diff --git a/CHANGELOG.md b/CHANGELOG.md index c15f9326..97b5a6f4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,33 @@ ### Fixed - N/A +## **6.1.62** + +### Added +- N/A + +### Updated +- `Get-PASPSMRecording` + - Removes `Offset` Parameter + - Updates `FromTime` & `ToTime` parameters to `[datetime]` types + - Returns all pages of results instead of only the first page of results +- `Get-PASPSMSession` + - Removes `Offset` Parameter + - Updates `FromTime` & `ToTime` parameters to `[datetime]` types + - Returns all pages of results instead of only the first page of results +- `Get-PASAccount` + - Removes `Offset` Parameter +- `Get-PASDiscoveredAccount` + - Removes `Offset` Parameter + +### Fixed +- `Get-PASSession` + - Removes `UserName` from command output, avoiding error condition on expired session. +- `Get-PASPlatform` + - Adds `search` parameter to the default `targets` parameterset +- ISPSS Error Handling + - Fixes issue where error returned from ISPSS solution may not be handled properly + ## **6.1.50** ### Module update to cover all CyberArk 14.0 API features diff --git a/Tests/Get-PASPSMRecording.Tests.ps1 b/Tests/Get-PASPSMRecording.Tests.ps1 index fd98bc82..276b6aaa 100644 --- a/Tests/Get-PASPSMRecording.Tests.ps1 +++ b/Tests/Get-PASPSMRecording.Tests.ps1 @@ -69,6 +69,27 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'uses expected ToTime value' { + Get-PASPSMRecording -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) + #311212800 1674345600 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/Recordings?ToTime=1674345600" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected FromTime value' { + Get-PASPSMRecording -FromTime (Get-Date -Year 1979 -Month 11 -Day 12 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) + #311212800 1674345600 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/Recordings?fromTime=311212800" + + } -Times 1 -Exactly -Scope It + + } + It 'uses expected method' { $InputObj | Get-PASPSMRecording Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It @@ -141,7 +162,25 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'processes NextLink expected number of times' { + Mock Invoke-PASRestMethod -MockWith { + If ($script:iteration -le 4) { + [PSCustomObject]@{ + 'Recordings' = @(1..25) + $script:iteration = $script:iteration++ + } + } else { + [PSCustomObject]@{ + 'Recordings' = @(1..24) + } + } + } + $script:iteration = 1 + Get-PASPSMRecording + Assert-MockCalled Invoke-PASRestMethod -Times 5 -Exactly -Scope It + + } } diff --git a/Tests/Get-PASPSMSession.Tests.ps1 b/Tests/Get-PASPSMSession.Tests.ps1 index cc093c2d..fad6ea20 100644 --- a/Tests/Get-PASPSMSession.Tests.ps1 +++ b/Tests/Get-PASPSMSession.Tests.ps1 @@ -71,6 +71,26 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'uses expected FromTime value' { + Get-PASPSMSession -FromTime (Get-Date -Year 1979 -Month 11 -Day 12 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) + #311212800 1674345600 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/LiveSessions?fromTime=311212800" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected ToTime value' { + Get-PASPSMSession -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) + #311212800 1674345600 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/LiveSessions?ToTime=1674345600" + + } -Times 1 -Exactly -Scope It + + } + It 'uses expected method' { $InputObj | Get-PASPSMSession Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It @@ -146,7 +166,25 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'processes NextLink expected number of times' { + Mock Invoke-PASRestMethod -MockWith { + If ($script:iteration -le 4) { + [PSCustomObject]@{ + 'LiveSessions' = @(1..25) + $script:iteration = $script:iteration++ + } + } else { + [PSCustomObject]@{ + 'LiveSessions' = @(1..24) + } + } + } + $script:iteration = 1 + Get-PASPSMSession + Assert-MockCalled Invoke-PASRestMethod -Times 5 -Exactly -Scope It + + } } diff --git a/Tests/Get-PASSession.Tests.ps1 b/Tests/Get-PASSession.Tests.ps1 index b46341b4..8f76fae5 100644 --- a/Tests/Get-PASSession.Tests.ps1 +++ b/Tests/Get-PASSession.Tests.ps1 @@ -35,9 +35,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { BeforeEach { - Mock Get-PASLoggedOnUser -MockWith { - [PSCustomObject]@{'Username' = 'SomeUser'; 'Prop2' = 'Val2' } - } + $response = Get-PASSession } @@ -51,7 +49,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { It 'has output with expected number of properties' { - ($response | Get-Member -MemberType NoteProperty).length | Should -Be 4 + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 3 } @@ -61,26 +59,6 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } - It 'does not throw if Get-PASLoggedOnUser fails' { - Mock Get-PASLoggedOnUser -MockWith { - throw 'Some Error' - } - - { Get-PASSession } | Should -Not -Throw - - } - - It 'does provides output if Get-PASLoggedOnUser fails' { - Mock Get-PASLoggedOnUser -MockWith { - throw 'Some Error' - } - - $response = Get-PASSession - - ($response | Get-Member -MemberType NoteProperty).length | Should -Be 4 - - } - } } diff --git a/Tests/Invoke-PASRestMethod.Tests.ps1 b/Tests/Invoke-PASRestMethod.Tests.ps1 index 8b80218f..184fdbaa 100644 --- a/Tests/Invoke-PASRestMethod.Tests.ps1 +++ b/Tests/Invoke-PASRestMethod.Tests.ps1 @@ -43,8 +43,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { $Response | Add-Member -MemberType NoteProperty -Name StatusCode -Value 200 -Force $Response | Add-Member -MemberType NoteProperty -Name Headers -Value @{ 'Content-Type' = 'application/json; charset=utf-8' } -Force $Response | Add-Member -MemberType NoteProperty -Name Content -Value (@{ - 'prop1' = 'value1'; - 'prop2' = 'value2'; + 'prop1' = 'value1' + 'prop2' = 'value2' 'prop123' = 123 'test' = 321 } | ConvertTo-Json) -Force @@ -270,7 +270,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } - It 'reports privilege cloud errors' { + It 'reports privilege cloud errors with error + error_description properties' { If ($IsCoreCLR) { $targetObject = [pscustomobject]@{'RequestUri' = [pscustomobject]@{'Host' = 'https://subdomain.id.cyberark.cloud' } } $errorDetails = $([pscustomobject]@{'error' = 'access_denied'; 'error_description' = 'invalid client creds or client not allowed' } | ConvertTo-Json) @@ -281,6 +281,17 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } Else { Set-ItResult -Inconclusive } } + It 'reports privilege cloud errors with ErrorMessage + ErrorCode properties' { + If ($IsCoreCLR) { + $targetObject = [pscustomobject]@{'RequestUri' = [pscustomobject]@{'Host' = 'https://subdomain.id.cyberark.cloud' } } + $errorDetails = $([pscustomobject]@{'ErrorCode' = 'access_denied'; 'ErrorMessage' = 'invalid client creds or client not allowed' } | ConvertTo-Json) + $errorRecord = New-Object Management.Automation.ErrorRecord $exception, $errorID, $errorCategory, $targetObject + $errorRecord.ErrorDetails = $errorDetails + Mock Invoke-WebRequest { Throw $errorRecord } + { Invoke-PASRestMethod @WebSession } | Should -Throw 'invalid client creds or client not allowed' + } Else { Set-ItResult -Inconclusive } + } + It 'reports privilege cloud errors not returned as json' { If ($IsCoreCLR) { $errorDetails = 'Some Error Message' diff --git a/docs/collections/_commands/Get-PASAccount.md b/docs/collections/_commands/Get-PASAccount.md index 9bb12610..5390137e 100644 --- a/docs/collections/_commands/Get-PASAccount.md +++ b/docs/collections/_commands/Get-PASAccount.md @@ -18,8 +18,7 @@ Returns information about a single account. (Version 9.3 - 10.3) ### Gen2Query (Default) ``` Get-PASAccount [-search ] [-searchType ] [-safeName ] [-savedFilter ] - [-modificationTime ] [-sort ] [-offset ] [-limit ] [-TimeoutSec ] - [] + [-modificationTime ] [-sort ] [-limit ] [-TimeoutSec ] [] ``` ### Gen2ID @@ -130,16 +129,6 @@ Returns all accounts, in page sizes of 1000. Requires minimum version of 10.4 -### EXAMPLE 10 - -``` -Get-PASAccount -limit 500 -offset 1500 -``` - -Returns all accounts, skipping the first 1500 results, in page sizes of 500. - -Requires minimum version of 10.4 - ## PARAMETERS ### -id @@ -341,21 +330,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -offset -Offset of the first account that is returned in the collection of results. - -```yaml -Type: Int32 -Parameter Sets: Gen2Query -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/collections/_commands/Get-PASDiscoveredAccount.md b/docs/collections/_commands/Get-PASDiscoveredAccount.md index 6b699939..5dbc11fe 100644 --- a/docs/collections/_commands/Get-PASDiscoveredAccount.md +++ b/docs/collections/_commands/Get-PASDiscoveredAccount.md @@ -17,7 +17,7 @@ Returns discovered accounts from the Pending Accounts list. ### byQuery (Default) ``` Get-PASDiscoveredAccount [-platformType ] [-privileged ] [-AccountEnabled ] - [-search ] [-searchType ] [-offset ] [-limit ] [] + [-search ] [-searchType ] [-limit ] [] ``` ### byID @@ -165,21 +165,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -offset -The offset of the first returned accounts into the list of results. - -```yaml -Type: Int32 -Parameter Sets: byQuery -Aliases: - -Required: False -Position: Named -Default value: 0 -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - ### -limit The maximum number of returned accounts. diff --git a/docs/collections/_commands/Get-PASPSMRecording.md b/docs/collections/_commands/Get-PASPSMRecording.md index ddcd8741..cdd85743 100644 --- a/docs/collections/_commands/Get-PASPSMRecording.md +++ b/docs/collections/_commands/Get-PASPSMRecording.md @@ -16,8 +16,8 @@ Get details of PSM Recording ### byQuery (Default) ``` -Get-PASPSMRecording [-Limit ] [-Sort ] [-Offset ] [-Search ] [-Safe ] - [-FromTime ] [-ToTime ] [-Activities ] [] +Get-PASPSMRecording [-Limit ] [-Sort ] [-Search ] [-Safe ] + [-FromTime ] [-ToTime ] [-Activities ] [] ``` ### byRecordingID @@ -32,10 +32,10 @@ Returns the details of recordings of PSM, PSMP or OPM sessions. ### EXAMPLE 1 ``` -Get-PASPSMRecording -Limit 10 -Safe PSMRecordings -Sort -FileName +Get-PASPSMRecording -Sort -FileName ``` -Lists the first 10 recordings from the PSMRecordings safe, sorted by descending filename. +Lists all PSM recordings, sorted by descending filename. ### EXAMPLE 2 ``` @@ -46,6 +46,13 @@ Gets details of specified PSM recording Minimum required version 10.6 +### EXAMPLE 3 +``` +Get-PASPSMRecording -FromTime (Get-Date).AddDays(-7) +``` + +Lists all PSM recordings from the last week. + ## PARAMETERS ### -RecordingID @@ -112,23 +119,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Offset -Determines which recording results will be returned, according to a specific place in the returned list. - -This value defines the recording's place in the list and how many results will be skipped. - -```yaml -Type: Int32 -Parameter Sets: byQuery -Aliases: - -Required: False -Position: Named -Default value: 0 -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - ### -Search Returns recordings that are filtered by properties that contain the specified search text. @@ -163,7 +153,7 @@ Accept wildcard characters: False Returns recordings from a specific date ```yaml -Type: Int32 +Type: DateTime Parameter Sets: byQuery Aliases: @@ -178,7 +168,7 @@ Accept wildcard characters: False Returns recordings from a specific date ```yaml -Type: Int32 +Type: DateTime Parameter Sets: byQuery Aliases: diff --git a/docs/collections/_commands/Get-PASPSMSession.md b/docs/collections/_commands/Get-PASPSMSession.md index a20fe964..5b58ff9c 100644 --- a/docs/collections/_commands/Get-PASPSMSession.md +++ b/docs/collections/_commands/Get-PASPSMSession.md @@ -16,8 +16,8 @@ Get details of Live PSM Sessions ### byQuery (Default) ``` -Get-PASPSMSession [-Limit ] [-Sort ] [-Offset ] [-Search ] [-Safe ] - [-FromTime ] [-ToTime ] [-Activities ] [] +Get-PASPSMSession [-Limit ] [-Sort ] [-Search ] [-Safe ] [-FromTime ] + [-ToTime ] [-Activities ] [] ``` ### bySessionID @@ -112,23 +112,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Offset -Determines which recording results will be returned, according to a specific place in the returned list. - -This value defines the recording's place in the list and how many results will be skipped. - -```yaml -Type: Int32 -Parameter Sets: byQuery -Aliases: - -Required: False -Position: Named -Default value: 0 -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - ### -Search Returns recordings that are filtered by properties that contain the specified search text. @@ -163,7 +146,7 @@ Accept wildcard characters: False Returns recordings from a specific date ```yaml -Type: Int32 +Type: DateTime Parameter Sets: byQuery Aliases: @@ -178,7 +161,7 @@ Accept wildcard characters: False Returns recordings from a specific date ```yaml -Type: Int32 +Type: DateTime Parameter Sets: byQuery Aliases: diff --git a/docs/collections/_commands/Get-PASPlatform.md b/docs/collections/_commands/Get-PASPlatform.md index f9c79a1a..4a5d1969 100644 --- a/docs/collections/_commands/Get-PASPlatform.md +++ b/docs/collections/_commands/Get-PASPlatform.md @@ -16,7 +16,7 @@ Retrieves details of Vault platforms. ### targets (Default) ``` -Get-PASPlatform [-Active ] [-SystemType ] [-PeriodicVerify ] +Get-PASPlatform [-Active ] [-Search ] [-SystemType ] [-PeriodicVerify ] [-ManualVerify ] [-PeriodicChange ] [-ManualChange ] [-AutomaticReconcile ] [-ManualReconcile ] [] ``` @@ -212,7 +212,7 @@ Minimum required version 11.1 ```yaml Type: String -Parameter Sets: platforms +Parameter Sets: targets, platforms Aliases: Required: False diff --git a/docs/collections/_commands/Get-PASSession.md b/docs/collections/_commands/Get-PASSession.md index f572a717..60f1f5ef 100644 --- a/docs/collections/_commands/Get-PASSession.md +++ b/docs/collections/_commands/Get-PASSession.md @@ -20,7 +20,6 @@ Get-PASSession [] ## DESCRIPTION For the current session, returns data from the module scope: -- Username relating to the session. - BaseURI: URL value used for sending requests to the API. - ExternalVersion: PAS version information. - Websession: Contains Authorization Header, Cookie & Certificate data related to the current session. diff --git a/docs/collections/_posts/2024-02-01-pspas-release-6-1.md b/docs/collections/_posts/2024-02-01-pspas-release-6-1.md index fd02003c..6bfb7fe5 100644 --- a/docs/collections/_posts/2024-02-01-pspas-release-6-1.md +++ b/docs/collections/_posts/2024-02-01-pspas-release-6-1.md @@ -1,6 +1,6 @@ --- title: "psPAS Release 6.1" -date: 2024-02-01 00:00:00 +date: 2024-02-07 00:00:00 tags: - Release Notes - Add-PASPTAExcludedTarget @@ -21,8 +21,41 @@ tags: - New-PASDirectoryMapping - Set-PASDirectoryMapping - Invoke-PASRestMethod + - Get-PASPSMRecording + - Get-PASPSMSession + - Get-PASAccount + - Get-PASDiscoveredAccount + - Get-PASSession + - Get-PASPlatform --- +## **6.1.62** + +### Added +- N/A + +### Updated +- `Get-PASPSMRecording` + - Removes `Offset` Parameter + - Updates `FromTime` & `ToTime` parameters to `[datetime]` types + - Returns all pages of results instead of only the first page of results +- `Get-PASPSMSession` + - Removes `Offset` Parameter + - Updates `FromTime` & `ToTime` parameters to `[datetime]` types + - Returns all pages of results instead of only the first page of results +- `Get-PASAccount` + - Removes `Offset` Parameter +- `Get-PASDiscoveredAccount` + - Removes `Offset` Parameter + +### Fixed +- `Get-PASSession` + - Removes `UserName` from command output, avoiding error condition on expired session. +- `Get-PASPlatform` + - Adds `search` parameter to the default `targets` parameterset +- ISPSS Error Handling + - Fixes issue where error returned from ISPSS solution may not be handled properly + ## **6.1.50** ### Module update to cover all CyberArk 14.0 API features diff --git a/psPAS/Functions/Accounts/Get-PASAccount.ps1 b/psPAS/Functions/Accounts/Get-PASAccount.ps1 index 093465ab..0a22448d 100644 --- a/psPAS/Functions/Accounts/Get-PASAccount.ps1 +++ b/psPAS/Functions/Accounts/Get-PASAccount.ps1 @@ -58,13 +58,6 @@ function Get-PASAccount { )] [string[]]$sort, - [parameter( - Mandatory = $false, - ValueFromPipelinebyPropertyName = $true, - ParameterSetName = 'Gen2Query' - )] - [int]$offset, - [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, diff --git a/psPAS/Functions/Accounts/Get-PASDiscoveredAccount.ps1 b/psPAS/Functions/Accounts/Get-PASDiscoveredAccount.ps1 index 022122cf..9eb3530f 100644 --- a/psPAS/Functions/Accounts/Get-PASDiscoveredAccount.ps1 +++ b/psPAS/Functions/Accounts/Get-PASDiscoveredAccount.ps1 @@ -46,13 +46,6 @@ Function Get-PASDiscoveredAccount { [ValidateSet('startswith', 'contains')] [string]$searchType, - [parameter( - Mandatory = $false, - ValueFromPipelinebyPropertyName = $true, - ParameterSetName = 'byQuery' - )] - [int]$offset, - [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, diff --git a/psPAS/Functions/Authentication/Get-PASSession.ps1 b/psPAS/Functions/Authentication/Get-PASSession.ps1 index 75af8148..38601d55 100644 --- a/psPAS/Functions/Authentication/Get-PASSession.ps1 +++ b/psPAS/Functions/Authentication/Get-PASSession.ps1 @@ -7,14 +7,7 @@ function Get-PASSession { PROCESS { - Try { - - $UserName = Get-PASLoggedOnUser -ErrorAction Stop | Select-Object -ExpandProperty Username - - } Catch { $UserName = $null } - [PSCustomObject]@{ - User = $UserName BaseURI = $Script:BaseURI ExternalVersion = $Script:ExternalVersion WebSession = $Script:WebSession diff --git a/psPAS/Functions/Monitoring/Get-PASPSMRecording.ps1 b/psPAS/Functions/Monitoring/Get-PASPSMRecording.ps1 index d957a9e9..cc029c0b 100644 --- a/psPAS/Functions/Monitoring/Get-PASPSMRecording.ps1 +++ b/psPAS/Functions/Monitoring/Get-PASPSMRecording.ps1 @@ -30,13 +30,6 @@ function Get-PASPSMRecording { )] [string]$Sort, - [parameter( - Mandatory = $false, - ValueFromPipelinebyPropertyName = $true, - ParameterSetName = 'byQuery' - )] - [int]$Offset, - [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, @@ -56,14 +49,14 @@ function Get-PASPSMRecording { ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'byQuery' )] - [int]$FromTime, + [datetime]$FromTime, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'byQuery' )] - [int]$ToTime, + [datetime]$ToTime, [parameter( Mandatory = $false, @@ -97,6 +90,26 @@ function Get-PASPSMRecording { #Get Parameters to include in request $boundParameters = $PSBoundParameters | Get-PASParameter + switch ($PSBoundParameters) { + + { $PSItem.ContainsKey('FromTime') } { + + $boundParameters['FromTime'] = $FromTime | ConvertTo-UnixTime + + } + + { $PSItem.ContainsKey('ToTime') } { + + $boundParameters['ToTime'] = $ToTime | ConvertTo-UnixTime + + } + + { $PSBoundParameters.Keys -notcontains 'Limit' } { + $Limit = 25 #default if you call the API with no value + } + + } + #Create Query String, escaped for inclusion in request URL $queryString = $boundParameters | ConvertTo-QueryString @@ -116,10 +129,47 @@ function Get-PASPSMRecording { #send request to PAS web service $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession - If ($null -ne $result) { + $Total = ($result.Recordings).Count + + If ($Total -gt 0) { + + #Set events as output collection + $Recordings = [Collections.Generic.List[Object]]::New(@($result.Recordings)) + + #Split Request URL into baseURI & any query string value + $URLString = $URI.Split('?') + $URI = $URLString[0] + $queryString = $URLString[1] + + For ( $Offset = $Limit ; $Limit -eq $Total ; $Offset += $Limit ) { + + #While more risk events to return, create nextLink query value + $nextLink = "OffSet=$Offset" + + if ($null -ne $queryString) { + + #If original request contained a queryString, concatenate with nextLink value. + $nextLink = "$queryString&$nextLink" + + } + + $result = (Invoke-PASRestMethod -Uri "$URI`?