Search-SecretPermission - closes #186

docs/collections/_abouttopics/about_tsssecretpermission.md

@@ -0,0 +1,55 @@
+---
+category: secret-permissions
+title: "TssSecretPermission"
+last_modified_at: 2021-05-29T00:00:00-00:00
+---
+
+# TOPIC
+    This help topic describes the TssSecretPerimssions class in the Thycotic.SecretServer module
+
+# CLASS
+    TssSecretPerimssion
+
+# INHERITANCE
+    None
+
+# DESCRIPTION
+    The TssSecretPerimssion class represents the SecretPermission object returned by Secret Server endpoint GET /secret-permissions
+
+# CONSTRUCTORS
+    new()
+
+# PROPERTIES
+    GroupId: integer (int32)
+        Group ID
+
+    GroupName: string
+        Group name
+
+    Id: integer (int32)
+        Secret permission ID
+
+    KnownAs: string
+        KnownAs
+
+    SecretAccessRoleId: integer (int32)
+        Granted role ID
+
+    SecretAccessRoleName: string
+        Granted role name
+
+    SecretId: integer (int32)
+        Secret ID
+
+    UserId: integer (int32)
+        User ID
+
+    Username: string
+        User name
+
+# METHODS
+
+# RELATED LINKS:
+    Search-TssSecretPermission
+    Get-TssSecretPermission
+    New-TssSecretPermission

src/Thycotic.SecretServer.Format.ps1xml

@@ -1778,5 +1778,53 @@
       </TableControl>
     </View>
 
+    <!-- TssSecretPermission -->
+    <View>
+      <Name>TssSecretPermission</Name>
+      <ViewSelectedBy>
+        <TypeName>TssSecretPermission</TypeName>
+      </ViewSelectedBy>
+      <TableControl>
+        <TableHeaders>
+          <TableColumnHeader>
+          </TableColumnHeader>
+          <TableColumnHeader>
+          </TableColumnHeader>
+          <TableColumnHeader>
+          </TableColumnHeader>
+          <TableColumnHeader>
+          </TableColumnHeader>
+          <TableColumnHeader>
+          </TableColumnHeader>
+          <TableColumnHeader>
+          </TableColumnHeader>
+        </TableHeaders>
+        <TableRowEntries>
+          <TableRowEntry>
+            <TableColumnItems>
+              <TableColumnItem>
+                <PropertyName>Id</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>SecretId</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>KnownAs</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>Username</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>GroupName</PropertyName>
+              </TableColumnItem>
+              <TableColumnItem>
+                <PropertyName>SecretAccessRoleName</PropertyName>
+              </TableColumnItem>
+            </TableColumnItems>
+          </TableRowEntry>
+        </TableRowEntries>
+      </TableControl>
+    </View>
+
   </ViewDefinitions>
 </Configuration>

src/classes/secret-permissions/TssSecretPermission.class.ps1

@@ -0,0 +1,28 @@
+class TssSecretPermission {
+    [int]
+    $GroupId
+
+    [string]
+    $GroupName
+
+    [int]
+    $Id
+
+    [string]
+    $KnownAs
+
+    [int]
+    $SecretAccessRoleId
+
+    [string]
+    $SecretAccessRoleName
+
+    [int]
+    $SecretId
+
+    [int]
+    $UserId
+
+    [string]
+    $Username
+}

src/en-us/about_tsssecretpermission.help.txt

@@ -0,0 +1,49 @@
+TOPIC
+    This help topic describes the TssSecretPerimssions class in the Thycotic.SecretServer module
+
+CLASS
+    TssSecretPerimssion
+
+INHERITANCE
+    None
+
+DESCRIPTION
+    The TssSecretPerimssion class represents the SecretPermission object returned by Secret Server endpoint GET /secret-permissions
+
+CONSTRUCTORS
+    new()
+
+PROPERTIES
+    GroupId: integer (int32)
+        Group ID
+
+    GroupName: string
+        Group name
+
+    Id: integer (int32)
+        Secret permission ID
+
+    KnownAs: string
+        KnownAs
+
+    SecretAccessRoleId: integer (int32)
+        Granted role ID
+
+    SecretAccessRoleName: string
+        Granted role name
+
+    SecretId: integer (int32)
+        Secret ID
+
+    UserId: integer (int32)
+        User ID
+
+    Username: string
+        User name
+
+METHODS
+
+RELATED LINKS:
+    Search-TssSecretPermission
+    Get-TssSecretPermission
+    New-TssSecretPermission

