Public/permissions.ps1
function Set-RKPermissions { <# .Description Takes the contents of a json permissions files and applies the permissions #> [CmdletBinding()] param([PSCustomObject[]]$Permissions) foreach ($Permission in $Permissions) { Write-Verbose "applyPermissionSet: $($Permission | ConvertTo-Json)" switch ($Permission.type) { "rbac" { Set-RKRbacPermission $Permission } "sql" { Set-RKSQLPermission $Permission} "datalake" { Set-RKDataLakeAcl $Permission } Default { throw "Unknown Type - $($Permission.type)" } } Write-Verbose "applyPermissionSet: $($Permission | ConvertTo-Json)...done" } Update-RKLakeFromCache } function Set-RKDataLakeAcl { <# .Description Set the permission on a Data Folder and parent folders (to reach the folder) #> [CmdletBinding()] param([PSCustomObject]$Permission) $ctx = Get-RKStorageContext -StorageAccountName $Permission.dataLakeName -ContainerName $Permission.containerName Write-Verbose "applyLakePermission: objectType: '$($Permission.principalType)', DisplayName: '$($Permission.principalName)', Permission: '$($Permission.permission)', path: '$($Permission.path)'" Set-RKLakePathAcl -ctx $ctx -Permission $Permission } function Confirm-RKPermissions { <# .Description Tests permissions conform to target schema. #> [CmdletBinding()] param([PSCustomObject[]]$Permissions) $jsonErrList = [ordered]@{} $index = 0 foreach ($Permission in $Permissions) { Write-Verbose "Confirming Permission: $($Permission | ConvertTo-Json)" #$schema = Get-Content "$PSScriptRoot/../Schemas/$($Permission.type).schema.json" -Raw # for some daft reason Test-Json is a noisy command that needs to be piped to null on the stderr and stdout to keep the console clear. ( Test-Json -Json ( $Permission | ConvertTo-Json -Depth 5 ) -SchemaFile "$PSScriptRoot/../Schemas/$($Permission.type).schema.json" -ErrorVariable jsonErr 2> $null ) > $null if ($jsonErr.Count -gt 0) { $jsonErrList.Add($index, $jsonErr) } } return $jsonErrList } |