Private/Entries/Update-DSCredentialEntry.ps1
|
function Update-DSCredentialEntry { [CmdletBinding()] PARAM ( [hashtable]$ParamList ) BEGIN { Write-Verbose "[Update-DSCredentialEntry] Beginning..." if ([string]::IsNullOrWhiteSpace($Global:DSSessionToken)) { throw "Session does not seem authenticated, call New-DSSession." } } PROCESS { try { $EntryResolvedVariables = (Get-DSEntry -EntryId $CandidEntryID -IncludeAdvancedProperties).Body.data $EntrySensitiveData = (Get-DSEntrySensitiveData $CandidEntryID).Body.data switch ($EntryResolvedVariables.connectionSubType) { ([CredentialResolverConnectionType]::Default) { Update-UsernamePassword $ParamList $EntryResolvedVariables $EntrySensitiveData } ([CredentialResolverConnectionType]::PrivateKey) { Update-PrivateKey $ParamList $EntryResolvedVariables $EntrySensitiveData } Default { throw "Credential $($EntryResolvedVariables.connectionSubType) not supported." } } $RequestParams = @{ Uri = "$Script:DSBaseURI/api/connections/partial/save" Method = "PUT" Body = $EntryResolvedVariables | ConvertTo-Json } $res = Invoke-DS @RequestParams -Verbose return $res } catch { Write-Error $_.Exception.Message } } END { if ($res.isSuccess) { Write-Verbose "[Update-DSCredentialEntry] Completed successfully!" } else { Write-Verbose "[Update-DSCredentialEntry] Ended with errors..." } } } function Update-UsernamePassword { PARAM ( [hashtable]$ParamList, $EntryResolvedVariables, $EntrySensitiveData ) $ISORegex = "/^(-?(?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[01]|0[1-9]|[12][0-9])T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(.[0-9]+)?(Z)?$/g" foreach ($Param in $ParamList.GetEnumerator()) { if (($null -ne $Param.Value) -and (![string]::IsNullOrWhiteSpace($Param.Value))) { switch ($Param.Key) { "EntryName" { if ($Param.Value -ne $EntryResolvedVariables.name) { $EntryResolvedVariables.name = $Param.Value } } "Folder" { if ($Param.Value -ne $EntryResolvedVariables.group) { $EntryResolvedVariables.group = $Param.Value } } "Username" { if ($Param.Value -ne $EntryResolvedVariables.data.userName) { $EntryResolvedVariables.data.userName = $Param.Value } } "Domain" { if ($Param.Value -ne $EntryResolvedVariables.data.domain) { $EntryResolvedVariables.data.domain = $Param.Value } } "Password" { if ($Param.Value -ne $EntryResolvedVariables.data.passwordItem) { @{"hasSensitiveData" = $True; "sensitiveData" = $Param.Value } | Out-Null } } "PromptForPassword" { if ("promptForPassword" -in $EntryResolvedVariables.data.PSObject.Properties.Name) { $EntryResolvedVariables.data.promptForPassword = $Param.Value } else { $EntryResolvedVariables.data | Add-Member -NotePropertyName "promptForPassword" -NotePropertyValue $Param.Value } } "MnemonicPassword" { if ($Param.Value -ne $EntryResolvedVariables.data.mnemonicPassword) { $EntryResolvedVariables.data.mnemonicPassword = $Param.Value } } "Description" { if ($Param.Value -ne $EntryResolvedVariables.description) { $EntryResolvedVariables.description = $param.Value } } "Tags" { if ($Param.Value -ne $EntryResolvedVariables.keywords) { $EntryResolvedVariables.keywords = $Param.Value } } "Expiration" { if (($Param.Value -ne $EntryResolvedVariables.expiration) -and $Param.Value -match $ISORegex) { $EntryResolvedVariables.description = $param.Value } } "CredentialViewedCommentIsRequired" { if ("credentialViewedCommentIsRequired" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.credentialViewedCommentIsRequired = $Param.Value } } "CredentialViewedPrompt" { if ("credentialViewedPrompt" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.credentialViewedPrompt = $Param.Value } } "TicketNumberIsRequiredOnCredentialViewed" { if ("ticketNumberIsRequiredOnCredentialViewed" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.ticketNumberIsRequiredOnCredentialViewed = $Param.Value } } Default {} } } } $EntryResolvedVariables.data = ($EntryResolvedVariables.data | ConvertTo-Json) } function Update-PrivateKey { <# .NOTES Missing Tags, Expiration, CheckoutMode and AllowOffline #> PARAM ( [hashtable]$ParamList, $EntryResolvedVariables, $EntrySensitiveData ) #Validate private key, if path was provided. If it exists, replace current ppk data with new ppk data if (![string]::IsNullOrEmpty($ParamList.PrivateKeyPath)) { $PrivateKeyCtx = Confirm-PrivateKey $ParamList.PrivateKeyPath if ($PrivateKeyCtx.Body.result -ne [SaveResult]::Success) { throw [System.Management.Automation.ItemNotFoundException]::new("Private key could not be parsed. Please make sure you provide a valid .ppk file.") } $EntryResolvedVariables.data.privateKeyData = $PrivateKeyCtx.Body.privateKeyData } foreach ($Param in $ParamList.GetEnumerator()) { switch ($Param.Key) { "Username" { $EntryResolvedVariables.userName = $Param.Value if ($Param.Value -ne $EntryResolvedVariables.data.privateKeyOverrideUsername) { $EntryResolvedVariables.data.privateKeyOverrideUsername = $Param.Value } } "Password" { if ($Param.Value -ne $EntrySensitiveData.privateKeyOverridePasswordItem.sensitiveData) { $EntryResolvedVariables.data.privateKeyOverridePasswordItem = @{"hasSensitiveData" = $true; "sensitiveData" = $Param.Value } } } "PrivateKeyPassphrase" { if ($Param.Value -ne $EntrySensitiveData.privateKeyPassPhraseItem.sensitiveData) { $EntryResolvedVariables.data.privateKeyOverridePasswordItem = @{"hasSensitiveData" = $true; "sensitiveData" = $Param.Value } } } "PromptForPassphrase" { if ("privateKeyPromptForPassPhrase" -in $EntryResolvedVariables.data.PSObject.Properties.Name) { $EntryResolvedVariables.data.privateKeyPromptForPassPhrase = $Param.Value } else { $EntryResolvedVariables.data | Add-Member -NotePropertyName "privateKeyPromptForPassPhrase" -NotePropertyValue $Param.Value } } "PrivateKeyType" { if ($Param.Value.value__ -ne $EntryResolvedVariables.data.privateKeyType) { $EntryResolvedVariables.data.privateKeyType = $Param.Value.value__ } } "VaultID" { if ($Param.Value -ne $EntryResolvedVariables.repositoryId) { $EntryResolvedVariables.repositoryId = $Param.Value } } "Folder" { if ($Param.Value -ne $EntryResolvedVariables.group) { $EntryResolvedVariables.group = $Param.Value } } "EntryName" { if ($Param.Value -ne $EntryResolvedVariables.name) { $EntryResolvedVariables.name = $Param.Value } } "CredentialViewedCommentIsRequired" { if ("credentialViewedCommentIsRequired" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.credentialViewedCommentIsRequired = $Param.Value } } "CredentialViewedPrompt" { if ("credentialViewedPrompt" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.credentialViewedPrompt = $Param.Value } } "TicketNumberIsRequiredOnCredentialViewed" { if ("ticketNumberIsRequiredOnCredentialViewed" -in $EntryResolvedVariables.events.PSObject.Properties.Name) { $EntryResolvedVariables.events.ticketNumberIsRequiredOnCredentialViewed = $Param.Value } } Default { if (($Param.Key -in $EntryResolvedVariables.PSObject.Properties.Name) -and ($Param.Value -ne $EntryResolvedVariables.($Param.Key))) { $EntryResolvedVariables.($Param.Key) = $Param.Value } } } } $EntryResolvedVariables.data = ($EntryResolvedVariables.data | ConvertTo-Json) } |