Skip to content

Commit

Permalink
Get-TssUser - closes #101
Browse files Browse the repository at this point in the history
  • Loading branch information
@wsmelton
wsmelton committed Mar 4, 2021
1 parent a265adc commit 9fa3a0b
Show file tree
Hide file tree
Showing 5 changed files with 343 additions and 0 deletions.
101 changes: 101 additions & 0 deletions src/classes/users/TssUser.class.ps1
View file
@@ -0,0 +1,101 @@
class TssUser {
[datetime]
$AdAccountExpires

[string]
$AdGuid

[datetime]
$Created

[int]
$DateOptionId

[string]
$DisplayName

[int]
$DomainId

[boolean]
$DuoTwoFactor

[string]
$EmailAddress

[boolean]
$Enabled

[boolean]
$Fido2TwoFactor

[int]
$Id

[boolean]
$IsApplicationAccount

[boolean]
$IsEmailCopiedFromAD

[boolean]
$IsEmailVerified

[boolean]
$IsLockedOut

[datetime]
$LastLogin

[datetime]
$LastSessionActivity

[string]
$LockOutReason

[string]
$LockOutReasonDescription

[int]
$LoginFailures

[boolean]
$MustVerifyEmail

[boolean]
$OathTwoFactor

[boolean]
$OathVerified

[datetime]
$PasswordLastChanged

[boolean]
$RadiusTwoFactor

[string]
$RadiusUserName

[datetime]
$ResetSessionStarted

[int]
$TimeOptionId

[boolean]
$TwoFactor

[ValidateSet('Password','PublicKey','PassordOrPublicKey','PasswordAndPublicKey')]
[string]
$UnixAuthenticationMethod

[int]
$UserLcid

[string]
$Username

[datetime]
$VerifyEmailSentDate
}
119 changes: 119 additions & 0 deletions src/en-us/about_tssuser.help.txt
View file
@@ -0,0 +1,119 @@
TOPIC
This help topic describes the TssUserModel class in the Thycotic.SecretServer module

CLASS
TssUserModel

INHERITANCE
None

DESCRIPTION
The TssUserModel class represents the UserModel object returned by Secret Server endpoint GET /users/{id}

CONSTRUCTORS
new()

PROPERTIES
AdAccountExpires
Active Directory account expiration time

AdGuid
Active Directory unique identifier

Created
User creation time

DateOptionId
DateOptionId

DisplayName
Display name

DomainId
Active Directory domain ID

DuoTwoFactor
Whether Duo two-factor authentication is enabled

EmailAddress
Email address

Enabled
Whether the user account is enabled

Fido2TwoFactor
Whether FIDO2 two-factor authentication is enabled

Id
User ID

IsApplicationAccount
IsApplicationAccount

IsEmailCopiedFromAD
Whether the email address is derived from the Active Directory account

IsEmailVerified
Whether the email address has been verified

IsLockedOut
Whether the user is locked out

LastLogin
Time of last login

LastSessionActivity
Time of last session activity

LockOutReason
The reason for the lock out

LockOutReasonDescription
An optional description of the reason for the lock out

LoginFailures
Number of login failures

MustVerifyEmail
Whether the user must verify their email address

OathTwoFactor
Whether OATH two-factor authentication is enabled

OathVerified
Whether OATH has been verified

PasswordLastChanged
Time when the password was last changed

RadiusTwoFactor
Whether RADIUS two-factor authentication is enabled

RadiusUserName
RADIUS username

ResetSessionStarted
ResetSessionStarted

TimeOptionId
TimeOptionId

TwoFactor
Whether two-factor authentication is enabled

UnixAuthenticationMethod
Check password, public key, either, or both

UserLcid
UserLcid

Username
Username

VerifyEmailSentDate
Time when the verification email was sent

METHODS

RELATED LINKS:
Get-TssUser
69 changes: 69 additions & 0 deletions src/functions/users/Get-User.ps1
View file
@@ -0,0 +1,69 @@
function Get-User {
<#
.SYNOPSIS
Get a Secret Server User
.DESCRIPTION
Get a Secret Server User
.EXAMPLE
PS> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
PS> Get-TssUser -TssSession $session -Id 2
Get the User ID 2
.LINK
https://thycotic-ps.github.io/thycotic.secretserver/commands/Get-TssUser
.NOTES
Requires TssSession object returned by New-TssSession
#>
[CmdletBinding()]
[OutputType('TssUser')]
param (
# TssSession object created by New-TssSession for auth
[Parameter(Mandatory,ValueFromPipeline,Position = 0)]
[TssSession]
$TssSession,

# User ID
[Parameter(Mandatory,ValueFromPipelineByPropertyName)]
[Alias("UserId")]
[int[]]
$Id,

[switch]
$IncludeInactive
)
begin {
$tssParams = $PSBoundParameters
$invokeParams = . $GetInvokeTssParams $TssSession
}
process {
Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
. $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation
foreach ($user in $Id) {
$restResponse = $null
$uri = $TssSession.ApiUrl, 'users', $user -join '/'
$invokeParams.Uri = $uri
$invokeParams.Method = 'GET'

Write-Verbose "Performing the operation $($invokeParams.Method) $uri with $body"
try {
$restResponse = Invoke-TssRestApi @invokeParams
} catch {
Write-Warning "Issue getting user [$user]"
$err = $_
. $ErrorHandling $err
}

if ($restResponse) {
. $TssUserObject $restResponse
}
}
} else {
Write-Warning "No valid session found"
}
}
}
29 changes: 29 additions & 0 deletions src/parts/TssUserObject.ps1
View file
@@ -0,0 +1,29 @@
<#
.Synopsis
Creates a TssUser object
#>
param(
[pscustomobject]$Object
)

begin {
$Properties = $Object[0].PSObject.Properties.Name
}

process {
$outObject = @()
foreach ($p in $Object) {
$currentObject = [TssUser]::new()
foreach ($pProp in $Properties) {
if ($pProp -in $currentObject.PSObject.Properties.Name) {
if ($p.$pProp) {
$currentObject.$pProp = $p.$pProp
}
} else {
Write-Warning "Property $pProp does not exist in the TssUser class. Please create a bug report at https://github.com/thycotic-ps/thycotic.secretserver/issues/new/choose"
}
}
$outObject += $currentObject
}
return $outObject
}
25 changes: 25 additions & 0 deletions tests/users/Get-TssUser.Tests.ps1
View file
@@ -0,0 +1,25 @@
BeforeDiscovery {
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
. ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1'))
}
Describe "$commandName verify parameters" {
BeforeDiscovery {
[object[]]$knownParameters = 'TssSession', 'Id', 'IncludeInactive'
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
}
Context "Verify parameters" -Foreach @{currentParams = $currentParams} {
It "$commandName should contain <_> parameter" -TestCases $knownParameters {
$_ -in $currentParams | Should -Be $true
}
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
$_ | Should -BeNullOrEmpty
}
}
Context "Command specific details" {
It "$commandName should set OutputType to TssUser" -TestCases $commandDetails {
$_.OutputType.Name | Should -Be 'TssUser'
}
}
}

0 comments on commit 9fa3a0b

Please sign in to comment.