Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Get-TssuserRoleAssigned - closes #92
- Loading branch information
Showing
9 changed files
with
253 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
class TssGroupAssignedRole { | ||
[int] | ||
$GroupId | ||
|
||
[string] | ||
$GroupName | ||
|
||
} | ||
class TssUserRoleSummary { | ||
[TssGroupAssignedRole[]] | ||
$Groups | ||
|
||
[boolean] | ||
$IsDirectAssignment | ||
|
||
[int] | ||
$RoleId | ||
|
||
[string] | ||
$RoleName | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
TOPIC | ||
This help topic describes the TssGroupAssignedRole class in the Thycotic.SecretServer module | ||
|
||
CLASS | ||
TssGroupAssignedRole | ||
|
||
INHERITANCE | ||
None | ||
|
||
DESCRIPTION | ||
The TssGroupAssignedRole class represents the GroupAssignedRole object returned by Secret Server endpoint GET /users/{userid}/roles-assigned | ||
|
||
CONSTRUCTORS | ||
new() | ||
|
||
PROPERTIES | ||
GroupId | ||
Group ID of assigned group to User | ||
|
||
GroupName | ||
Group Name of assigned group to User | ||
|
||
METHODS | ||
|
||
RELATED LINKS: | ||
Get-TssUserRoleAssigned |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
TOPIC | ||
This help topic describes the TssUserRoleSummary class in the Thycotic.SecretServer module | ||
|
||
CLASS | ||
TssUserRole | ||
|
||
INHERITANCE | ||
None | ||
|
||
DESCRIPTION | ||
The TssUserRoleSummary class represents the UserRoleSummary object returned by Secret Server endpoint GET /users/{userid}/roles-assigned | ||
|
||
CONSTRUCTORS | ||
new() | ||
|
||
PROPERTIES | ||
RoleId | ||
Role ID assigned to user | ||
|
||
RoleName | ||
Name of role assigned to user | ||
|
||
IsDirectAssignment | ||
Is role directly assigned to the user | ||
|
||
Groups [TssGroupAssignedRole] | ||
Groups to which the user belongs that have the role | ||
|
||
METHODS | ||
|
||
RELATED LINKS: | ||
Get-TssUserRoleAssigned |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
function Get-UserRoleAssigned { | ||
<# | ||
.SYNOPSIS | ||
Get roles assigned to User Id | ||
.DESCRIPTION | ||
Get roles assigned to User Id | ||
.EXAMPLE | ||
PS> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred | ||
PS> Get-TssUserRoleAssigned -TssSession $session -UserId 254 | ||
Returns roles assigned to the User ID 254 | ||
.NOTES | ||
Requires TssSession object returned by New-TssSession | ||
Only supported on 10.9.32 or higher of Secret Server | ||
#> | ||
[CmdletBinding()] | ||
[OutputType('TssUserRoleSummary')] | ||
param ( | ||
# TssSession object created by New-TssSession for auth | ||
[Parameter(Mandatory, | ||
ValueFromPipeline, | ||
Position = 0)] | ||
[TssSession] | ||
$TssSession, | ||
|
||
# Short description for parameter | ||
[Parameter(Mandatory,ValueFromPipelineByPropertyName)] | ||
[Alias("Id")] | ||
[int[]] | ||
$UserId | ||
) | ||
begin { | ||
$tssParams = $PSBoundParameters | ||
$invokeParams = . $GetInvokeTssParams $TssSession | ||
} | ||
|
||
process { | ||
Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)" | ||
if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) { | ||
. $CheckVersion $TssSession '10.9.000032' $PSCmdlet.MyInvocation | ||
|
||
foreach ($user in $UserId) { | ||
$restResponse = $null | ||
$uri = $TssSession.ApiUrl, 'users', $user, 'roles-assigned' -join '/' | ||
$uri = $uri, "take=$($TssSession.Take)" -join '?' | ||
$invokeParams.Uri = $uri | ||
$invokeParams.Method = 'GET' | ||
|
||
Write-Verbose "Performing the operation $($invokeParams.Method) $uri" | ||
try { | ||
$restResponse = Invoke-TssRestApi @invokeParams | ||
} catch { | ||
Write-Warning "Issue getting ___ on [$]" | ||
