public/Remove-VPASApplication.ps1

<#
.Synopsis
   DELETE APPLICATION ID
   CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com
.DESCRIPTION
   THIS FUNCTION DELETES AN APPLICATION ID FROM CYBERARK
.PARAMETER token
   HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
   If -token is not passed, function will use last known hashtable generated by New-VPASToken
.PARAMETER AppID
   Unique ApplicationID (or Application Name) that will be used by the credential provider(s) to retrieve credentials
.PARAMETER WhatIf
   Run code simulation to see what is affected by running the command as well as any possible implications
   This is a code simulation flag, meaning the command will NOT actually run
.PARAMETER HideWhatIfOutput
   Suppress any code simulation output from the console
.EXAMPLE
   $WhatIfSimulation = Remove-VPASApplication -AppID {APPLICATION ID VALUE} -WhatIf
.EXAMPLE
   $DeleteApplicationStatus = Remove-VPASApplication -AppID {APPLICATION ID VALUE}
.OUTPUTS
   $true if successful
   $false if failed
#>

function Remove-VPASApplication{
    [OutputType([bool],'System.Object')]
    [CmdletBinding()]
    Param(

        [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target ApplicationID (for example: TestApplication1)",Position=0)]
        [String]$AppID,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
        [hashtable]$token,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=2)]
        [Switch]$WhatIf,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=3)]
        [Switch]$HideWhatIfOutput

    )

    Begin{
        $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain = Get-VPASSession -token $token
        $CommandName = $MyInvocation.MyCommand.Name
        $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
    }
    Process{

        Write-Verbose "PVWA VALUE SET"
        Write-Verbose "APPID VALUE SET: $AppID"

        try{
            if($NoSSL){
                Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
                $uri = "http://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/"
            }
            else{
                Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
                $uri = "https://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/"
            }
            $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
            $log = Write-VPASTextRecorder -inputval "DELETE" -token $token -LogType METHOD

            if($WhatIf){
                $log = Write-VPASTextRecorder -token $token -LogType WHATIF1
                Write-Verbose "INITIATING COMMAND SIMULATION"

                $WhatIfInfo = Get-VPASApplicationDetails -AppID $AppID -token $token

                if($WhatIfInfo){
                    $WhatIfHash = @{}

                    $WhatIfInfoAppID = $WhatIfInfo.application.AppID
                    $WhatIfInfoLocation = $WhatIfInfo.application.Location
                    $WhatIfInfoDisabled = $WhatIfInfo.application.Disabled
                    $WhatIfInfoDescription = $WhatIfInfo.application.Description
                    $WhatIfInfoBusinessOwnerEmail = $WhatIfInfo.application.BusinessOwnerEmail
                    $WhatIfInfoBusinessOwnerFName = $WhatIfInfo.application.BusinessOwnerFName
                    $WhatIfInfoBusinessOwnerLName = $WhatIfInfo.application.BusinessOwnerLName
                    $WhatIfInfoBusinessOwnerPhone = $WhatIfInfo.application.BusinessOwnerPhone

                    #AFFECTED SAFES
                    $WhatIfAffectedSafesCount = 0
                    $WhatIfAffectedSafes = @()
                    $CheckSafes = Get-VPASAllSafes -token $token

                    foreach($safe in $CheckSafes.value){
                        $CheckSafeName = $safe.safeName

                        $CheckTargetGroup = Get-VPASSafeMemberSearch -safe $CheckSafeName -member $WhatIfInfoAppID -token $token 6> $null
                        if($CheckTargetGroup){
                            $WhatIfAffectedSafesCount += 1
                            $WhatIfAffectedSafes += $CheckSafeName
                        }
                    }

                    #AFFECTED ACCOUNTS
                    $WhatIfAffectedAccountsCounter = 0
                    $WhatIfAffectedAccounts = @()
                    foreach($safe in $WhatIfAffectedSafes){
                        $miniHash = @{}

                        $AffectedAccounts = Get-VPASAccountDetails -safe $safe -token $token -HideWarning

