Get-TssSecretPolicy - new command

docs/commands/secret-policies/Get-TssSecretPolicy.md

@@ -0,0 +1,81 @@
+# Get-TssSecretPolicy
+
+## SYNOPSIS
+Get Secret Policy by ID
+
+## SYNTAX
+
+```
+Get-TssSecretPolicy [-TssSession] <Session> [-Id] <Int32[]> [<CommonParameters>]
+```
+
+## DESCRIPTION
+Get Secret Policy by ID
+
+## EXAMPLES
+
+### EXAMPLE 1
+```
+$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+Get-TssSecretPolicy -TssSession $session -Id 4
+```
+
+Output Secret Policy ID 4
+
+### EXAMPLE 2
+```
+$session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+Get-TssSecretPolicy -TssSession $session -Id 4,56,23
+```
+
+Output Secret Policy ID 4, 56, and 23
+
+## PARAMETERS
+
+### -TssSession
+TssSession object created by New-TssSession for authentication
+
+```yaml
+Type: Session
+Parameter Sets: (All)
+Aliases:
+
+Required: True
+Position: 1
+Default value: None
+Accept pipeline input: True (ByValue)
+Accept wildcard characters: False
+```
+
+### -Id
+Secret Policy ID
+
+```yaml
+Type: Int32[]
+Parameter Sets: (All)
+Aliases: SecretPolicyId
+
+Required: True
+Position: 2
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+## OUTPUTS
+
+### Thycotic.PowerShell.SecretPolicies.Policy
+## NOTES
+Requires TssSession object returned by New-TssSession
+
+## RELATED LINKS
+
+[https://thycotic-ps.github.io/thycotic.secretserver/commands/secret-policies/Get-TssSecretPolicy](https://thycotic-ps.github.io/thycotic.secretserver/commands/secret-policies/Get-TssSecretPolicy)
+
+[https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secret-policies/Get-TssSecretPolicy.ps1](https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secret-policies/Get-TssSecretPolicy.ps1)
+

src/Thycotic.SecretServer.Format.ps1xml

@@ -1625,9 +1625,39 @@
       </TableControl>
     </View>
 
-    <!-- TssSecretPolicy -->
+    <!-- Thycotic.PowerShell.SecretPolicies.Summary -->
     <View>
-      <Name>SecretPolicy</Name>
+      <Name>SecretPolicies.Summary</Name>
+      <ViewSelectedBy>
+        <TypeName>Thycotic.PowerShell.SecretPolicies.Summary</TypeName>
+      </ViewSelectedBy>
+      <TableControl>
+        <TableHeaders>
+          <TableColumnHeader />
+          <TableColumnHeader />
+          <TableColumnHeader />
+        </TableHeaders>
+        <TableRowEntries>
+          <TableRowEntry>
+            <TableColumnItems>
+              <TableColumnItem>
+                <PropertyName>SecretPolicyId</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>SecretPolicyName</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>Active</PropertyName>
+              </TableColumnItem>
+            </TableColumnItems>
+          </TableRowEntry>
+        </TableRowEntries>
+      </TableControl>
+    </View>
+
+    <!-- Thycotic.PowerShell.SecretPolicies.Policy -->
+    <View>
+      <Name>SecretPolicies.Policy</Name>
       <ViewSelectedBy>
         <TypeName>Thycotic.PowerShell.SecretPolicies.Policy</TypeName>
       </ViewSelectedBy>
@@ -1636,6 +1666,8 @@
           <TableColumnHeader />
           <TableColumnHeader />
           <TableColumnHeader />
+          <TableColumnHeader />
+          <TableColumnHeader />
         </TableHeaders>
         <TableRowEntries>
           <TableRowEntry>
@@ -1646,6 +1678,12 @@
               <TableColumnItem>
                 <PropertyName>SecretPolicyName</PropertyName>
               </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>SecretPolicyDescription</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>SecretPolicyItems</PropertyName>
+              </TableColumnItem>
               <TableColumnItem>
                 <PropertyName>Active</PropertyName>
               </TableColumnItem>

