Groups.psm1





<#
.SYNOPSIS
    The get groups operation will retrieve a list of groups from your company.
.DESCRIPTION
    The get groups operation will retrieve a list of groups from your company. This can be either all groups, or groups filtered by groupmember.
.PARAMETER Name
    Specifies the name of an existing variable to retrieve, can be specified as an array of strings to retrieve multiple variables
.PARAMETER LinkedItemGuid
    When specified gets the automation variables belonging to a specific item.
.PARAMETER CompanyName
    The companyname that's used in the helloId URL to know which HelloID tenant to talk to. Required if not connected with Connect-HelloId.
.PARAMETER ApiKey
    The Apikey to use for the api call. Required if not connected with Connect-HelloId.
.PARAMETER ApiSecret
    The Apisecret belonging to the apikey, has to be a securestring. Required if not connected with Connect-HelloId.
.EXAMPLE
    
.EXAMPLE
    
.INPUTS
    
.OUTPUTS
    
#>

function Get-HidGroup {
    [CmdletBinding(DefaultParameterSetName = 'guid',PositionalBinding = $false)]
    [Alias()]
    [OutputType([String])]
    Param ( 
        # the name of an existing variable
        [Parameter(Mandatory = $false,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "guid")]
        [ValidateNotNullOrEmpty()]
        [guid[]]$GroupGuid, 
    
        # the name of an existing variable
        [Parameter(Mandatory = $false,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "Name")]
        [ValidateNotNullOrEmpty()]
        [string[]]$Name,        

        # Company name used in the URL
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$CompanyName,
        
        # Api key
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$ApiKey,

        # Api secret
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [securestring]$ApiSecret
    )
    
    begin {

        if ($PSBoundParameters.ContainsKey("CompanyName") -AND $PSBoundParameters.ContainsKey("ApiKey") -AND $PSBoundParameters.ContainsKey("ApiSecret") ){
            Write-Verbose -Message "Using connectioninfo and credentials from parameter"
            #Create credential object for authentication
            $Cred = New-Object System.Management.Automation.PSCredential ($ApiKey, $ApiSecret)
        }
        elseif ($Global:HelloIdConnection.ApiCredentials) {
            Write-Verbose -Message "Using Global connectioninfo and credentials from Connect-HelloId "
            $Cred = $Global:HelloIdConnection.ApiCredentials
            $CompanyName = $Global:HelloIdConnection.CompanyName
        }
        else {            
            throw "Error finding connectioninfo. Connect using Connect-HelloId, or specifie CompanyName, ApiKey and ApiSecret"
        }

        #Headers
        $headers = @{
            "Content-Type" = "application/json"
        }
        
    } #End begin
    
    process {        

        if ($PSBoundParameters.ContainsKey("GroupGuid")){            
            foreach ($guid in $GroupGuid){
                $URI = "https://$CompanyName.helloid.com/api/v1/groups/$guid"
                $output = Invoke-RestMethod -Uri $URI -Method "GET" -Headers $headers -Credential $Cred -UseBasicParsing               
                $output
            }

        }
        elseif ($PSBoundParameters.ContainsKey("Name")) {
            foreach ($item in $Name){
                $URI = "https://$CompanyName.helloid.com/api/v1/groups/$item"
                $output = Invoke-RestMethod -Uri $URI -Method "GET" -Headers $headers -Credential $Cred -UseBasicParsing
                $output
            }
        }        
        else {
            $URI = "https://$CompanyName.helloid.com/api/v1/groups"
            $output = Invoke-RestMethod -Uri $URI -Method "GET" -Headers $headers -Credential $Cred -UseBasicParsing
            $output            
        }
    } #End process
    
    end {
        
    } #End end
} #End function








<#
.SYNOPSIS
    The get groups operation will retrieve a list of groups from your company.
.DESCRIPTION
    The get groups operation will retrieve a list of groups from your company. This can be either all groups, or groups filtered by groupmember.
.PARAMETER Name
    Specifies the name of an existing variable to retrieve, can be specified as an array of strings to retrieve multiple variables
.PARAMETER UserNames
    Usernames to add to the group
.PARAMETER UserGuids
    UserGuids to add to the group
.PARAMETER Enabled
    Is the new group enabled or disabled.
.PARAMETER Default
    Is the new group a default group
.PARAMETER QrEnabled
    Is QR-code generation for group members enabled
.PARAMETER ManagedByUserGuid
    The user Guid that will be considered the manager
.PARAMETER CompanyName
    The companyname that's used in the helloId URL to know which HelloID tenant to talk to. Required if not connected with Connect-HelloId.
.PARAMETER ApiKey
    The Apikey to use for the api call. Required if not connected with Connect-HelloId.
.PARAMETER ApiSecret
    The Apisecret belonging to the apikey, has to be a securestring. Required if not connected with Connect-HelloId.
.EXAMPLE
    