src/functions/secret-permissions/Search-SecretPermission.ps1

@@ -0,0 +1,126 @@
+function Search-SecretPermission {
+    <#
+    .SYNOPSIS
+    Search Secret Permissions
+
+    .DESCRIPTION
+    Search Secret Permissions
+
+    .LINK
+    https://thycotic-ps.github.io/thycotic.secretserver/commands/Search-TssSecretPermission
+
+    .LINK
+    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secret-permissions/Search-SecretPermission.ps1
+
+    .EXAMPLE
+    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
+    Search-TssSecretPermission -TssSession $session -SecretId 42
+
+    Get list of permissions for Secret ID 42
+
+    .NOTES
+    Requires TssSession object returned by New-TssSession
+    #>
+    [CmdletBinding()]
+    [OutputType('TssSecretPerimssion')]
+    param (
+        # TssSession object created by New-TssSession for auth
+        [Parameter(Mandatory, ValueFromPipeline, Position = 0)]
+        [TssSession]
+        $TssSession,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # Domain Name
+        [string]
+        $DomainName,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # Group ID
+        [int]
+        $GroupId,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # Group Name
+        [string]
+        $GroupName,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # Secret ID
+        [int]
+        $SecretId,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # User ID
+        [int]
+        $UserId,
+
+        [Parameter(ParameterSetName = 'filter', ValueFromPipelineByPropertyName)]
+        # Username
+        [string]
+        $Username,
+
+        # Sort by specific property, default Id
+        [string]
+        $SortBy = 'Id'
+    )
+    begin {
+        $tssParams = $PSBoundParameters
+        $invokeParams = . $GetInvokeTssParams $TssSession
+
+        $filterParamSet = . $ParameterSetParams $PSCmdlet.MyInvocation.MyCommand.Name 'filter'
+        $filterParams = @()
+        foreach ($f in $filterParamSet) {
+            if ($tssParams.ContainsKey($f)) {
+                $filterParams += $r
+            }
+        }
+    }
+    process {
+        if ($filterParams.Count -eq 0) {
+            Write-Error 'At least one filter parameter is required'
+            return
+        }
+        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
+        if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
+            . $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation
+            $restResponse = $null
+            $uri = $TssSession.ApiUrl, 'secret-permissions' -join '/'
+            $uri = $uri, "sortBy[0].direction=asc&sortBy[0].name=$SortBy&take=$($TssSession.Take)" -join '?'
+            $invokeParams.Method = 'GET'
+
+            $filters = @()
+            switch ($tssParams.Keys) {
+                'DomainName' { $filters += "filter.domainName=$DomainName" }
+                'GroupId' { $filters += "filter.groupId=$GroupId" }
+                'GroupName' { $filters += "filter.groupName=$GroupName" }
+                'SecretId' { $filters += "filter.secretId=$SecretId" }
+                'UserId' { $filters += "filter.userId=$UserId" }
+                'Username' { $filters += "filter.username=$Username" }
+            }
+            if ($filters) {
+                $uriFilter = $filters -join '&'
+                Write-Verbose "Filters: $uriFilter"
+                $uri = $uri, $uriFilter -join '&'
+            }
+            $invokeParams.Uri = $uri
+
+            Write-Verbose "Performing the operation $($invokeParams.Method) $uri"
+            try {
+                $restResponse = . $InvokeApi @invokeParams
+            } catch {
+                Write-Warning 'Issue on search request'
+                $err = $_
+                . $ErrorHandling $err
+            }
+
+            if ($restResponse.records.Count -le 0 -and $restResponse.records.Length -eq 0) {
+                Write-Warning 'No SecretPermission found'
+            }
+            if ($restResponse.records) {
+                [TssSecretPermission[]]$restResponse.records
+            }
+        } else {
+            Write-Warning 'No valid session found'
+        }
+    }
+}

tests/secret-permissions/Search-SecertPermission.Tests.ps1

@@ -0,0 +1,24 @@
+BeforeDiscovery {
+    $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
+}
+Describe "$commandName verify parameters" {
+    BeforeDiscovery {
+        [object[]]$knownParameters = 'TssSession', 'DomainName', 'GroupId', 'GroupName', 'SecretId', 'UserId', 'Username', 'SortBy'
+        [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
+        [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
+        $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
+    }
+    Context "Verify parameters" -Foreach @{currentParams = $currentParams } {
+        It "$commandName should contain <_> parameter" -TestCases $knownParameters {
+            $_ -in $currentParams | Should -Be $true
+        }
+        It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
+            $_ | Should -BeNullOrEmpty
+        }
+    }
+    Context "Command specific details" {
+        It "$commandName should set OutputType to TssSecretPermission" -TestCases $commandDetails {
+            $_.OutputType.Name | Should -Be 'TssSecretPermission'
+        }
+    }
+}