src/Thycotic.SecretServer.psd1

@@ -93,20 +93,20 @@ FunctionsToExport = 'Add-TssEventPipeline', 'Add-TssFolderPermission',
                'Get-TssSecretDependencyStub', 'Get-TssSecretDependencyTemplate', 
                'Get-TssSecretField', 'Get-TssSecretHeartbeatStatus', 
                'Get-TssSecretHook', 'Get-TssSecretHookStub', 
-               'Get-TssSecretPasswordStatus', 'Get-TssSecretSetting', 
-               'Get-TssSecretState', 'Get-TssSecretStub', 'Get-TssSecretSummary', 
-               'Get-TssSecretTemplate', 'Get-TssSecretTemplateFolder', 'Get-TssSite', 
-               'Get-TssUser', 'Get-TssUserAudit', 'Get-TssUserGroup', 
-               'Get-TssUserOwner', 'Get-TssUserRole', 'Get-TssUserRoleAssigned', 
-               'Get-TssVersion', 'Initialize-TssSdkClient', 'Invoke-TssReport', 
-               'Invoke-TssRestApi', 'Invoke-TssSecretGeneratePassword', 
-               'Lock-TssUser', 'New-TssFolder', 'New-TssFolderPermission', 
-               'New-TssGroup', 'New-TssReport', 'New-TssSecret', 
-               'New-TssSecretDependency', 'New-TssSecretDependencyGroup', 
-               'New-TssSecretHook', 'New-TssSecretPermission', 
-               'New-TssSecretTemplate', 'New-TssSecretTemplateField', 
-               'New-TssSession', 'New-TssUser', 'Open-TssSecret', 
-               'Remove-TssEventPipeline', 'Remove-TssFolder', 
+               'Get-TssSecretPasswordStatus', 'Get-TssSecretPolicy', 
+               'Get-TssSecretSetting', 'Get-TssSecretState', 'Get-TssSecretStub', 
+               'Get-TssSecretSummary', 'Get-TssSecretTemplate', 
+               'Get-TssSecretTemplateFolder', 'Get-TssSite', 'Get-TssUser', 
+               'Get-TssUserAudit', 'Get-TssUserGroup', 'Get-TssUserOwner', 
+               'Get-TssUserRole', 'Get-TssUserRoleAssigned', 'Get-TssVersion', 
+               'Initialize-TssSdkClient', 'Invoke-TssReport', 'Invoke-TssRestApi', 
+               'Invoke-TssSecretGeneratePassword', 'Lock-TssUser', 'New-TssFolder', 
+               'New-TssFolderPermission', 'New-TssGroup', 'New-TssReport', 
+               'New-TssSecret', 'New-TssSecretDependency', 
+               'New-TssSecretDependencyGroup', 'New-TssSecretHook', 
+               'New-TssSecretPermission', 'New-TssSecretTemplate', 
+               'New-TssSecretTemplateField', 'New-TssSession', 'New-TssUser', 
+               'Open-TssSecret', 'Remove-TssEventPipeline', 'Remove-TssFolder', 
                'Remove-TssFolderPermission', 'Remove-TssFolderTemplate', 
                'Remove-TssGroupMember', 'Remove-TssReport', 
                'Remove-TssReportCategory', 'Remove-TssSecret', 
@@ -133,7 +133,8 @@ FunctionsToExport = 'Add-TssEventPipeline', 'Add-TssFolderPermission',
                'Test-TssSecretState', 'Test-TssVersion', 'Unlock-TssUser', 
                'Update-TssFolder', 'Update-TssFolderPermission', 
                'Update-TssGroupMember', 'Update-TssSecret', 'Update-TssSecretHook', 
-               'Update-TssSecretPermission', 'Update-TssSecretRdpLauncherSetting', 
+               'Update-TssSecretPermission', 'Update-TssSecretPolicy', 
+               'Update-TssSecretRdpLauncherSetting', 
                'Update-TssSecretTemplateField', 'Update-TssUser', 
                'Update-TssUserPassword', 'Write-TssSecretAccessRequestViewComment'
 

src/Thycotic.SecretServer/classes/secret-policies/Policy.cs

@@ -11,5 +11,6 @@ public class Policy
         public string SecretPolicyDescription { get; set; }
         public int SecretPolicyId { get; set; }
         public string SecretPolicyName { get; set; }
+        public PolicyItem[] SecretPolicyItems { get; set; }
     }
 }

src/Thycotic.SecretServer/classes/secret-policies/PolicyItem.cs

@@ -0,0 +1,26 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+using Thycotic.PowerShell.Enums;
+
+namespace Thycotic.PowerShell.SecretPolicies
+{
+    public class PolicyItem
+    {
+        public string Description { get; set; }
+        public string Name { get; set; }
+        public int ParentSecretPolicyItemId { get; set; }
+        public SecretPolicyApplyType PolicyApplyType { get; set; }
+        public int SecretPolicyItemId { get; set; }
+        public int SecretPolicyItemMapId { get; set; }
+        public string SectionName { get; set; }
+        public SshCommandMenuGroupMap[] SshCommandMenuGroupMaps { get; set; }
+        public UserGroupMap UserGroupMaps { get; set; }
+        public bool ValueBool { get; set; }
+        public int ValueInt { get; set; }
+        public int ValueSecretId { get; set; }
+        public string ValueString { get; set; }
+        public SecretPolicyType valueType { get; set; }
+    }
+}

