functions/Get-JS7IAMAccountPermission.ps1
|
function Get-JS7IAMAccountPermission { <# .SYNOPSIS Returns the permissions of an account in a given JOC Cockpit Identity Service .DESCRIPTION This cmdlet returns the permissions of an account in a JOC Cockpit Identity Service. The following REST Web Service API resources are used: * /iam/account/permissions .PARAMETER Service Specifies the unique name of the Identity Service that accounts are managed with. .PARAMETER Account Specifies the unique name of an account for which permissions are returned. More than one account can be specified by use of a comma. .INPUTS This cmdlet accepts pipelined input. .OUTPUTS This cmdlet returns an array of permissions .EXAMPLE Get-JS7IAMAccountPermission -Service 'JOC' -Account 'user1' Returns the account's permissions. .LINK about_JS7 #> [cmdletbinding(SupportsShouldProcess)] param ( [Alias('IdentityServiceName')] [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $Service, [Alias('AccountName')] [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $Account, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $AuditComment, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [int] $AuditTimeSpent, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [Uri] $AuditTicketLink ) Begin { Approve-JS7Command $MyInvocation.MyCommand $stopWatch = Start-JS7StopWatch } Process { $body = New-Object PSObject Add-Member -Membertype NoteProperty -Name 'identityServiceName' -value $Service -InputObject $body Add-Member -Membertype NoteProperty -Name 'accountName' -value $Account -InputObject $body if ( $AuditComment -or $AuditTimeSpent -or $AuditTicketLink ) { $objAuditLog = New-Object PSObject Add-Member -Membertype NoteProperty -Name 'comment' -value $AuditComment -InputObject $objAuditLog if ( $AuditTimeSpent ) { Add-Member -Membertype NoteProperty -Name 'timeSpent' -value $AuditTimeSpent -InputObject $objAuditLog } if ( $AuditTicketLink ) { Add-Member -Membertype NoteProperty -Name 'ticketLink' -value $AuditTicketLink -InputObject $objAuditLog } Add-Member -Membertype NoteProperty -Name 'auditLog' -value $objAuditLog -InputObject $body } if ( $PSCmdlet.ShouldProcess( 'account', '/iam/account/permissions' ) ) { [string] $requestBody = $body | ConvertTo-Json -Depth 100 $response = Invoke-JS7WebRequest -Path '/iam/account/permissions' -Body $requestBody if ( $response.StatusCode -eq 200 ) { $requestResult = ( $response.Content | ConvertFrom-Json ) if ( !$requestResult ) { throw ( $response | Format-List -Force | Out-String ) } $requestResult } else { throw ( $response | Format-List -Force | Out-String ) } } Write-Verbose ".. $($MyInvocation.MyCommand.Name): permissions returned for account: $Account" } End { Trace-JS7StopWatch -CommandName $MyInvocation.MyCommand.Name -StopWatch $stopWatch Update-JS7Session } } |