New-SecretHook - closes #196

thycotic-ps · Jun 4, 2021 · 942ae0a · 942ae0a
1 parent e16cbc3
commit 942ae0a
Show file tree

Hide file tree

Showing 3 changed files with 159 additions and 2 deletions.
diff --git a/src/classes/secret-hooks/TssSecretHook.class.ps1 b/src/classes/secret-hooks/TssSecretHook.class.ps1
@@ -6,9 +6,8 @@ class TssSecretHookParameter {
     $ParameterValue
 
     [string]
-    $ParameterType
+    $ParameterType = 'Literal'
 }
-
 class TssSecretHook {
     [int]
     $SecretHookId
@@ -69,4 +68,13 @@ class TssSecretHook {
 
     [string]
     $FailureMessage
+
+    [void]
+    SetHookParameter([string]$Name, [string]$Value) {
+        foreach ($i in $this.Parameters) {
+            if ($i.ParameterName -eq $Name) {
+                $i.ParameterValue = $Value
+            }
+        }
+    }
 }
diff --git a/src/functions/secret-hooks/New-SecretHook.ps1 b/src/functions/secret-hooks/New-SecretHook.ps1
@@ -0,0 +1,125 @@
+function New-SecretHook {
+    <#
+    .SYNOPSIS
+    Create a Secret Hook
+
+    .DESCRIPTION
+    Create a Secret Hook
+
+    .EXAMPLE
+    session = New-TssSession -SecretServer https://alpha -Credential ssCred
+    Update-TssSecretHook -TssSession $session -SecretHookId 2 -SecretId 76 -Arguments '$USERNAME $PASSWORD $DOMAIN'
+
+    Update Secret Hook 2's Arguments property on Secret ID 76
+
+    .LINK
+    https://thycotic-ps.github.io/thycotic.secretserver/commands/New-TssSecretHook
+
+    .LINK
+    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secret-hooks/New-SecretHook.ps1
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+    #>
+    [CmdletBinding(SupportsShouldProcess)]
+    [OutputType('TssSecretHook')]
+    param (
+        # TssSession object created by New-TssSession for auth
+        [Parameter(Mandatory,ValueFromPipeline,Position = 0)]
+        [TssSession]
+        $TssSession,
+
+        # Secret ID
+        [Parameter(Mandatory,ValueFromPipeline)]
+        [Alias('Id')]
+        [int[]]
+        $SecretId,
+
+        # Secret Hook Stub object
+        [Parameter(Mandatory)]
+        [TssSecretHook]
+        $SecretHookStub
+    )
+    begin {
+        $tssNewParams = $PSBoundParameters
+        $invokeParams = . $GetInvokeTssParams $TssSession
+    }
+    process {
+        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+        if ($tssNewParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            . $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation
+            foreach ($secret in $SecretId) {
+                $restResponse = $null
+                $uri = $TssSession.ApiUrl, 'secret-detail', $secret, 'hook' -join '/'
+                $invokeParams.Uri = $uri
+                $invokeParams.Method = 'POST'
+
+                $hookParams = @()
+                foreach ($hookParam in $SecretHooksStub.Parameters) {
+                    $hookParams += @{
+                        parameterName  = $hookParam.ParameterName
+                        parameterType  = $hookParam.ParameterType
+                        parameterValue = $hookParam.ParameterValue
+                    }
+                }
+                $newHookBody = [ordered]@{ data = @{
+                        arguments      = $SecretHookStub.Arguments
+                        database       = $SecretHookStub.Database
+                        description    = $SecretHookStub.Description
+                        eventActionId  = $EventActionId
+                        failureMessage = $SecretHookStub.FailureMessage
+                        name           = $SecretHookStub.Name
+                        parameters     = $hookParams
+                        port = $SecretHookStub.Port
+                        prePostOption = $SecretHookStub.PrePostOption
+                        privilegedSecretId = $SecretHookStub.PrivilegedSecretId
+                        scriptId = $SecretHookStub.ScriptId
+                        secretId = $secret
+                        serverKeyDigest = $SecretHookStub.ServerKeyDigest
+                        serverName = $SecretHookStub.ServerName
+                        sshKeySecretId = $SecretHookStub.SshKeySecretId
+                        stopOnFailure = $SecretHookStub.StopOnFailure
+                    }
+                }
+                $invokeParams.Body = ($newHookBody | ConvertTo-Json -Dept 100)
+
+                Write-Verbose "Performing the operation $($invokeParams.Method) $uri with:`n $newHookBody"
+                if (-not $PSCmdlet.ShouldProcess("Secret ID: $secret", "$($invokeParams.Method) $uri with $($invokeParams.Body)")) { return }
+                try {
+                    $restResponse = . $InvokeApi @invokeParams
+                } catch {
+                    Write-Warning "Issue creating report [SecretHook]"
+                    $err = $_
+                    . $ErrorHandling $err
+                }
+
+                if ($restResponse) {
+                    [TssSecretHook]@{
+                        SecretHookId = $restResponse.SecretHookId
+                        HookId = $restResponse.HookId
+                        Name = $restResponse.name.value
+                        Description = $restResponse.description.value
+                        SortOrder = $restResponse.sortOrder.value
+                        PrePostOption = $restResponse.prePostOption.value
+                        EventActionId = $restResponse.eventActionId.value
+                        ScriptTypeId = $restResponse.scriptTypeId.value
+                        ScriptId = $restResponse.ScriptId.value
+                        Status = $restResponse.status.value
+                        StopOnFailure = $restResponse.stopOnFailure.value
+                        ServerName = $restResponse.serverName.value
+                        ServerKeyDigest = $restResponse.serverKeyDigest.value
+                        Port = $restResponse.port.value
+                        Database = $restResponse.database.value
+                        Arguments = $restResponse.arguments.value
+                        SshKeySecretId = $restResponse.sshKeySecretId.value
+                        PrivilegeSecretId = $restResponse.privilegeSecretId.value
+                        Parameters = $restResponse.parameters
+                        FailureMessage = $restResponse.failureMessage.value
+                    }
+                }
+            }
+        } else {
+            Write-Warning "No valid session found"
+        }
+    }
+}
diff --git a/tests/secret-hooks/New-SecretHook.Tests.ps1 b/tests/secret-hooks/New-SecretHook.Tests.ps1
@@ -0,0 +1,24 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession', 'SecretId', 'SecretHookStub'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to TssSecretHook" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'TssSecretHook'
+        }
+    }
+}