$nextLink" -Method GET -WebSession $Script:WebSession).Recordings + + $Total = $result.Count + + #Request nextLink. Add Risk Events to output collection. + $Null = $Recordings.AddRange($result) + + } + + $Output = $Recordings + + } + + If ($null -ne $Output) { #Return Results - $result.Recordings | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PSM.Recording + $Output | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PSM.Recording } #process diff --git a/psPAS/Functions/Monitoring/Get-PASPSMSession.ps1 b/psPAS/Functions/Monitoring/Get-PASPSMSession.ps1 index fc3cbb92..dc5243b9 100644 --- a/psPAS/Functions/Monitoring/Get-PASPSMSession.ps1 +++ b/psPAS/Functions/Monitoring/Get-PASPSMSession.ps1 @@ -30,13 +30,6 @@ function Get-PASPSMSession { )] [string]$Sort, - [parameter( - Mandatory = $false, - ValueFromPipelinebyPropertyName = $true, - ParameterSetName = 'byQuery' - )] - [int]$Offset, - [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, @@ -56,14 +49,14 @@ function Get-PASPSMSession { ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'byQuery' )] - [int]$FromTime, + [datetime]$FromTime, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'byQuery' )] - [int]$ToTime, + [datetime]$ToTime, [parameter( Mandatory = $false, @@ -97,6 +90,25 @@ function Get-PASPSMSession { #Get Parameters to include in request $boundParameters = $PSBoundParameters | Get-PASParameter + switch ($PSBoundParameters) { + + { $PSItem.ContainsKey('FromTime') } { + + $boundParameters['FromTime'] = $FromTime | ConvertTo-UnixTime + + } + + { $PSItem.ContainsKey('ToTime') } { + + $boundParameters['ToTime'] = $ToTime | ConvertTo-UnixTime + + } + + { $PSBoundParameters.Keys -notcontains 'Limit' } { + $Limit = 25 #default if you call the API with no value + } + + } #Create Query String, escaped for inclusion in request URL $queryString = $boundParameters | ConvertTo-QueryString @@ -116,10 +128,47 @@ function Get-PASPSMSession { #send request to PAS web service $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession - If ($null -ne $result) { + $Total = ($result.LiveSessions).Count + + If ($Total -gt 0) { + + #Set events as output collection + $LiveSessions = [Collections.Generic.List[Object]]::New(@($result.LiveSessions)) + + #Split Request URL into baseURI & any query string value + $URLString = $URI.Split('?') + $URI = $URLString[0] + $queryString = $URLString[1] + + For ( $Offset = $Limit ; $Limit -eq $Total ; $Offset += $Limit ) { + + #While more risk events to return, create nextLink query value + $nextLink = "OffSet=$Offset" + + if ($null -ne $queryString) { + + #If original request contained a queryString, concatenate with nextLink value. + $nextLink = "$queryString&$nextLink" + + } + + $result = (Invoke-PASRestMethod -Uri "$URI`?