6.1 Update 1 (#525)

* ♻️ 📌 UPDATE Get-PASPSMRecording and Get-PASPSMSession Updates functions to behave in the same way as the rest of the module. - Changes functions to use PowerShell `[datetime]` objects instead of expecting UNIX Time values to be provided for the `fromTime` & `toTime` parameters. - Functions now page for all results instead of only returning the first page of results. * ➖ 🗑️ REMOVE `Offset` paramters Redundant `offset` parameters removed. NextLink values for results are always fetched automatically * 📝 🔖 Doc Updates General Updates for new version and new year * ➕ ✨ ADDS Version 14.0 Functions + Updates - `Get-PASPTARiskEvent` - New filter parameters `FromTime` & `ToTime` - Fixes output and result paging - `Set-PASPTARiskEvent` - New parameters `closeReason` & `reasonText` - General Fixes - `New-PASDirectoryMapping` - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` - `Set-PASDirectoryMapping` - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` - `Add-PASPTAExcludedTarget` - New command, supported from 14.0 - `Add-PASPTAIncludedTarget` - New command, supported from 14.0 - `Add-PASPTAPrivilegedGroup` - New command, supported from 14.0 - `Add-PASPTAPrivilegedUser` - New command, supported from 14.0 - `Get-PASPTAExcludedTarget` - New command, supported from 14.0 - `Get-PASPTAIncludedTarget` - New command, supported from 14.0 - `Get-PASPTAPrivilegedGroup` - New command, supported from 14.0 - `Get-PASPTAPrivilegedUser` - New command, supported from 14.0 - `Remove-PASPTAExcludedTarget` - New command, supported from 14.0 - `Remove-PASPTAIncludedTarget` - New command, supported from 14.0 - `Remove-PASPTAPrivilegedGroup` - New command, supported from 14.0 - `Remove-PASPTAPrivilegedUser` - New command, supported from 14.0 * Update CHANGELOG.md * UPDATE Get-PASSession Removes `username` from returned output. Purpose of function is to retrieve variable values from the internal module scope. Username is not held in a module scope variable. Functionality and purpose of command remains unchanged * Update CHANGELOG.md * 🐛🚑️FIX Get-PASPlatform Adds `Search` to default `targets` parameterset. * 🔊 FIX ISPSS Error Handling Fixes issue handling errors encountered when operating against ISPSS solutions. Adds logic to handle `ErrorMessage` + `ErrorCode` properties in addition to `error` + `error_description`. * Update CHANGELOG.md * Update CHANGELOG.md * Update 2024-02-01-pspas-release-6-1.md
pspete · Feb 7, 2024 · faf0d6a · faf0d6a
1 parent 6fddbd4
commit faf0d6a
Show file tree

Hide file tree

Showing 20 changed files with 379 additions and 307 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,33 @@
 ### Fixed
 - N/A
 
+## **6.1.62**
+
+### Added
+- N/A
+
+### Updated
+- `Get-PASPSMRecording`
+  - Removes `Offset` Parameter
+  - Updates `FromTime` & `ToTime` parameters to `[datetime]` types
+  - Returns all pages of results instead of only the first page of results
+- `Get-PASPSMSession`
+  - Removes `Offset` Parameter
+  - Updates `FromTime` & `ToTime` parameters to `[datetime]` types
+  - Returns all pages of results instead of only the first page of results
+- `Get-PASAccount`
+  - Removes `Offset` Parameter
+- `Get-PASDiscoveredAccount`
+  - Removes `Offset` Parameter
+
+### Fixed
+- `Get-PASSession`
+  - Removes `UserName` from command output, avoiding error condition on expired session.
+- `Get-PASPlatform`
+  - Adds `search` parameter to the default `targets` parameterset
+- ISPSS Error Handling
+  - Fixes issue where error returned from ISPSS solution may not be handled properly
+
 ## **6.1.50**
 
