diff --git a/docs/collections/_commands/Set-TssSecretRpcAssociated.md b/docs/collections/_commands/Set-TssSecretRpcAssociated.md new file mode 100644 index 00000000..2047a823 --- /dev/null +++ b/docs/collections/_commands/Set-TssSecretRpcAssociated.md @@ -0,0 +1,140 @@ +--- +category: secrets +external help file: Thycotic.SecretServer-help.xml +Module Name: Thycotic.SecretServer +online version: https://thycotic-ps.github.io/thycotic.secretserver/commands/Set-TssSecretRpcAssociated +schema: 2.0.0 +title: Set-TssSecretRpcAssociated +--- + +# Set-TssSecretRpcAssociated + +## SYNOPSIS +Set a Secret's Associated Secret for RPC Scripts + +## SYNTAX + +``` +Set-TssSecretRpcAssociated [-TssSession] -Id -AssociatedSecretId [-WhatIf] + [-Confirm] [] +``` + +## DESCRIPTION +Set a Secret's Associated Secret for RPC Scripts + +## EXAMPLES + +### EXAMPLE 1 +``` +$session = New-TssSession -SecretServer https://alpha -Credential $ssCred +Set-TssSecretRpcAssociated -TssSession $session -Id 42 -AssociateSecretId 342,242 +``` + +Will update Secret 42 and set the Associated Secrets to 342 (index 1) and 242 (index 2). +This will overwrite any currently Associated Secrets. + +### EXAMPLE 2 +``` +$session = New-TssSession -SecretServer https://alpha/SecretServer -Credential $ssCred +$current = Get-TssSecretRpcAssociated -TssSession $session -Id 330 +$updatedList = $current.AssociatedSecrets +$updatedList += 42 +Set-TssSecretRpcAssociated -TssSession $session -AssociatedSecretId $updatedList +``` + +Pull the current Associated Secrets on Secret ID 330, add the Secret ID 42 to the end of that list (order 3), and then update Secret ID 330 + +## PARAMETERS + +### -TssSession +TssSession object created by New-TssSession for auth + +```yaml +Type: TssSession +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByValue) +Accept wildcard characters: False +``` + +### -Id +Secret ID + +```yaml +Type: Int32[] +Parameter Sets: (All) +Aliases: ParentSecretId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -AssociatedSecretId +Secret IDs to Associate + +```yaml +Type: Int32[] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES +Requires TssSession object returned by New-TssSession + +## RELATED LINKS + +[https://thycotic-ps.github.io/thycotic.secretserver/commands/Set-TssSecretRpcAssociated](https://thycotic-ps.github.io/thycotic.secretserver/commands/Set-TssSecretRpcAssociated) + +[https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secrets/Set-SecretRpcAssociated.ps1](https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secrets/Set-SecretRpcAssociated.ps1) + diff --git a/src/Thycotic.SecretServer.Format.ps1xml b/src/Thycotic.SecretServer.Format.ps1xml index af4d3287..fbd3ac8e 100644 --- a/src/Thycotic.SecretServer.Format.ps1xml +++ b/src/Thycotic.SecretServer.Format.ps1xml @@ -1263,7 +1263,7 @@ Order - SecretId + AssociatedSecretId SecretName diff --git a/src/functions/secrets/Set-SecretRpcAssociated.ps1 b/src/functions/secrets/Set-SecretRpcAssociated.ps1 new file mode 100644 index 00000000..ef9af064 --- /dev/null +++ b/src/functions/secrets/Set-SecretRpcAssociated.ps1 @@ -0,0 +1,98 @@ +function Set-SecretRpcAssociated { + <# + .SYNOPSIS + Set a Secret's Associated Secret for RPC Scripts + + .DESCRIPTION + Set a Secret's Associated Secret for RPC Scripts + + .EXAMPLE + $session = New-TssSession -SecretServer https://alpha -Credential $ssCred + Set-TssSecretRpcAssociated -TssSession $session -Id 42 -AssociateSecretId 342,242 + + Will update Secret 42 and set the Associated Secrets to 342 (index 1) and 242 (index 2). This will overwrite any currently Associated Secrets. + + .EXAMPLE + $session = New-TssSession -SecretServer https://alpha/SecretServer -Credential $ssCred + $current = Get-TssSecretRpcAssociated -TssSession $session -Id 330 + $updatedList = $current.AssociatedSecrets + $updatedList += 42 + Set-TssSecretRpcAssociated -TssSession $session -AssociatedSecretId $updatedList + + Pull the current Associated Secrets on Secret ID 330, add the Secret ID 42 to the end of that list (order 3), and then update Secret ID 330 + + .LINK + https://thycotic-ps.github.io/thycotic.secretserver/commands/Set-TssSecretRpcAssociated + + .LINK + https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secrets/Set-SecretRpcAssociated.ps1 + + .NOTES + Requires TssSession object returned by New-TssSession + #> + [cmdletbinding(SupportsShouldProcess, DefaultParameterSetName = 'all')] + param( + # TssSession object created by New-TssSession for auth + [Parameter(Mandatory,ValueFromPipeline,Position = 0)] + [TssSession] + $TssSession, + + # Secret ID + [Parameter(Mandatory,ValueFromPipelineByPropertyName)] + [Alias("ParentSecretId")] + [int[]] + $Id, + + # Secret IDs to Associate + [Parameter(Mandatory,ValueFromRemainingArguments)] + [int[]] + $AssociatedSecretId + ) + begin { + $setParams = $PSBoundParameters + $invokeParams = . $GetInvokeTssParams $TssSession + } + process { + Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)" + if ($setParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) { + . $CheckVersion $TssSession '10.9.0000' $PSCmdlet.MyInvocation + foreach ($secret in $Id) { + $restResponse = $null + $uri = $TssSession.ApiUrl, 'secrets', $secret, 'rpc-script-secrets' -join '/' + $invokeParams.Uri = $uri + $invokeParams.Method = 'PUT' + + $setBody = @{ + data = @{ + resetSecretIds = @{ + dirty = $true + value = $AssociatedSecretId + } + } + } + $invokeParams.Body = $setBody | ConvertTo-Json -Depth 5 + + if ($PSCmdlet.ShouldProcess("Secret ID: $secret", "$($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n")) { + Write-Verbose "Performing the operation $($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n" + try { + $restResponse = . $InvokeApi @invokeParams + } catch { + Write-Warning "Issue setting Associated Secrets on Secret [$secret]" + $err = $_ + . $ErrorHandling $err + } + } + if ($restResponse.resetSecrets.value) { + $associated = $restResponse.resetSecrets.value + if (Compare-Object $associated.secretId $AssociatedSecretId) { + Write-Warning "Associated Secrets for Secret [$secret] not updated" + } else { + Write-Verbose "Associated Secrets for Secret [$secret] updated successfully" + } + } + } + } else { + Write-Warning "No valid session found" + } + } +} \ No newline at end of file diff --git a/tests/secrets/Set-SecretRpcAssociated.Tests.ps1 b/tests/secrets/Set-SecretRpcAssociated.Tests.ps1 new file mode 100644 index 00000000..90ff0b61 --- /dev/null +++ b/tests/secrets/Set-SecretRpcAssociated.Tests.ps1 @@ -0,0 +1,67 @@ +BeforeDiscovery { + $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf + . ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1')) +} +Describe "$commandName verify parameters" { + BeforeDiscovery { + [object[]]$knownParameters = 'TssSession', 'Id', 'AssociatedSecretId' + [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys + [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function') + $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru + } + Context "Verify parameters" -Foreach @{currentParams = $currentParams } { + It "$commandName should contain <_> parameter" -TestCases $knownParameters { + $_ -in $currentParams | Should -Be $true + } + It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters { + $_ | Should -BeNullOrEmpty + } + } +} +Describe "$commandName functions" { + Context "Checking" { + BeforeAll { + $session = [pscustomobject]@{ + ApiVersion = 'api/v1' + Take = 2147483647 + SecretServer = 'http://alpha/' + ApiUrl = 'http://alpha/api/v1' + AccessToken = 'AgJf5YLChrisPine312UcBrM1s1KB2BGZ5Ufc4qLZ' + RefreshToken = '9oacYeah0YqgBNg0L7VinDiesel6-Z9ITE51Humus' + TokenType = 'bearer' + ExpiresIn = 1199 + } + Mock -Verifiable -CommandName Invoke-RestMethod -ParameterFilter { $Uri -match '/version' } -MockWith { + return @{ + model = [pscustomobject]@{ + Version = '10.9.000033' + } + } + } + + $secretId = 42 + Mock -Verifiable -CommandName Invoke-RestMethod -ParameterFilter { $Uri -match "/secrets/$secretId/rpc-script-secrets" } -MockWith { + return [pscustomobject]@{ + resetSecrets = @{ + value = @( + @{ + secretId = 342 + } + @{ + secretId = 343 + } + ) + } + } + } + $object = Set-SecretRpcAssociated -TssSession $session -Id $secretId -AssociatedSecretId 342, 343 + Assert-VerifiableMock + } + It "Should be empty" { + $object | Should -BeNullOrEmpty + } + It "Should have called Invoke-RestMethod 2 times" { + Assert-MockCalled -CommandName Invoke-RestMethod -Times 2 -Scope Describe + } + } +} \ No newline at end of file