public/Workspace/Update-FabricWorkspaceRoleAssignment.ps1
|
<#
.SYNOPSIS Updates the role assignment for a specific principal in a Fabric workspace. .DESCRIPTION The `Update-FabricWorkspaceRoleAssignment` function updates the role assigned to a principal in a workspace by making a PATCH request to the API. .PARAMETER WorkspaceId The unique identifier of the workspace where the role assignment exists. .PARAMETER WorkspaceRoleAssignmentId The unique identifier of the role assignment to be updated. .PARAMETER WorkspaceRole The new role to assign to the principal. Must be one of the following: - Admin - Contributor - Member - Viewer .EXAMPLE Update-FabricWorkspaceRoleAssignment -WorkspaceId "workspace123" -WorkspaceRoleAssignmentId "assignment456" -WorkspaceRole "Admin" Updates the role assignment to "Admin" for the specified workspace and role assignment. .NOTES - Requires `$FabricConfig` global configuration, including `BaseUrl` and `FabricHeaders`. - Calls `Test-TokenExpired` to ensure token validity before making the API request. Author: Tiago Balabuch #> function Update-FabricWorkspaceRoleAssignment { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string]$WorkspaceId, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string]$WorkspaceRoleAssignmentId, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [ValidateSet('Admin', 'Contributor', 'Member', 'Viewer')] [string]$WorkspaceRole ) try { # Step 1: Ensure token validity Write-Message -Message "Validating token..." -Level Debug Test-TokenExpired Write-Message -Message "Token validation completed." -Level Debug # Step 2: Construct the API URL $apiEndpointUrl = "{0}/workspaces/{1}/roleAssignments/{2}" -f $FabricConfig.BaseUrl, $WorkspaceId, $WorkspaceRoleAssignmentId Write-Message -Message "API Endpoint: $apiEndpointUrl" -Level Message # Step 3: Construct the request body $body = @{ role = $WorkspaceRole } # Convert the body to JSON $bodyJson = $body | ConvertTo-Json -Depth 4 -Compress Write-Message -Message "Request Body: $bodyJson" -Level Debug # Step 4: Make the API request $response = Invoke-RestMethod ` -Headers $FabricConfig.FabricHeaders ` -Uri $apiEndpointUrl ` -Method Patch ` -Body $bodyJson ` -ContentType "application/json" ` -ErrorAction Stop ` -SkipHttpErrorCheck ` -ResponseHeadersVariable "responseHeader" ` -StatusCodeVariable "statusCode" # Step 5: Validate the response code if ($statusCode -ne 200) { Write-Message -Message "Unexpected response code: $statusCode from the API." -Level Error Write-Message -Message "Error: $($response.message)" -Level Error Write-Message "Error Code: $($response.errorCode)" -Level Error return $null } # Step 6: Handle empty response if (-not $response) { Write-Message -Message "No data returned from the API." -Level Warning return $null } Write-Message -Message "Role assignment $WorkspaceRoleAssignmentId updated successfully in workspace '$WorkspaceId'." -Level Info return $response } catch { # Step 7: Handle and log errors $errorDetails = $_.Exception.Message Write-Message -Message "Failed to update role assignment. Error: $errorDetails" -Level Error } } |