functions/acls/Register-DMAcl.ps1

function Register-DMAcl
{
    <#
    .SYNOPSIS
        Registers an active directory acl.
     
    .DESCRIPTION
        Registers an active directory acl.
        This acl will be maintained as configured during Invoke-DMAcl.
     
    .PARAMETER Path
        Path (distinguishedName) of the ADObject the acl is assigned to.
        Subject to string insertion.
 
    .PARAMETER ObjectCategory
        Assign ACL settings based on the ObjectCategory of an object.
     
    .PARAMETER Owner
        Owner of the ADObject.
        Subject to string insertion.
     
    .PARAMETER NoInheritance
        Whether inheritance should be disabled on the ADObject.
        Defaults to $false
 
    .PARAMETER Optional
        The path this acl object is assigned to is optional and need not exist.
        This makes the rule apply only if the object exists, without triggering errors if it doesn't.
        It will also ignore access errors on the object.
 
    .PARAMETER DefaultOwner
        Whether to make this the default owner for objects not specified under either a path or an object category.
 
    .PARAMETER ContextName
        The name of the context defining the setting.
        This allows determining the configuration set that provided this setting.
        Used by the ADMF, available to any other configuration management solution.
     
    .EXAMPLE
        PS C:\> Get-Content .\groups.json | ConvertFrom-Json | Write-Output | Register-DMAcl
 
        Reads a json configuration file containing a list of objects with appropriate properties to import them as acl configuration.
    #>

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', '')]
    [CmdletBinding(DefaultParameterSetName = 'path')]
    param (
        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'path')]
        [string]
        $Path,

        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'category')]
        [string]
        $ObjectCategory,

        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
        [string]
        $Owner,

        [Parameter(ValueFromPipelineByPropertyName = $true, ParameterSetName = 'path')]
        [Parameter(ValueFromPipelineByPropertyName = $true, ParameterSetName = 'category')]
        [bool]
        $NoInheritance = $false,

        [Parameter(ValueFromPipelineByPropertyName = $true, ParameterSetName = 'path')]
        [Parameter(ValueFromPipelineByPropertyName = $true, ParameterSetName = 'category')]
        [bool]
        $Optional = $false,

        [Parameter(ParameterSetName = 'DefaultOwner')]
        [switch]
        $DefaultOwner,

        [string]
        $ContextName = '<Undefined>'
    )
    process
    {
        switch ($PSCmdlet.ParameterSetName) {
            'path'
            {
                $script:acls[$Path] = [PSCustomObject]@{
                    PSTypeName = 'DomainManagement.Acl'
                    Path = $Path
                    Owner = $Owner
                    NoInheritance = $NoInheritance
                    Optional = $Optional
                    ContextName = $ContextName
                }
            }
            'category'
            {
                $script:aclByCategory[$ObjectCategory] = [PSCustomObject]@{
                    PSTypeName = 'DomainManagement.Acl'
                    Category = $ObjectCategory
                    Owner = $Owner
                    NoInheritance = $NoInheritance
                    Optional = $Optional
                    ContextName = $ContextName
                }
            }
            'DefaultOwner'
            {
                # Array to appease Assert-Configuration
                $script:aclDefaultOwner = @([PSCustomObject]@{
                    PSTypeName = 'DomainManagement.Acl'
                    Path = '<default>'
                    Owner = $Owner
                    NoInheritance = $false
                    Optional = $null
                    ContextName = $ContextName
                })
            }
        }
    }
}