Functions/SafeMembers/Add-PASSafeMember.ps1
|
# .ExternalHelp psPAS-help.xml function Add-PASSafeMember { [CmdletBinding()] param( [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true )] [ValidateNotNullOrEmpty()] [string]$SafeName, [Alias("UserName")] [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true )] [ValidateNotNullOrEmpty()] [ValidateScript( { $_ -notmatch ".*(\?|\&).*" })] [string]$MemberName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [string]$SearchIn, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [datetime]$MembershipExpirationDate, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("RestrictedRetrieve")] [boolean]$UseAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Retrieve")] [boolean]$RetrieveAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("ListContent")] [boolean]$ListAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Add")] [boolean]$AddAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Update")] [boolean]$UpdateAccountContent, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("UpdateMetadata")] [boolean]$UpdateAccountProperties, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = "CPM" )] [boolean]$InitiateCPMAccountManagementOperations, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = "CPM" )] [boolean]$SpecifyNextAccountContent, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Rename")] [boolean]$RenameAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Delete")] [boolean]$DeleteAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("Unlock")] [boolean]$UnlockAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ManageSafe, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ManageSafeMembers, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$BackupSafe, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("ViewAudit")] [boolean]$ViewAuditLog, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("ViewMembers")] [boolean]$ViewSafeMembers, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [ValidateRange(0, 2)] [int]$RequestsAuthorizationLevel, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$AccessWithoutConfirmation, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("AddRenameFolder")] [boolean]$CreateFolders, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$DeleteFolders, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [Alias("MoveFilesAndFolders")] [boolean]$MoveAccountsAndFolders ) BEGIN { #array for parameter names which appear in the top-tier of the JSON object $keysToKeep = [Collections.Generic.List[String]]@( 'MemberName', 'SearchIn', 'MembershipExpirationDate', 'Permissions' ) }#begin PROCESS { #Create URL for request $URI = "$Script:BaseURI/WebServices/PIMServices.svc/Safes/$($SafeName | Get-EscapedString)/Members" #Get Parameters for request body $boundParameters = $PSBoundParameters | Get-PASParameter If ($PSBoundParameters.ContainsKey("MembershipExpirationDate")) { #Convert MembershipExpirationDate to string in Required format $Date = (Get-Date $MembershipExpirationDate -Format MM/dd/yyyy).ToString() #Include date string in request $boundParameters["MembershipExpirationDate"] = $Date } #Add permissions array to request in correct order [array]$boundParameters["Permissions"] = $boundParameters | ConvertTo-SortedPermission #Create required request object $body = @{ "member" = $boundParameters | Get-PASParameter -ParametersToKeep $keysToKeep #Ensure all required JSON levels are output } | ConvertTo-Json -Depth 3 #Send request to Web Service $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body -WebSession $Script:WebSession If ($null -ne $result) { #format output $result.member | Select-Object MemberName, MembershipExpirationDate, SearchIn, @{Name = "Permissions"; "Expression" = { $result.member.permissions | ConvertFrom-KeyValuePair } } | Add-ObjectDetail -typename psPAS.CyberArk.Vault.Safe.Member.Extended -PropertyToAdd @{ "SafeName" = $SafeName } } }#process END { }#end } |