public/Get-VPASAccountRequestDetails.ps1
|
<#
.Synopsis GET ACCOUNT REQUEST DETAILS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET THE DETAILS OF AN EXISTING ACCOUNT REQUEST .LINK https://vpasmodule.com/commands/Get-VPASAccountRequestDetails .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER RequestedSafe Safe name that will be used to query for the target account if no AcctID is passed .PARAMETER RequestedUsername Username that will be used to query for the target account if no AcctID is passed .PARAMETER RequestedPlatform PlatformID that will be used to query for the target account if no AcctID is passed .PARAMETER RequestedAddress Address that will be used to query for the target account if no AcctID is passed .PARAMETER RequestedAcctID Unique ID that maps to a single account, passing this variable will skip query functions to find target account .PARAMETER RequestedReason Reason that will be used to query and find the target account request .PARAMETER requestID Unique ID that maps to a single account request, passing this variable will skip any query functions .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $AccountRequestDetailsJSON = Get-VPASAccountRequestDetails -RequestedUsername {USERNAME VALUE} -RequestedReason {REASON VALUE} .EXAMPLE $AccountRequestDetailsJSON = Get-VPASAccountRequestDetails -requestID {REQUESTID VALUE} .EXAMPLE $InputParameters = @{ RequestedSafe = "TargetSafe" RequestedPlatform = "TargetPlatformID" RequestedUsername = "TargetUsername" RequestedAddress = "TargetAddress" RequestedReason = "account needed to function" } $AccountRequestDetailsJSON = Get-VPASAccountRequestDetails -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ RequestedAcctID = "22_123" RequestedReason = "account needed to function" } $AccountRequestDetailsJSON = Get-VPASAccountRequestDetails -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ requestID = "TargetSafe_20" } $AccountRequestDetailsJSON = Get-VPASAccountRequestDetails -InputParameters $InputParameters .OUTPUTS If successful: { "VPASRequestSafe_20": { "RequestID": "VPASRequestSafe_20", "SafeName": "VPASRequestSafe", "RequestorUserName": "vadim@vman.com", "RequestorReason": "(ConnectionClient=PSM-RDP) Testing Account Request", "UserReason": "Testing Account Request", "CreationDate": 1724125545, "Operation": "Connect to VPASDualControl-DomainAdmin011-vman.com", "ExpirationDate": 1726717545, "OperationType": 4, "AccessType": "ManyTimes", "ConfirmationsLeft": 1, "AccessFrom": 1724158800, "AccessTo": 1724173200, "Status": 1, "StatusTitle": "Waiting: 1 more user(s) must confirm the request", "InvalidRequestReason": 0, "CurrentConfirmationLevel": 1, "RequiredConfirmersCountLevel2": 1, "TicketingSystemProperties": { "Name": null, "Number": null, "Status": null }, "AdditionalInfo": { }, "AccountDetails": { "AccountID": "120_3", "Properties": "@{Address=vman.com; Safe=VPASRequestSafe; Folder=Root; Name=Operating System-VPASDualControl-vman.com-DomainAdmin01; PolicyID=VPASDualControl; PlatformName=VPASDualControl; DeviceType=Operating System; LastModifiedDate=1715222718000; LastModifiedBy=vadim@vman.com; LastUsedDate=1715222731000; LastUsedBy=vadim@vman.com; UserName=DomainAdmin011; LockedBy=; CPMDisabled=; CPMStatus=NoAction; ManagedByCPM=True; DeletedBy=; DeletionDate=0; ImmediateCPMTask=NoTask; LastCPMTask=NoTask; CreationDate=1715222718; IsSSHKey=False; IsIrregularPlatform=False; CreationMethod=PVWA}" }, "Confirmers": [ "@{Type=1; ID=41; Name=vadim@vman.com; Action=2; Reason=; ActionDate=0; AdditionalDetails=; Members=}" ] } } --- $false if failed #> function Get-VPASAccountRequestDetails{ [OutputType('System.Object',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$RequestedSafe, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$RequestedPlatform, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$RequestedUsername, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$RequestedAddress, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique AccountID of the target account (for example: 22_123)")] [String]$RequestedAcctID, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$RequestedReason, [Parameter(Mandatory=$true,ParameterSetName='Set3',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique RequestID of the target request (for example: 22_123)")] [String]$requestID, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("RequestedSafe","RequestedPlatform","RequestedUsername","RequestedAddress","RequestedReason") MandatoryKeys = @() } set2 = @{ AcceptableKeys = @("RequestedAcctID","RequestedReason") MandatoryKeys = @("RequestedAcctID") } set3 = @{ AcceptableKeys = @("requestID") MandatoryKeys = @("requestID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE ACCOUNT REQUESTS" Write-VPASOutput -str $_ -type E return $false } try{ if([String]::IsNullOrEmpty($requestID)){ Write-Verbose "NO REQUEST ID PROVIDED...INVOKING HELPER FUNCTION TO RETRIEVE UNIQUE ACCOUNT REQUEST ID BASED ON SPECIFIED PARAMETERS" [String[]]$requestID = Get-VPASAccountRequestIDHelper -AcctID $RequestedAcctID -token $token -UserReason $RequestedReason -Safe $RequestedSafe -Username $RequestedUsername -Address $RequestedAddress -Platform $RequestedPlatform } $outputset = @{} foreach($rec in $requestID){ Write-Verbose "RETRIEVING DETAILS FOR requestID: $rec" if($NoSSL){ $uri = "http://$PVWA/PasswordVault/API/myrequests/$rec" } else{ $uri = "https://$PVWA/PasswordVault/API/myrequests/$rec" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $outputlog = $response $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN $outputset += @{ $rec = $response } } Write-Verbose "SUCCESSFULLY RETRIEVED ACCOUNT REQUEST DETAILS" Write-Verbose "RETURNING JSON OBJECT" return $outputset }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO RETRIEVE ACCOUNT REQUEST DETAILS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |