search

Celerium / Datto-PowerShellWrapper

PowerShell wrapper for the Datto BCDR API
https://celerium.github.io/Datto-PowerShellWrapper/
MIT License
4 stars 2 forks source link

[Bug]: Minor Tweaks - Module Aliases, Global Variables, code logic #6

Open cksapp opened 4 months ago

cksapp commented 4 months ago

What happened?

Noticed a few minor changes to be made to the module functions, i.e 'bcdr' variable updated to reflect 'saas', alias attributes, and API secret key is not passed as secure string. Meaning when passing secure string object down from pipeline or secret store this must first be converted to plain text and passed to the function as plain text, possibly leading to secret key being captured in logs.

Expected behavior?

Do not fail with error in creating new alias for functions, saas parameters variable should be named appropriately, and API secret key should be passed as secure string.

Possible Solution?

https://github.com/cksapp/Datto-PowerShellWrapper/tree/moduleTweaks

PowerShell Version

7.4.x - (PowerShell Core)

What operating system are you seeing the problem on?

Windows

Relevant log output

New-Alias -Name Set-DattoBaseURI -Value Add-DattoBaseURI
New-Alias: The alias is not allowed, because an alias with the name 'Set-DattoBaseURI' already exists.

$Key = read-host "enter key" -AsSecureString
enter key: ***********

$key
System.Security.SecureString

Add-DattoApiKey -Api_Key_Public A1B23C -Api_Key_Secret $key

Get-DattoAPIKey

PublicKey                    SecretKey
---------                    ---------
A1B23C    System.Security.SecureString

Get-DattoAPIKey -plainText

PublicKey SecretKey
--------- ---------
A1B23C    System.Security.SecureString

Help Commands

No response

Code of Conduct

cksapp commented 4 months ago

Also noticed a few additional endpoints for IT Glue integration so we may wish to look at adding those shortly