src/Thycotic.SecretServer/classes/secret-policies/SshCommandMenuGroupMap.cs

@@ -0,0 +1,13 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+
+namespace Thycotic.PowerShell.SecretPolicies
+{
+    public class SshCommandMenuGroupMap
+    {
+        public int GroupId {get;set;}
+        public int SshCommandMenuId {get;set;}
+    }
+}

src/Thycotic.SecretServer/classes/secret-policies/UserGroupMaps.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+
+namespace Thycotic.PowerShell.SecretPolicies
+{
+    public class UserGroupMap
+    {
+        public int GroupId { get; set; }
+    }
+}

src/Thycotic.SecretServer/enums/SecretPolicyApplyType.cs

@@ -0,0 +1,14 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+
+namespace Thycotic.PowerShell.Enums
+{
+    public enum SecretPolicyApplyType
+    {
+        NotSet,
+        Default,
+        Enforced
+    }
+}

src/Thycotic.SecretServer/enums/SecretPolicyType.cs

@@ -0,0 +1,18 @@
+using System;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Runspaces;
+
+namespace Thycotic.PowerShell.Enums
+{
+    public enum SecretPolicyType
+    {
+        Bool,
+        Int,
+        SecretId,
+        Group,
+        Schedule,
+        SshMenuGroup,
+        SshBlocklist
+    }
+}

src/functions/secret-policies/Get-TssSecretPolicy.ps1

@@ -0,0 +1,75 @@
+function Get-TssSecretPolicy {
+    <#
+    .SYNOPSIS
+    Get Secret Policy by ID
+
+    .DESCRIPTION
+    Get Secret Policy by ID
+
+    .EXAMPLE
+    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+    Get-TssSecretPolicy -TssSession $session -Id 4
+
+    Output Secret Policy ID 4
+
+    .EXAMPLE
+    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+    Get-TssSecretPolicy -TssSession $session -Id 4,56,23
+
+    Output Secret Policy ID 4, 56, and 23
+
+    .LINK
+    https://thycotic-ps.github.io/thycotic.secretserver/commands/secret-policies/Get-TssSecretPolicy
+
+    .LINK
+    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secret-policies/Get-TssSecretPolicy.ps1
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+    #>
+    [CmdletBinding()]
+    [OutputType('Thycotic.PowerShell.SecretPolicies.Policy')]
+    param (
+        # TssSession object created by New-TssSession for authentication
+        [Parameter(Mandatory,ValueFromPipeline,Position = 0)]
+        [Thycotic.PowerShell.Authentication.Session]
+        $TssSession,
+
+        # Secret Policy ID
+        [Parameter(Mandatory,ValueFromPipelineByPropertyName,Position = 1)]
+        [Alias("SecretPolicyId")]
+        [int[]]
+        $Id
+    )
+    begin {
+        $tssParams = $PSBoundParameters
+        $invokeParams = . $GetInvokeApiParams $TssSession
+    }
+    process {
+        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+        if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            . $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation
+            foreach ($policy in $Id) {
+                $uri = $TssSession.ApiUrl, 'secret-policy', $policy -join '/'
+                $invokeParams.Uri = $uri
+                $invokeParams.Method = 'GET'
+
+                Write-Verbose "Performing the operation $($invokeParams.Method) $uri with $body"
+                try {
+                    $apiResponse = Invoke-TssApi @invokeParams
+                    $restResponse = . $ProcessResponse $apiResponse
+                } catch {
+                    Write-Warning "Issue getting Secret Policy [$policy]"
+                    $err = $_
+                    . $ErrorHandling $err
+                }
+
+                if ($restResponse) {
+                    [Thycotic.PowerShell.SecretPolicies.Policy[]]$restResponse
+                }
+            }
+        } else {
+            Write-Warning "No valid session found"
+        }
+    }
+}

tests/secret-policies/Get-TssSecretPolicy.Tests.ps1

@@ -0,0 +1,24 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession', 'Id'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to Thycotic.PowerShell.SecretPolicies.Policy" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'Thycotic.PowerShell.SecretPolicies.Policy'
+        }
+    }
+}