 ### Module update to cover all CyberArk 14.0 API features

diff --git a/Tests/Get-PASPSMRecording.Tests.ps1 b/Tests/Get-PASPSMRecording.Tests.ps1
@@ -69,6 +69,27 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
+			It 'uses expected ToTime value' {
+				Get-PASPSMRecording -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0)
+				#311212800 1674345600
+				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter {
+
+					$URI -eq "$($Script:BaseURI)/API/Recordings?ToTime=1674345600"
+
+				} -Times 1 -Exactly -Scope It
+
+			}
+
+			It 'uses expected FromTime value' {
+				Get-PASPSMRecording -FromTime (Get-Date -Year 1979 -Month 11 -Day 12 -Hour 0 -Minute 0 -Second 0 -Millisecond 0)
+				#311212800 1674345600
+				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter {
+					$URI -eq "$($Script:BaseURI)/API/Recordings?fromTime=311212800"
+
+				} -Times 1 -Exactly -Scope It
+
+			}
+
 			It 'uses expected method' {
 				$InputObj | Get-PASPSMRecording
 				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It
@@ -141,7 +162,25 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
+			It 'processes NextLink expected number of times' {
+				Mock Invoke-PASRestMethod -MockWith {
+					If ($script:iteration -le 4) {
+						[PSCustomObject]@{
+							'Recordings'      = @(1..25)
+							$script:iteration = $script:iteration++
+						}
+					} else {
+						[PSCustomObject]@{
+							'Recordings' = @(1..24)
+						}
+					}
+				}
+				$script:iteration = 1
 
+				Get-PASPSMRecording
+				Assert-MockCalled Invoke-PASRestMethod -Times 5 -Exactly -Scope It
+
+			}
 
 		}
 

diff --git a/Tests/Get-PASPSMSession.Tests.ps1 b/Tests/Get-PASPSMSession.Tests.ps1
@@ -71,6 +71,26 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
+			It 'uses expected FromTime value' {
+				Get-PASPSMSession -FromTime (Get-Date -Year 1979 -Month 11 -Day 12 -Hour 0 -Minute 0 -Second 0 -Millisecond 0)
+				#311212800 1674345600
+				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter {
+					$URI -eq "$($Script:BaseURI)/API/LiveSessions?fromTime=311212800"
+
+				} -Times 1 -Exactly -Scope It
+
+			}
+
+			It 'uses expected ToTime value' {
+				Get-PASPSMSession -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0)
+				#311212800 1674345600
+				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter {
+					$URI -eq "$($Script:BaseURI)/API/LiveSessions?ToTime=1674345600"
+
+				} -Times 1 -Exactly -Scope It
+
+			}
+
 			It 'uses expected method' {
 				$InputObj | Get-PASPSMSession
 				Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It
@@ -146,7 +166,25 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
+			It 'processes NextLink expected number of times' {
+				Mock Invoke-PASRestMethod -MockWith {
+					If ($script:iteration -le 4) {
+						[PSCustomObject]@{
+							'LiveSessions'    = @(1..25)
+							$script:iteration = $script:iteration++
+						}
+					} else {
+						[PSCustomObject]@{
+							'LiveSessions' = @(1..24)
+						}
+					}
+				}
+				$script:iteration = 1
 
+				Get-PASPSMSession
+				Assert-MockCalled Invoke-PASRestMethod -Times 5 -Exactly -Scope It
+
+			}
 
 		}
 

diff --git a/Tests/Get-PASSession.Tests.ps1 b/Tests/Get-PASSession.Tests.ps1
@@ -35,9 +35,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 	InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) {
 		BeforeEach {
-			Mock Get-PASLoggedOnUser -MockWith {
-				[PSCustomObject]@{'Username' = 'SomeUser'; 'Prop2' = 'Val2' }
-			}
+
 
 			$response = Get-PASSession
 		}
@@ -51,7 +49,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			It 'has output with expected number of properties' {
 
-				($response | Get-Member -MemberType NoteProperty).length | Should -Be 4
+				($response | Get-Member -MemberType NoteProperty).length | Should -Be 3
 
 			}
 
@@ -61,26 +59,6 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
-			It 'does not throw if Get-PASLoggedOnUser fails' {
-				Mock Get-PASLoggedOnUser -MockWith {
-					throw 'Some Error'
-				}
-
-				{ Get-PASSession } | Should -Not -Throw
-
-			}
-
-			It 'does provides output if Get-PASLoggedOnUser fails' {
-				Mock Get-PASLoggedOnUser -MockWith {
-					throw 'Some Error'
-				}
-
-				$response = Get-PASSession
-
-				($response | Get-Member -MemberType NoteProperty).length | Should -Be 4
-
-			}
-
 		}
 
