查询用户 API
编辑查询用户 API
编辑先决条件
编辑- 要使用此 API,您必须至少拥有
read_security集群权限。
请求体
编辑您可以在请求体中指定以下参数
-
query -
(可选,字符串)用于过滤要返回的用户的查询。 该查询支持查询类型的子集,包括
match_all、bool、term、terms、match、ids、prefix、wildcard、exists、range和simple query string。您可以查询与用户关联的以下公共值。
query的有效值-
username - 用户的标识符。
-
roles - 分配给用户的角色的角色名称数组。
-
full_name - 用户的全名。
-
email - 用户的电子邮件。
-
enabled - 指定是否启用用户。
-
-
from -
(可选,整数)起始文档偏移量。 需要是非负数,默认为
0。默认情况下,您不能使用
from和size参数浏览超过 10,000 个匹配项。 要浏览更多匹配项,请使用search_after参数。 -
size -
(可选,整数)要返回的匹配项数。 不能为负数,默认为
10。默认情况下,您不能使用
from和size参数浏览超过 10,000 个匹配项。 要浏览更多匹配项,请使用search_after参数。 -
sort - (可选,对象)排序定义。 您可以对
username、roles或enabled进行排序。此外,排序还可以应用于_doc字段,以按索引顺序排序。 -
search_after - (可选,数组)搜索后定义。
示例
编辑以下请求列出所有用户,假设您具有 read_security 权限
resp = client.perform_request(
"GET",
"/_security/_query/user",
)
print(resp)
const response = await client.security.queryUser(); console.log(response);
GET /_security/_query/user
成功调用会返回一个 JSON 结构,其中包含从一个或多个用户检索的信息
{
"total": 2,
"count": 2,
"users": [
{
"username": "jacknich",
"roles": [
"admin",
"other_role1"
],
"full_name": "Jack Nicholson",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true
},
{
"username": "sandrakn",
"roles": [
"admin",
"other_role1"
],
"full_name": "Sandra Knight",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true
}
]
}
如果使用以下详细信息创建用户
resp = client.security.put_user(
username="jacknich",
password="l0ng-r4nd0m-p@ssw0rd",
roles=[
"admin",
"other_role1"
],
full_name="Jack Nicholson",
email="[email protected]",
metadata={
"intelligence": 7
},
)
print(resp)
const response = await client.security.putUser({
username: "jacknich",
password: "l0ng-r4nd0m-p@ssw0rd",
roles: ["admin", "other_role1"],
full_name: "Jack Nicholson",
email: "[email protected]",
metadata: {
intelligence: 7,
},
});
console.log(response);
POST /_security/user/jacknich
{
"password" : "l0ng-r4nd0m-p@ssw0rd",
"roles" : [ "admin", "other_role1" ],
"full_name" : "Jack Nicholson",
"email" : "[email protected]",
"metadata" : {
"intelligence" : 7
}
}
成功调用会返回一个 JSON 结构
{
"created": true
}
使用用户信息,通过查询检索用户
resp = client.perform_request(
"POST",
"/_security/_query/user",
headers={"Content-Type": "application/json"},
body={
"query": {
"prefix": {
"roles": "other"
}
}
},
)
print(resp)
const response = await client.security.queryUser({
query: {
prefix: {
roles: "other",
},
},
});
console.log(response);
POST /_security/_query/user
{
"query": {
"prefix": {
"roles": "other"
}
}
}
成功调用会返回用户的 JSON 结构
{
"total": 1,
"count": 1,
"users": [
{
"username": "jacknich",
"roles": [
"admin",
"other_role1"
],
"full_name": "Jack Nicholson",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true
}
]
}
要检索作为响应一部分的用户的 profile_uid
resp = client.perform_request(
"POST",
"/_security/_query/user",
params={
"with_profile_uid": "true"
},
headers={"Content-Type": "application/json"},
body={
"query": {
"prefix": {
"roles": "other"
}
}
},
)
print(resp)
const response = await client.security.queryUser({
with_profile_uid: "true",
query: {
prefix: {
roles: "other",
},
},
});
console.log(response);
POST /_security/_query/user?with_profile_uid=true
{
"query": {
"prefix": {
"roles": "other"
}
}
}
{
"total": 1,
"count": 1,
"users": [
{
"username": "jacknich",
"roles": [
"admin",
"other_role1"
],
"full_name": "Jack Nicholson",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true,
"profile_uid": "u_79HkWkwmnBH5gqFKwoxggWPjEBOur1zLPXQPEl1VBW0_0"
}
]
}
使用 bool 查询来发出复杂的逻辑条件,并使用 from、size、sort 来帮助分页结果
POST /_security/_query/user
{
"query": {
"bool": {
"must": [
{
"wildcard": {
"email": "*example.com"
}
},
{
"term": {
"enabled": true
}
}
],
"filter": [
{
"wildcard": {
"roles": "*other*"
}
}
]
}
},
"from": 1,
"size": 2,
"sort": [
{ "username": { "order": "desc"} }
]
}
|
电子邮件必须以 |
|
|
必须启用用户 |
|
|
结果将被过滤,仅包含至少包含子字符串 |
|
|
开始搜索结果的偏移量是第二个(基于零的索引)用户 |
|
|
响应的页面大小为 2 个用户 |
|
|
结果按 |
响应包含匹配用户及其排序值的列表
{
"total": 5,
"count": 2,
"users": [
{
"username": "ray",
"roles": [
"other_role3"
],
"full_name": "Ray Nicholson",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true,
"_sort": [
"ray"
]
},
{
"username": "lorraine",
"roles": [
"other_role3"
],
"full_name": "Lorraine Nicholson",
"email": "[email protected]",
"metadata": {
"intelligence": 7
},
"enabled": true,
"_sort": [
"lorraine"
]
}
]
}