Skip to content

Commit

Permalink
Merge pull request #185 from jakkulabs/feature-New-vRABusinessGroup-S…
Browse files Browse the repository at this point in the history 
…haredAccess

Added SharedAccess parameter to New-vRABusinessGroup for issue #183
  • Loading branch information
@chelnak
chelnak authored Jul 9, 2018
2 parents 53aadd6 + 16bd1e1 commit 29a9461
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 3 deletions.
4 changes: 4 additions & 0 deletions src/Functions/Public/identity/Get-vRABusinessGroup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ try {

$GroupManagerRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Business Group Manager"}
$SupportUserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Support User"}
$SharedAccessUserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "com.vmware.csp.core.cafe.identity@csp.scoperole.sharedaccess.user.name"}
$UserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Basic User"}

[pscustomobject]@{
Expand All @@ -93,6 +94,7 @@ try {
ExtensionData = $BusinessGroup.extensionData
GroupManagerRole = $GroupManagerRole.principalId
SupportUserRole = $SupportUserRole.principalId
SharedAccessUserRole = $SharedAccessUserRole.principalId
UserRole = $UserRole.principalId
Tenant = $BusinessGroup.tenant
}
Expand All @@ -115,6 +117,7 @@ try {

$GroupManagerRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Business Group Manager"}
$SupportUserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Support User"}
$SharedAccessUserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "com.vmware.csp.core.cafe.identity@csp.scoperole.sharedaccess.user.name"}
$UserRole = $BusinessGroupRolesResponse.content | Where-Object {$_.name -eq "Basic User"}

[pscustomobject]@{
Expand All @@ -126,6 +129,7 @@ try {
ExtensionData = $BusinessGroup.extensionData
GroupManagerRole = $GroupManagerRole.principalId
SupportUserRole = $SupportUserRole.principalId
SharedAccessUserRole = $SharedAccessUserRole.principalId
UserRole = $UserRole.principalId
Tenant = $BusinessGroup.tenant
}
Expand Down
61 changes: 58 additions & 3 deletions src/Functions/Public/identity/New-vRABusinessGroup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@
.PARAMETER SupportUser
Business Group Support Users
.PARAMETER SharedAccessUser
Business Group Shared Access Users
.PARAMETER User
Business Group Users
Expand All @@ -43,6 +46,10 @@
New-vRABusinessGroup -TenantId Tenant01 -Name BusinessGroup01 -Description "Business Group 01" -BusinessGroupManager "[email protected]","[email protected]" -SupportUser "[email protected]" `
-User "[email protected]" -MachinePrefixId "87e99513-cbea-4589-8678-c84c5907bdf2" -SendManagerEmailsTo "[email protected]"
.EXAMPLE
New-vRABusinessGroup -TenantId Tenant01 -Name BusinessGroup02 -Description "Business Group 02" -BusinessGroupManager "[email protected]" -SharedAccessUser "[email protected]" `
-SendManagerEmailsTo "[email protected]"
.EXAMPLE
$JSON = @"
{
Expand Down Expand Up @@ -129,6 +136,10 @@
[ValidateNotNullOrEmpty()]
[String[]]$SupportUser,

[parameter(Mandatory=$false,ParameterSetName="Standard")]
[ValidateNotNullOrEmpty()]
[String[]]$SharedAccessUser,

[parameter(Mandatory=$false,ParameterSetName="Standard")]
[ValidateNotNullOrEmpty()]
[String[]]$User,
Expand All @@ -149,6 +160,15 @@
begin {
# --- Test for vRA API version
xRequires -Version 7.0

# --- Test for API 7.3 if SharedAccessUser parameter specified
if ($PSBoundParameters.ContainsKey("SharedAccessUser")){

if ($vRAConnection.APIVersion -lt 7.3){

throw "vRA BusinessGroup Shared Access feature requires vRA version 7.3 or greater"
}
}
}

process {
Expand Down Expand Up @@ -205,10 +225,26 @@
}
"@

$BodySharedAccess = @"
{
"name": "com.vmware.csp.core.cafe.identity@csp.scoperole.sharedaccess.user.name",
"scopeRoleRef": "CSP_CONSUMER_WITH_SHARED_ACCESS",
"principalId": [
]
}
"@

# --- If certain parameters are specified, ConvertFrom-Json, update, then ConvertTo-Json
if ($PSBoundParameters.ContainsKey("BusinessGroupManager") -or $PSBoundParameters.ContainsKey("SupportUser") -or $PSBoundParameters.ContainsKey("User") -or $PSBoundParameters.ContainsKey("MachinePrefixId")){
if ($PSBoundParameters.ContainsKey("BusinessGroupManager") -or $PSBoundParameters.ContainsKey("SupportUser") -or $PSBoundParameters.ContainsKey("SharedAccessUser") -or $PSBoundParameters.ContainsKey("User") -or $PSBoundParameters.ContainsKey("MachinePrefixId")){

$JSONObject = $Body | ConvertFrom-Json

# --- Add Shared Access feature from vRA 7.3
if ($vRAConnection.APIVersion -ge 7.3){

$JSONObject.subtenantRoles += ($BodySharedAccess | ConvertFrom-Json)
}

if ($PSBoundParameters.ContainsKey("BusinessGroupManager")){

Expand All @@ -230,7 +266,6 @@
$BusinessGroupManagerRole.principalId += $AdditionObject

}

}

if ($PSBoundParameters.ContainsKey("SupportUser")){
Expand All @@ -253,7 +288,28 @@
$SupportUserRole.principalId += $AdditionObject

}
}

if ($PSBoundParameters.ContainsKey("SharedAccessUser")){

foreach ($Entity in $SharedAccessUser){

$Domain = ($Entity -split "@")[1]
$Username = ($Entity -split "@")[0]

$Addition = @"
{
"domain": "$($Domain)",
"name": "$($Username)"
}
"@

$AdditionObject = $Addition | ConvertFrom-Json

$SupportUserRole = $JSONObject.subtenantRoles | Where-Object {$_.Name -eq "com.vmware.csp.core.cafe.identity@csp.scoperole.sharedaccess.user.name"}
$SupportUserRole.principalId += $AdditionObject

}
}

if ($PSBoundParameters.ContainsKey("User")){
Expand All @@ -276,7 +332,6 @@
$UserRole.principalId += $AdditionObject

}

}

if ($PSBoundParameters.ContainsKey("MachinePrefixId")){
Expand Down

0 comments on commit 29a9461

Please sign in to comment.