.EXAMPLE
    
.INPUTS
    
.OUTPUTS
    
#>

function New-HidGroup {
    [CmdletBinding(PositionalBinding = $false)]
    [Alias()]
    [OutputType([String])]
    Param (    
        # the name of the group to create
        [Parameter(Mandatory = $true,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true)]
        [ValidateNotNullOrEmpty()]
        [string]$Name,
        
        # Usernames to add to the group
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string[]]$UserNames = @(),
        
        # UserGuids to add to the group
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [guid[]]$UserGuids = @(),
        
        # Is the new group enabled or disabled.
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [bool]$Enabled = $true,
        
        # is the new group a default group
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [bool]$Default = $false,
        
        # is QR-code generation for group members enabled
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [bool]$QrEnabled = $false,
        
        # UserGuids to add to the group
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [guid]$ManagedByUserGuid,

        # Company name used in the URL
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$CompanyName,
        
        # Api key
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$ApiKey,

        # Api secret
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [securestring]$ApiSecret
    )
    
    begin {

        if ($PSBoundParameters.ContainsKey("CompanyName") -AND $PSBoundParameters.ContainsKey("ApiKey") -AND $PSBoundParameters.ContainsKey("ApiSecret") ){
            Write-Verbose -Message "Using connectioninfo and credentials from parameter"
            #Create credential object for authentication
            $Cred = New-Object System.Management.Automation.PSCredential ($ApiKey, $ApiSecret)
        }
        elseif ($Global:HelloIdConnection.ApiCredentials) {
            Write-Verbose -Message "Using Global connectioninfo and credentials from Connect-HelloId "
            $Cred = $Global:HelloIdConnection.ApiCredentials
            $CompanyName = $Global:HelloIdConnection.CompanyName
        }
        else {            
            throw "Error finding connectioninfo. Connect using Connect-HelloId, or specifie CompanyName, ApiKey and ApiSecret"
        }

        #Headers
        $headers = @{
            "Content-Type" = "application/json"
        }


        #Variables
        $JsonUserNames = ConvertTo-Json $UserNames -Depth 15
        $JsonUserGuids = ConvertTo-Json $UserGuids -Depth 15
        
    } #End begin
    
    process {
        
        $sbBody = [System.Text.StringBuilder]::new()
        $null = $SbBody.AppendLine("{") 
        $null = $SbBody.AppendLine("`"name`": `"$Name`",")
        $null = $SbBody.AppendLine("`"IsDefault`": $(($Default).ToString().ToLower()),")
        $null = $SbBody.AppendLine("`"IsQrEnabled`": $(($QrEnabled).ToString().ToLower()),")
        $null = $SbBody.AppendLine("`"UserNames`": `"$JsonUserNames`",")
        $null = $SbBody.AppendLine("`"UserGUIDs`": `"$JsonUserGuids`",")
        $null = $SbBody.AppendLine("`"ManagedByUserGuid`": `"$UserNames`",")
        if ($PSBoundParameters.ContainsKey("ManagedByUserGuid")) { $null = $SbBody.AppendLine("`"ManagedByUserGuid`": `"$ManagedByUserGuid`",") }
        $null = $SbBody.AppendLine("`"IsEnabled`": $(($Enabled).ToString().ToLower())")
        $null = $SbBody.AppendLine("}") 
        $URI = "https://$CompanyName.helloid.com/api/v1/groups"
        $output = Invoke-RestMethod -Uri $URI -Method "POST" -Headers $headers -Credential $Cred -UseBasicParsing -Body $sbBody.ToString()
        $output            
        
    } #End process
    
    end {
        
    } #End end
} #End function









<#
.SYNOPSIS
    The Add-HidGroupMember operation will add a member to the group.
.DESCRIPTION
    The Add-HidGroupMember operation will add a user or group to the group. Only 1 type can be added at once
.PARAMETER Name
    Specifies the name of an existing group to which members should be added
.PARAMETER GroupGuid
    Specifies the guid of an existing group to which members should be added
.PARAMETER UserGuid
    Adds the user with the specified guid to the group
.PARAMETER NestedGroupGuid
    Adds the group with the specified guid to the group as a member
.PARAMETER CompanyName
    The companyname that's used in the helloId URL to know which HelloID tenant to talk to. Required if not connected with Connect-HelloId.
.PARAMETER ApiKey
    The Apikey to use for the api call. Required if not connected with Connect-HelloId.
.PARAMETER ApiSecret
    The Apisecret belonging to the apikey, has to be a securestring. Required if not connected with Connect-HelloId.
.EXAMPLE
    
