Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
250 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
class TssFolderLookup { | ||
[int]$Id | ||
[string]$FolderName | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
TOPIC | ||
This help topic describes the TssFolderLookup class in the Thycotic.SecretServer module | ||
|
||
CLASS | ||
TssFolderLookup | ||
|
||
INHERITANCE | ||
None | ||
|
||
DESCRIPTION | ||
The TssFolderLookup class represents the FolderLookup object returned by Secret Server endpoint GET /folders/lookup | ||
|
||
CONSTRUCTORS | ||
new() | ||
|
||
PROPERTIES | ||
Documented in the REST API doc for Secret Server, see FolderLookup definition | ||
|
||
METHODS | ||
|
||
RELATED LINKS: | ||
Find-TssFolder |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
function Find-Folder { | ||
<# | ||
.SYNOPSIS | ||
Find secret folders | ||
.DESCRIPTION | ||
Find secret folders returning Folder ID and Name only | ||
.EXAMPLE | ||
PS C:\> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred | ||
PS C:\> Find-TssFolder -TssSession $session -ParentFolderId 56 | ||
Return folders with Parent Folder ID of 56 | ||
.NOTES | ||
Requires TssSession object returned by New-TssSession | ||
#> | ||
[CmdletBinding()] | ||
[OutputType('TssFolderLookup')] | ||
param ( | ||
# TssSession object created by New-TssSession for auth | ||
[Parameter(Mandatory, | ||
ValueFromPipeline, | ||
Position = 0)] | ||
[TssSession]$TssSession, | ||
|
||
# Parent Folder Id | ||
[Alias("FolderId")] | ||
[int] | ||
$ParentFolderId, | ||
|
||
# Search by text value | ||
[string] | ||
$SearchText, | ||
|
||
# Filter based on folder permission (Owner, Edit, AddSecret, View). Default: View | ||
[ValidateSet('Owner','Edit','AddSecret','View')] | ||
[string] | ||
$PermissionRequired, | ||
|
||
# Sort by specific property (Id, FolderName). Default: FolderName | ||
[ValidateSet('FolderId','FolderName')] | ||
[string] | ||
$SortBy = 'FolderName' | ||
) | ||
begin { | ||
$tssParams = $PSBoundParameters | ||
$invokeParams = @{ } | ||
} | ||
|
||
process { | ||
Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)" | ||
if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) { | ||
$restResponse = $null | ||
$uri = $TssSession.ApiUrl, 'folders/lookup' -join '/' | ||
|
||
switch ($SortBy) { | ||
'FolderName' { $sortByValue = 'value' } | ||
'FolderId' { $sortByValue = 'id' } | ||
} | ||
|
||
$uri = $uri, "sortBy[0].direction=asc&sortBy[0].name=$sortByValue&take=$($TssSession.Take)&filter.folderTypeId=1" -join '?' | ||
|
||
$filters = @() | ||
if ($tssParams.ContainsKey('ParentFolderId')) { | ||
$filters += "filter.parentFolderId=$ParentFolderId" | ||
} | ||
if ($tssParams.ContainsKey('SearchText')) { | ||
$filters += "filter.searchText=$SearchText" | ||
} | ||
if ($tssParams.ContainsKey('Permission')) { | ||
$filters += "filter.permissionRequired=$PermissionRequired" | ||
} | ||
if ($filters) { | ||
$uriFilter = $filters -join '&' | ||
Write-Verbose "Filters: $uriFilter" | ||
$uri = $uri, $uriFilter -join '&' | ||
} | ||
|
||
$invokeParams.Uri = $uri | ||
$invokeParams.Method = 'GET' | ||
|
||
$invokeParams.PersonalAccessToken = $TssSession.AccessToken | ||
Write-Verbose "$($invokeParams.Method) $uri with $body" | ||
try { | ||
$restResponse = Invoke-TssRestApi @invokeParams | ||
} catch { | ||
Write-Warning "Issue on search request" | ||
$err = $_.ErrorDetails.Message | ||
Write-Error $err | ||
} | ||
|
||
if ($restResponse.records.Count -le 0 -and $restResponse.records.Length -eq 0) { | ||
Write-Warning "No Folder found" | ||
} | ||
if ($restResponse.records) { | ||
. $TssFolderLookupObject $restResponse.records | ||
} | ||
} else { | ||
Write-Warning "No valid session found" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<# | ||
.Synopsis | ||
Creates a TssFolderLookup object to output the SecretLookup object | ||
.Description | ||
Creates an instance of the TssFolderLookup class to output a revised SecretLookup object | ||
Parsing the string value into the associated properties | ||
<ID> - <FolderName> | ||
#> | ||
param( | ||
[pscustomobject]$FindRecord | ||
) | ||
begin { | ||
} | ||
process { | ||
$outObject = @() | ||
foreach ($f in $FindRecord) { | ||
$outLookup = [TssFolderLookup]::new() | ||
$outLookup.Id = $f.Id | ||
$outLookup.FolderName = $f.Value | ||
|
||
$outObject += $outLookup | ||
} | ||
return $outObject | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
BeforeDiscovery { | ||
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf | ||
. ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1')) | ||
} | ||
Describe "$commandName verify parameters" { | ||
BeforeDiscovery { | ||
[object[]]$knownParameters = 'TssSession', 'ParentFolderId', 'SearchText', 'PermissionRequired', 'SortBy' | ||
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys | ||
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function') | ||
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru | ||
} | ||
Context "Verify parmaeters" -Foreach @{currentParams = $currentParams} { | ||
It "$commandName should contain <_> parameter" -TestCases $knownParameters { | ||
$_ -in $currentParams | Should -Be $true | ||
} | ||
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters { | ||
$_ | Should -BeNullOrEmpty | ||
} | ||
} | ||
Context "Command specific details" { | ||
It "$commandName should set OutputType to TssFolderLookup" -TestCases $commandDetails { | ||
$_.OutputType.Name | Should -Be 'TssFolderLookup' | ||
} | ||
} | ||
} | ||
Describe "$commandName works" { | ||
BeforeDiscovery { | ||
$session = New-TssSession -SecretServer $ss -Credential $ssCred | ||
$invokeParams = @{ | ||
Uri = "$ss/api/v1/folders?take=$($session.take)" | ||
ExpandProperty = 'records' | ||
PersonalAccessToken = $session.AccessToken | ||
} | ||
$getFolders = Invoke-TssRestApi @invokeParams | ||
$tssSecretFolder = $getFolders.Where({$_.folderName -eq 'tss_module_testing'}) | ||
|
||
$searchText = 'SearchTssSecret' | ||
# Prep work | ||
$findObject = Find-TssFolder -TssSession $session -ParentFolderId $tssSecretFolder.Id | ||
$findTextObject = Find-TssFolder -TssSession $session -SearchText $searchText | ||
|
||
$session.SessionExpire() | ||
$props = 'FolderId', 'Id', 'FolderId' | ||
} | ||
Context "Checking" -Foreach @{findObject = $findObject; findTextObject = $findTextObject} { | ||
It "Should not be empty" { | ||
$findObject | Should -Not -BeNullOrEmpty | ||
$findTextObject | Should -Not -BeNullOrEmpty | ||
} | ||
It "Should output <_> property" -TestCases $props { | ||
$findObject[0].PSObject.Properties.Name | Should -Contain $_ | ||
} | ||
It "Should have <_> in FolderName" -TestCases $searchText { | ||
$findObject.FolderName | Should -Contain $_ | ||
} | ||
It "Should have only pulled <_> Folder" -TestCases $searchText { | ||
$findTextObject.FolderName | Should -Be $_ | ||
} | ||
} | ||
} |