 	}

diff --git a/Tests/Invoke-PASRestMethod.Tests.ps1 b/Tests/Invoke-PASRestMethod.Tests.ps1
@@ -43,8 +43,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 				$Response | Add-Member -MemberType NoteProperty -Name StatusCode -Value 200 -Force
 				$Response | Add-Member -MemberType NoteProperty -Name Headers -Value @{ 'Content-Type' = 'application/json; charset=utf-8' } -Force
 				$Response | Add-Member -MemberType NoteProperty -Name Content -Value (@{
-						'prop1'   = 'value1';
-						'prop2'   = 'value2';
+						'prop1'   = 'value1'
+						'prop2'   = 'value2'
 						'prop123' = 123
 						'test'    = 321
 					} | ConvertTo-Json) -Force
@@ -270,7 +270,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			}
 
-			It 'reports privilege cloud errors' {
+			It 'reports privilege cloud errors with error + error_description properties' {
 				If ($IsCoreCLR) {
 					$targetObject = [pscustomobject]@{'RequestUri' = [pscustomobject]@{'Host' = 'https://subdomain.id.cyberark.cloud' } }
 					$errorDetails = $([pscustomobject]@{'error' = 'access_denied'; 'error_description' = 'invalid client creds or client not allowed' } | ConvertTo-Json)
@@ -281,6 +281,17 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 				} Else { Set-ItResult -Inconclusive }
 			}
 
+			It 'reports privilege cloud errors with ErrorMessage + ErrorCode properties' {
+				If ($IsCoreCLR) {
+					$targetObject = [pscustomobject]@{'RequestUri' = [pscustomobject]@{'Host' = 'https://subdomain.id.cyberark.cloud' } }
+					$errorDetails = $([pscustomobject]@{'ErrorCode' = 'access_denied'; 'ErrorMessage' = 'invalid client creds or client not allowed' } | ConvertTo-Json)
+					$errorRecord = New-Object Management.Automation.ErrorRecord $exception, $errorID, $errorCategory, $targetObject
+					$errorRecord.ErrorDetails = $errorDetails
+					Mock Invoke-WebRequest { Throw $errorRecord }
+					{ Invoke-PASRestMethod @WebSession } | Should -Throw 'invalid client creds or client not allowed'
+				} Else { Set-ItResult -Inconclusive }
+			}
+
 			It 'reports privilege cloud errors  not returned as json' {
 				If ($IsCoreCLR) {
 					$errorDetails = 'Some Error Message'

diff --git a/docs/collections/_commands/Get-PASAccount.md b/docs/collections/_commands/Get-PASAccount.md
@@ -18,8 +18,7 @@ Returns information about a single account. (Version 9.3 - 10.3)
 ### Gen2Query (Default)
 ```
 Get-PASAccount [-search <String>] [-searchType <String>] [-safeName <String>] [-savedFilter <String>]
- [-modificationTime <DateTime>] [-sort <String[]>] [-offset <Int32>] [-limit <Int32>] [-TimeoutSec <Int32>]
- [<CommonParameters>]
+ [-modificationTime <DateTime>] [-sort <String[]>] [-limit <Int32>] [-TimeoutSec <Int32>] [<CommonParameters>]
 ```
 
 ### Gen2ID
@@ -130,16 +129,6 @@ Returns all accounts, in page sizes of 1000.
 
 Requires minimum version of 10.4
 
-### EXAMPLE 10
-
-```
-Get-PASAccount -limit 500 -offset 1500
-```
-
-Returns all accounts, skipping the first 1500 results, in page sizes of 500.
-
-Requires minimum version of 10.4
-
 ## PARAMETERS
 