.EXAMPLE
    
.INPUTS
    
.OUTPUTS
    
#>

function Add-HidGroupMember {
    [CmdletBinding(DefaultParameterSetName = 'GroupGuid-UserGuid',PositionalBinding = $false)]
    [Alias()]
    [OutputType([String])]
    Param ( 
        # Specifies the guid of an existing group to which members should be added
        [Parameter(Mandatory = $true,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "GroupGuid-UserGuid")]
        [Parameter(ParameterSetName="GroupGuid-NestedGroupGuid", Mandatory=$True)]
        [ValidateNotNullOrEmpty()]
        [guid]$GroupGuid, 
    
        # Specifies the name of an existing group to which members should be added
        [Parameter(Mandatory = $true,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "GroupName-UserGuid")]
        [Parameter(ParameterSetName="GroupName-NestedGroupGuid", Mandatory=$True)]
        [ValidateNotNullOrEmpty()]
        [string]$Name,
        
        # Adds the user with the specified guid to the group
        [Parameter(Mandatory = $true,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "GroupGuid-UserGuid")]
        [Parameter(ParameterSetName="GroupName-UserGuid", Mandatory=$True)]
        [ValidateNotNullOrEmpty()]
        [guid[]]$UserGuid, 

        # Adds the group with the specified guid to the group as a member
        [Parameter(Mandatory = $true,
        ValueFromPipeline = $true,
        ValueFromPipelineByPropertyName = $true,
        ParameterSetName = "GroupGuid-NestedGroupGuid")]
        [Parameter(ParameterSetName="GroupName-NestedGroupGuid", Mandatory=$True)]
        [ValidateNotNullOrEmpty()]
        [guid[]]$NestedGroupGuid, 

        # Company name used in the URL
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$CompanyName,
        
        # Api key
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$ApiKey,

        # Api secret
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [securestring]$ApiSecret
    )
    
    begin {

        if ($PSBoundParameters.ContainsKey("CompanyName") -AND $PSBoundParameters.ContainsKey("ApiKey") -AND $PSBoundParameters.ContainsKey("ApiSecret") ){
            Write-Verbose -Message "Using connectioninfo and credentials from parameter"
            #Create credential object for authentication
            $Cred = New-Object System.Management.Automation.PSCredential ($ApiKey, $ApiSecret)
        }
        elseif ($Global:HelloIdConnection.ApiCredentials) {
            Write-Verbose -Message "Using Global connectioninfo and credentials from Connect-HelloId "
            $Cred = $Global:HelloIdConnection.ApiCredentials
            $CompanyName = $Global:HelloIdConnection.CompanyName
        }
        else {
            throw "Error finding connectioninfo. Connect using Connect-HelloId, or specifie CompanyName, ApiKey and ApiSecret"
        }

        #Headers
        $headers = @{
            "Content-Type" = "application/json"
        }
        
    } #End begin
    
    process {        

        if ($PSBoundParameters.ContainsKey("UserGuid")){            
            foreach ($guid in $UserGuid){
                $Body = "{`"userGUID`": `"$guid`"}"
                if ($PSBoundParameters.ContainsKey("GroupGuid")){
                    $URI = "https://$CompanyName.helloid.com/api/v1/groups/$GroupGuid/users"
                    $output = Invoke-RestMethod -Uri $URI -Method "POST" -Headers $headers -Credential $Cred -Body $Body -UseBasicParsing
                    $output
                }
                elseif ($PSBoundParameters.ContainsKey("Name")){
                    $URI = "https://$CompanyName.helloid.com/api/v1/groups/$Name/users"
                    $output = Invoke-RestMethod -Uri $URI -Method "POST" -Headers $headers -Credential $Cred -Body $Body -UseBasicParsing
                    $output
                }
            }#End foreach

