lqb
/
elasticsearch
镜像来自 https://gitee.com/mirrors/elasticsearch.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
							[role="xpack"]
[[security-api-update-user-profile-data]]
=== Update user profile data API
++++
<titleabbrev>Update user profile data</titleabbrev>
++++

NOTE: The user profile feature is designed only for use by {kib} and
Elastic’s {observability}, {ents}, and {elastic-sec} solutions. Individual
users and external applications should not call this API directly. Elastic reserves
the right to change or remove this feature in future releases without prior notice.

Updates specific data for the user profile that's associated with the specified
unique ID.

[[security-api-update-user-profile-data-request]]
==== {api-request-title}

`POST /_security/profile/<uid>/_data`

[[security-api-update-user-profile-data-prereqs]]
==== {api-prereq-title}

To use this API, you must have one of the following privileges:

* The `manage_user_profile` cluster privilege.
* The `update_profile_data` global privilege for the namespaces that are
referenced in the request.

[[security-api-update-user-profile-data-desc]]
==== {api-description-title}

The update user profile API updates the `labels` and `data` fields of an
existing user profile document with JSON objects. New keys and their values are
added to the profile document, and conflicting keys are replaced by data that's
included in the request.

For both `labels` and `data`, content is namespaced by the top-level fields.
The `update_profile_data` global privilege grants privileges for updating only
the allowed namespaces.

[[security-api-update-user-profile-data-path-params]]
==== {api-path-parms-title}

`uid`::
(Required, string) A unique identifier for the user profile.

[[security-api-update-user-profile-data-query-params]]
==== {api-query-parms-title}

include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=if_seq_no]

include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=if_primary_term]

include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=refresh]

`uid`::
(Required, string) A unique identifier for the user profile.

[[security-api-update-user-profile-data-request-body]]
==== {api-request-body-title}

`labels`::
(Required*, object)
Searchable data that you want to associate with the user profile.
This field supports a nested data structure. Within the `labels` object,
top-level keys cannot begin with an underscore (`_`) or contain a period (`.`).

`data`::
(Required*, object)
Non-searchable data that you want to associate with the user profile.
This field supports a nested data structure. Within the `data` object, top-level
keys cannot begin with an underscore (`_`) or contain a period (`.`)
The `data` object is not searchable, but can be retrieved with the
<<security-api-get-user-profile,Get user profile API>>.

*Indicates that the setting is required in some, but not all situations.

[[security-api-update-user-profile-data-response-body]]
==== {api-response-body-title}

A successful update user profile data API call returns a JSON structure
indicating that the request is acknowledged:

[source,js]
----
{
  "acknowledged": true
}
----
// NOTCONSOLE

[[security-api-update-user-profile-data-example]]
==== {api-examples-title}

The following request updates a profile document for a `uid` matching
`u_P_0BMHgaOK3p7k-PFWUCbw9dQ-UFjt01oWJ_Dp2PmPc_0`:

[source,console]
----
POST /_security/profile/u_P_0BMHgaOK3p7k-PFWUCbw9dQ-UFjt01oWJ_Dp2PmPc_0/_data
{
  "labels": {
    "direction": "east"
  },
  "data": {
    "app1": {
      "theme": "default"
    }
  }
}
----
// TEST[setup:user_profiles]

You can update the profile data to replace some keys and add new keys:

[source,console]
----
POST /_security/profile/u_P_0BMHgaOK3p7k-PFWUCbw9dQ-UFjt01oWJ_Dp2PmPc_0/_data
{
  "labels": {
    "direction": "west"
  },
  "data": {
    "app1": {
      "font": "large"
    }
  }
}
----
// TEST[continued]

If you get the profile now, the consolidated profile data is returned:
[source,console]
----
GET /_security/profile/u_P_0BMHgaOK3p7k-PFWUCbw9dQ-UFjt01oWJ_Dp2PmPc_0?data=*
----
// TEST[continued]

[source,console-result]
----
{
  "profiles": [
    {
      "uid": "u_P_0BMHgaOK3p7k-PFWUCbw9dQ-UFjt01oWJ_Dp2PmPc_0",
      "enabled": true,
      "last_synchronized": 1642650651037,
      "user": {
        "username": "jackrea",
        "roles": [
          "admin"
        ],
        "realm_name": "native",
        "full_name": "Jack Reacher",
        "email": "jackrea@example.com"
      },
      "labels": {
        "direction": "west"
      },
      "data": {
        "app1": {
          "theme": "default",
          "font": "large"
        }
      },
      "_doc": {
        "_primary_term": 88,
        "_seq_no": 66
      }
    }
  ]
}
----
// TESTRESPONSE[s/1642650651037/$body.profiles.0.last_synchronized/]
// TESTRESPONSE[s/88/$body.profiles.0._doc._primary_term/]
// TESTRESPONSE[s/66/$body.profiles.0._doc._seq_no/]