FunctionsPublic/Add-GraphFolderPermission.ps1
|
<#
.SYNOPSIS Add specific permissions on the folder .DESCRIPTION Sets permissions for the specified user on the specified folder. Optionally sends an invitation notifications to the specified user. .PARAMETER accessToken A Microsoft Graph API access token with the required permissions .PARAMETER documentLibraryID The document library in which the folder resides in .PARAMETER folderID The folder to set the specified permissions on .PARAMETER emailAddress The email address of the user for which to set the specified permissions .PARAMETER role The role to set for the specified user. Available options are 'read' or 'write' .PARAMETER sendInvite Specify whether the invitee receives an invite e-mail .PARAMETER inviteMessage Determine the text thats is included in the invite e-mail #> function Add-GraphFolderPermission { param( [parameter(Mandatory=$true)][psobject]$accessToken, [parameter(Mandatory=$true)][string]$documentLibraryID, [parameter(Mandatory=$true)][string]$folderID, [parameter(Mandatory=$true)][string]$emailAddress, [parameter(Mandatory=$true)][string][ValidateSet("read","write")]$role, [parameter(Mandatory=$true)][bool]$sendInvite, [parameter(Mandatory=$false)][string]$inviteMessage ) $sendBody = @{ "recipients" = @( @{ "email" = "$($emailAddress)" } ); "message" = "$($inviteMessage)"; "requireSignIn" = $true; "sendInvitation" = $sendInvite; "roles" = @( "$($role)" ) } | ConvertTo-Json $responseBody = Invoke-RestMethod ` -Uri "https://graph.microsoft.com/v1.0/drives/$($documentLibraryID)/items/$($folderID)/invite" ` -Headers @{"Authorization" = "Bearer $($accessToken.AccessTokenCredential.GetNetworkCredential().password)"} ` -Body $sendBody ` -ContentType "application/json" ` -Method POST if($null -eq $responseBody) { return $null } else { return $responseBody.value } } |