Enterprise/PermissionManagement.psm1
|
# Permission Management Module for MiMo CLI # Provides role-based access control function New-MiMoRole { [CmdletBinding()] param( [Parameter(Mandatory=$true)] [string]$Name, [string[]]$Permissions = @() ) $role = @{ Name = $Name Permissions = $Permissions Created = Get-Date } return $role } function Add-MiMoRolePermission { param( [hashtable]$Role, [string]$Permission ) $Role.Permissions += $Permission return $Role } function Test-MiMoPermission { param( [hashtable]$Role, [string]$Permission ) return $Role.Permissions -contains $Permission } function New-MiMoUser { [CmdletBinding()] param( [Parameter(Mandatory=$true)] [string]$Username, [string]$Email = "", [string]$FullName = "" ) $user = @{ Username = $Username Email = $Email FullName = $FullName Roles = @() Created = Get-Date LastLogin = $null } return $user } function Add-MiMoUserRole { param( [hashtable]$User, [string]$RoleName ) $User.Roles += $RoleName return $User } function Test-MiMoUserPermission { param( [hashtable]$User, [hashtable[]]$Roles, [string]$Permission ) foreach ($roleName in $User.Roles) { $role = $Roles | Where-Object { $_.Name -eq $roleName } if ($role -and (Test-MiMoPermission -Role $role -Permission $Permission)) { return $true } } return $false } function New-MiMoAccessPolicy { [CmdletBinding()] param( [Parameter(Mandatory=$true)] [string]$Name, [hashtable]$Rules = @{} ) $policy = @{ Name = $Name Rules = $Rules Created = Get-Date Enabled = $true } return $policy } function Test-MiMoAccessPolicy { param( [hashtable]$Policy, [string]$Resource, [string]$Action ) if (-not $Policy.Enabled) { return $true } $ruleKey = "$Resource:$Action" return $Policy.Rules.ContainsKey($ruleKey) } # Export functions Export-ModuleMember -Function New-MiMoRole, Add-MiMoRolePermission, Test-MiMoPermission, New-MiMoUser, Add-MiMoUserRole, Test-MiMoUserPermission, New-MiMoAccessPolicy, Test-MiMoAccessPolicy |