 ### -id
@@ -341,21 +330,6 @@ Accept pipeline input: True (ByPropertyName)
 Accept wildcard characters: False
 ```
 
-### -offset
-Offset of the first account that is returned in the collection of results.
-
-```yaml
-Type: Int32
-Parameter Sets: Gen2Query
-Aliases:
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: True (ByPropertyName)
-Accept wildcard characters: False
-```
-
 ### CommonParameters
 This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
 

diff --git a/docs/collections/_commands/Get-PASDiscoveredAccount.md b/docs/collections/_commands/Get-PASDiscoveredAccount.md
@@ -17,7 +17,7 @@ Returns discovered accounts from the Pending Accounts list.
 ### byQuery (Default)
 ```
 Get-PASDiscoveredAccount [-platformType <String>] [-privileged <Boolean>] [-AccountEnabled <Boolean>]
- [-search <String>] [-searchType <String>] [-offset <Int32>] [-limit <Int32>] [<CommonParameters>]
+ [-search <String>] [-searchType <String>] [-limit <Int32>] [<CommonParameters>]
 ```
 
 ### byID
@@ -165,21 +165,6 @@ Accept pipeline input: True (ByPropertyName)
 Accept wildcard characters: False
 ```
 
-### -offset
-The offset of the first returned accounts into the list of results.
-
-```yaml
-Type: Int32
-Parameter Sets: byQuery
-Aliases:
-
-Required: False
-Position: Named
-Default value: 0
-Accept pipeline input: True (ByPropertyName)
-Accept wildcard characters: False
-```
-
 ### -limit
 The maximum number of returned accounts.
 

diff --git a/docs/collections/_commands/Get-PASPSMRecording.md b/docs/collections/_commands/Get-PASPSMRecording.md
@@ -16,8 +16,8 @@ Get details of PSM Recording
 
 ### byQuery (Default)
 ```
-Get-PASPSMRecording [-Limit <Int32>] [-Sort <String>] [-Offset <Int32>] [-Search <String>] [-Safe <String>]
- [-FromTime <Int32>] [-ToTime <Int32>] [-Activities <String>] [<CommonParameters>]
+Get-PASPSMRecording [-Limit <Int32>] [-Sort <String>] [-Search <String>] [-Safe <String>]
+ [-FromTime <DateTime>] [-ToTime <DateTime>] [-Activities <String>] [<CommonParameters>]
 ```
 
 ### byRecordingID
@@ -32,10 +32,10 @@ Returns the details of recordings of PSM, PSMP or OPM sessions.
 
 ### EXAMPLE 1
 ```
-Get-PASPSMRecording -Limit 10 -Safe PSMRecordings -Sort -FileName
+Get-PASPSMRecording -Sort -FileName
 ```
 
-Lists the first 10 recordings from the PSMRecordings safe, sorted by descending filename.
+Lists all PSM recordings, sorted by descending filename.
 
 ### EXAMPLE 2
 ```
@@ -46,6 +46,13 @@ Gets details of specified PSM recording
 
 Minimum required version 10.6
 
+### EXAMPLE 3
+```
+Get-PASPSMRecording -FromTime (Get-Date).AddDays(-7)
+```
+
+Lists all PSM recordings from the last week.
+
 ## PARAMETERS
 
 ### -RecordingID
@@ -112,23 +119,6 @@ Accept pipeline input: True (ByPropertyName)
 Accept wildcard characters: False
 ```
 
-### -Offset
-Determines which recording results will be returned, according to a specific place in the returned list.
-
-This value defines the recording's place in the list and how many results will be skipped.
-
-```yaml
-Type: Int32
-Parameter Sets: byQuery
-Aliases:
-
-Required: False
-Position: Named
-Default value: 0
-Accept pipeline input: True (ByPropertyName)
-Accept wildcard characters: False
-```
-
 ### -Search
 Returns recordings that are filtered by properties that contain the specified search text.
 
@@ -163,7 +153,7 @@ Accept wildcard characters: False
 Returns recordings from a specific date
 
 ```yaml
-Type: Int32
+Type: DateTime
 Parameter Sets: byQuery
 Aliases:
 
@@ -178,7 +168,7 @@ Accept wildcard characters: False
 Returns recordings from a specific date
 
 ```yaml
-Type: Int32
+Type: DateTime
 Parameter Sets: byQuery
 Aliases: