Functions/SafeMembers/Set-PASSafeMember.ps1
# .ExternalHelp psPAS-help.xml function Set-PASSafeMember { [CmdletBinding(SupportsShouldProcess)] param( [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true )] [ValidateNotNullOrEmpty()] [string]$SafeName, [Alias('UserName')] [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true )] [ValidateNotNullOrEmpty()] [string]$MemberName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [datetime]$MembershipExpirationDate, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$UseAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$RetrieveAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ListAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$AddAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$UpdateAccountContent, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$UpdateAccountProperties, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'CPM' )] [boolean]$InitiateCPMAccountManagementOperations, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'CPM' )] [boolean]$SpecifyNextAccountContent, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$RenameAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$DeleteAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$UnlockAccounts, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ManageSafe, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ManageSafeMembers, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$BackupSafe, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ViewAuditLog, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$ViewSafeMembers, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [ValidateRange(0, 2)] [int]$RequestsAuthorizationLevel, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$AccessWithoutConfirmation, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$CreateFolders, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$DeleteFolders, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true )] [boolean]$MoveAccountsAndFolders ) BEGIN { #array for parameter names which appear in the top-tier of the JSON object $keysToKeep = [Collections.Generic.List[String]]@( 'MembershipExpirationDate', 'Permissions' ) }#begin PROCESS { #Create URL for request $URI = "$Script:BaseURI/WebServices/PIMServices.svc/Safes/$($SafeName | Get-EscapedString)/Members/$($MemberName | Get-EscapedString)" #Get passed parameters to include in request body $boundParameters = $PSBoundParameters | Get-PASParameter If ($PSBoundParameters.ContainsKey('MembershipExpirationDate')) { #Convert ExpiryDate to string in Required format $Date = (Get-Date $MembershipExpirationDate -Format MM/dd/yyyy).ToString() #Include date string in request $boundParameters['MembershipExpirationDate'] = $Date } #Add permissions array to request in correct order [array]$boundParameters['Permissions'] = $boundParameters | ConvertTo-SortedPermission -Gen1 #Create JSON for body of request $body = @{ 'member' = $boundParameters | Get-PASParameter -ParametersToKeep $keysToKeep #Ensure all levels of object are output } | ConvertTo-Json -Depth 3 if ($PSCmdlet.ShouldProcess($SafeName, "Update Safe Permissions for '$MemberName'")) { #Send request to webservice $result = Invoke-PASRestMethod -Uri $URI -Method PUT -Body $Body -WebSession $Script:WebSession If ($null -ne $result) { #format output $result.member | Select-Object MembershipExpirationDate, @{Name = 'Permissions'; 'Expression' = { $result.member.permissions | ConvertFrom-KeyValuePair } } | Add-ObjectDetail -typename psPAS.CyberArk.Vault.Safe.Member -PropertyToAdd @{ 'UserName' = $MemberName 'SafeName' = $SafeName } } } }#process END { }#end } |