functions/entitlementManagement/accessPackageAssignementPolicies/Register-TmfAccessPackageAssignementPolicy.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
function Register-TmfAccessPackageAssignementPolicy
{
    [CmdletBinding()]
    Param (
        [Parameter(Mandatory = $true)]
        [string] $displayName,
        [string] $description = "Access Package Assignement Policy has been created with Tenant Management Framework",
        [Parameter(Mandatory = $true)]
        [string] $accessPackage,

        [bool] $canExtend = $false,
        [Parameter(Mandatory = $true)]
        [int] $durationInDays = 7,

        [object] $accessReviewSettings,
        [object] $requestApprovalSettings,
        [object] $requestorSettings,
        
        [bool] $present = $true,        
        [string] $sourceConfig = "<Custom>",

        [System.Management.Automation.PSCmdlet]
        $Cmdlet = $PSCmdlet
    )
    
    begin
    {
        $resourceName = "accessPackageAssignementPolicies"
        if (!$script:desiredConfiguration[$resourceName]) {
            $script:desiredConfiguration[$resourceName] = @()
        }

        if ($script:desiredConfiguration[$resourceName] | Where-Object {$_.displayName -eq $displayName -and $_.accessPackage -eq $accessPackage}) {            
            $alreadyLoaded = $script:desiredConfiguration[$resourceName] | Where-Object {$_.displayName -eq $displayName -and $_.accessPackage -eq $accessPackage}
        }
    }
    process
    {
        if (Test-PSFFunctionInterrupt) { return }                

        $object = [PSCustomObject]@{        
            displayName = $displayName
            accessPackage = $accessPackage
            description = $description
            canExtend = $canExtend
            durationInDays = $durationInDays
            present = $present
            sourceConfig = $sourceConfig
        }

        "accessReviewSettings", "requestApprovalSettings", "requestorSettings" | ForEach-Object {
            if ($PSBoundParameters.ContainsKey($_)) {
                if ($script:validateFunctionMapping.ContainsKey($_)) {
                    $validated = $PSBoundParameters[$_] | ConvertTo-PSFHashtable -Include $($script:validateFunctionMapping[$_].Parameters.Keys)
                    $validated = & $script:validateFunctionMapping[$_] @validated -Cmdlet $Cmdlet
                }
                else {
                    $validated = $PSBoundParameters[$_]
                }
                Add-Member -InputObject $object -MemberType NoteProperty -Name $_ -Value $validated
            }            
        }

        Add-Member -InputObject $object -MemberType ScriptMethod -Name accessPackageId -Value { Resolve-AccessPackage -InputReference $this.accessPackage -Cmdlet $Cmdlet -DontFailIfNotExisting }
        Add-Member -InputObject $object -MemberType ScriptMethod -Name Properties -Value { ($this | Get-Member -MemberType NoteProperty).Name }

        if ($alreadyLoaded) {
            $script:desiredConfiguration[$resourceName][$script:desiredConfiguration[$resourceName].IndexOf($alreadyLoaded)] = $object
        }
        else {
            $script:desiredConfiguration[$resourceName] += $object
        }
    }
}