Functions/Security/Get-CdsUserRoles.ps1
<#
.SYNOPSIS Retrieve user assigned security roles #> function Get-CdsUserRoles { [CmdletBinding()] [OutputType("Microsoft.Xrm.Sdk.Query.QueryExpression")] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [Guid] $UserId, [Parameter(Mandatory = $false)] [ValidateNotNullOrEmpty()] [String[]] $Columns = @("*") ) begin { $StopWatch = [System.Diagnostics.Stopwatch]::StartNew(); Trace-CdsFunction -Name $MyInvocation.MyCommand.Name -Stage Start -Parameters ($MyInvocation.MyCommand.Parameters); } process { $queryUserRoles = New-CdsQueryExpression -LogicalName "systemuserroles" -Columns "systemuserid", "roleid"; $queryUserRoles = $queryUserRoles | Add-CdsQueryCondition -Field "systemuserid" -Condition Equal -Values $UserId; $userRoles = $CdsClient | Get-CdsMultipleRecords -Query $queryUserRoles; $roles = @(); $userRoles | ForEach-Object { $roles += Get-CdsRecord -Logicalname "role" -Id $_.roleid -Columns $Columns; } $roles; } end { $StopWatch.Stop(); Trace-CdsFunction -Name $MyInvocation.MyCommand.Name -Stage Stop -StopWatch $StopWatch; } } Export-ModuleMember -Function Get-CdsUserRoles -Alias *; |