functions/Set-JS7IAMFolder.ps1
|
function Set-JS7IAMFolder { <# .SYNOPSIS Sets folders for a role in a JOC Cockpit Identity Service .DESCRIPTION This cmdlet sets one or more folders for a role in a JOC Cockpit Identity Service. The following REST Web Service API resources are used: * /iam/folders/store .PARAMETER Service Specifies the unique name of the Identity Service. .PARAMETER Role Specifies the unique name of the role that folders should be assigned in the Identity Service. .PARAMETER Folder Specifies the folder in the JOC Cockpit inventory to which a role will be limited. More than one folder can be specified by use of a comma. .PARAMETER Recursive Specifies that any sub-folders of the folder specified with the -Folder parameter should be accessible to the role. .PARAMETER ControllerId Specifies the unique identifier of the Controller that related permissions are assigned. .PARAMETER AuditComment Specifies a free text that indicates the reason for the current intervention, e.g. "business requirement", "maintenance window" etc. The Audit Comment is visible from the Audit Log view of the JOC Cockpit. This argument is not mandatory, however, JOC Cockpit can be configured to enforce Audit Log comments for any interventions. .PARAMETER AuditTimeSpent Specifies the duration in minutes that the current intervention required. This information is shown in the Audit Log view. It can be useful when integrated with a ticket system that logs the time spent on interventions with JS7. .PARAMETER AuditTicketLink Specifies a URL to a ticket system that keeps track of any interventions performed for JS7. This information is shown in the Audit Log view of JOC Cockpit. It can be useful when integrated with a ticket system that logs interventions with JS7. .INPUTS This cmdlet accepts pipelined input. .OUTPUTS This cmdlet returns no output. .EXAMPLE Set-JS7IAMFolder -Service 'JOC' -Role 'application_manager' -Folder '/accounting' -Recursive Assigns a folder and any sub-folders the given role in the indicated Identity Service. .EXAMPLE Set-JS7IAMFolder -Service 'JOC' -Role 'application_manager' -Folder '/accounting','/sales' -Recursive Assigns two folders the given role in the indicated Identity Service. .LINK about_JS7 #> [cmdletbinding(SupportsShouldProcess)] param ( [Alias('IdentityServiceName')] [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $Service, [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $Role, [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string[]] $Folder, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [switch] $Recursive, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $ControllerId = 'default', [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [string] $AuditComment, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [int] $AuditTimeSpent, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$True)] [Uri] $AuditTicketLink ) Begin { Approve-JS7Command $MyInvocation.MyCommand $stopWatch = Start-JS7StopWatch } Process { $body = New-Object PSObject Add-Member -Membertype NoteProperty -Name 'identityServiceName' -value $Service -InputObject $body Add-Member -Membertype NoteProperty -Name 'roleName' -value $Role -InputObject $body $folderItems = @() foreach( $folderItem in $Folder ) { $objFolder = New-Object PSObject Add-Member -Membertype NoteProperty -Name 'folder' -value $folderItem -InputObject $objFolder Add-Member -Membertype NoteProperty -Name 'recursive' -value ($Recursive -eq $True) -InputObject $objFolder $folderItems += $objFolder } Add-Member -Membertype NoteProperty -Name 'folders' -value $folderItems -InputObject $body if ( $ControllerId -eq 'default' ) { Add-Member -Membertype NoteProperty -Name 'controllerId' -value '' -InputObject $body } elseif ( $ControllerId ) { Add-Member -Membertype NoteProperty -Name 'controllerId' -value $ControllerId -InputObject $body } if ( $AuditComment -or $AuditTimeSpent -or $AuditTicketLink ) { $objAuditLog = New-Object PSObject Add-Member -Membertype NoteProperty -Name 'comment' -value $AuditComment -InputObject $objAuditLog if ( $AuditTimeSpent ) { Add-Member -Membertype NoteProperty -Name 'timeSpent' -value $AuditTimeSpent -InputObject $objAuditLog } if ( $AuditTicketLink ) { Add-Member -Membertype NoteProperty -Name 'ticketLink' -value $AuditTicketLink -InputObject $objAuditLog } Add-Member -Membertype NoteProperty -Name 'auditLog' -value $objAuditLog -InputObject $body } if ( $PSCmdlet.ShouldProcess( 'folder', '/iam/folders/store' ) ) { [string] $requestBody = $body | ConvertTo-Json -Depth 100 $response = Invoke-JS7WebRequest -Path '/iam/folders/store' -Body $requestBody if ( $response.StatusCode -eq 200 ) { $requestResult = ( $response.Content | ConvertFrom-Json ).ok if ( !$requestResult ) { throw ( $response | Format-List -Force | Out-String ) } } else { throw ( $response | Format-List -Force | Out-String ) } } Write-Verbose ".. $($MyInvocation.MyCommand.Name): folder stored" } End { Trace-JS7StopWatch -CommandName $MyInvocation.MyCommand.Name -StopWatch $stopWatch Update-JS7Session } } |