
+        return (refreshPolicy == other.refreshPolicy) && Objects.equals(name, other.name);
+    }
+
+}
diff --git a/...high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingResponse.java b/...high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingResponse.java
@@ -0,0 +1,74 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.common.ParseField;
+import org.elasticsearch.common.xcontent.ConstructingObjectParser;
+import org.elasticsearch.common.xcontent.XContentParser;
+
+import java.io.IOException;
+import java.util.Objects;
+
+import static org.elasticsearch.common.xcontent.ConstructingObjectParser.constructorArg;
+
+/**
+ * Response when deleting a role mapping. If the mapping is successfully
+ * deleted, the response returns a boolean field "found" {@code true}.
+ * Otherwise, "found" is set to {@code false}.
+ */
+public final class DeleteRoleMappingResponse {
+
+    private final boolean found;
+
+    public DeleteRoleMappingResponse(boolean deleted) {
+        this.found = deleted;
+    }
+
+    public boolean isFound() {
+        return found;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        final DeleteRoleMappingResponse that = (DeleteRoleMappingResponse) o;
+        return found == that.found;
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(found);
+    }
+
+    private static final ConstructingObjectParser<DeleteRoleMappingResponse, Void> PARSER = new ConstructingObjectParser<>(
+            "delete_role_mapping_response", true, args -> new DeleteRoleMappingResponse((boolean) args[0]));
+    static {
+        PARSER.declareBoolean(constructorArg(), new ParseField("found"));
+    }
+
+    public static DeleteRoleMappingResponse fromXContent(XContentParser parser) throws IOException {
+        return PARSER.parse(parser, null);
+    }
+}
diff --git a/...est-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java b/...est-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java
@@ -19,11 +19,13 @@
 
 package org.elasticsearch.client;
 
+import org.apache.http.client.methods.HttpDelete;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.methods.HttpPut;
 import org.elasticsearch.client.security.DisableUserRequest;
 import org.elasticsearch.client.security.EnableUserRequest;
 import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
 import org.elasticsearch.client.security.PutRoleMappingRequest;
 import org.elasticsearch.client.security.PutUserRequest;
 import org.elasticsearch.client.security.RefreshPolicy;
@@ -155,4 +157,24 @@ public void testSelfChangePassword() throws IOException {
         assertEquals(expectedParams, request.getParameters());
         assertToXContentBody(changePasswordRequest, request.getEntity());
     }
+
+    public void testDeleteRoleMapping() throws IOException {
+        final String roleMappingName = randomAlphaOfLengthBetween(4, 7);
+        final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values());
+        final Map<String, String> expectedParams;
+        if (refreshPolicy != RefreshPolicy.NONE) {
+            expectedParams = Collections.singletonMap("refresh", refreshPolicy.getValue());
+        } else {
+            expectedParams = Collections.emptyMap();
+        }
+        final DeleteRoleMappingRequest deleteRoleMappingRequest = new DeleteRoleMappingRequest(roleMappingName, refreshPolicy);
+
+        final Request request = SecurityRequestConverters.deleteRoleMapping(deleteRoleMappingRequest);
+
+        assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
+        assertEquals("/_xpack/security/role_mapping/" + roleMappingName, request.getEndpoint());
+        assertEquals(expectedParams, request.getParameters());
+        assertNull(request.getEntity());
+    }
+
 }
diff --git a/...h-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java b/...h-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java
@@ -25,6 +25,8 @@
 import org.elasticsearch.client.RequestOptions;
 import org.elasticsearch.client.RestHighLevelClient;
 import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingResponse;
 import org.elasticsearch.client.security.DisableUserRequest;
 import org.elasticsearch.client.security.EmptyResponse;
 import org.elasticsearch.client.security.EnableUserRequest;
@@ -34,10 +36,10 @@
 import org.elasticsearch.client.security.PutUserRequest;
 import org.elasticsearch.client.security.PutUserResponse;
 import org.elasticsearch.client.security.RefreshPolicy;
-import org.elasticsearch.client.security.support.CertificateInfo;
 import org.elasticsearch.client.security.support.expressiondsl.RoleMapperExpression;
-import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
 import org.elasticsearch.client.security.support.expressiondsl.fields.FieldRoleMapperExpression;
+import org.elasticsearch.client.security.support.CertificateInfo;
+import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
 import org.hamcrest.Matchers;
 
 import java.util.Collections;
@@ -361,4 +363,58 @@ public void onFailure(Exception e) {
             assertTrue(latch.await(30L, TimeUnit.SECONDS));
         }
     }
+
+    public void testDeleteRoleMapping() throws Exception {
+        final RestHighLevelClient client = highLevelClient();
+
+        {
+            // Create role mappings
+            final RoleMapperExpression rules = FieldRoleMapperExpression.ofUsername("*");
+            final PutRoleMappingRequest request = new PutRoleMappingRequest("mapping-example", true, Collections.singletonList("superuser"),
+                    rules, null, RefreshPolicy.NONE);
+            final PutRoleMappingResponse response = client.security().putRoleMapping(request, RequestOptions.DEFAULT);
+            boolean isCreated = response.isCreated();
+            assertTrue(isCreated);
+        }
+
+        {
+            // tag::delete-role-mapping-execute
+            final DeleteRoleMappingRequest request = new DeleteRoleMappingRequest("mapping-example", RefreshPolicy.NONE);
+            final DeleteRoleMappingResponse response = client.security().deleteRoleMapping(request, RequestOptions.DEFAULT);
+            // end::delete-role-mapping-execute
+            // tag::delete-role-mapping-response
+            boolean isFound = response.isFound(); // <1>
+            // end::delete-role-mapping-response
+
+            assertTrue(isFound);
+        }
+
+        {
+            final DeleteRoleMappingRequest request = new DeleteRoleMappingRequest("mapping-example", RefreshPolicy.NONE);
+            // tag::delete-role-mapping-execute-listener
+            ActionListener<DeleteRoleMappingResponse> listener = new ActionListener<DeleteRoleMappingResponse>() {
+                @Override
+                public void onResponse(DeleteRoleMappingResponse response) {
+                    // <1>
+                }
+
+                @Override
+                public void onFailure(Exception e) {
+                    // <2>
+                }
+            };
+            // end::delete-role-mapping-execute-listener
+
+            // Replace the empty listener by a blocking listener in test
+            final CountDownLatch latch = new CountDownLatch(1);
+            listener = new LatchedActionListener<>(listener, latch);
+
+            // tag::delete-role-mapping-execute-async
+            client.security().deleteRoleMappingAsync(request, RequestOptions.DEFAULT, listener); // <1>
+            // end::delete-role-mapping-execute-async
+
+            assertTrue(latch.await(30L, TimeUnit.SECONDS));
+        }
+    }
+
 }