Functions/Accounts/New-PASAccountObject.ps1
|
# .ExternalHelp psPAS-help.xml Function New-PASAccountObject { [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', 'remoteMachinesAccess', Justification = 'False Positive')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', 'secretManagement', Justification = 'False Positive')] [CmdletBinding(SupportsShouldProcess, DefaultParameterSetName = 'AccountObject')] param( [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [int]$uploadIndex, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'PersonalAdminAccount' )] [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$userName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$name, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'PersonalAdminAccount' )] [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$address, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [Alias('PolicyID')] [string]$platformID, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [ValidateNotNullOrEmpty()] [Alias('safe')] [string]$SafeName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [ValidateSet('Password', 'Key')] [string]$secretType, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'PersonalAdminAccount' )] [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [securestring]$secret, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [hashtable]$platformAccountProperties, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [boolean]$automaticManagementEnabled, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$manualManagementReason, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$remoteMachines, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [boolean]$accessRestrictedToRemoteMachines, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'AccountObject' )] [string]$groupName, [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true, ParameterSetName = 'PersonalAdminAccount' )] [switch]$PersonalAdminAccount ) Begin { #V10 parameters are nested under JSON object properties $remoteMachine = [Collections.Generic.List[String]]@('remoteMachines', 'accessRestrictedToRemoteMachines') $SecretMgmt = [Collections.Generic.List[String]]@('automaticManagementEnabled', 'manualManagementReason') } Process { #Get all parameters that will be sent in the request $boundParameters = $PSBoundParameters | Get-PASParameter #deal with "secret" SecureString If ($PSBoundParameters.ContainsKey('secret')) { #Include decoded password in request $boundParameters['secret'] = $(ConvertTo-InsecureString -SecureString $secret) } switch ($PSCmdlet.ParameterSetName) { 'AccountObject' { $boundParameters.keys | Where-Object { $remoteMachine -contains $PSItem } | ForEach-Object { $remoteMachinesAccess = @{ } } { #add key=value to hashtable $remoteMachinesAccess[$PSItem] = $boundParameters[$PSItem] } { $boundParameters['remoteMachinesAccess'] = $remoteMachinesAccess } $boundParameters.keys | Where-Object { $SecretMgmt -contains $PSItem } | ForEach-Object { $secretManagement = @{ } } { #add key=value to hashtable $secretManagement[$PSItem] = $boundParameters[$PSItem] } { $boundParameters['secretManagement'] = $secretManagement } break } } if ($PSCmdlet.ShouldProcess($userName, 'Create Account Object Definition')) { $boundParameters | Get-PASParameter -ParametersToRemove @($remoteMachine + $SecretMgmt + 'PersonalAdminAccount') } } End {} } |