From ba9f3d4b65beb76687902cfbf6105ca7e1acc783 Mon Sep 17 00:00:00 2001
From: Aleksander Zaruczewski <aleks@aiven.io>
Date: Tue, 5 Sep 2023 18:15:45 +0300
Subject: [PATCH] chore(opensearch): port security plugin endpoints to v2
 (#312)

---
 client.go                     |  2 +
 opensearch_security_plugin.go | 95 +++++++++++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)
 create mode 100644 opensearch_security_plugin.go

diff --git a/client.go b/client.go
index 3aaf716..2e6a6b6 100644
--- a/client.go
+++ b/client.go
@@ -94,6 +94,7 @@ type Client struct {
 	OrganizationUserInvitations     *OrganizationUserInvitationsHandler
 	OrganizationUserGroups          *OrganizationUserGroupHandler
 	OrganizationUserGroupMembers    *OrganizationUserGroupMembersHandler
+	OpenSearchSecurityPluginHandler *OpenSearchSecurityPluginHandler
 }
 
 // GetUserAgentOrDefault configures a default userAgent value, if one has not been provided.
@@ -268,6 +269,7 @@ func (c *Client) Init() {
 	c.OrganizationUserInvitations = &OrganizationUserInvitationsHandler{c}
 	c.OrganizationUserGroups = &OrganizationUserGroupHandler{c}
 	c.OrganizationUserGroupMembers = &OrganizationUserGroupMembersHandler{c}
+	c.OpenSearchSecurityPluginHandler = &OpenSearchSecurityPluginHandler{c}
 }
 
 func (c *Client) doGetRequest(ctx context.Context, endpoint string, req interface{}) ([]byte, error) {
diff --git a/opensearch_security_plugin.go b/opensearch_security_plugin.go
new file mode 100644
index 0000000..b96b36b
--- /dev/null
+++ b/opensearch_security_plugin.go
@@ -0,0 +1,95 @@
+// Package aiven provides a client for using the Aiven API.
+package aiven
+
+import "context"
+
+type (
+	// OpenSearchSecurityPluginHandler is the handler that interacts with the OpenSearch Security Plugin API.
+	OpenSearchSecurityPluginHandler struct {
+		// client is the API client to use.
+		client *Client
+	}
+
+	// OpenSearchSecurityPluginConfigurationStatusResponse is the response when getting the status of the OpenSearch
+	// Security Plugin.
+	OpenSearchSecurityPluginConfigurationStatusResponse struct {
+		APIResponse
+
+		// SecurityPluginAdminEnabled is true if the admin user is defined in the OpenSearch Security Plugin.
+		SecurityPluginAdminEnabled bool `json:"security_plugin_admin_enabled"`
+		// SecurityPluginAvailable is true if the OpenSearch Security Plugin is available.
+		SecurityPluginAvailable bool `json:"security_plugin_available"`
+		// SecurityPluginEnabled is true if the OpenSearch Security Plugin is enabled.
+		SecurityPluginEnabled bool `json:"security_plugin_enabled"`
+	}
+
+	// OpenSearchSecurityPluginEnableRequest is the request to enable the OpenSearch Security Plugin.
+	OpenSearchSecurityPluginEnableRequest struct {
+		// AdminPassword is the admin password.
+		AdminPassword string `json:"admin_password"`
+	}
+
+	// OpenSearchSecurityPluginUpdatePasswordRequest is the request to update the password of the admin user.
+	OpenSearchSecurityPluginUpdatePasswordRequest struct {
+		// AdminPassword is the current admin password.
+		AdminPassword string `json:"admin_password"`
+		// NewPassword is the new admin password.
+		NewPassword string `json:"new_password"`
+	}
+)
+
+// Get gets the status of the OpenSearch Security Plugin.
+func (h *OpenSearchSecurityPluginHandler) Get(
+	ctx context.Context,
+	project string,
+	service string,
+) (*OpenSearchSecurityPluginConfigurationStatusResponse, error) {
+	path := buildPath("project", project, "service", service, "opensearch", "security")
+
+	bts, err := h.client.doGetRequest(ctx, path, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var r OpenSearchSecurityPluginConfigurationStatusResponse
+
+	return &r, checkAPIResponse(bts, &r)
+}
+
+// Enable enables the OpenSearch Security Plugin and sets the password of the admin user.
+func (h *OpenSearchSecurityPluginHandler) Enable(
+	ctx context.Context,
+	project string,
+	service string,
+	req OpenSearchSecurityPluginEnableRequest,
+) (*OpenSearchSecurityPluginConfigurationStatusResponse, error) {
+	path := buildPath("project", project, "service", service, "opensearch", "security", "admin")
+
+	bts, err := h.client.doPostRequest(ctx, path, req)
+	if err != nil {
+		return nil, err
+	}
+
+	var r OpenSearchSecurityPluginConfigurationStatusResponse
+
+	return &r, checkAPIResponse(bts, &r)
+}
+
+// UpdatePassword updates the password of the admin user.
+func (h *OpenSearchSecurityPluginHandler) UpdatePassword(
+	ctx context.Context,
+	project string,
+	service string,
+	req OpenSearchSecurityPluginUpdatePasswordRequest,
+) (*OpenSearchSecurityPluginConfigurationStatusResponse, error) {
+	path := buildPath("project", project, "service", service, "opensearch", "security", "admin")
+
+	bts, err := h.client.doPutRequest(ctx, path, req)
+	if err != nil {
+		return nil, err
+	}
+
+	var r OpenSearchSecurityPluginConfigurationStatusResponse
+
+	return &r, checkAPIResponse(bts, &r)
+}