public/complete/roles.psm1
|
Function Get-AdminRoles { <# .SYNOPSIS Function to Get a list of all admin roles in the system. .DESCRIPTION Function to Get a list of all admin roles in the system. .EXAMPLE Get-AdminRoles .LINK https://developer.blackberry.com/files/bws/reference/blackberry_uem_12_18_rest/resource_Roles.html#resource_Roles_getAdminRoles_GET #> Param( ) $Headers = @{ 'Accept' = 'application/vnd.blackberry.adminroles-v1+json' 'Authorization' = $global:env:uem_auth_token } $api_url = $global:env:uem_environment + "/roles/admin" try { Invoke-IgnoreCertForPS5 $Response = Invoke-RestMethod -Uri $api_url -Headers $Headers -Method Get return $Response } catch { Switch -Wildcard ($_.Exception.Response.StatusCode.value__) { default {Write-Error "$_"} } } } Function Get-AdminRole { <# .SYNOPSIS Function to Get an admin role by GUID. .DESCRIPTION Function to Get an admin role by GUID. .PARAMETER guid GUID of the admin role. .EXAMPLE Get-AdminRole -guid 'f011e00e-88b8-431f-8e15-bed23d266d0c' .LINK https://developer.blackberry.com/files/bws/reference/blackberry_uem_12_18_rest/resource_Roles.html#resource_Roles_getAdminRole_GET #> Param( [Parameter(Mandatory = $true)] [string] $guid ) $Headers = @{ 'Accept' = 'application/vnd.blackberry.adminrole-v1+json' 'Authorization' = $global:env:uem_auth_token } $api_url = $global:env:uem_environment + "/roles/admin/$guid" try { Invoke-IgnoreCertForPS5 $Response = Invoke-RestMethod -Uri $api_url -Headers $Headers -Method Get return $Response } catch { Switch -Wildcard ($_.Exception.Response.StatusCode.value__) { '404' {Write-Error "Admin role not found."} default {Write-Error "Authentication failed: $_"} } } } Function Get-AdminRoleUsers { <# .SYNOPSIS Function to Get a list of users assigned to the given Admin Role. .DESCRIPTION Function to Get a list of users assigned to the given Admin Role. .PARAMETER guid GUID of the admin role. .EXAMPLE Get-AdminRoleUsers -guid 'f011e00e-88b8-431f-8e15-bed23d266d0c' .LINK https://developer.blackberry.com/files/bws/reference/blackberry_uem_12_18_rest/resource_Roles.html#resource_Roles_getAdminUsers_GET #> Param( [Parameter(Mandatory = $true)] [string] $guid ) $Headers = @{ 'Accept' = 'application/vnd.blackberry.users-v1+json' 'Authorization' = $global:env:uem_auth_token } $api_url = $global:env:uem_environment + "/roles/admin/$guid/users" try { Invoke-IgnoreCertForPS5 $Response = Invoke-RestMethod -Uri $api_url -Headers $Headers -Method Get return $Response } catch { Switch -Wildcard ($_.Exception.Response.StatusCode.value__) { '404' {Write-Error "Admin role not found."} default {Write-Error "Authentication failed: $_"} } } } Function Remove-AdminRoleFromUser { <# .SYNOPSIS Function to Remove the specific admin role from the specific user. .DESCRIPTION Function to Remove the specific admin role from the specific user. .PARAMETER admin_role_guid GUID of the admin role .PARAMETER user_guid GUID of the user to update .EXAMPLE Remove-AdminRoleFromUser -admin_role_guid 'a8fafde0-c6b9-4e56-8109-2b9bc0d3c6b1' -user_guid 'f337f066-e53e-44cf-be43-c25738e3fcc8' .LINK https://developer.blackberry.com/files/bws/reference/blackberry_uem_12_18_rest/resource_Roles.html#resource_Roles_removeAdminRole_DELETE #> Param( [Parameter(Mandatory = $true)] [System.Guid] $admin_role_guid, [Parameter(Mandatory = $true)] [System.Guid] $user_guid ) $Headers = @{ 'Accept' = 'application/vnd.blackberry.users-v1+json' 'Authorization' = $global:env:uem_auth_token } $api_url = $global:env:uem_environment + "/roles/admin/$admin_role_guid/users/$user_guid" try { Invoke-IgnoreCertForPS5 $Response = Invoke-RestMethod -Uri $api_url -Headers $Headers -Method Delete return $Response } catch { Switch -Wildcard ($_.Exception.Response.StatusCode.value__) { '404' {Write-Error "Admin role not found."} '409' {Write-Error "Unable to remove last security admin."} default {Write-Error "Authentication failed: $_"} } } } Function Add-AdminRoleToUser { <# .SYNOPSIS Function to Assign (add or replace) the given user's Admin role with the specific Admin Role. .DESCRIPTION Function to Assign (add or replace) the given user's Admin role with the specific Admin Role. .PARAMETER admin_role_guid GUID of the admin role .PARAMETER user_guid GUID of the user to update .EXAMPLE Add-AdminRoleToUser -admin_role_guid 'c4c28a00-08be-4835-aa41-4c830f9f1079' -user_guid '9d61240a-e753-4483-93c2-75ef9e73ebfa' .LINK https://developer.blackberry.com/files/bws/reference/blackberry_uem_12_18_rest/resource_Roles.html#resource_Roles_assignAdminRole_PUT #> Param( [Parameter(Mandatory = $true)] [System.Guid] $admin_role_guid, [Parameter(Mandatory = $true)] [System.Guid] $user_guid ) $Headers = @{ 'Accept' = 'application/vnd.blackberry.users-v1+json' 'Authorization' = $global:env:uem_auth_token } $api_url = $global:env:uem_environment + "/roles/admin/$admin_role_guid/users/$user_guid" try { Invoke-IgnoreCertForPS5 $Response = Invoke-RestMethod -Uri $api_url -Headers $Headers -Method Put return $Response } catch { Switch -Wildcard ($_.Exception.Response.StatusCode.value__) { '404' {Write-Error "Admin role not found."} '409' {Write-Error "Unable to remove last security admin."} default {Write-Error "Authentication failed: $_"} } } } |