Api/RolesApi.ps1
|
# # Identity Security Cloud V3 API # Use these APIs to interact with the Identity Security Cloud platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs. # Version: 3.0.0 # Generated by OpenAPI Generator: https://openapi-generator.tech # <# .SYNOPSIS Create a Role .DESCRIPTION This API creates a role. In addition, a ROLE_SUBADMIN may not create a role including an access profile if that access profile is associated with a source the ROLE_SUBADMIN is not associated with themselves. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles. However, any new roles as well as any updates to existing descriptions will be limited to 2000 characters. .PARAMETER Role No description available. .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS Role #> function New-Role { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [PSCustomObject] ${Role}, [Switch] $WithHttpInfo ) Process { 'Calling method: New-Role' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') # HTTP header 'Content-Type' $LocalVarContentTypes = @('application/json') $LocalVarUri = '/roles' if (!$Role) { throw "Error! The required parameter `Role` missing when calling createRole." } if ($LocalVarContentTypes.Contains('application/json-patch+json') -or ($Role -is [array])) { $LocalVarBodyParameter = $Role | ConvertTo-Json -AsArray -Depth 100 } else { $LocalVarBodyParameter = $Role | ForEach-Object { # Get array of names of object properties that can be cast to boolean TRUE # PSObject.Properties - https://msdn.microsoft.com/en-us/library/system.management.automation.psobject.properties.aspx $NonEmptyProperties = $_.psobject.Properties | Where-Object {$null -ne $_.Value} | Select-Object -ExpandProperty Name # Convert object to JSON with only non-empty properties $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json -Depth 100 } } $LocalVarResult = Invoke-ApiClient -Method 'POST' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "Role" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS Delete Role(s) .DESCRIPTION This endpoint initiates a bulk deletion of one or more roles. When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. This endpoint can only bulk delete up to a limit of 50 roles per request. A user with ROLE_SUBADMIN authority can only call this endpoint if all roles included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of. .PARAMETER RoleBulkDeleteRequest No description available. .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS TaskResultDto #> function Remove-BulkRoles { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [PSCustomObject] ${RoleBulkDeleteRequest}, [Switch] $WithHttpInfo ) Process { 'Calling method: Remove-BulkRoles' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') # HTTP header 'Content-Type' $LocalVarContentTypes = @('application/json') $LocalVarUri = '/roles/bulk-delete' if (!$RoleBulkDeleteRequest) { throw "Error! The required parameter `RoleBulkDeleteRequest` missing when calling deleteBulkRoles." } if ($LocalVarContentTypes.Contains('application/json-patch+json') -or ($RoleBulkDeleteRequest -is [array])) { $LocalVarBodyParameter = $RoleBulkDeleteRequest | ConvertTo-Json -AsArray -Depth 100 } else { $LocalVarBodyParameter = $RoleBulkDeleteRequest | ForEach-Object { # Get array of names of object properties that can be cast to boolean TRUE # PSObject.Properties - https://msdn.microsoft.com/en-us/library/system.management.automation.psobject.properties.aspx $NonEmptyProperties = $_.psobject.Properties | Where-Object {$null -ne $_.Value} | Select-Object -ExpandProperty Name # Convert object to JSON with only non-empty properties $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json -Depth 100 } } $LocalVarResult = Invoke-ApiClient -Method 'POST' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "TaskResultDto" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS Delete a Role .DESCRIPTION This API deletes a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. .PARAMETER Id ID of the Role .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS None #> function Remove-Role { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Id}, [Switch] $WithHttpInfo ) Process { 'Calling method: Remove-Role' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') $LocalVarUri = '/roles/{id}' if (!$Id) { throw "Error! The required parameter `Id` missing when calling deleteRole." } $LocalVarUri = $LocalVarUri.replace('{id}', [System.Web.HTTPUtility]::UrlEncode($Id)) $LocalVarResult = Invoke-ApiClient -Method 'DELETE' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS Get a Role .DESCRIPTION This API returns a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. .PARAMETER Id ID of the Role .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS Role #> function Get-Role { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Id}, [Switch] $WithHttpInfo ) Process { 'Calling method: Get-Role' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') $LocalVarUri = '/roles/{id}' if (!$Id) { throw "Error! The required parameter `Id` missing when calling getRole." } $LocalVarUri = $LocalVarUri.replace('{id}', [System.Web.HTTPUtility]::UrlEncode($Id)) $LocalVarResult = Invoke-ApiClient -Method 'GET' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "Role" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS List Identities assigned a Role .DESCRIPTION No description or notes available. .PARAMETER Id ID of the Role for which the assigned Identities are to be listed .PARAMETER Limit Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Offset Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Count If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Filters Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **aliasName**: *eq, sw* **email**: *eq, sw* **name**: *eq, sw, co* .PARAMETER Sorters Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, aliasName, email** .