$nextLink" -Method GET -WebSession $Script:WebSession).LiveSessions + + $Total = $result.Count + + #Request nextLink. Add Risk Events to output collection. + $Null = $LiveSessions.AddRange($result) + + } + + $Output = $LiveSessions + + } + + If ($null -ne $Output) { #Return Results - $result.LiveSessions | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PSM.Session + $Output | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PSM.Session } #process diff --git a/psPAS/Functions/Platforms/Get-PASPlatform.ps1 b/psPAS/Functions/Platforms/Get-PASPlatform.ps1 index 520b55f7..19733613 100644 --- a/psPAS/Functions/Platforms/Get-PASPlatform.ps1 +++ b/psPAS/Functions/Platforms/Get-PASPlatform.ps1 @@ -27,6 +27,11 @@ function Get-PASPlatform { ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'platforms' )] + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = 'targets' + )] [string]$Search, [parameter( @@ -156,10 +161,22 @@ function Get-PASPlatform { $URI = "$Script:BaseURI/API/Platforms/$($PSCmdlet.ParameterSetName)" - #Get Parameters to include in request - $boundParameters = $PSBoundParameters | Get-PASParameter + #Parameter to include parameter value in url + $Parameters = [Collections.Generic.List[Object]]::New(@('Search')) + + #Get Parameters to include in request filter string + $filterParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove $Parameters + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToKeep $Parameters + $FilterString = $filterParameters | ConvertTo-FilterString - $queryString = $boundParameters | ConvertTo-FilterString | ConvertTo-QueryString + If ($null -ne $FilterString) { + + $boundParameters = $boundParameters + $FilterString + + } + + #Create Query String, escaped for inclusion in request URL + $queryString = $boundParameters | ConvertTo-QueryString If ($null -ne $queryString) { @@ -189,7 +206,7 @@ function Get-PASPlatform { If ($null -ne $result) { #11.1+ returns result under "platforms" property - If ($result.Platforms) { + If ($null -ne $result.Platforms) { $result = $result | Select-Object -ExpandProperty Platforms @@ -268,9 +285,7 @@ function Get-PASPlatform { } #Return Results - $result | - - Add-ObjectDetail -typename 'psPAS.CyberArk.Vault.Platform' + $result | Add-ObjectDetail -typename 'psPAS.CyberArk.Vault.Platform' } diff --git a/psPAS/Private/Invoke-PASRestMethod.ps1 b/psPAS/Private/Invoke-PASRestMethod.ps1 index ab412537..2eb57bb8 100644 --- a/psPAS/Private/Invoke-PASRestMethod.ps1 +++ b/psPAS/Private/Invoke-PASRestMethod.ps1 @@ -240,22 +240,33 @@ If ($null -ne $($ResponseException)) { - $ErrorMessage = $ResponseException - $ErrorID = $null - $ThisException = $ResponseException | ConvertFrom-Json -ErrorAction SilentlyContinue + try { - switch ($ThisException) { + $ThisException = $ResponseException | ConvertFrom-Json - { $null -ne $PSItem.error_description } { - $ErrorMessage = $ThisException | Select-Object -ExpandProperty error_description - } + switch ($ThisException) { - { $null -ne $PSItem.error } { - $ErrorID = $ThisException | Select-Object -ExpandProperty error - } + { $null -ne $PSItem.ErrorMessage } { + $ErrorMessage = $ThisException | Select-Object -ExpandProperty ErrorMessage + } - } + { $null -ne $PSItem.ErrorCode } { + $ErrorID = $ThisException | Select-Object -ExpandProperty ErrorCode + } + { $null -ne $PSItem.error_description } { + $ErrorMessage = $ThisException | Select-Object -ExpandProperty error_description + } + + { $null -ne $PSItem.error } { + $ErrorID = $ThisException | Select-Object -ExpandProperty error + } + + } + } catch { + $ErrorMessage = $ResponseException + $ErrorID = $null + } } } diff --git a/psPAS/en-US/psPAS-help.xml b/psPAS/en-US/psPAS-help.xml index bf82b76f..8ce998c7 100644 --- a/psPAS/en-US/psPAS-help.xml +++ b/psPAS/en-US/psPAS-help.xml @@ -11782,18 +11782,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - offset - - Offset of the first account that is returned in the collection of results. - - Int32 - - Int32 - - - None - Get-PASAccount @@ -11986,18 +11974,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - offset - - Offset of the first account that is returned in the collection of results. - - Int32 - - Int32 - - - None - @@ -12079,14 +12055,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Requires minimum version of 10.4 - - -------------------------- EXAMPLE 10 -------------------------- - Get-PASAccount -limit 500 -offset 1500 - - Returns all accounts, skipping the first 1500 results, in page sizes of 500. - Requires minimum version of 10.4 - - @@ -14185,18 +14153,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - offset - - The offset of the first returned accounts into the list of results. - - Int32 - - Int32 - - - 0 - limit @@ -14296,18 +14252,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - offset - - The offset of the first returned accounts into the list of results. - - Int32 - - Int32 - - - 0 - limit @@ -15017,6 +14961,19 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn False + + Search + + Filter platform by search pattern + Minimum required version 11.1 + + String + + String + + + None + SystemType @@ -15838,19 +15795,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - Offset - - Determines which recording results will be returned, according to a specific place in the returned list. - This value defines the recording's place in the list and how many results will be skipped. - - Int32 - - Int32 - - - 0 - Search @@ -15880,9 +15824,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -15892,9 +15836,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -15952,19 +15896,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - Offset - - Determines which recording results will be returned, according to a specific place in the returned list. - This value defines the recording's place in the list and how many results will be skipped. - - Int32 - - Int32 - - - 0 - Search @@ -15994,9 +15925,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -16006,9 +15937,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -16036,9 +15967,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn -------------------------- EXAMPLE 1 -------------------------- - Get-PASPSMRecording -Limit 10 -Safe PSMRecordings -Sort -FileName + Get-PASPSMRecording -Sort -FileName - Lists the first 10 recordings from the PSMRecordings safe, sorted by descending filename. + Lists all PSM recordings, sorted by descending filename. @@ -16049,6 +15980,13 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Minimum required version 10.6 + + -------------------------- EXAMPLE 3 -------------------------- + Get-PASPSMRecording -FromTime (Get-Date).AddDays(-7) + + Lists all PSM recordings from the last week. + + @@ -16306,19 +16244,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - Offset - - Determines which recording results will be returned, according to a specific place in the returned list. - This value defines the recording's place in the list and how many results will be skipped. - - Int32 - - Int32 - - - 0 - Search @@ -16348,9 +16273,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -16360,9 +16285,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -16420,19 +16345,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - Offset - - Determines which recording results will be returned, according to a specific place in the returned list. - This value defines the recording's place in the list and how many results will be skipped. - - Int32 - - Int32 - - - 0 - Search @@ -16462,9 +16374,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -16474,9 +16386,9 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns recordings from a specific date - Int32 + DateTime - Int32 + DateTime 0 @@ -19069,8 +18981,7 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn - For the current session, returns data from the module scope: - Username relating to the session. - - BaseURI: URL value used for sending requests to the API. + For the current session, returns data from the module scope: - BaseURI: URL value used for sending requests to the API. - ExternalVersion: PAS version information. - Websession: Contains Authorization Header, Cookie & Certificate data related to the current session.