Skip to content

Commit

Permalink
Get-TssFolderPermission - closes #88
Browse files Browse the repository at this point in the history
  • Loading branch information
wsmelton committed Feb 26, 2021
1 parent a128a5d commit db137c2
Show file tree
Hide file tree
Showing 3 changed files with 151 additions and 0 deletions.
29 changes: 29 additions & 0 deletions src/en-us/about_tssfolderpermission.help.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
TOPIC
This help topic describes the TssFolderPermission class in the Thycotic.SecretServer module

CLASS
TssFolderPermission

INHERITANCE
None

DESCRIPTION
The TssFolderPermission class represents the FolderPermissionModel object returned by Secret Server endpoint GET /folder-permissions/{id}

CONSTRUCTORS
new()

PROPERTIES
FolderAccessRoleId
Folder Access Role Id

GroupId
Group Id

SecretAccessRoleId
Secret Access Role Id

METHODS

RELATED LINKS:
Get-TssFolderPermission
72 changes: 72 additions & 0 deletions src/functions/folder-permissions/Get-FolderPermission.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
function Get-FolderPermission {
<#
.SYNOPSIS
Get a folder permission(s)
.DESCRIPTION
Get a folder permission(s)
.EXAMPLE
PS> $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
PS> Get-TssFolderPermission -TssSession $session -Id 36
Returns Folder Permission(s) for Folder ID
.NOTES
Requires TssSession object returned by New-TssSession
#>
[CmdletBinding()]
[OutputType('TssFolderPermission')]
param (
# TssSession object created by New-TssSession for auth
[Parameter(Mandatory,
ValueFromPipeline,
Position = 0)]
[TssSession]$TssSession,

# Folder Permission ID
[Parameter(Mandatory,ValueFromPipelineByPropertyName)]
[Alias("FolderPermissionId")]
[int[]]
$Id,

# Include inactive Folder Permissions in results
[switch]
$IncludeInactive
)
begin {
$tssParams = $PSBoundParameters
$invokeParams = . $GetInvokeTssParams $TssSession
}

process {
Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
foreach ($folderPermission in $Id) {
$restResponse = $null
$uri = $TssSession.ApiUrl, 'folder-permissions', $folderPermission -join '/'
$invokeParams.Uri = $uri
$invokeParams.Method = 'GET'

Write-Verbose "$($invokeParams.Method) $uri with $body"
try {
$restResponse = Invoke-TssRestApi @invokeParams
} catch {
Write-Warning "Issue getting folder permission on [$folderPermission]"
$err = $_
. $ErrorHandling $err
}

if ($restResponse) {
[TssFolderPermission]@{
FolderAccessRoleId = $restResponse.folderAccessRoleId
GroupId = $restResponse.groupId
SecretAccessRole = $restResponse.secretAccessRoleId
}
}
}
} else {
Write-Warning "No valid session found"
}
}
}
50 changes: 50 additions & 0 deletions tests/folder-permissions/Get-TssFolderPermission.Tests.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
BeforeDiscovery {
$commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf
. ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1'))
}
Describe "$commandName verify parameters" {
BeforeDiscovery {
[object[]]$knownParameters = 'TssSession', 'Id', 'IncludeInactive'
[object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys
[object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')
$unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru
}
Context "Verify parameters" -Foreach @{currentParams = $currentParams} {
It "$commandName should contain <_> parameter" -TestCases $knownParameters {
$_ -in $currentParams | Should -Be $true
}
It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters {
$_ | Should -BeNullOrEmpty
}
}
Context "Command specific details" {
It "$commandName should set OutputType to TssFolderPermission" -TestCases $commandDetails {
$_.OutputType.Name | Should -Be 'TssFolderPermission'
}
}
}
Describe "$commandName works" {
BeforeDiscovery {
$session = New-TssSession -SecretServer $ss -Credential $ssCred
$invokeParams = @{
Uri = "$ss/api/v1/folders?take=$($session.take)"
ExpandProperty = 'records'
PersonalAccessToken = $session.AccessToken
}
$getFolders = Invoke-TssRestApi @invokeParams
$tssSecretFolder = $getFolders.Where({$_.folderPath -eq '\tss_module_testing'})

$searchFolderPerm = Search-TssFolderPermission -TssSession $session -FolderId $tssSecretFolder.id
$object = Get-TssFolderPermission -TssSession $session -Id $searchFolderPerm.FolderPermissionId
$session.SessionExpire()
$props = 'FolderAccessRoleId', 'GroupId', 'SecretAccessRole'
}
Context "Checking" -Foreach @{object = $object} {
It "Should not be empty" {
$object | Should -Not -BeNullOrEmpty
}
It "Should output <_> property" -TestCases $props {
$object[0].PSObject.Properties.Name | Should -Contain $_
}
}
}

0 comments on commit db137c2

Please sign in to comment.