From 300e34e271ec2e544e9bedfab41156d9afdcf0d7 Mon Sep 17 00:00:00 2001 From: Nate Ferrell Date: Sun, 21 Oct 2018 22:11:17 -0500 Subject: [PATCH] !build v2.17.0 with updated psake, functions, and fixes for #102 and #103 --- .gitignore | 2 +- CHANGELOG.md | 16 ++++- PSGSuite/PSGSuite.psd1 | 2 +- PSGSuite/PSGSuite.psm1 | 21 +++---- .../Public/Authentication/Get-GSToken.ps1 | 7 ++- .../Authentication/New-GoogleService.ps1 | 3 +- .../Public/Drive/Add-GSDrivePermission.ps1 | 59 ++++++++++++------- README.md | 11 ++++ Tests/Mocks/Users.Mocks.ps1 | 4 ++ .../Users/PSGSuite.Get-GSUser.Tests.ps1 | 1 + psake.ps1 | 24 ++++---- 11 files changed, 96 insertions(+), 54 deletions(-) diff --git a/.gitignore b/.gitignore index e09ceecd..699dfbe7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -TestPad.ps1 +**TestPad.ps1 **-PSGSuite.xml **.insyncdl .vscode diff --git a/CHANGELOG.md b/CHANGELOG.md index acd88c52..e713a206 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Changelog +* [2.17.0](#2170) +* [2.16.1](#2161) * [2.16.0](#2160) * [2.15.4](#2154) * [2.15.3](#2153) @@ -51,13 +53,23 @@ * [Functions Removed](#functions-removed) * [Functions Aliased](#functions-aliased) +## 2.17.0 + +* [Issue #102](https://github.com/scrthq/PSGSuite/issues/102) + * Fixed: `$EncryptionKey` PSM1 parameter now stores the AES key correctly so SecureStrings are encrypted/decrypted as intended. +* [Issue #103](https://github.com/scrthq/PSGSuite/issues/103) + * Updated: `SendNotificationEmail` parameter on `Add-GSDrivePermission` defaults to false for all User & Group permissions that are not ownership transfers. + * Updated: Documentation for `SendNotificationEmail` parameter on `Add-GSDrivePermission` for clarity towards default Google API parameter values. +* Added: More unit testing for `Get-GSUser` +* Updated: `psake` build script + ## 2.16.1 -- Fixed: Module deployment segment in psake script deploying decompiled/broken module +* Fixed: Module deployment segment in psake script deploying decompiled/broken module ## 2.16.0 -- Updated: Build script to compile module into a single PSM1 file for cleanliness and loading speed improvements +* Updated: Build script to compile module into a single PSM1 file for cleanliness and loading speed improvements ## 2.15.4 diff --git a/PSGSuite/PSGSuite.psd1 b/PSGSuite/PSGSuite.psd1 index c99fde1f..2c61e51e 100644 --- a/PSGSuite/PSGSuite.psd1 +++ b/PSGSuite/PSGSuite.psd1 @@ -12,7 +12,7 @@ RootModule = 'PSGSuite.psm1' # Version number of this module. - ModuleVersion = '2.16.1' + ModuleVersion = '2.17.0' # ID used to uniquely identify this module GUID = '9d751152-e83e-40bb-a6db-4c329092aaec' diff --git a/PSGSuite/PSGSuite.psm1 b/PSGSuite/PSGSuite.psm1 index c561837f..6d935fa4 100644 --- a/PSGSuite/PSGSuite.psm1 +++ b/PSGSuite/PSGSuite.psm1 @@ -1,18 +1,13 @@ Param ( - [parameter(Position = 0)] - [System.Byte[]] - $EncryptionKey = $(if (Get-Command Import-SCRTKey -ErrorAction SilentlyContinue) { - Import-SCRTKey - } - else { - $null - }), + [parameter(Position = 0,ValueFromRemainingArguments = $true)] + [AllowNull()] + [Byte[]] + $EncryptionKey = $null, [parameter(Position = 1)] - [string] - $ConfigName = $null + [AllowNull()] + [String] + $ConfigName ) -#Get public and private function definition files. -$Public = @(Get-ChildItem -Recurse -Path $PSScriptRoot\Public\*.ps1 -ErrorAction SilentlyContinue) -$Private = @(Get-ChildItem -Recurse -Path $PSScriptRoot\Private\*.ps1 -ErrorAction