Skip to content

Commit

Permalink
Reset-UserPassword - fixes #129
Browse files Browse the repository at this point in the history
  • Loading branch information
@wsmelton
wsmelton committed Apr 16, 2021
1 parent 2922f21 commit 315c28d
Show file tree
Hide file tree
Showing 3 changed files with 270 additions and 0 deletions.
128 changes: 128 additions & 0 deletions docs/collections/_commands/Reset-TssUserPassword.md
View file
@@ -0,0 +1,128 @@
---
category: general
external help file: Thycotic.SecretServer-help.xml
Module Name: Thycotic.SecretServer
online version: https://thycotic-ps.github.io/thycotic.secretserver/commands/Reset-TssUserPassword
schema: 2.0.0
title: Reset-TssUserPassword
---

# Reset-TssUserPassword

## SYNOPSIS
Reset a User's password

## SYNTAX

```
Reset-TssUserPassword [-TssSession] <TssSession> -Id <Int32[]> -Password <SecureString> [-WhatIf] [-Confirm]
[<CommonParameters>]
```

## DESCRIPTION
Reset a User's password

## EXAMPLES

### EXAMPLE 1
```
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Reset-TssUserPassword -TssSession $session -Id 4
```

Add minimum example for each parameter

## PARAMETERS

### -TssSession
TssSession object created by New-TssSession for auth

```yaml
Type: TssSession
Parameter Sets: (All)
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
```

### -Id
User ID

```yaml
Type: Int32[]
Parameter Sets: (All)
Aliases: UserId

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```

### -Password
New password for the user

```yaml
Type: SecureString
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.

```yaml
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### -Confirm
Prompts you for confirmation before running the cmdlet.

```yaml
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

## INPUTS

## OUTPUTS

## NOTES
Requires TssSession object returned by New-TssSession

## RELATED LINKS

[https://thycotic-ps.github.io/thycotic.secretserver/commands/Reset-TssUserPassword](https://thycotic-ps.github.io/thycotic.secretserver/commands/Reset-TssUserPassword)

[https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/users/Reset-UserPassword.ps1](https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/users/Reset-UserPassword.ps1)

84 changes: 84 additions & 0 deletions src/functions/users/Reset-UserPassword.ps1
View file
@@ -0,0 +1,84 @@
function Reset-UserPassword {
<#
.SYNOPSIS
Reset a User's password
.DESCRIPTION
Reset a User's password
.EXAMPLE
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Reset-TssUserPassword -TssSession $session -Id 4
Add minimum example for each parameter
.LINK
https://thycotic-ps.github.io/thycotic.secretserver/commands/Reset-TssUserPassword
.LINK
https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/users/Reset-UserPassword.ps1
.NOTES
Requires TssSession object returned by New-TssSession
#>
[cmdletbinding(SupportsShouldProcess, DefaultParameterSetName = 'all')]
param(
# TssSession object created by New-TssSession for auth
[Parameter(Mandatory,ValueFromPipeline,Position = 0)]
[TssSession]
$TssSession,

# User ID
[Parameter(Mandatory,ValueFromPipelineByPropertyName)]
[Alias("UserId")]
[int[]]
$Id,

# New password for the user
[Parameter(Mandatory)]
[securestring]
$Password
)
begin {
$resetParams = $PSBoundParameters
$invokeParams = . $GetInvokeTssParams $TssSession
}
process {
Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
if ($resetParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
. $CheckVersion $TssSession '10.9.0000' $PSCmdlet.MyInvocation
foreach ($user in $Id) {
$restResponse = $null
$uri = $TssSession.ApiUrl, 'users', $user, 'password-reset' -join '/'
$invokeParams.Uri = $uri
$invokeParams.Method = 'POST'

$resetBod = @{
data = @{
password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password))
userId = $user
}
}
$invokeParams.Body = $resetBod | ConvertTo-Json

if ($PSCmdlet.ShouldProcess("User ID: $user", "$($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n")) {
Write-Verbose "Performing the operation $($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n"
try {
$restResponse = . $InvokeApi @invokeParams
} catch {
Write-Warning "Issue reseting password for User [$user]"
$err = $_
. $ErrorHandling $err
}
}
if ($restResponse.success) {
Write-Verbose "Passsword for User [$user] has been reset"
} else {
Write-Warning "Password for User [$user] has not been reset"
}
}
} else {
Write-Warning "No valid session found"
}
}
}
58 changes: 58 additions & 0 deletions tests/users/Reset-UserPassword.Tests.ps1
View file
@@ -0,0 +1,58 @@
BeforeDiscovery {
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
. ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1'))
}
Describe "$commandName verify parameters" {
BeforeDiscovery {
[object[]]$knownParameters = 'TssSession', 'Id', 'Password'
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
}
Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
It "$commandName should contain <_> parameter" -TestCases $knownParameters {
$_ -in $currentParams | Should -Be $true
}
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
$_ | Should -BeNullOrEmpty
}
}
}
Describe "$commandName functions" {
Context "Checking" {
BeforeAll {
$session = [pscustomobject]@{
ApiVersion = 'api/v1'
Take = 2147483647
SecretServer = 'http://alpha/'
ApiUrl = 'http://alpha/api/v1'
AccessToken = 'AgJf5YLChrisPine312UcBrM1s1KB2BGZ5Ufc4qLZ'
RefreshToken = '9oacYeah0YqgBNg0L7VinDiesel6-Z9ITE51Humus'
TokenType = 'bearer'
ExpiresIn = 1199
}
Mock -Verifiable -CommandName Invoke-RestMethod -ParameterFilter { $Uri -match '/version' } -MockWith {
return @{
model = [pscustomobject]@{
Version = '10.9.000033'
}
}
}

$userId = 42
Mock -Verifiable -CommandName Invoke-RestMethod -ParameterFilter { $Uri -match "/users/$userId/password-reset" } -MockWith {
return [pscustomobject]@{
success = $true
}
}
$object = Reset-UserPassword -TssSession $session -Id $userId -Password (ConvertTo-SecureString 'pass' -AsPlainText -Force)
Assert-VerifiableMock
}
It "Should be empty" {
$object | Should -BeNullOrEmpty
}
It "Should have called Invoke-RestMethod 2 times" {
Assert-MockCalled -CommandName Invoke-RestMethod -Times 2 -Scope Describe
}
}
}

0 comments on commit 315c28d

Please sign in to comment.