functions/public/New-PermissionRoleAuthorization.ps1
|
function New-PermissionRoleAuthorization { param ( [Parameter(Mandatory = $true)] [string] $authUrl, [Parameter(Mandatory = $true)] [string] $roleId, [Parameter(Mandatory = $true)] [string] $roleName, [Parameter(Mandatory = $true)] $body, [Parameter(Mandatory = $true)] [string] $accessToken ) $url = "$($authUrl.TrimEnd("/"))/roles/$roleId/permissions" if (!($body -is [string])) { $clientObject = $body $body = ConvertTo-Json $body } else { $clientObject = ConvertFrom-Json -InputObject $body } $headers = @{"Accept" = "application/json"} if ($accessToken) { $headers.Add("Authorization", "Bearer $accessToken") } # attempt to add try { $response = Invoke-RestMethod -Method Post -Uri ([System.Uri]::EscapeUriString($url)) -Body $body -ContentType "application/json" -Headers $headers Write-DosMessage -Level "Information" -Message """$($clientObject.name)"" permission associated with ""$($roleName)"" role" return $response } catch { $exception = $_.Exception if ((Assert-WebExceptionType -exception $exception -typeCode 409)) { Write-DosMessage -Level "Information" -Message """$($clientObject.name)"" permission already associated with ""$($roleName)"" role" } else { $error = "Unknown error attempting to post" $exception = $_.Exception if ($null -ne $exception -and $null -ne $exception.Response) { $error = Get-ErrorFromResponse -response $exception.Response } throw ( New-Object -TypeName "System.Net.WebException" "There was an error creating ""$($clientObject.name)"" permission to ""$($roleName)"" role association: $error, halting installation.", $exception) } } } |