Get-TssuserRoleAssigned - closes #92

src/classes/users/TssUserRoleSummary.class.ps1

@@ -0,0 +1,21 @@
+class TssGroupAssignedRole {
+    [int]
+    $GroupId
+
+    [string]
+    $GroupName
+
+}
+class TssUserRoleSummary {
+    [TssGroupAssignedRole[]]
+    $Groups
+
+    [boolean]
+    $IsDirectAssignment
+
+    [int]
+    $RoleId
+
+    [string]
+    $RoleName
+}

src/en-us/about_tssgroupassignedrole.help.txt

@@ -0,0 +1,26 @@
+TOPIC
+    This help topic describes the TssGroupAssignedRole class in the Thycotic.SecretServer module
+
+CLASS
+    TssGroupAssignedRole
+
+INHERITANCE
+    None
+
+DESCRIPTION
+    The TssGroupAssignedRole class represents the GroupAssignedRole object returned by Secret Server endpoint GET /users/{userid}/roles-assigned
+
+CONSTRUCTORS
+    new()
+
+PROPERTIES
+    GroupId
+        Group ID of assigned group to User
+
+    GroupName
+        Group Name of assigned group to User
+
+METHODS
+
+RELATED LINKS:
+    Get-TssUserRoleAssigned

src/en-us/about_tssuserrolesummary.help.txt

@@ -0,0 +1,32 @@
+TOPIC
+    This help topic describes the TssUserRoleSummary class in the Thycotic.SecretServer module
+
+CLASS
+    TssUserRole
+
+INHERITANCE
+    None
+
+DESCRIPTION
+    The TssUserRoleSummary class represents the UserRoleSummary object returned by Secret Server endpoint GET /users/{userid}/roles-assigned
+
+CONSTRUCTORS
+    new()
+
+PROPERTIES
+    RoleId
+        Role ID assigned to user
+
+    RoleName
+        Name of role assigned to user
+
+    IsDirectAssignment
+        Is role directly assigned to the user
+
+    Groups [TssGroupAssignedRole]
+        Groups to which the user belongs that have the role
+
+METHODS
+
+RELATED LINKS:
+    Get-TssUserRoleAssigned

src/functions/folders/Get-FolderAudit.ps1

@@ -57,7 +57,7 @@ function Get-FolderAudit {
                     . $ErrorHandling $err
                 }
 
-                if ($restResponse) {
+                if ($restResponse.records) {
                     . $TssFolderAuditSummaryObject $restResponse.records
                 }
             }

src/functions/users/Get-UserRoleAssigned.ps1

@@ -0,0 +1,69 @@
+function Get-UserRoleAssigned {
+    <#
+    .SYNOPSIS
+    Get roles assigned to User Id
+
+    .DESCRIPTION
+    Get roles assigned to User Id
+
+    .EXAMPLE
+    PS> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+    PS> Get-TssUserRoleAssigned -TssSession $session -UserId 254
+
+    Returns roles assigned to the User ID 254
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+    Only supported on 10.9.32 or higher of Secret Server
+    #>
+    [CmdletBinding()]
+    [OutputType('TssUserRoleSummary')]
+    param (
+        # TssSession object created by New-TssSession for auth
+        [Parameter(Mandatory,
+            ValueFromPipeline,
+            Position = 0)]
+        [TssSession]
+       $TssSession,
+
+        # Short description for parameter
+        [Parameter(Mandatory,ValueFromPipelineByPropertyName)]
+        [Alias("Id")]
+        [int[]]
+        $UserId
+    )
+    begin {
+        $tssParams = $PSBoundParameters
+        $invokeParams = . $GetInvokeTssParams $TssSession
+    }
+
+    process {
+        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+        if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            . $CheckVersion $TssSession '10.9.000032' $PSCmdlet.MyInvocation
+
+            foreach ($user in $UserId) {
+                $restResponse = $null
+                $uri = $TssSession.ApiUrl, 'users', $user, 'roles-assigned' -join '/'
+                $uri = $uri, "take=$($TssSession.Take)" -join '?'
+                $invokeParams.Uri = $uri
+                $invokeParams.Method = 'GET'
+
+                Write-Verbose "Performing the operation $($invokeParams.Method) $uri"
+                try {
+                    $restResponse = Invoke-TssRestApi @invokeParams
+                } catch {
+                    Write-Warning "Issue getting ___ on [$]"
+                    $err = $_
+                    . $ErrorHandling $err
+                }
+
+                if ($restResponse.records) {
+                    . $TssUserRoleSummaryObject $restResponse.records
+                }
+            }
+        } else {
+            Write-Warning "No valid session found"
+        }
+    }
+}