                        foreach($AffectedAcct in $AffectedAccounts.value){
                            $AffectedAcctSafe = $AffectedAcct.safeName
                            if($AffectedAcctSafe -eq $safe){
                                $WhatIfAffectedAccountsCounter += 1
                                $miniHash = @{
                                    SafeName = $AffectedAcct.safeName
                                    ID = $AffectedAcct.id
                                    Address = $AffectedAcct.address
                                    Username = $AffectedAcct.userName
                                    Name = $AffectedAcct.name
                                }
                                $WhatIfAffectedAccounts += $miniHash
                            }
                        }
                    }

                    if(!$HideWhatIfOutput){
                        Write-VPASOutput -str "====== BEGIN COMMAND SIMULATION ======" -type S
                        Write-VPASOutput -str "THE FOLLOWING APPLICATION WOULD BE DELETED:" -type S
                        Write-VPASOutput -str "AppID : $WhatIfInfoAppID" -type S
                        Write-VPASOutput -str "Location : $WhatIfInfoLocation" -type S
                        Write-VPASOutput -str "Disabled : $WhatIfInfoDisabled" -type S
                        Write-VPASOutput -str "Description : $WhatIfInfoDescription" -type S
                        Write-VPASOutput -str "BusinessOwnerEmail : $WhatIfInfoBusinessOwnerEmail" -type S
                        Write-VPASOutput -str "BusinessOwnerFName : $WhatIfInfoBusinessOwnerFName" -type S
                        Write-VPASOutput -str "BusinessOwnerLName : $WhatIfInfoBusinessOwnerLName" -type S
                        Write-VPASOutput -str "BusinessOwnerPhone : $WhatIfInfoBusinessOwnerPhone" -type S
                        Write-VPASOutput -str "NumberOfAffectedAccounts : $WhatIfAffectedAccountsCounter" -type S
                        Write-VPASOutput -str "AffectedAccounts : $WhatIfAffectedAccounts" -type S
                        Write-VPASOutput -str "NumberOfAffectedSafes : $WhatIfAffectedSafesCount" -type S
                        Write-VPASOutput -str "AffectedSafes : $WhatIfAffectedSafes" -type S
                        Write-VPASOutput -str "---" -type S
                        Write-VPASOutput -str "URI : $uri" -type S
                        Write-VPASOutput -str "METHOD : DELETE" -type S
                        Write-VPASOutput -str " " -type S
                        Write-VPASOutput -str "======= END COMMAND SIMULATION =======" -type S
                    }

                    $WhatIfHash = @{
                        WhatIf = @{
                            AppID = $WhatIfInfoAppID
                            Location = $WhatIfInfoLocation
                            Disabled = $WhatIfInfoDisabled
                            Description = $WhatIfInfoDescription
                            BusinessOwnerEmail = $WhatIfInfoBusinessOwnerEmail
                            BusinessOwnerFName = $WhatIfInfoBusinessOwnerFName
                            BusinessOwnerLName = $WhatIfInfoBusinessOwnerLName
                            BusinessOwnerPhone = $WhatIfInfoBusinessOwnerPhone
                            RestURI = $uri
                            NumberOfAffectedSafes = $WhatIfAffectedSafesCount
                            AffectedSafes = $WhatIfAffectedSafes
                            NumberOfAffectedAccounts = $WhatIfAffectedAccountsCounter
                            AffectedAccounts = $WhatIfAffectedAccounts
                            RestMethod = "DELETE"
                            Disclaimer = "THIS APPLICATION WILL BE DELETED IF -WhatIf FLAG IS REMOVED"
                            Disclaimer2 = "THIS CODE SIMULATION DOES NOT DIG INTO NESTED GROUPS...YET..."
                        }
                    }
                    $WhatIfJSON = $WhatIfHash | ConvertTo-Json | ConvertFrom-Json
                    $log = Write-VPASTextRecorder -inputval $WhatIfJSON -token $token -LogType RETURNARRAY
                    $log = Write-VPASTextRecorder -token $token -LogType WHATIF2
                    return $WhatIfJSON
                }
            }
            else{
                if($sessionval){
                    $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json" -WebSession $sessionval
                }
                else{
                    $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json"
                }
                $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
                Write-Verbose "$AppID DELETED FROM CYBERARK"
                $output = $true
            }
        }catch{
            $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
            $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
            Write-Verbose "FAILED TO DELETE $AppID, CONFIRM APPID EXISTS IN CYBERARK"
            Write-VPASOutput -str $_ -type E
            $output = $false
        }

        return $output
    }
    End{
        $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
    }
}