$err = $_ | ||
. $ErrorHandling $err | ||
} | ||
|
||
if ($restResponse.records) { | ||
. $TssUserRoleSummaryObject $restResponse.records | ||
} | ||
} | ||
} else { | ||
Write-Warning "No valid session found" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
<# | ||
.Synopsis | ||
Validates Version of Secret Server | ||
.Description | ||
Validates version of Secret Server | ||
Throws a message if detected version is lower than input (minimum) | ||
#> | ||
[cmdletbinding()] | ||
param( | ||
[Parameter(Mandatory,Position = 0)] | ||
[TssSession] | ||
$TssSession, | ||
|
||
[Parameter(Mandatory,Position = 1)] | ||
$MinimumSupported, | ||
|
||
[Parameter(Mandatory,Position = 2)] | ||
[System.Management.Automation.InvocationInfo] | ||
$Invocation | ||
) | ||
|
||
process { | ||
$source = $Invocation.MyCommand | ||
$currentVersion = (Get-TssVersion -TssSession $TssSession).Version | ||
|
||
if ($MinimumSupported -ge $currentVersion) { | ||
throw "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
<# | ||
.Synopsis | ||
Creates a TssUserRoleSummary object | ||
#> | ||
param( | ||
[pscustomobject]$Object | ||
) | ||
|
||
begin { | ||
$Properties = $Object[0].PSObject.Properties.Name | ||
if ($object.groups) { | ||
$groupProperties = $Object.groups[0].PSObject.Properties.Name | ||
} else { | ||
Write-Verbose "No groups found on records object" | ||
} | ||
} | ||
|
||
process { | ||
if ($groupProperties) { | ||
$groups = @() | ||
foreach ($g in $Object.groups) { | ||
$group = [TssGroupAssignedRole]::new() | ||
foreach ($iProp in $groupProperties) { | ||
if ($iProp -in $group.PSObject.Properties.Name) { | ||
$group.$iProp = $g.$iProp | ||
} else { | ||
Write-Warning "Property $iProp does not exist in the TssGroupAssignedRole class. Please create a bug report at https://github.com/thycotic-ps/thycotic.secretserver/issues/new/choose" | ||
} | ||
$groups += $group | ||
} | ||
} | ||
} | ||
|
||
$outObject = @() | ||
foreach ($r in $Object) { | ||
$currentObject = [TssUserRoleSummary]::new() | ||
foreach ($sProp in $Properties) { | ||
if ($sProp -eq 'groups' -and $groups) { | ||
$currentObject.Groups = $groups | ||
} | ||
if ($sProp -in $currentObject.PSObject.Properties.Name) { | ||
$currentObject.$sProp = $r.$sProp | ||
} else { | ||
Write-Warning "Property $sProp does not exist in the TssUserRoleSummary class. Please create a bug report at https://github.com/thycotic-ps/thycotic.secretserver/issues/new/choose" | ||
} | ||
} | ||
$outObject += $currentObject | ||
} | ||
return $outObject | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
BeforeDiscovery { | ||
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf | ||
. ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1')) | ||
} | ||
Describe "$commandName verify parameters" { | ||
BeforeDiscovery { | ||
[object[]]$knownParameters = 'TssSession', 'UserId' | ||
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys | ||
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function') | ||
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru | ||
} | ||
Context "Verify parameters" -Foreach @{currentParams = $currentParams} { | ||
It "$commandName should contain <_> parameter" -TestCases $knownParameters { | ||
$_ -in $currentParams | Should -Be $true | ||
} | ||
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters { | ||
$_ | Should -BeNullOrEmpty | ||
} | ||
} | ||
Context "Command specific details" { | ||
It "$commandName should set OutputType to TssUserRoleSummary" -TestCases $commandDetails { | ||
$_.OutputType.Name | Should -Be 'TssUserRoleSummary' | ||
} | ||
} | ||
} |