Test-SecretAction - allows test for given action on secret

src/classes/secrets/TssSecretDetailState.class.ps1

@@ -54,4 +54,22 @@ class TssSecretDetailState {
             return "No Actions found"
         }
     }
+
+    [System.Boolean]
+    TestAction([string]$Action) {
+        if ($this.Actions -contains $Action) {
+            return $true
+        } else {
+            return $false
+        }
+    }
+
+    [System.Boolean]
+    TestState([string]$State) {
+        if ($this.SecretState -eq $State) {
+            return $true
+        } else {
+            return $false
+        }
+    }
 }

src/en-us/about_tsssecretdetailstate.help.txt

@@ -63,5 +63,11 @@ METHODS
     [System.String[]] GetActions()
         Returns the Actions, sorted
 
+    [System.Boolean] TestAction([string]Action)
+        Returns true if action exist, false if not
+
+    [System.Boolean] TestState([string]State)
+        Returns true if state exist, false if not
+
 RELATED LINKS:
-   Get-TssSecretState
+    Get-TssSecretState

src/functions/secrets/Test-SecretAction.ps1

@@ -0,0 +1,64 @@
+function Test-SecretAction {
+    <#
+    .SYNOPSIS
+    Test for an allowed action on a Secret
+
+    .DESCRIPTION
+    Test for an allowed action on a Secret
+
+    .EXAMPLE
+    session = New-TssSession -SecretServer https://alpha -Credential ssCred
+    Test-TssSecretAction -TssSession $session -SecretId 75 -Action Edit
+
+    Test for action Edit on Secret ID 75, returning true if exists and false if not
+
+    .LINK
+    https://thycotic-ps.github.io/thycotic.secretserver/commands/Test-TssSecretAction
+
+    .LINK
+    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secrets/Test-SecretAction.ps1
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+
+    Possible Secret Actions:
+    'ChangePasswordNow','ConvertTemplate','Copy','Delete','Edit','EditExpiration','EditRpc','EditSecurity','Expire','Heartbeat','EditShare','ShowSshProxyCredentials','StopChangePasswordNow','ViewAudit','ViewDependencies','ViewLaunchers','ViewExpiration','ViewHooks','ViewRpc','ViewSecurity','ViewSettings','Undelete','ForceCheckIn','ViewShare','EditHooks','EditDependencies','ViewGeneralDetails','ViewHeartbeatStatus','CheckIn','Checkout','GenerateOneTimePassword','ShowSshTerminalDetails','ShowRdpProxyCredentials','ViewMetadata'
+    #>
+    [CmdletBinding()]
+    [OutputType('System.Boolean')]
+    param (
+        # TssSession object created by New-TssSession for auth
+        [Parameter(Mandatory, ValueFromPipeline, Position = 0)]
+        [TssSession]
+        $TssSession,
+
+        # Secret ID
+        [Parameter(Mandatory, ValueFromPipelineByPropertyName)]
+        [Alias('Id')]
+        [int]
+        $SecretId,
+
+        # Action to test for
+        [Parameter(Mandatory)]
+        [ValidateSet('ChangePasswordNow','ConvertTemplate','Copy','Delete','Edit','EditExpiration','EditRpc','EditSecurity','Expire','Heartbeat','EditShare','ShowSshProxyCredentials','StopChangePasswordNow','ViewAudit','ViewDependencies','ViewLaunchers','ViewExpiration','ViewHooks','ViewRpc','ViewSecurity','ViewSettings','Undelete','ForceCheckIn','ViewShare','EditHooks','EditDependencies','ViewGeneralDetails','ViewHeartbeatStatus','CheckIn','Checkout','GenerateOneTimePassword','ShowSshTerminalDetails','ShowRdpProxyCredentials','ViewMetadata')]
+        [string]
+        $Action
+    )
+    begin {
+        $tssParams = $PSBoundParameters
+    }
+    process {
+        if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+            $secretResult = . $GetSecretState $TssSession $SecretId
+
+            if (-not $secretResult) {
+                Write-Warning "No result returned for Secret [$SecretId]"
+            } else {
+                $secretResult.TestAction($Action)
+            }
+        } else {
+            Write-Warning "No valid session found"
+        }
+    }
+}

src/parts/GetSecretState.ps1

@@ -0,0 +1,30 @@
+[cmdletbinding()]
+param(
+    [Parameter(Mandatory,Position = 0)]
+    [TssSession]
+    $TssSession,
+
+    [Parameter(Mandatory,Position = 1)]
+    [int]
+    $Id
+)
+begin {
+    $invokeParams = . $GetInvokeTssParams $TssSession
+}
+process {
+    $restResponse = $null
+    $uri = $TssSession.ApiUrl, 'secrets', $Id, 'state' -join '/'
+    $invokeParams.Uri = $uri
+    $invokeParams.Method = 'GET'
+
+    Write-Verbose "Performing the operation $($invokeParams.Method) $uri"
+    try {
+        $restResponse = . $InvokeApi @invokeParams
+    } catch {
+        Write-Warning "Issue getting details on secret [$Id]"
+    }
+
+    if ($restResponse) {
+        [TssSecretDetailState]$restResponse
+    }
+}

tests/secrets/Test-SecretAction.Tests.ps1

@@ -0,0 +1,24 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession', 'SecretId', 'Action'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to System.Boolean" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'System.Boolean'
+        }
+    }
+}