Get-TssConfigurationSecurity - new command

docs/commands/configurations/Get-TssConfigurationSecurity.md

@@ -0,0 +1,58 @@
+# Get-TssConfigurationSecurity
+
+## SYNOPSIS
+Get security configuration
+
+## SYNTAX
+
+```
+Get-TssConfigurationSecurity [-TssSession] <Session> [<CommonParameters>]
+```
+
+## DESCRIPTION
+Get security configuration
+
+## EXAMPLES
+
+### EXAMPLE 1
+```
+$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+Get-TssConfigurationSecurity -TssSession $session
+```
+
+Returns security configuration for Secret Server
+
+## PARAMETERS
+
+### -TssSession
+TssSession object created by New-TssSession for authentication
+
+```yaml
+Type: Session
+Parameter Sets: (All)
+Aliases:
+
+Required: True
+Position: 1
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+## OUTPUTS
+
+### Thycotic.PowerShell.Configuration.Security
+## NOTES
+Requires TssSession object returned by New-TssSession
+
+## RELATED LINKS
+
+[https://thycotic-ps.github.io/thycotic.secretserver/commands/configurations/Get-TssConfigurationSecurity](https://thycotic-ps.github.io/thycotic.secretserver/commands/configurations/Get-TssConfigurationSecurity)
+
+[https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/configurations/Get-TssConfigurationSecurity.ps1](https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/configurations/Get-TssConfigurationSecurity.ps1)
+

src/Thycotic.SecretServer.psd1

@@ -80,7 +80,9 @@ FunctionsToExport = 'Add-TssEventPipeline', 'Add-TssFolderPermission',
                'Enable-TssUnlimitedAdmin', 'Enable-TssUser', 'Export-TssReport', 
                'Find-TssFolder', 'Find-TssGroup', 'Find-TssReport', 'Find-TssSecret', 
                'Find-TssUser', 'Get-TssConfiguration', 
-               'Get-TssConfigurationLocalUserPassword', 'Get-TssEventPipeline', 
+               'Get-TssConfigurationLocalUserPassword', 
+               'Get-TssConfigurationLogin', 'Get-TssConfigurationSaml', 
+               'Get-TssConfigurationSecurity', 'Get-TssEventPipeline', 
                'Get-TssEventPipelinePolicy', 'Get-TssEventPipelinePolicyActivity', 
                'Get-TssEventPipelineRun', 'Get-TssFolder', 'Get-TssFolderAudit', 
                'Get-TssFolderPermission', 'Get-TssFolderState', 'Get-TssGroup', 

src/Thycotic.SecretServer/classes/configurations/Security.cs

@@ -0,0 +1,29 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+
+namespace Thycotic.PowerShell.Configuration
+{
+    public class Security
+    {
+        public bool AllowWebServiceHttpGet { get; set; }
+        public bool AuditTlsErrors { get; set; }
+        public bool AuditTlsErrorsDebug { get; set; }
+        public string CertificateChainPolicyOptions { get; set; }
+        public string ClientCertificateIds { get; set; }
+        public string DatabaseIntegrityMonitoringSymmetricKey { get; set; }
+        public bool EnableDatabaseIntegrityMonitoring { get; set; }
+        public bool EnableFileRestrictions { get; set; }
+        public bool EnableFrameBlocking { get; set; }
+        public bool EnableHSTS { get; set; }
+        public string FileExtensionRestrictions { get; set; }
+        public bool FipsEnabled { get; set; }
+        public bool ForceHttps { get; set; }
+        public bool HideVersionNumber { get; set; }
+        public int HstsMaxAge { get; set; }
+        public string MaximumFileSizeBytes { get; set; }
+        public bool MaximumFileSizeSupported { get; set; }
+        public bool WebPasswordFillerRequiresFullDomainMatch { get; set; }
+    }
+}

src/functions/configurations/Get-TssConfigurationSecurity.ps1

@@ -0,0 +1,61 @@
+function Get-TssConfigurationSecurity {
+    <#
+    .SYNOPSIS
+    Get security configuration
+
+    .DESCRIPTION
+    Get security configuration
+
+    .EXAMPLE
+    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+    Get-TssConfigurationSecurity -TssSession $session
+
+    Returns security configuration for Secret Server
+
+    .LINK
+    https://thycotic-ps.github.io/thycotic.secretserver/commands/configurations/Get-TssConfigurationSecurity
+
+    .LINK
+    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/configurations/Get-TssConfigurationSecurity.ps1
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+    #>
+    [CmdletBinding()]
+    [OutputType('Thycotic.PowerShell.Configuration.Security')]
+    param (
+        # TssSession object created by New-TssSession for authentication
+        [Parameter(Mandatory,ValueFromPipeline,Position = 0)]
+        [Thycotic.PowerShell.Authentication.Session]
+        $TssSession
+    )
+    begin {
+        $tssParams = $PSBoundParameters
+        $invokeParams = . $GetInvokeApiParams $TssSession
+    }
+    process {
+        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+        if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            . $CheckVersion $TssSession '10.9.000064' $PSCmdlet.MyInvocation
+            $uri = $TssSession.ApiUrl, 'configuration', 'security' -join '/'
+            $invokeParams.Uri = $uri
+            $invokeParams.Method = 'GET'
+
+            Write-Verbose "Performing the operation $($invokeParams.Method) $($invokeParams.Uri)"
+            try {
+                $apiResponse = Invoke-TssApi @invokeParams
+                $restResponse = . $ProcessResponse $apiResponse
+            } catch {
+                Write-Warning "Issue getting security configuration"
+                $err = $_
+                . $ErrorHandling $err
+            }
+
+            if ($restResponse) {
+                [Thycotic.PowerShell.Configuration.Security]$restResponse
+            }
+        } else {
+            Write-Warning "No valid session found"
+        }
+    }
+}

tests/configurations/Get-TssConfigurationSecurity.Tests.ps1

@@ -0,0 +1,24 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to Thycotic.PowerShell.Configuration.Security" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'Thycotic.PowerShell.Configuration.Security'
+        }
+    }
+}