Public/RBACroles.ps1
|
Function Get-NmeRbacAssignments { <# .SYNOPSIS Get all RBAC assignments. .DESCRIPTION Get all RBAC assignments. This function calls the /api/v1/users-and-roles/assignment endpoint of the NME REST API, using the get method. #> [CmdletBinding()] Param( ) Set-NmeAuthHeaders Try { $Result = Invoke-RestMethod "$script:NmeUri/api/v1/users-and-roles/assignment$Querystring" -Method get -Headers $script:AuthHeaders -ContentType 'application/json' $Result.PSObject.TypeNames.Insert(0, 'NmeRbacAssignmentRestModel') $Result | CapProps } Catch { $message = ParseErrorForResponseBody($_) write-error ($message | out-string) } } Function Get-NmeRbacRolesAssignment { <# .SYNOPSIS Get user or group RBAC assignment. .DESCRIPTION Get user or group RBAC assignment. This function calls the /api/v1/users-and-roles/assignment/{objectId} endpoint of the NME REST API, using the get method. .PARAMETER ObjectId The GUID of an Azure AD object (user, group, or service principal) to which this RBAC role is assigned #> [CmdletBinding()] Param( [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)][string]$ObjectId ) Set-NmeAuthHeaders Try { $Result = Invoke-RestMethod "$script:NmeUri/api/v1/users-and-roles/assignment/$ObjectId$Querystring" -Method get -Headers $script:AuthHeaders -ContentType 'application/json' $Result.PSObject.TypeNames.Insert(0, 'NmeRbacAssignmentRestModel') $Result | Add-Member -NotePropertyName 'objectId' -NotePropertyValue $objectId -erroraction 'SilentlyContinue' $Result | CapProps } Catch { $message = ParseErrorForResponseBody($_) write-error ($message | out-string) } } Function Set-NmeRbacRolesAssignment { <# .SYNOPSIS Update user or group RBAC assignment. .DESCRIPTION ## Notes - Only built-in roles are supported now - Only workspaces update is supported now. This function calls the /api/v1/users-and-roles/assignment/{objectId} endpoint of the NME REST API, using the put method. .PARAMETER ObjectId The GUID of an Azure AD object (user, group, or service principal) to which this RBAC role is assigned .PARAMETER NmeRbacAssignmentUpdateRestModel Requires an NmeRbacAssignmentUpdateRestModel object, as generated by the New-NmeRbacAssignmentUpdateRestModel command. #> [CmdletBinding()] Param( [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)][string]$ObjectId, [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$True)][ValidateScript({if ($_.PSObject.TypeNames -contains "NmeRbacAssignmentUpdateRestModel"){$true} else{throw " is not a NmeRbacAssignmentUpdateRestModel object."}})]$NmeRbacAssignmentUpdateRestModel ) Set-NmeAuthHeaders Try { $json = $NmeRbacAssignmentUpdateRestModel | ConvertTo-Json -Depth 20 Write-Debug 'json:' Write-Debug $json $Result = Invoke-RestMethod "$script:NmeUri/api/v1/users-and-roles/assignment/$ObjectId$QueryString" -Method put -Headers $script:AuthHeaders -ContentType 'application/json' -body $json Write-Verbose ($result | out-string) $Result.PSObject.TypeNames.Insert(0, 'NmeResponseWithJobAndRbacAssignmentRestModel') $Result | Add-Member -NotePropertyName 'objectId' -NotePropertyValue $objectId -erroraction 'SilentlyContinue' $Result | CapProps } Catch { $message = ParseErrorForResponseBody($_) write-error ($message | out-string) } } |