verkadaModule

0.8.1

Public/Remove-VerkadaAccessUserFromGroup.ps1

                                function Remove-VerkadaAccessUserFromGroup{

    <#

        .SYNOPSIS

        Removes an Access user from an Access group in an organization using https://apidocs.verkada.com/reference/deleteaccessgroupuserviewv1

        .DESCRIPTION

        Remove an access user from an access group with the Verkada defined group ID and the user defined either by their User ID or their External ID. Both the group ID and the User ID(or External ID) are passed as query parameters in the URL.

        The org_id and reqired token can be directly submitted as parameters, but is much easier to use Connect-Verkada to cache this information ahead of time and for subsequent commands.

        .LINK

        https://github.com/bepsoccer/verkadaModule/blob/master/docs/function-documentation/Remove-VerkadaAccessUserFromGroup.md

        .EXAMPLE

        Remove-VerkadaAccessUserFromGroup -userId '801c9551-b04c-4293-84ad-b0a6aa0588b3' -groupId '2d64e7de-fd95-48be-8b5c-7a23bde94f52'

        This will remove the Access user with userId 801c9551-b04c-4293-84ad-b0a6aa0588b3 from the group with groupId 2d64e7de-fd95-48be-8b5c-7a23bde94f52.  The org_id and tokens will be populated from the cached created by Connect-Verkada.

        .EXAMPLE

        Remove-VerkadaAccessUserFromGroup -externalId 'newUserUPN@contoso.com' -groupId '2d64e7de-fd95-48be-8b5c-7a23bde94f52' -org_id '7cd47706-f51b-4419-8675-3b9f0ce7c12d' -x_api_key 'sd78ds-uuid-of-verkada-token'

        This will remove the Access user with externalId newUserUPN@contoso.com from the group with groupId 2d64e7de-fd95-48be-8b5c-7a23bde94f52.  The org_id and tokens are submitted as parameters in the call.

    #>

    [CmdletBinding(PositionalBinding = $true)]

    [Alias("Remove-VrkdaAcUsrFrGrp","rm-VrkdaAcUsrFrGrp")]

    param (

        #The UUID of the user

        [Parameter(ValueFromPipelineByPropertyName = $true)]

        [ValidateNotNullOrEmpty()]

        [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')]

        [Alias('user_id')]

        [String]$userId,

        #unique identifier managed externally provided by the consumer

        [Parameter(ValueFromPipelineByPropertyName = $true)]

        [Alias('external_id')]

        [String]$externalId,

        #The UUID of the group

        [Parameter( ValueFromPipelineByPropertyName = $true)]

        [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')]

        [Alias('group_id')]

        [String]$groupId,

        #The UUID of the organization the user belongs to

        [Parameter(ValueFromPipelineByPropertyName = $true)]

        [ValidateNotNullOrEmpty()]

        [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')]

        [String]$org_id = $Global:verkadaConnection.org_id,

        #The public API key to be used for calls that hit the public API gateway

        [Parameter()]

        [ValidateNotNullOrEmpty()]

        [String]$x_api_key = $Global:verkadaConnection.token,

        #Switch to write errors to file

        [Parameter()]

        [switch]$errorsToFile

    )

    begin {

        $url = "https://api.verkada.com/access/v1/access_groups/group/user"

        #parameter validation

        if ([string]::IsNullOrEmpty($org_id)) {throw "org_id is missing but is required!"}

        if ([string]::IsNullOrEmpty($x_api_key)) {throw "x_api_key is missing but is required!"}

        $myErrors = @()

    } #end begin

    process {

        if ([string]::IsNullOrEmpty($groupId)){

            Write-Error "groupId is required"

            return

        }

        if ([string]::IsNullOrEmpty($externalId) -and [string]::IsNullOrEmpty($userId)){

            Write-Error "Either externalId or userId required"

            return

        }

        $body_params = @{}

        $query_params = @{

            'group_id'        = $groupId

        }

        if (!([string]::IsNullOrEmpty($userId))){

            $query_params.user_id = $userId

        } elseif (!([string]::IsNullOrEmpty($externalId))){

            $query_params.external_id = $externalId

        }

        try {

            Invoke-VerkadaRestMethod $url $org_id $x_api_key $query_params -body_params $body_params -method DELETE

            $response = $query_params | ConvertTo-Json | ConvertFrom-Json

            $response | Add-Member -NotePropertyName 'status' -NotePropertyValue 'removed'

            return $response

        }

        catch [Microsoft.PowerShell.Commands.HttpResponseException] {

            $err = $_.ErrorDetails | ConvertFrom-Json

            $errorMes = $_ | Convertto-Json -WarningAction SilentlyContinue

            $err | Add-Member -NotePropertyName StatusCode -NotePropertyValue (($errorMes | ConvertFrom-Json -Depth 100 -WarningAction SilentlyContinue).Exception.Response.StatusCode) -Force

            $msg = "$($err.StatusCode) - $($err.message)"

            $msg += ": $(($query_params + $body_params) | ConvertTo-Json -Compress)"

            Write-Error $msg

            $myErrors += $msg

            $msg = $null

        }

        catch [VerkadaRestMethodException] {

            $msg = $_.ToString()

            $msg += ": $(($query_params + $body_params) | ConvertTo-Json -Compress)"

            Write-Error $msg

            $myErrors += $msg

            $msg = $null

        }

    } #end process

    end {

        if ($errorsToFile.IsPresent){

            if (![string]::IsNullOrEmpty($myErrors)){

                Get-Date | Out-File ./errors.txt -Append

                $myErrors | Out-File ./errors.txt -Append

            }

        }

    } #end end

} #end function