Skip to content

Update Grant-RsRestItemAccessPolicy.ps1 to allow for setting multiple… #445

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Terr4 wants to merge 1 commit into
base: master
Choose a base branch
from
+24 −10
Open

Update Grant-RsRestItemAccessPolicy.ps1 to allow for setting multiple… #445

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 24 additions & 10 deletions ReportingServicesTools/Functions/Security/Rest/Grant-RsRestItemAccessPolicy.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ function Grant-RsRestItemAccessPolicy
Specify the user or group name to grant access to.
.PARAMETER Role
Specify the name of the role you want to grant on the catalog item.
Specify the name of the role or an array with the roles you want to grant on the catalog item
.PARAMETER ReportPortalUri
Specify the Report Portal URL to your SQL Server Reporting Services or Power BI Report Server Instance.
Expand Down Expand Up @@ -54,6 +54,13 @@ function Grant-RsRestItemAccessPolicy
Description
-----------
This command will grant Browser access to members of the 'Report_Developers' domain group to catalog items found under the '/Finance' folder. It will do this by establishing a connection to the Report Server located at https://UATPBIRS/reports using current user's credentials.
.EXAMPLE
Grant-RsRestItemAccessPolicy -Identity 'CONTOSO\Report_Developers' -Role @('Browser','Content Manager') -RsItem '/Finance' -ReportPortalUri https://UATPBIRS/reports
Description
-----------
This command will grant Browser and Content Manager access to members of the 'Report_Developers' domain group to catalog items found under the '/Finance' folder. It will do this by establishing a connection to the Report Server located at https://UATPBIRS/reports using current user's credentials.
#>

[CmdletBinding()]
Expand All @@ -70,7 +77,7 @@ function Grant-RsRestItemAccessPolicy
[Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $true)]
[Alias('RoleName')]
[ValidateSet("Browser","Content Manager","My Reports","Publisher","Report Builder")]
[string]
[string[]]
$Role,

[string]
Expand Down Expand Up @@ -138,13 +145,20 @@ function Grant-RsRestItemAccessPolicy
}
}

$o=[PSCustomObject]@{
GroupUserName=$Identity
Roles=@([PSCustomObject]@{
Name=$Role
Description=''
})
}
#removing identity from privilege array if found as we set new privileges below
if( $response.Policies.GroupUserName -contains $Identity ) {
Write-Verbose "Identity already exists, removing all privileges...";
$Policies = $response.Policies | ? { $_.GroupUserName -ne $Identity }
$response.Policies = $Policies;
} else {
Write-Verbose "Identity does not exist yet...";
}

Write-Verbose "Creating Privileges Object for Identity...";
$o = [PSCustomObject]@{GroupUserName=$Identity;Roles=@()};
foreach($arole in $Role) {
$o.Roles += @{Name=$arole;Description=''}
}

$response.Policies=$response.Policies+$o
$response.InheritParentPolicy=$false
Expand All @@ -166,4 +180,4 @@ function Grant-RsRestItemAccessPolicy
throw (New-Object System.Exception("Failed to grant access policies for '$RsItem': $($_.Exception.Message)", $_.Exception))
}
}
}
}