src/parts/CheckVersion.ps1

@@ -0,0 +1,29 @@
+<#
+    .Synopsis
+        Validates Version of Secret Server
+    .Description
+        Validates version of Secret Server
+        Throws a message if detected version is lower than input (minimum)
+#>
+[cmdletbinding()]
+param(
+    [Parameter(Mandatory,Position = 0)]
+    [TssSession]
+    $TssSession,
+
+    [Parameter(Mandatory,Position = 1)]
+    $MinimumSupported,
+
+    [Parameter(Mandatory,Position = 2)]
+    [System.Management.Automation.InvocationInfo]
+    $Invocation
+)
+
+process {
+    $source = $Invocation.MyCommand
+    $currentVersion = (Get-TssVersion -TssSession $TssSession).Version
+
+    if ($MinimumSupported -ge $currentVersion) {
+        throw "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]"
+    }
+}

src/parts/TssUserRoleSummaryObject.ps1

@@ -0,0 +1,50 @@
+<#
+    .Synopsis
+        Creates a TssUserRoleSummary object
+#>
+param(
+    [pscustomobject]$Object
+)
+
+begin {
+    $Properties = $Object[0].PSObject.Properties.Name
+    if ($object.groups) {
+        $groupProperties = $Object.groups[0].PSObject.Properties.Name
+    } else {
+        Write-Verbose "No groups found on records object"
+    }
+}
+
+process {
+    if ($groupProperties) {
+        $groups = @()
+        foreach ($g in $Object.groups) {
+            $group = [TssGroupAssignedRole]::new()
+            foreach ($iProp in $groupProperties) {
+                if ($iProp -in $group.PSObject.Properties.Name) {
+                    $group.$iProp = $g.$iProp
+                } else {
+                    Write-Warning "Property $iProp does not exist in the TssGroupAssignedRole class. Please create a bug report at https://github.com/thycotic-ps/thycotic.secretserver/issues/new/choose"
+                }
+                $groups += $group
+            }
+        }
+    }
+
+    $outObject = @()
+    foreach ($r in $Object) {
+        $currentObject = [TssUserRoleSummary]::new()
+        foreach ($sProp in $Properties) {
+            if ($sProp -eq 'groups' -and $groups) {
+                $currentObject.Groups = $groups
+            }
+            if ($sProp -in $currentObject.PSObject.Properties.Name) {
+                $currentObject.$sProp = $r.$sProp
+            } else {
+                Write-Warning "Property $sProp does not exist in the TssUserRoleSummary class. Please create a bug report at https://github.com/thycotic-ps/thycotic.secretserver/issues/new/choose"
+            }
+        }
+        $outObject += $currentObject
+    }
+    return $outObject
+}

src/parts/TssVersionObject.ps1

@@ -24,7 +24,6 @@ process {
     $invokeParams.Uri = $Uri
     $invokeParams.Method = 'GET'
 
-
     try {
         $restResponse = Invoke-TssRestApi @invokeParams
     } catch {

tests/users/Get-TssUserRoleAssigned.Tests.ps1

@@ -0,0 +1,25 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+    . ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1'))
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession', 'UserId'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams} {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to TssUserRoleSummary" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'TssUserRoleSummary'
+        }
+    }
+}