internal/functions/resolve/Resolve-Group.ps1
function Resolve-Group { [CmdletBinding()] Param ( [Parameter(Mandatory = $true)] [string] $InputReference, [switch] $DontFailIfNotExisting, [switch] $SearchInDesiredConfiguration, [System.Management.Automation.PSCmdlet] $Cmdlet = $PSCmdlet ) begin { $InputReference = Resolve-String -Text $InputReference $token = (Get-AzAccessToken -ResourceUrl "https://graph.microsoft.com").Token Connect-MgGraph -AccessToken ($token | ConvertTo-SecureString -AsPlainText -Force) | Out-Null Test-GraphConnection } process { try { if ($InputReference -match $script:guidRegex) { $group = (Invoke-MgGraphRequest -Method GET -Uri ("$script:graphBaseUrl/groups/{0}" -f $InputReference) -Headers @{"Authorization"= "Bearer $($token)"}).Id } elseif ($InputReference -match $script:mailNicknameRegex) { $group = (Invoke-MgGraphRequest -Method GET -Uri ("$script:graphBaseUrl/groups/?`$filter=mailNickname eq '{0}'" -f $InputReference) -Headers @{"Authorization"= "Bearer $($token)"}).Value.Id } elseif ($InputReference -in @("All")) { return $InputReference } else { $group = (Invoke-MgGraphRequest -Method GET -Uri ("$script:graphBaseUrl/groups/?`$filter=displayName eq '{0}'" -f $InputReference) -Headers @{"Authorization"= "Bearer $($token)"}).Value.Id } if (-Not $group -and $SearchInDesiredConfiguration) { if ($InputReference -in $script:desiredConfiguration["groups"].displayName) { $group = $InputReference } } if (-Not $group -and -Not $DontFailIfNotExisting) { throw "Cannot find group $InputReference" } elseif (-Not $group -and $DontFailIfNotExisting) { return } if ($group.count -gt 1) { throw "Got multiple groups for $InputReference" } return $group } catch { Write-PSFMessage -Level Warning -String 'AzurePIM.CannotResolveResource' -StringValues "Group" -Tag 'failed' -ErrorRecord $_ $Cmdlet.ThrowTerminatingError($_) } } } |