Public/Set-VerkadaCommandPermissions.ps1
|
function Set-VerkadaCommandPermissions{ <# .SYNOPSIS Modifies Verkada Command permissions for various entity types .DESCRIPTION This is used as a formatting function to make calls to set the needed Verkada Command permissions The org_id and reqired tokens can be directly submitted as parameters, but is much easier to use Connect-Verkada to cache this information ahead of time and for subsequent commands. .LINK https://github.com/bepsoccer/verkadaModule/blob/master/docs/function-documentation/Set-VerkadaCommandPermissions.md .EXAMPLE Set-VerkadaCommandPermissions $payload -org_id '7cd47706-f51b-4419-8675-3b9f0ce7c12d' -x_verkada_token 'a366ef47-2c20-4d35-a90a-10fd2aee113a' -x_verkada_auth 'auth-token-uuid-dscsdc' -usr 'a099bfe6-34ff-4976-9d53-ac68342d2b60' This will set the permissions sent in the payload variable. This variable should be a PSobject with the required structure for the permission type being set. The org_id and tokens are submitted as parameters in the call. #> [CmdletBinding(PositionalBinding = $true)] param ( #The payload of the permissions being set [Parameter(Mandatory = $true, Position = 0)] [ValidateScript( { $members=Get-Member -InputObject $_ -MemberType NoteProperty if ($members.Count -lt 2){ Throw [System.Management.Automation.ValidationMetadataException] "$_ is not a properly formated permissions payload object. Must be formatt: {'grant':[],'revoke':[]} and a PSobject" } else { $true } } )] [Alias('body')] [Object]$payload, #The UUID of the organization the user belongs to [Parameter(ValueFromPipelineByPropertyName = $true)] [ValidateNotNullOrEmpty()] [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')] [String]$org_id = $Global:verkadaConnection.org_id, #The Verkada(CSRF) token of the user running the command [Parameter()] [ValidateNotNullOrEmpty()] [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')] [string]$x_verkada_token = $Global:verkadaConnection.csrfToken, #The Verkada Auth(session auth) token of the user running the command [Parameter()] [ValidateNotNullOrEmpty()] [string]$x_verkada_auth = $Global:verkadaConnection.userToken, #The UUID of the user account making the request [Parameter()] [ValidateNotNullOrEmpty()] [ValidatePattern('^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$')] [string]$usr = $Global:verkadaConnection.usr ) begin { #parameter validation if ([string]::IsNullOrEmpty($org_id)) {throw "org_id is missing but is required!"} if ([string]::IsNullOrEmpty($x_verkada_token)) {throw "x_verkada_token is missing but is required!"} if ([string]::IsNullOrEmpty($x_verkada_auth)) {throw "x_verkada_auth is missing but is required!"} if ([string]::IsNullOrEmpty($usr)) {throw "usr is missing but is required!"} $url = 'https://vauth.command.verkada.com/permissions/modify' } #end begin process { $body = $payload try { $response = Invoke-VerkadaCommandCall $url $org_id $body -x_verkada_token $x_verkada_token -x_verkada_auth $x_verkada_auth -usr $usr -Method 'POST' return $response } catch [Microsoft.PowerShell.Commands.HttpResponseException] { $err = $_.ErrorDetails | ConvertFrom-Json $errorMes = $_ | Convertto-Json -WarningAction SilentlyContinue $err | Add-Member -NotePropertyName StatusCode -NotePropertyValue (($errorMes | ConvertFrom-Json -Depth 100 -WarningAction SilentlyContinue).Exception.Response.StatusCode) -Force Write-Host "Permission not added because: $($err.StatusCode) - $($err.message)" -ForegroundColor Red Return } } #end process end { } #end end } #end function |