Skip to content

Commit

Permalink
Set-TssIpRestrictionUser - new command to set the IP Restriction for …
Browse files Browse the repository at this point in the history 
…a User(s)
  • Loading branch information
@wsmelton
wsmelton committed Oct 1, 2021
1 parent 6e40023 commit 668a567
Show file tree
Hide file tree
Showing 4 changed files with 248 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .vscode/tss.code-snippets
View file
Expand Up @@ -342,7 +342,7 @@
"",
" .EXAMPLE",
" \\$session = New-TssSession -SecretServer https://alpha -Credential \\$ssCred",
" Set-Tss${1} -TssSession $session -${3:initial parameter}:\\$false",
" Set-Tss${1} -TssSession $session -${3:initial parameter} ",
"",
" ${4:example description}",
"",
Expand Down
135 changes: 135 additions & 0 deletions docs/commands/ipaddress-restrictions/Set-TssIpRestrictionUser.md
View file
@@ -0,0 +1,135 @@
# Set-TssIpRestrictionUser

## SYNOPSIS
Set IP Address Restriction(s) for a user(s)

## SYNTAX

```
Set-TssIpRestrictionUser [-TssSession] <Session> -Id <Int32[]> -UserId <Int32[]> [-WhatIf] [-Confirm]
[<CommonParameters>]
```

## DESCRIPTION
Set IP Address Restriction(s) for a user(s)

## EXAMPLES

### EXAMPLE 1
```
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 42 -UserId 14
```

Set IP Restriction 42 on User 14

### EXAMPLE 2
```
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 65, 43, 13 -UserId 97, 463, 109
```

Set each IP Restriction provided on each User provided

### EXAMPLE 3
```
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 65, 43, 13 -UserId 97, 463, 109 -WhatIf
```

Outputs verbose messages of action to be performed

## PARAMETERS

### -TssSession
TssSession object created by New-TssSession for authentication

```yaml
Type: Session
Parameter Sets: (All)
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
```

### -Id
IP Address Restriction ID(s)

```yaml
Type: Int32[]
Parameter Sets: (All)
Aliases: IpAddressRestrictionId

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```

### -UserId
User ID(s)

```yaml
Type: Int32[]
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.

```yaml
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### -Confirm
Prompts you for confirmation before running the cmdlet.

```yaml
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```

### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

## INPUTS

## OUTPUTS

## NOTES
Requires TssSession object returned by New-TssSession

## RELATED LINKS

[https://thycotic-ps.github.io/thycotic.secretserver/commands/ipaddress-restrictions/Set-TssIpRestrictionUser](https://thycotic-ps.github.io/thycotic.secretserver/commands/ipaddress-restrictions/Set-TssIpRestrictionUser)

[https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/ipaddress-restrictions/Set-TssIpRestrictionUser.ps1](https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/ipaddress-restrictions/Set-TssIpRestrictionUser.ps1)

93 changes: 93 additions & 0 deletions src/functions/ipaddress-restrictions/Set-TssIpRestrictionUser.ps1
View file
@@ -0,0 +1,93 @@
function Set-TssIpRestrictionUser {
<#
.SYNOPSIS
Set IP Address Restriction(s) for a user(s)
.DESCRIPTION
Set IP Address Restriction(s) for a user(s)
.EXAMPLE
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 42 -UserId 14
Set IP Restriction 42 on User 14
.EXAMPLE
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 65, 43, 13 -UserId 97, 463, 109
Set each IP Restriction provided on each User provided
.EXAMPLE
$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
Set-TssIpRestrictionUser -TssSession session -Id 65, 43, 13 -UserId 97, 463, 109 -WhatIf
Outputs verbose messages of action to be performed
.LINK
https://thycotic-ps.github.io/thycotic.secretserver/commands/ipaddress-restrictions/Set-TssIpRestrictionUser
.LINK
https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/ipaddress-restrictions/Set-TssIpRestrictionUser.ps1
.NOTES
Requires TssSession object returned by New-TssSession
#>
[cmdletbinding(SupportsShouldProcess)]
param(
# TssSession object created by New-TssSession for authentication
[Parameter(Mandatory,ValueFromPipeline,Position = 0)]
[Thycotic.PowerShell.Authentication.Session]
$TssSession,

# IP Address Restriction ID(s)
[Parameter(Mandatory, ValueFromPipelineByPropertyName)]
[Alias('IpAddressRestrictionId')]
[int[]]
$Id,

# User ID(s)
[Parameter(Mandatory)]
[int[]]
$UserId
)
begin {
$setParams = $PSBoundParameters
$invokeParams = . $GetInvokeApiParams $TssSession
}
process {
Get-TssInvocation $PSCmdlet.MyInvocation
if ($setParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
Compare-TssVersion $TssSession '10.9.000064' $PSCmdlet.MyInvocation
foreach ($user in $UserId) {
foreach ($restriction in $Id) {
$uri = $TssSession.ApiUrl, 'ipaddress-restrictions', $restriction, 'users' -join '/'
$invokeParams.Uri = $uri
$invokeParams.Method = 'POST'

$setBody = @{
UserId = $user
IpAddressRestrictionId = $restriction
}
$invokeParams.Body = $setBody | ConvertTo-Json
if ($PSCmdlet.ShouldProcess("IP Restriction: $restriction", "$($invokeParams.Method) $($invokeParams.Uri) with:`n$($invokeParams.Body)`n")) {
Write-Verbose "Performing the operation $($invokeParams.Method) $($invokeParams.Uri) with:`n$($invokeParams.Body)`n"
try {
$apiResponse = Invoke-TssApi @invokeParams
$restResponse = . $ProcessResponse $apiResponse
} catch {
Write-Warning "Issue setting IP Restriction [$restriction] on User [$user]"
$err = $_
. $ErrorHandling $err
}
}
if ($restResponse.userId -eq $user) {
Write-Verbose 'User [$user] assigned to IP Restriction [$restriction]'
}
}
}
} else {
Write-Warning 'No valid session found'
}
}
}
19 changes: 19 additions & 0 deletions tests/ipaddress-restrictions/Set-TssIpRestrictionUser.Tests.ps1
View file
@@ -0,0 +1,19 @@
BeforeDiscovery {
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
}
Describe "$commandName verify parameters" {
BeforeDiscovery {
[object[]]$knownParameters = 'TssSession', 'Id', 'UserId'
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
}
Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
It "$commandName should contain <_> parameter" -TestCases $knownParameters {
$_ -in $currentParams | Should -Be $true
}
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
$_ | Should -BeNullOrEmpty
}
}
}

0 comments on commit 668a567

Please sign in to comment.