businessdev.ALbuild

2.0.0

Modules/businessdev.ALbuild.Containers/Public/New-BcContainerUser.ps1

                                function New-BcContainerUser {

    <#

    .SYNOPSIS

        Creates a Business Central user inside a container.

    .DESCRIPTION

        Runs the Business Central server management cmdlets inside the container to create a user

        and assign a permission set (SUPER by default). The password crosses the process boundary

        in clear text to the local container only (acceptable for a development/build container).

    .PARAMETER Name

        Container name.

    .PARAMETER Credential

        The user's credentials.

    .PARAMETER PermissionSetId

        Permission set to assign. Default SUPER.

    .PARAMETER ServerInstance

        BC server instance inside the container. Default 'BC'.

    .PARAMETER DockerExecutable

        The Docker executable to use (default 'docker').

    #>

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '',

        Justification = 'The conversion runs inside the local container, where the dev password is already plaintext; it never persists a secret on the host.')]

    [CmdletBinding(SupportsShouldProcess)]

    param(

        [Parameter(Mandatory)] [ValidateNotNullOrEmpty()] [Alias('ContainerName')] [string] $Name,

        [Parameter(Mandatory)] [pscredential] $Credential,

        [string] $PermissionSetId = 'SUPER',

        [string] $ServerInstance = 'BC',

        [string] $DockerExecutable = 'docker'

    )

    if (-not $PSCmdlet.ShouldProcess($Name, "Create user '$($Credential.UserName)'")) { return }

    $script = {

        $securePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force

        New-NAVServerUser -ServerInstance $ServerInstance -UserName $UserName -Password $securePassword -LicenseType Full -ErrorAction Stop

        New-NAVServerUserPermissionSet -ServerInstance $ServerInstance -UserName $UserName -PermissionSetId $PermissionSetId -ErrorAction Stop

        Write-Output "Created user $UserName with permission set $PermissionSetId"

    }

    $output = Invoke-BcContainerCommand -ContainerName $Name -ScriptBlock $script -DockerExecutable $DockerExecutable -Variables @{

        ServerInstance  = $ServerInstance

        UserName        = $Credential.UserName

        Password        = $Credential.GetNetworkCredential().Password

        PermissionSetId = $PermissionSetId

    }

    Write-ALbuildLog -Level Success ($output.Trim())

}