-
Notifications
You must be signed in to change notification settings - Fork 23
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
307 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| class TssUserAuditSummary { | ||
| [string] | ||
| $Action | ||
|
|
||
| [string] | ||
| $DatabaseName | ||
|
|
||
| [datetime] | ||
| $DateRecorded | ||
|
|
||
| [string] | ||
| $DisplayName | ||
|
|
||
| [string] | ||
| $DisplayNameAffected | ||
|
|
||
| [string] | ||
| $IpAddress | ||
|
|
||
| [string] | ||
| $MachineName | ||
|
|
||
| [string] | ||
| $Notes | ||
|
|
||
| [int] | ||
| $UserId | ||
|
|
||
| [int] | ||
| $UserIdAffected | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| TOPIC | ||
| This help topic describes the TssUserAuditSummary class in the Thycotic.SecretServer module | ||
|
|
||
| CLASS | ||
| TssUserAuditSummary | ||
|
|
||
| INHERITANCE | ||
| None | ||
|
|
||
| DESCRIPTION | ||
| The TssUserAuditSummary class represents the UserAuditSummary object returned by Secret Server endpoint GET /users/{id}/audit | ||
|
|
||
| CONSTRUCTORS | ||
| new() | ||
|
|
||
| PROPERTIES | ||
| Action | ||
| Action that occurred | ||
|
|
||
| DatabaseName | ||
| Database name | ||
|
|
||
| DateRecorded | ||
| Date Recorded | ||
|
|
||
| DisplayName | ||
| The name of the user that made the change | ||
|
|
||
| DisplayNameAffected | ||
| The display name that was affected by this change | ||
|
|
||
| IpAddress | ||
| IP Address | ||
|
|
||
| MachineName | ||
| Machine name | ||
|
|
||
| Notes | ||
| Notes | ||
|
|
||
| UserId | ||
| The user id of the user that made the change | ||
|
|
||
| UserIdAffected | ||
| The user id that was affected by this change | ||
|
|
||
| METHODS | ||
|
|
||
| RELATED LINKS: | ||
| Get-TssUserAudit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| function Get-UserAudit { | ||
| <# | ||
| .SYNOPSIS | ||
| Get audit for a user | ||
| .DESCRIPTION | ||
| Get audit for a Secret Server User | ||
| .EXAMPLE | ||
| $session = New-TssSession -SecretServer https://alpha -Credential $ssCred | ||
| Get-TssUserAudit -TssSession $session -UserId 2 | ||
| Get all of the audits for UserId 2 | ||
| .LINK | ||
| https://thycotic-ps.github.io/thycotic.secretserver/commands/Get-TssUserAudit | ||
| .NOTES | ||
| Requires TssSession object returned by New-TssSession | ||
| #> | ||
| [CmdletBinding()] | ||
| [OutputType('TssUserAuditSummary')] | ||
| param ( | ||
| # TssSession object created by New-TssSession for auth | ||
| [Parameter(Mandatory,ValueFromPipeline,Position = 0)] | ||
| [TssSession] | ||
| $TssSession, | ||
|
|
||
| # Short description for parameter | ||
| [Parameter(Mandatory,ValueFromPipelineByPropertyName)] | ||
| [Alias("Id")] | ||
| [int[]] | ||
| $UserId | ||
| ) | ||
| begin { | ||
| $tssParams = $PSBoundParameters | ||
| $invokeParams = . $GetInvokeTssParams $TssSession | ||
| } | ||
|
|
||
| process { | ||
| Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)" | ||
| if ($tssParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) { | ||
| . $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation | ||
| foreach ($user in $UserId) { | ||
| $restResponse = $null | ||
| $uri = $TssSession.ApiUrl, 'users', $user, 'audit' -join '/' | ||
| $invokeParams.Uri = $uri | ||
| $invokeParams.Method = 'GET' | ||
|
|
||
| $uri = $uri, "take=$($TssSession.Take)" | ||
|
|
||
| Write-Verbose "Performing the operation $($invokeParams.Method) $uri with $body" | ||
| try { | ||
| $restResponse = Invoke-TssRestApi @invokeParams | ||
| } catch { | ||
| Write-Warning "Issue getting ___ on [$user]" | ||
| $err = $_ | ||
| . $ErrorHandling $err | ||
| } | ||
|
|
||
| if ($restResponse.records) { | ||
| [TssUserAuditSummary[]]$restResponse.records | ||
| } | ||
| } | ||
| } else { | ||
| Write-Warning "No valid session found" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,104 @@ | ||
| BeforeDiscovery { | ||
| $commandName = Split-Path ($PSCommandPath.Replace('.Tests.ps1','')) -Leaf | ||
| . ([IO.Path]::Combine([string]$PSScriptRoot, '..', 'constants.ps1')) | ||
| } | ||
| Describe "$commandName verify parameters" { | ||
| BeforeDiscovery { | ||
| [object[]]$knownParameters = 'TssSession', 'UserId' | ||
| [object[]]$currentParams = ([Management.Automation.CommandMetaData]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function')).Parameters.Keys | ||
| [object[]]$commandDetails = [System.Management.Automation.CommandInfo]$ExecutionContext.SessionState.InvokeCommand.GetCommand($commandName,'Function') | ||
| $unknownParameters = Compare-Object -ReferenceObject $knownParameters -DifferenceObject $currentParams -PassThru | ||
| } | ||
| Context "Verify parameters" -ForEach @{currentParams = $currentParams } { | ||
| It "$commandName should contain <_> parameter" -TestCases $knownParameters { | ||
| $_ -in $currentParams | Should -Be $true | ||
| } | ||
| It "$commandName should not contain parameter: <_>" -TestCases $unknownParameters { | ||
| $_ | Should -BeNullOrEmpty | ||
| } | ||
| } | ||
| Context "Command specific details" { | ||
| It "$commandName should set OutputType to TssUserAuditSummary" -TestCases $commandDetails { | ||
| $_.OutputType.Name | Should -Be 'TssUserAuditSummary' | ||
| } | ||
| } | ||
| } | ||
| Describe "$commandName functions" { | ||
| Context "Checking" { | ||
| BeforeAll { | ||
| $session = [pscustomobject]@{ | ||
| ApiVersion = 'api/v1' | ||
| Take = 2147483647 | ||
| SecretServer = 'http://alpha/' | ||
| ApiUrl = 'http://alpha/api/v1' | ||
| AccessToken = 'AgJf5YLFWtzw2UcBrM1s1KB2BGZ5Ufc4qLZ' | ||
| RefreshToken = '9oacYFZZ0YqgBNg0L7VNIF6-Z9ITE51Qplj' | ||
| TokenType = 'bearer' | ||
| ExpiresIn = 1199 | ||
| } | ||
| Mock -Verifiable -CommandName Get-TssVersion -MockWith { | ||
| return @{ | ||
| Version = '10.9.000033' | ||
| } | ||
| } | ||
|
|
||
| $userId = Get-Random -Maximum 10 | ||
| Mock -Verifiable -CommandName Invoke-TssRestApi -ParameterFilter { $Uri -eq "$($session.ApiUrl)/users/$userId/audit";$Method -eq 'GET' } -MockWith { | ||
| return [pscustomobject]@{ | ||
| records = @( | ||
| [pscustomobject]@{ | ||
| Action = 'CREATEUSER' | ||
| DatabaseName = 'SecretServer' | ||
| DateRecorded = '3/19/2021 3:19:16 AM' | ||
| DisplayName = 'SS Admin' | ||
| DisplayNameAffected = 'SS User' | ||
| IpAddress = '10.20.1.1' | ||
| MachineName = 'sqllab' | ||
| Notes = $null | ||
| UserId = 2 | ||
| UserIdAffected = $userId | ||
| } | ||
| [pscustomobject]@{ | ||
| Action = 'EDIT' | ||
| DatabaseName = 'SecretServer' | ||
| DateRecorded = '3/12/2021 3:19:16 AM' | ||
| DisplayName = 'SS Admin' | ||
| DisplayNameAffected = 'SS User' | ||
| IpAddress = '10.20.1.1' | ||
| MachineName = 'sqllab' | ||
| Notes = 'EmailAddress: [email protected] to [email protected];' | ||
| UserId = 2 | ||
| UserIdAffected = $userId | ||
| } | ||
| [pscustomobject]@{ | ||
| Action = 'EDIT' | ||
| DatabaseName = 'SecretServer' | ||
| DateRecorded = '3/04/2021 3:19:16 AM' | ||
| DisplayName = 'SS Admin' | ||
| DisplayNameAffected = 'SS User' | ||
| IpAddress = '10.20.1.1' | ||
| MachineName = 'sqllab' | ||
| Notes = 'IsLockedOut: false to true;' | ||
| UserId = 2 | ||
| UserIdAffected = $userId | ||
| } | ||
| ) | ||
| } | ||
| } | ||
| $object = Get-TssUserAudit -TssSession $session -UserId $userId | ||
| Assert-VerifiableMock | ||
| } | ||
| It "Should not be empty" { | ||
| $object | Should -Not -BeNullOrEmpty | ||
| } | ||
| It "Should have property <_>" -TestCases 'UserId','UserIdAffected','Action' { | ||
| $object[0].PSObject.Properties.Name | Should -Contain $_ | ||
| } | ||
| It "Should have property UserId equals 2" { | ||
| $object[0].UserId | Should -Be 2 | ||
| } | ||
| It "Should have object count of 3" { | ||
| $object.Count | Should -Be 3 | ||
| } | ||
| } | ||
| } |