diff --git a/src/en-us/about_tssfolderpermission.help.txt b/src/en-us/about_tssfolderpermission.help.txt new file mode 100644 index 00000000..877ffc64 --- /dev/null +++ b/src/en-us/about_tssfolderpermission.help.txt @@ -0,0 +1,29 @@ +TOPIC + This help topic describes the TssFolderPermission class in the Thycotic.SecretServer module + +CLASS + TssFolderPermission + +INHERITANCE + None + +DESCRIPTION + The TssFolderPermission class represents the FolderPermissionModel object returned by Secret Server endpoint GET /folder-permissions/{id} + +CONSTRUCTORS + new() + +PROPERTIES + FolderAccessRoleId + Folder Access Role Id + + GroupId + Group Id + + SecretAccessRoleId + Secret Access Role Id + +METHODS + +RELATED LINKS: + Get-TssFolderPermission \ No newline at end of file diff --git a/src/functions/folder-permissions/Get-FolderPermission.ps1 b/src/functions/folder-permissions/Get-FolderPermission.ps1 new file mode 100644 index 00000000..02f9629e --- /dev/null +++ b/src/functions/folder-permissions/Get-FolderPermission.ps1 @@ -0,0 +1,72 @@ +function Get-FolderPermission { + <# + .SYNOPSIS + Get a folder permission(s) + + .DESCRIPTION + Get a folder permission(s) + + .EXAMPLE + PS> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred + PS> Get-TssFolderPermission -TssSession $session -Id 36 + + Returns Folder Permission(s) for Folder ID + + .NOTES + Requires TssSession object returned by New-TssSession + #> + [CmdletBinding()] + [OutputType('TssFolderPermission')] + param ( + # TssSession object created by New-TssSession for auth + [Parameter(Mandatory, + ValueFromPipeline, + Position = 0)] + [TssSession]$TssSession, + + # Folder Permission ID + [Parameter(Mandatory,ValueFromPipelineByPropertyName)] + [Alias("FolderPermissionId")] + [int[]] + $Id, + + # Include inactive Folder Permissions in results + [switch] + $IncludeInactive + ) + begin { + $tssParams = $PSBoundParameters + $invokeParams = . $GetInvokeTssParams $TssSession + } + + process { + Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)" + if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) { + foreach ($folderPermission in $Id) { + $restResponse = $null + $uri = $TssSession.ApiUrl, 'folder-permissions', $folderPermission -join '/' + $invokeParams.Uri = $uri + $invokeParams.Method = 'GET' + + Write-Verbose "$($invokeParams.Method) $uri with $body" + try { + $restResponse = Invoke-TssRestApi @invokeParams + } catch { + Write-Warning "Issue getting folder permission on [$folderPermission]" + $err = $_ + . $ErrorHandling $err + } + + if ($restResponse) { + [TssFolderPermission]@{ + FolderAccessRoleId = $restResponse.folderAccessRoleId + GroupId = $restResponse.groupId + SecretAccessRole = $restResponse.secretAccessRoleId + } + } + } + } else { + Write-Warning "No valid session found" + } + } +} \ No newline at end of file diff --git a/tests/folder-permissions/Get-TssFolderPermission.Tests.ps1 b/tests/folder-permissions/Get-TssFolderPermission.Tests.ps1 new file mode 100644 index 00000000..94cbf7c9 --- /dev/null +++ b/tests/folder-permissions/Get-TssFolderPermission.Tests.ps1 @@ -0,0 +1,50 @@ +BeforeDiscovery { + $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf + . ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1')) +} +Describe "$commandName verify parameters" { + BeforeDiscovery { + [object[]]$knownParameters = 'TssSession', 'Id', 'IncludeInactive' + [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys + [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function') + $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru + } + Context "Verify parameters" -Foreach @{currentParams = $currentParams} { + It "$commandName should contain <_> parameter" -TestCases $knownParameters { + $_ -in $currentParams | Should -Be $true + } + It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters { + $_ | Should -BeNullOrEmpty + } + } + Context "Command specific details" { + It "$commandName should set OutputType to TssFolderPermission" -TestCases $commandDetails { + $_.OutputType.Name | Should -Be 'TssFolderPermission' + } + } +} +Describe "$commandName works" { + BeforeDiscovery { + $session = New-TssSession -SecretServer $ss -Credential $ssCred + $invokeParams = @{ + Uri = "$ss/api/v1/folders?take=$($session.take)" + ExpandProperty = 'records' + PersonalAccessToken = $session.AccessToken + } + $getFolders = Invoke-TssRestApi @invokeParams + $tssSecretFolder = $getFolders.Where({$_.folderPath -eq '\tss_module_testing'}) + + $searchFolderPerm = Search-TssFolderPermission -TssSession $session -FolderId $tssSecretFolder.id + $object = Get-TssFolderPermission -TssSession $session -Id $searchFolderPerm.FolderPermissionId + $session.SessionExpire() + $props = 'FolderAccessRoleId', 'GroupId', 'SecretAccessRole' + } + Context "Checking" -Foreach @{object = $object} { + It "Should not be empty" { + $object | Should -Not -BeNullOrEmpty + } + It "Should output <_> property" -TestCases $props { + $object[0].PSObject.Properties.Name | Should -Contain $_ + } + } +} \ No newline at end of file