        } #end if PSBoundParameters
        if ($PSBoundParameters.ContainsKey("NestedGroupGuid")) {
            foreach ($NestedGrpGuid in $NestedGroupGuid){
                $Body = "{`"groupGUID`": `"$NestedGrpGuid`"}"
                if ($PSBoundParameters.ContainsKey("GroupGuid")){
                    $URI = "https://$CompanyName.helloid.com/api/v1/groups/$GroupGuid/membergroups"
                    $output = Invoke-RestMethod -Uri $URI -Method "POST" -Headers $headers -Credential $Cred -Body $Body -UseBasicParsing
                    $output
                }
                elseif ($PSBoundParameters.ContainsKey("Name")){
                    $URI = "https://$CompanyName.helloid.com/api/v1/groups/$Name/membergroups"
                    $output = Invoke-RestMethod -Uri $URI -Method "POST" -Headers $headers -Credential $Cred -Body $Body -UseBasicParsing
                    $output
                }
            }#end foreach
        }#end if PSBoundParameters
    } #End process
    
    end {
        
    } #End end
} #End function







<#
.SYNOPSIS
    Removes a group from HelloId
.DESCRIPTION
    Removes a group based on the guid or name
.PARAMETER UserGuid
    Specifies the Guid from the group to remove, can be specified as an array to remove multiple
.PARAMETER Name
    Specifies the name of the group to remove, can be specified as an array to remove multiple
.PARAMETER CompanyName
    The companyname that's used in the helloId URL to know which HelloID tenant to talk to. Required if not connected with Connect-HelloId.
.PARAMETER ApiKey
    The Apikey to use for the api call. Required if not connected with Connect-HelloId.
.PARAMETER ApiSecret
    The Apisecret belonging to the apikey, has to be a securestring. Required if not connected with Connect-HelloId.
.EXAMPLE
    Remove-HidGroup -GroupGuid "c31fd53a-b346-4bb4-9a67-f9406d3968db"

    Removes the User with the specified GUID
.INPUTS
    Inputs to this cmdlet (if any)
.OUTPUTS
    Output from this cmdlet (if any)
#>

function Remove-HidGroup {
    [CmdletBinding(DefaultParameterSetName = 'guid',
        PositionalBinding = $false)]
    [Alias()]
    [OutputType([String])]
    Param (
        # the GUID of an existing group
        [Parameter(Mandatory = $true,
            ValueFromPipeline = $true,
            ValueFromPipelineByPropertyName = $true,
            ParameterSetName = "guid")]
        [alias("Guid")]
        [ValidateNotNullOrEmpty()]
        [guid[]]$GroupGuid,
        
        # the name of an existing group
        [Parameter(Mandatory = $true,
            ValueFromPipeline = $true,
            ValueFromPipelineByPropertyName = $true,
            ParameterSetName = "name")]
        [ValidateNotNullOrEmpty()]
        [string[]]$Name,
        
        # Company name used in the URL
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$CompanyName,
        
        # Api key
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [string]$ApiKey,

        # Api secret
        [Parameter(Mandatory= $false)]
        [ValidateNotNullOrEmpty()]
        [securestring]$ApiSecret
    )
    
    begin {
        if ($PSBoundParameters.ContainsKey("CompanyName") -AND $PSBoundParameters.ContainsKey("ApiKey") -AND $PSBoundParameters.ContainsKey("ApiSecret") ){
            Write-Verbose -Message "Using connectioninfo and credentials from parameter"
            #Create credential object for authentication
            $Cred = New-Object System.Management.Automation.PSCredential ($ApiKey, $ApiSecret)
        }
        elseif ($Global:HelloIdConnection.ApiCredentials) {
            Write-Verbose -Message "Using Global connectioninfo and credentials from Connect-HelloId "
            $Cred = $Global:HelloIdConnection.ApiCredentials
            $CompanyName = $Global:HelloIdConnection.CompanyName
        }
        else {            
            throw "Error finding connectioninfo. Connect using Connect-HelloId, or specifie CompanyName, ApiKey and ApiSecret"
        }

        #Headers
        $headers = @{
            "Content-Type" = "application/json"
        }
        
        
    } #End begin
    
    process {        

        if ($PSBoundParameters.ContainsKey("GroupGuid")){
            foreach ($guid in $GroupGuid){
                #Uri
                $URI = "https://$CompanyName.helloid.com/api/v1/groups/$guid"        
                Invoke-RestMethod -Uri $URI -Method "DELETE" -Headers $headers -Credential $Cred -UseBasicParsing        
            } #end foreach
        } #End If UserGuild
        if ($PSBoundParameters.ContainsKey("Name")){
            foreach ($groupname in $Name){
                #Uri
                $URI = "https://$CompanyName.helloid.com/api/v1/groups/$groupname"        
                Invoke-RestMethod -Uri $URI -Method "DELETE" -Headers $headers -Credential $Cred -UseBasicParsing        
            } #end foreach
        } #End If UserGuild
    } #End process
    
    end {
    } #End end
} #End function