Private/Update-RubrikUserRole.ps1
|
function Update-RubrikUserRole($role, $roleUri, $roleMethod) { <# .SYNOPSIS Updates a users role within Rubrik .DESCRIPTION The Update-RubrikUserRole function is used to create and submit the proper request to the proper endpoint in order to update a users role within the Rubrik cluster. .PARAMETER role The role to update (admin/end_user/no_access/etc) .PARAMETER roleUri The URI to use when constructing the API request .PARAMETER roleMethod The HTTP Method to apply to the API request. #> # Set the Method $resources.Method = $roleMethod # Build body based on role switch ($role) { "admin" { $body = @{ principals = @($id) privileges = @{ fullAdmin = @("Global:::All") } } } "end_user" { $body = @{ principals = @($id) privileges = @{ viewEvent = $EventObjects restoreWithoutDownload = $RestoreWithoutDownloadObjects destructiveRestore = $RestoreWithOverwriteObjects onDemandSnapshot = $OnDemandSnapshotObjects viewReport = $ReportObjects restore = $RestoreObjects provisionOnInfra = $InfrastructureObjects } } } "read_only_admin" { $body = @{ principals = @($id) privileges = @{ basic = @("Global:::All") } } } "end_user_clear" { # Retrieve current end user privileges from user to use in deletion body $endUserPrivileges = (Get-RubrikUserRole -id $id).endUser # Set empty properties of privileges to empty array, set single results to array of 1 if ($null -ne $endUserPrivileges) { $endUserPrivileges.PSObject.Properties | ForEach-Object { if ($_.Value.Count -eq 0) { $_.Value = @() } elseif ($_.Value.Count -eq 1) { $_.Value = @($_.Value) } } } # Build body for end_user $body = @{ principals = @($id) privileges = $endUserPrivileges } } } $body = ConvertTo-Json $body $uri = New-URIString -server $Server -endpoint "$roleUri" $result = Submit-Request -uri $uri -header $Header -method $($resources.Method) -body $body $result = Test-ReturnFormat -api $api -result $result -location $resources.Result $result = Test-FilterObject -filter ($resources.Filter) -result $result return $result } |