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS RoleIdentity[] #> function Get-RoleAssignedIdentities { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Id}, [Parameter(Position = 1, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Int32]] ${Limit}, [Parameter(Position = 2, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Int32]] ${Offset}, [Parameter(Position = 3, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Boolean]] ${Count}, [Parameter(Position = 4, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Filters}, [Parameter(Position = 5, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Sorters}, [Switch] $WithHttpInfo ) Process { 'Calling method: Get-RoleAssignedIdentities' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') $LocalVarUri = '/roles/{id}/assigned-identities' if (!$Id) { throw "Error! The required parameter `Id` missing when calling getRoleAssignedIdentities." } $LocalVarUri = $LocalVarUri.replace('{id}', [System.Web.HTTPUtility]::UrlEncode($Id)) if ($Limit) { $LocalVarQueryParameters['limit'] = $Limit } if ($Offset) { $LocalVarQueryParameters['offset'] = $Offset } if ($Count) { $LocalVarQueryParameters['count'] = $Count } if ($Filters) { $LocalVarQueryParameters['filters'] = $Filters } if ($Sorters) { $LocalVarQueryParameters['sorters'] = $Sorters } $LocalVarResult = Invoke-ApiClient -Method 'GET' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "RoleIdentity[]" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS List Roles .DESCRIPTION This API returns a list of Roles. .PARAMETER ForSubadmin If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin. .PARAMETER Limit Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Offset Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Count If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. .PARAMETER Filters Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* .PARAMETER Sorters Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** .PARAMETER ForSegmentIds If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. .PARAMETER IncludeUnsegmented Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS Role[] #> function Get-Roles { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${ForSubadmin}, [Parameter(Position = 1, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Int32]] ${Limit}, [Parameter(Position = 2, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Int32]] ${Offset}, [Parameter(Position = 3, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Boolean]] ${Count}, [Parameter(Position = 4, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Filters}, [Parameter(Position = 5, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Sorters}, [Parameter(Position = 6, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${ForSegmentIds}, [Parameter(Position = 7, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [System.Nullable[Boolean]] ${IncludeUnsegmented}, [Switch] $WithHttpInfo ) Process { 'Calling method: Get-Roles' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') $LocalVarUri = '/roles' if ($ForSubadmin) { $LocalVarQueryParameters['for-subadmin'] = $ForSubadmin } if ($Limit) { $LocalVarQueryParameters['limit'] = $Limit } if ($Offset) { $LocalVarQueryParameters['offset'] = $Offset } if ($Count) { $LocalVarQueryParameters['count'] = $Count } if ($Filters) { $LocalVarQueryParameters['filters'] = $Filters } if ($Sorters) { $LocalVarQueryParameters['sorters'] = $Sorters } if ($ForSegmentIds) { $LocalVarQueryParameters['for-segment-ids'] = $ForSegmentIds } if ($IncludeUnsegmented) { $LocalVarQueryParameters['include-unsegmented'] = $IncludeUnsegmented } $LocalVarResult = Invoke-ApiClient -Method 'GET' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "Role[]" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } <# .SYNOPSIS Patch a specified Role .DESCRIPTION This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters. When you use this API to modify a role's membership identities, you can only modify up to a limit of 500 membership identities at a time. .PARAMETER Id ID of the Role to patch .PARAMETER JsonPatchOperation No description available. .PARAMETER WithHttpInfo A switch when turned on will return a hash table of Response, StatusCode and Headers instead of just the Response .OUTPUTS Role #> function Update-Role { [CmdletBinding()] Param ( [Parameter(Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [String] ${Id}, [Parameter(Position = 1, ValueFromPipelineByPropertyName = $true, Mandatory = $false)] [PSCustomObject[]] ${JsonPatchOperation}, [Switch] $WithHttpInfo ) Process { 'Calling method: Update-Role' | Write-Debug $PSBoundParameters | Out-DebugParameter | Write-Debug $LocalVarAccepts = @() $LocalVarContentTypes = @() $LocalVarQueryParameters = @{} $LocalVarHeaderParameters = @{} $LocalVarFormParameters = @{} $LocalVarPathParameters = @{} $LocalVarCookieParameters = @{} $LocalVarBodyParameter = $null # HTTP header 'Accept' (if needed) $LocalVarAccepts = @('application/json') # HTTP header 'Content-Type' $LocalVarContentTypes = @('application/json-patch+json') $LocalVarUri = '/roles/{id}' if (!$Id) { throw "Error! The required parameter `Id` missing when calling patchRole." } $LocalVarUri = $LocalVarUri.replace('{id}', [System.Web.HTTPUtility]::UrlEncode($Id)) if (!$JsonPatchOperation) { throw "Error! The required parameter `JsonPatchOperation` missing when calling patchRole." } if ($LocalVarContentTypes.Contains('application/json-patch+json') -or ($JsonPatchOperation -is [array])) { $LocalVarBodyParameter = $JsonPatchOperation | ConvertTo-Json -AsArray -Depth 100 } else { $LocalVarBodyParameter = $JsonPatchOperation | ForEach-Object { # Get array of names of object properties that can be cast to boolean TRUE # PSObject.Properties - https://msdn.microsoft.com/en-us/library/system.management.automation.psobject.properties.aspx $NonEmptyProperties = $_.psobject.Properties | Where-Object {$null -ne $_.Value} | Select-Object -ExpandProperty Name # Convert object to JSON with only non-empty properties $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json -Depth 100 } } $LocalVarResult = Invoke-ApiClient -Method 'PATCH' ` -Uri $LocalVarUri ` -Accepts $LocalVarAccepts ` -ContentTypes $LocalVarContentTypes ` -Body $LocalVarBodyParameter ` -HeaderParameters $LocalVarHeaderParameters ` -QueryParameters $LocalVarQueryParameters ` -FormParameters $LocalVarFormParameters ` -CookieParameters $LocalVarCookieParameters ` -ReturnType "Role" ` -IsBodyNullable $false if ($WithHttpInfo.IsPresent) { return $LocalVarResult } else { return $LocalVarResult["Response"] } } } |