psPAS icon indicating copy to clipboard operation
psPAS copied to clipboard
verified publisher icon pspete

set-pasuser resets details

Open ELANDJEA opened this issue 1 year ago • 1 comments

Describe the issue The documentation of set-pasuser already indicates "Appears to require all properties set on a user to be passed with the request." it would be nice if the function does update full details/properties and not clear the not provided details/properties as is done currently

To Reproduce Steps to reproduce the behavior: 1. 2. 3.

Expected behavior why not get full details....update the object and rewrite the full details (similar way of getting details like I added in issue #527 )

Screenshots & Console Output If applicable, add screenshots and/or console output to help explain your problem.


<--Console Output Goes Here-->

Your Environment Include relevant details about your environment

  • PowerShell Version:
  • psPAS Version:
  • CyberArk Version:

Additional context I created for instance a (basic)user-rename function that does something similar (now only for the "username" but can be done for other properties also:

Function rename-pasuser { param([string]$oldname,[string]$newname) $user=$null $user=get-pasuser -username $oldname if ($user -eq $null) { write-host user $oldname does not exist return $false } #get details via plain rest $id=$user.id $ThisSession = Get-PASSession $UrlPath = "api/users/$id/" $method="get" $Request = @{ "Method" = $Method "Uri" = "$($ThisSession.BaseUri)/$UrlPath" "WebSession" = $ThisSession.WebSession "ContentType" = "application/json" } $userdetails=Invoke-RestMethod @Request

$userdetails.username=$newname $userupdate=$null #set full details back witch changed name via plain rest $body=convertto-json $userdetails $Request = @{ "Method" = "PUT" "Uri" = "$($ThisSession.BaseUri)/$UrlPath" "WebSession" = $ThisSession.WebSession "ContentType" = "application/json" "body" = $body } $userupdate=Invoke-RestMethod @Request if ($userupdate -eq $null) { write-host rename of user $oldname ended with error return $false } write-host user $oldname renamed to $newname return $true }

ELANDJEA avatar Feb 13 '24 15:02 ELANDJEA

Hi @ELANDJEA ,

An update to make Set-PASUser work in the way you describe is now present in the DEV branch, and will be in the next psPAS release.

pspete avatar Mar 08 '24 00:03 pspete

Thanks for raising this @ELANDJEA The change is now present in psPAS 6.3.78

Also expanded the same functionality across all API commands that require use of a PUT request so current values from the object being updated are automatically fetched so that existing values not being changed will remain on the object. Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.

  • single properties can be updated without having to specify all properties in the request
  • The number of mandatory parameters required to be specified has been reduced
  • the following module commands have all been updated
    • Set-PASUser
    • Set-PASSafe
    • Set-PASOpenIDConnectProvider
    • Set-PASPTARule
    • Set-PASDirectoryMapping
    • Set-PASOnboardingRule
    • Set-PASPlatformPSMConfig
    • Set-PASSafeMember

pspete avatar Mar 21 '24 23:03 pspete