functions/SPClientPermission/Clear-SPClientPermission.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#Requires -Version 3.0

<#
  Clear-SPClientPermission.ps1
 
  Copyright (c) 2017 karamem0
 
  This software is released under the MIT License.
  https://github.com/karamem0/SPClient/blob/master/LICENSE
#>


function Clear-SPClientPermission {

<#
.SYNOPSIS
  Clears all permission.
.DESCRIPTION
  The Clear-SPClientPermission function clears all role assignments from the specified object.
.PARAMETER ClientContext
  Indicates the client context. If not specified, uses default context.
.PARAMETER ClientObject
  Indicates the site, list or item.
.PARAMETER PassThru
  If specified, returns input object.
.EXAMPLE
  Clear-SPClientPermission $item
.INPUTS
  None or Microsoft.SharePoint.Client.SecurableObject
.OUTPUTS
  None
.LINK
  https://github.com/karamem0/SPClient/blob/master/doc/Clear-SPClientPermission.md
#>


    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $false)]
        [Microsoft.SharePoint.Client.ClientContext]
        $ClientContext = $SPClient.ClientContext,
        [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true)]
        [Microsoft.SharePoint.Client.SecurableObject]
        $ClientObject,
        [Parameter(Mandatory = $false)]
        [switch]
        $PassThru
    )

    process {
        if ($ClientContext -eq $null) {
            throw "Cannot bind argument to parameter 'ClientContext' because it is null."
        }
        Invoke-ClientContextLoad `
            -ClientContext $ClientContext `
            -ClientObject $ClientObject `
            -Retrieval 'RoleAssignments'
        while ($ClientObject.RoleAssignments.Count -gt 0) {
            $ClientObject.RoleAssignments[0].DeleteObject()
        }
        Invoke-ClientContextLoad `
            -ClientContext $ClientContext `
            -ClientObject $ClientObject `
            -Retrieval 'RoleAssignments.Include(Member,RoleDefinitionBindings)'
        if ($PassThru) {
            Write-Output $ClientObject
        }
    }

}