SilentlyContinue) $ModuleRoot = $PSScriptRoot +New-Variable -Name PSGSuiteKey -Value $EncryptionKey -Scope Global -Force -PassThru diff --git a/PSGSuite/Public/Authentication/Get-GSToken.ps1 b/PSGSuite/Public/Authentication/Get-GSToken.ps1 index 98d1c0c5..388a20b3 100644 --- a/PSGSuite/Public/Authentication/Get-GSToken.ps1 +++ b/PSGSuite/Public/Authentication/Get-GSToken.ps1 @@ -15,10 +15,11 @@ function Get-GSToken { [ValidateNotNullOrEmpty()] [string[]] $Scopes, - [parameter(Mandatory = $false,HelpMessage = "What is the full path to your Google Service Account's P12 key file?")] + [parameter(Mandatory = $false)] + [Alias('User')] [ValidateNotNullOrEmpty()] [String] - $P12KeyPath = $Script:PSGSuite.P12KeyPath, + $AdminEmail = $Script:PSGSuite.AdminEmail, [parameter(Mandatory = $false)] [ValidateNotNullOrEmpty()] [String] @@ -26,7 +27,7 @@ function Get-GSToken { [parameter(Mandatory = $false)] [ValidateNotNullOrEmpty()] [String] - $AdminEmail = $Script:PSGSuite.AdminEmail + $P12KeyPath = $Script:PSGSuite.P12KeyPath ) function Invoke-URLEncode ($Object) { ([String]([System.Convert]::ToBase64String($Object))).TrimEnd('=').Replace('+','-').Replace('/','_') diff --git a/PSGSuite/Public/Authentication/New-GoogleService.ps1 b/PSGSuite/Public/Authentication/New-GoogleService.ps1 index bc70d5d9..463c8808 100644 --- a/PSGSuite/Public/Authentication/New-GoogleService.ps1 +++ b/PSGSuite/Public/Authentication/New-GoogleService.ps1 @@ -9,6 +9,7 @@ function New-GoogleService { [String] $ServiceType, [Parameter(Mandatory = $false,Position = 2)] + [Alias('AdminEmail')] [String] $User = $script:PSGSuite.AdminEmail ) @@ -49,4 +50,4 @@ function New-GoogleService { $PSCmdlet.ThrowTerminatingError($_) } } -} \ No newline at end of file +} diff --git a/PSGSuite/Public/Drive/Add-GSDrivePermission.ps1 b/PSGSuite/Public/Drive/Add-GSDrivePermission.ps1 index 07610cf6..67301bb0 100644 --- a/PSGSuite/Public/Drive/Add-GSDrivePermission.ps1 +++ b/PSGSuite/Public/Drive/Add-GSDrivePermission.ps1 @@ -2,18 +2,18 @@ function Add-GSDrivePermission { <# .SYNOPSIS Adds a new permission to a Drive file - + .DESCRIPTION Adds a new permission to a Drive file - + .PARAMETER User The owner of the Drive file Defaults to the AdminEmail user - + .PARAMETER FileId The unique Id of the Drive file you would like to add the permission to - + .PARAMETER Role The role/permission set you would like to give the email $EmailAddress @@ -23,7 +23,7 @@ function Add-GSDrivePermission { * "Commenter" * "Reader" * "Organizer" - + .PARAMETER Type The type of the grantee @@ -32,36 +32,42 @@ function Add-GSDrivePermission { * "Group": a group email * "Domain": the entire domain * "Anyone": public access - + .PARAMETER EmailAddress The email address of the user or group to which this permission refers - + .PARAMETER Domain The domain to which this permission refers - + .PARAMETER ExpirationTime - The time at which this permission will expire. - - Expiration times have the following restrictions: + The time at which this permission will expire. + + Expiration times have the following restrictions: * They can only be set on user and group permissions * The time must be in the future - * The time cannot be more than a year in the future - + * The time cannot be more than a year in the future + .PARAMETER EmailMessage A plain text custom message to include in the notification email - + .PARAMETER SendNotificationEmail - Whether to send a notification email when sharing to users or groups. This defaults to true for users and groups, and is not allowed for other requests. It must not be disabled for ownership transfers - + Whether to send a notification email when sharing to users or groups. + + This defaults to **FALSE** for users and groups in PSGSuite, and is not allowed for other requests. + + **It must not be disabled for ownership transfers** + .PARAMETER AllowFileDiscovery - Whether the permission allows the file to be discovered through search. This is only applicable for permissions of type domain or anyone - + Whether the permission allows the file to be discovered through search. + + This is only applicable for permissions of type domain or anyone + .PARAMETER TransferOwnership Confirms transfer of ownership if the Role is set to 'Owner'. You can also force the same behavior by passing -Confirm:$false instead - + .PARAMETER UseDomainAdminAccess Whether the request should be treated as if it was issued by a domain administrator; if set to true, then the requester will be granted access if they are an administrator of the domain to which the item belongs - + .EXAMPLE Add-GSDrivePermission -FileId "1rhsAYTOB_vrpvfwImPmWy0TcVa2sgmQa_9u976" -Role Owner -Type User -EmailAddress joe -SendNotificationEmail -Confirm:$false @@ -165,6 +171,14 @@ function Add-GSDrivePermission { Type { $body.$key = ($PSBoundParameters[$key]).ToLower() } + SendNotificationEmail { + if ($PSBoundParameters[$key]) { + $body.$key = $PSBoundParameters[$key] + } + else { + $body.$key = $false + } + } Default { if ($body.PSObject.Properties.Name -contains $key) { $body.$key = $PSBoundParameters[$key] @@ -179,6 +193,9 @@ function Add-GSDrivePermission { $request.$key = $PSBoundParameters[$key] } } + if ($PSBoundParameters.Keys -notcontains 'SendNotificationEmail') { + $request.SendNotificationEmail = $false + } Write-Verbose "Adding Drive Permission of '$Role' for user '$EmailAddress' on Id '$FileID'" $request.Execute() | Add-Member -MemberType NoteProperty -Name 'User' -Value $User -PassThru } @@ -191,4 +208,4 @@ function Add-GSDrivePermission { } } } -} \ No newline at end of file +} diff --git a/README.md b/README.md index 8cffa70f..448eee90 100644 --- a/README.md +++ b/README.md @@ -127,6 +127,17 @@ Update-GSSheetValue Export-GSSheet ### Most recent changes +#### 2.17.0 + +* [Issue #102](https://github.com/scrthq/PSGSuite/issues/102) + * Fixed: `$EncryptionKey` PSM1 parameter now stores the AES key correctly so SecureStrings are encrypted/decrypted as intended. +* [Issue #103](https://github.com/scrthq/PSGSuite/issues/103) + * Updated: `SendNotificationEmail` parameter on `Add-GSDrivePermission` defaults to false for all User & Group permissions that are not ownership transfers. + * Updated: Documentation for `SendNotificationEmail` parameter on `Add-GSDrivePermission` for clarity towards default Google API parameter values. +* Moved: `Get-GSToken` and `New-GoogleService` to Public functions under the Authentication section +* Added: More unit testing for `Get-GSUser` +* Updated: `psake` build script + #### 2.16.1 - Fixed: Module deployment segment in psake script deploying decompiled/broken module diff --git a/Tests/Mocks/Users.Mocks.ps1 b/Tests/Mocks/Users.Mocks.ps1 index 663208c7..5a80ff75 100644 --- a/Tests/Mocks/Users.Mocks.ps1 +++ b/Tests/Mocks/Users.Mocks.ps1 @@ -28,6 +28,10 @@ Mock 'New-GoogleService' -ModuleName PSGSuite -ParameterFilter {$ServiceType -eq } } } + $userList += New-Object 'Google.Apis.Admin.Directory.directory_v1.Data.User' -Property @{ + PrimaryEmail = "admin@domain.com" + OrgUnitPath = "/Users" + } if ( -not [String]::IsNullOrEmpty($this.Query)) { $filter = $this.Query.Trim() $left = $filter.Split('=',2)[1].Trim() diff --git a/Tests/Unit Tests/Users/PSGSuite.Get-GSUser.Tests.ps1 b/Tests/Unit Tests/Users/PSGSuite.Get-GSUser.Tests.ps1 index 874c1571..bd76ff28 100644 --- a/Tests/Unit Tests/Users/PSGSuite.Get-GSUser.Tests.ps1 +++ b/Tests/Unit Tests/Users/PSGSuite.Get-GSUser.Tests.ps1 @@ -1,4 +1,5 @@ InModuleScope PSGSuite { + Write-Verbose "Loading mocked versions of New-GoogleService" . ([System.IO.Path]::Combine("$env:BHProjectPath","Tests","Mocks","Users.Mocks.ps1")) Describe 'Directory function mock tests' { Context 'When a mocked Directory service is created' { diff --git a/psake.ps1 b/psake.ps1 index 4876e742..6de70da9 100644 --- a/psake.ps1 +++ b/psake.ps1 @@ -106,21 +106,21 @@ if (!(Test-Path (Join-Path "~" ".scrthq"))) { New-Item -Path (Join-Path "~" ".scrthq") -ItemType Directory -Force | Out-Null } -if (`$PSVersionTable.ContainsKey('PSEdition') -and `$PSVersionTable.PSEdition -eq 'Core' -and !`$EncryptionKey -and !`$IsWindows) { +if (`$PSVersionTable.ContainsKey('PSEdition') -and `$PSVersionTable.PSEdition -eq 'Core' -and !`$Global:PSGSuiteKey -and !`$IsWindows) { if (!(Test-Path (Join-Path (Join-Path "~" ".scrthq") "BlockCoreCLREncryptionWarning.txt"))) { Write-Warning "CoreCLR does not support DPAPI encryption! Setting a basic AES key to prevent errors. Please create a unique key as soon as possible as this will only obfuscate secrets from plain text in the Configuration, the key is not secure as is. If you would like to prevent this message from displaying in the future, run the following command:`n`nBlock-CoreCLREncryptionWarning`n" } - `$EncryptionKey = [Byte[]]@(1..16) + `$Global:PSGSuiteKey = [Byte[]]@(1..16) `$ConfigScope = "User" } -if (`$EncryptionKey -is [System.Security.SecureString]) { +if (`$Global:PSGSuiteKey -is [System.Security.SecureString]) { `$Method = "SecureString" if (!`$ConfigScope) { `$ConfigScope = "Machine" } } -elseif (`$EncryptionKey -is [System.Byte[]]) { +elseif (`$Global:PSGSuiteKey -is [System.Byte[]]) { `$Method = "AES Key" if (!`$ConfigScope) { `$ConfigScope = "Machine" @@ -134,22 +134,22 @@ else { Add-MetadataConverter -Converters @{ [SecureString] = { `$encParams = @{} - if (`$script:EncryptionKey -is [System.Byte[]]) { - `$encParams["Key"] = `$script:EncryptionKey + if (`$Global:PSGSuiteKey -is [System.Byte[]]) { + `$encParams["Key"] = `$Global:PSGSuiteKey } - elseif (`$script:EncryptionKey -is [System.Security.SecureString]) { - `$encParams["SecureKey"] = `$script:EncryptionKey + elseif (`$Global:PSGSuiteKey -is [System.Security.SecureString]) { + `$encParams["SecureKey"] = `$Global:PSGSuiteKey } 'Secure "{0}"' -f (ConvertFrom-SecureString `$_ @encParams) } "Secure" = { param([string]`$String) `$encParams = @{} - if (`$script:EncryptionKey -is [System.Byte[]]) { - `$encParams["Key"] = `$script:EncryptionKey + if (`$Global:PSGSuiteKey -is [System.Byte[]]) { + `$encParams["Key"] = `$Global:PSGSuiteKey } - elseif (`$script:EncryptionKey -is [System.Security.SecureString]) { - `$encParams["SecureKey"] = `$script:EncryptionKey + elseif (`$Global:PSGSuiteKey -is [System.Security.SecureString]) { + `$encParams["SecureKey"] = `$Global:PSGSuiteKey } ConvertTo-SecureString `$String @encParams }