# 高度なセキュリティ { #advanced-security }

## 追加機能 { #additional-features }

[チュートリアル - ユーザーガイド: セキュリティ](../../tutorial/security/index.md)で扱ったもの以外にも、セキュリティを扱うための追加機能がいくつかあります。

/// tip | 豆知識

次の節は**必ずしも「高度」ではありません**。

あなたのユースケースでは、その中のいずれかに解決策があるかもしれません。

///

## まずチュートリアルを読む { #read-the-tutorial-first }

以下の節は、すでにメインの[チュートリアル - ユーザーガイド: セキュリティ](../../tutorial/security/index.md)を読んでいることを前提とします。

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Récupérer l'utilisateur { #get-the-user }

`get_current_user` utilisera une fonction utilitaire (factice) que nous avons créée, qui prend un token en `str` et retourne notre modèle Pydantic `User` :

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

Нажмите кнопку "Authorize".

Используйте учётные данные:

Пользователь: `johndoe`

Пароль: `secret`

<img src="/img/tutorial/security/image04.png">

После аутентификации вы увидите следующее:

<img src="/img/tutorial/security/image05.png">

### Получение собственных пользовательских данных { #get-your-own-user-data }

Теперь используйте операцию `GET` с путём `/users/me`.

이전 장에서 (의존성 주입 시스템을 기반으로 한) 보안 시스템은 *경로 처리 함수*에 `str`로 `token`을 제공했습니다:

{* ../../docs_src/security/tutorial001_an_py310.py hl[12] *}

하지만 이는 여전히 그다지 유용하지 않습니다.

현재 사용자를 제공하도록 해봅시다.

## 사용자 모델 생성하기 { #create-a-user-model }

먼저 Pydantic 사용자 모델을 만들어 봅시다.

Pydantic을 사용해 본문을 선언하는 것과 같은 방식으로, 다른 곳에서도 어디서든 사용할 수 있습니다:

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

/**
 * Response for SMB1 NT Transaction security descriptor query.
 *
 * This response contains the Windows security descriptor retrieved
 * from the server, including access control information.
 */
public class NtTransQuerySecurityDescResponse extends SmbComNtTransactionResponse {

    private SecurityDescriptor securityDescriptor;

    /**
     * Constructs an NT transaction query security descriptor response.

Si le jeton est invalide, renvoyez immédiatement une erreur HTTP.

{* ../../docs_src/security/tutorial004_an_py310.py hl[93:110] *}

## Mettre à jour le *chemin d'accès* `/token` { #update-the-token-path-operation }

Créez un `timedelta` avec la durée d'expiration du jeton.

Créez un véritable jeton d'accès JWT et renvoyez-le.

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

     */
    int DELETE = 0x00010000; // 16
    /**
     * Permission to read the security descriptor
     */
    int READ_CONTROL = 0x00020000; // 17
    /**
     * Permission to write the discretionary access control list
     */
    int WRITE_DAC = 0x00040000; // 18
    /**
     * Permission to change the owner in the security descriptor
     */
    int WRITE_OWNER = 0x00080000; // 19
    /**

    /**
     * Constructs a new PacSidAttributes instance.
     *
     * @param id the Security Identifier
     * @param attributes the attribute flags associated with the SID
     */
    public PacSidAttributes(final SID id, final int attributes) {
        this.id = id;
        this.attributes = attributes;
    }

    /**
     * Gets the Security Identifier.
     *
     * @return the SID associated with this instance
     */

check your OS is [supported](https://www.elastic.co/support/matrix#show_os).
If it is not, the issue is likely to be closed.

For security vulnerabilities please only send reports to security@elastic.co.
See https://www.elastic.co/community/security for more information.

Please fill in the following details to help us reproduce the bug:
-->

**Elasticsearch version** (`bin/elasticsearch --version`):

* Importe `HTTPBasic` e `HTTPBasicCredentials`.
* Crie um "esquema `security`" utilizando `HTTPBasic`.
* Utilize o `security` com uma dependência em sua *operação de rota*.
* Isso retorna um objeto do tipo `HTTPBasicCredentials`:
    * Isto contém o `username` e o `password` enviado.

{* ../../docs_src/security/tutorial006_an_py310.py hl[4,8,12] *}