functions.ps1
|
#CreatingaSecret # SearchingSecrets Function Get-DelineaSecret { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") $filters = "?filter.includeRestricted=true&filter.searchtext=< mySearchText >" Write-Host "------------------------------" Write-Host "----- Secret Search Values -----" Write-Host "------------------------------" #?filter.searchfield=username&filter.searchfield=displayname&filter.searchfield=filter.searchText=mister&filter.includeinactive=true" -Headers $headers $result = Invoke-RestMethod "$api/secrets$filters" -Headers $headers Write-Host $result.filter.searchField Write-Host $result.total foreach ($secret1 in $result.records) { Write-Host $secret1.id" - "$secret1.name" - "$secret1.folderId - $secret1.lastHeartBeatStatus } Write-Host "------------------------------" Write-Host "----- Secret Lookup Values -----" Write-Host "------------------------------" #?filter.searchfield=username&filter.searchfield=displayname&filter.searchfield=filter.searchText=mister&filter.includeinactive=true" -Headers $headers $result = Invoke-RestMethod "$api/secrets/lookup$filters" -Headers $headers Write-Host $result.filter.searchField Write-Host $result.total foreach ($secret in $result.records) { Write-Host $secret.id" - "$secret.value } Write-Host "------------------------------" } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() | ConvertFrom-Json Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function New-DelineaSecret { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #stub $templateId = <Your Secret Template ID> $secret = Invoke-RestMethod $api"/secrets/stub?filter.secrettemplateid=$templateId" -Headers $headers #modify $secret.name = <Your Secret Name> $secret.secretTemplateId = $templateId $secret.AutoChangeEnabled = $false $secret.autoChangeNextPassword = <Next Password Value> $secret.SiteId = <Your Site ID> $secret.folderId = <Your Folder ID> foreach ($item in $secret.items) { if ($item.fieldName -eq "Domain") { $item.itemValue = <Your Domain> } if ($item.fieldName -eq "Username") { $item.itemValue = <Username> } if ($item.fieldName -eq "Password") { $item.itemValue = <Password> } } $secretArgs = $secret | ConvertTo-Json #create Write-Host "" Write-Host "-----Create secret -----" $secret = Invoke-RestMethod $api"/secrets/" -Method Post -Body $secretArgs -Headers $headers -ContentType "application/json" $secret1 = $secret | ConvertTo-Json Write-Host $secret1 Write-Host $secret.id } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody } } Function Update-DelineaSecret { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #get $secretId = <Secret ID> $secret = Invoke-RestMethod $api"/secrets/$secretId/" -Headers $headers #modify $secret.RequiresComment = $true #Example only. Available fields to edit can be found at https://<Your URL>/RestApiDocs.ashx?doc=token-help#tag/Secrets/operation/SecretsService_UpdateSecret $secretArgs = $secret | ConvertTo-Json #update Write-Host "" Write-Host "-----Update secret -----" $secret = Invoke-RestMethod $api"/secrets/$secretId" -Method Put -Body $secretArgs -Headers $headers -ContentType "application/json" $secretUpdate = $secret | ConvertTo-Json Write-Host $secretUpdate } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody } } Function Invoke-DelineaSecretCheckIn { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") $secretId = <Your Secret ID> $secret = Invoke-RestMethod $api"/secrets/$secretId/check-in" -Method Post -Body $secretArgs -Headers $headers -ContentType "application/json" } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody } } Function Delete-DelineaSecret { try { $api = "<URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") $secretId = <Your Secret ID> Write-Host "----- Delete a Secret -----" $deletemodel = Invoke-RestMethod "$api/secrets/$secretId" -Headers $headers -Method DELETE -ContentType "application/json" Write-Host $deletemodel } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() | ConvertFrom-Json Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } # CreatingaUser Function Create-DelineaUser { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # create user Write-Host "" Write-Host "----- Create a User -----" $userCreateArgs = @{ #More fields available at https://<Your URL>/RestApiDocs.ashx?doc=token-help#tag/Users/operation/UsersService_CreateUser userName = <Username> password = <Password> DisplayName = <Display Name> enabled = $true #Not required. Default is false. } | ConvertTo-Json $user = Invoke-RestMethod "$api/users" -Headers $headers -Method Post -ContentType "application/json" -Body $userCreateArgs Write-Host "New User ID : " $user.id } catch { Write-Debug "----- Exception -----" Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() | ConvertFrom-Json Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } #UpdateSecretField Function Update-SecretField { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #Secret ID and Field to update $secretId = <Your Secret ID> $fieldToUpdate = <Field to Update> $endpoint = "$api/secrets/$secretId/fields/$fieldToUpdate" $body = @{ value = <New Value> } | ConvertTo-Json echo $endpoint echo ---------------------------------------------------------------------------------------------------- echo ---------------------------------------------------------------------------------------------------- echo "Updating Field $fieldToUpdate" $response = Invoke-RestMethod -Method Put -Uri $endpoint -Headers $headers -ContentType "application/json" -Body $body echo $response; } catch { Write-Debug "----- Exception -----" Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() | ConvertFrom-Json Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Get-SecretFieldValue { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #Secret ID and Field to test against $secretId = <Your Secret ID> $field = <Field name> $endpoint = "$api/secrets/$secretId/fields/$field" $response = $null $response = Invoke-RestMethod -Method Get -Uri $endpoint -Headers $headers echo $response; } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Upload-FileToSecretServer { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #Secret ID and File to upload $fileSecretId = <Your Secret ID> $fileFieldToUpdate = <Field Name to Store File> echo ---------------------------------------------------------------------------------------------------- echo "Uploading file from $fileFieldToUpdate" $endpoint = "$api/secrets/$fileSecretId/fields/$fileFieldToUpdate" echo $endpoint $secretArgs = @{ fileName = <File Name> fileAttachment = [IO.File]::ReadAllBytes(<File Path>) } | ConvertTo-Json $response = $null $response = Invoke-RestMethod -Method Put -Uri $endpoint -Headers $headers -Body $secretArgs -ContentType "application/json" echo $response } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } #DownloadFileFromSecret Function DownloadFileFRomSecretServer { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") #Secret ID and File to download $fileSecretId = <Your Secret ID> $fileFieldToUpdate = <Field Name Storing File> $downloadPath = <Your Download path, including file name being downloaded> echo "Downloading file from $fileFieldToUpdate" $endpoint = "$api/secrets/$fileSecretId/fields/$fileFieldToUpdate" echo $endpoint $response = $null $response = Invoke-RestMethod -Method Get -Uri $endpoint -Headers $headers -OutFile $downloadPath Write-Host $response.Length Write-Host $response } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Invoke-ExpireToken { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") foreach ($user in $pagedUsers.records) { Write-Host $user.userName } # expire token Write-Host "" Write-Host "----- Expire Token -----" $expireToken = Invoke-RestMethod "$api/oauth-expiration" -Headers $headers -Method Post # This part should fail with a 403 Forbidden Write-Host "" Write-Host "----- Expect an error -----" $secrets = Invoke-RestMethod "$api/secrets" -Headers $headers } catch { Write-Debug "----- Exception -----" Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() | ConvertFrom-Json Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Add-SecretServerFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderStub.folderName = <Your Folder Name> $folderStub.folderTypeId = 1 $folderStub.inheritPermissions = $false $folderStub.inheritSecretPolicy = $false $folderArgs = $folderStub | ConvertTo-Json $folderAddResult = Invoke-RestMethod $api"/folders" -Method POST -Body $folderArgs -Headers $headers -ContentType "application/json" $folderId = $folderAddResult.id if ($folderId -gt 1) { echo "" echo "-----------------------" echo "--Add Folder Successful--" echo "-----------------------" echo "" echo $folderAddResult | ConvertTo-Json } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Delete-SecretServerFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderId = <Your Secret ID> $folderArgs = $folderStub | ConvertTo-Json $folderDelete = Invoke-RestMethod $api"/folders/$folderId" -Method DELETE -Body $folderArgs -Headers $headers -ContentType "application/json" } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Get-SecretServerFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderId = <Your Secret ID> $folderGetResult = Invoke-RestMethod $api"/folders/$folderid" -Method GET -Headers $headers -ContentType "application/json" if ($folderGetResult.id -eq $folderId) { echo "" echo "-----------------------" echo "--Get Folder Successful--" echo "-----------------------" echo "" echo $folderGetResult | ConvertTo-Json } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Add-SecretServerChildFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderStub.folderName = <Folder Name> $folderStub.folderTypeId = 1 $folderStub.inheritPermissions = $false $folderStub.inheritSecretPolicy = $false $folderStub.parentFolderId = <Parent Folder ID> $folderArgs = $folderStub | ConvertTo-Json $folderChildAddResult = Invoke-RestMethod $api"/folders" -Method POST -Body $folderArgs -Headers $headers -ContentType "application/json" $childfolderId = $folderChildAddResult.id if ($childfolderId -gt 1) { echo "" echo "-----------------------" echo "--Add Child Folder Successful--" echo "-----------------------" echo "" echo $folderChildAddResult | ConvertTo-Json } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Update-SecretServerFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod "$api/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderId = <Folder ID of folder to update> $folderStub.folderName = <Folder Name> $folderStub.folderTypeId = 1 $folderStub.id = $folderId $folderUpdateArgs = $folderStub | ConvertTo-Json $folderUpdateResult = Invoke-RestMethod "$api/folders/$folderId" -Method PUT -Body $folderUpdateArgs -Headers $headers -ContentType "application/json" Write-Host $folderUpdateResult if ($folderUpdateResult.folderId -eq $folderId) { echo "" echo "-----------------------" echo "--Update Folder Successful--" echo "-----------------------" echo "" echo $childFolderUpdateResult | ConvertTo-Json } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Search-SecretServerFolder { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $searchFilter = "?filter.searchText=<Search Text>" $searchResults = Invoke-RestMethod $api"/folders$searchFilter" -Method GET -Headers $headers -ContentType "application/json" $folder = $searchResults.records[0] echo $searchResults echo $folder $name = <Folder Name> if ($searchResults.total -gt 0 -and $folder.folderName -eq $name) { echo "" echo "------------------------------" echo "--Search Folder Successful--" echo "------------------------------" echo "" echo $group } else { Write-Error "ERROR: Failed to Search Folders." return } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Get-SecretServerFolders { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod $api"/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $lookupFilter = "?filter.searchText=<Search Text>" $lookupResults = Invoke-RestMethod $api"/folders/lookup$lookupFilter" -Method GET -Headers $headers -ContentType "application/json" $folder = $lookupResults.records[0] echo $lookupResults echo $folder if ($searchResults.total -gt 0 -and $folder.value -eq $name) { echo "" echo "------------------------------" echo "--Lookup Folder Successful--" echo "------------------------------" echo "" echo $folder } else { Write-Error "ERROR: Failed to Lookup Folders." return } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Add-SecretServerFolderPermissions { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") # Get Folder Stub $folderStub = Invoke-RestMethod "$api/folders/stub" -Method GET -Headers $headers -ContentType "application/json" $folderId = <Your Folder ID> $folderPermissionCreateArgs = Invoke-RestMethod $api"/folder-permissions/stub?filter.folderId=$folderId" -Method GET -Headers $headers -ContentType "application/json" $folderPermissionCreateArgs.GroupId = <Group ID. $null if assigning by user.> $folderPermissionCreateArgs.UserId = <User ID. $null if assigning by group.> $folderPermissionCreateArgs.FolderAccessRoleName = <Role Name> $folderPermissionCreateArgs.SecretAccessRoleName = <Role Name> $permissionArgs = $folderPermissionCreateArgs | ConvertTo-Json $permissionResults = Invoke-RestMethod "$api/folder-permissions" -Method POST -Headers $headers -Body $permissionArgs -ContentType "application/json" if ($permissionResults.FolderId -eq $folderId) { echo "" echo "-------------------------------------" echo "--Add Folder Permissions Successful--" echo "-------------------------------------" echo "" echo $permissionResults } else { Write-Error "ERROR: Failed to Add Folder Permissions." return } $folderPermissionId = $permissionResults.id } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } Function Remove-SecretServerFolderPermissions { try { $api = "<Secret Server URL>/api/v1" $token = "<TOKEN>" $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", "Bearer $token") $folderId = <Folder ID of folder being modified> $userId = <User ID of the user being removed from folder> # Get Folder Stub $folderStub = Invoke-RestMethod "$api/folders/$folderId" -Method GET -Headers $headers -ContentType "application/json" $folderPermissionId = Invoke-RestMethod "$api/folder-permissions/$folderId/?filter.userId=$userId" -Method GET -Headers $headers -ContentType "application/json" $permissionDeleteResult = Invoke-RestMethod "$api/folder-permissions/$folderPermissionId" -Method DELETE -Headers $headers -ContentType "application/json" if ($permissionDeleteResult.id -eq $folderPermissionId) { echo "" echo "----------------------------------------" echo "--Remove Folder Permissions Successful--" echo "----------------------------------------" echo "" } else { Write-Error "ERROR: Failed to Remove Folder Permissions." return } } catch [System.Net.WebException] { Write-Host "----- Exception -----" Write-Host $_.Exception Write-Host $_.Exception.Response.StatusCode Write-Host $_.Exception.Response.StatusDescription $result = $_.Exception.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($result) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd() Write-Host $responseBody.errorCode " - " $responseBody.message foreach ($modelState in $responseBody.modelState) { $modelState } } } |