forked from KelvinTegelaar/CIPP-API
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAdd-CippUser.ps1
67 lines (55 loc) · 2.42 KB
/
Add-CippUser.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#requires -Version 7.2
[CmdletBinding(DefaultParameterSetName = 'interactive')]
Param(
[Parameter(Mandatory = $true, ParameterSetName = 'noninteractive')]
[ValidateSet('readonly', 'editor', 'admin')]
$Role,
[Parameter(Mandatory = $true, ParameterSetName = 'noninteractive')]
$SelectedUsers,
[Parameter(ParameterSetName = 'noninteractive')]
[Parameter(ParameterSetName = 'interactive')]
$ExpirationHours = 1
)
$ResourceGroup = '##RESOURCEGROUP##'
$Subscription = '##SUBSCRIPTION##'
if (!(Get-Module -ListAvailable Microsoft.PowerShell.ConsoleGuiTools)) {
Install-Module Microsoft.PowerShell.ConsoleGuiTools -Force
}
$Context = Get-AzContext
if (!$Context) {
Write-Host "`n- Connecting to Azure"
$Context = Connect-AzAccount -Subscription $Subscription
}
Write-Host "Connected to $($Context.Account)"
$swa = Get-AzStaticWebApp -ResourceGroupName $ResourceGroup
$Domain = $swa.CustomDomain | Select-Object -First 1
if ($Domain -eq $null) { $Domain = $swa.DefaultHostname }
Write-Host "CIPP SWA - $($swa.name)"
if (!$Role) {
$Role = @('readonly', 'editor', 'admin') | Out-ConsoleGridView -OutputMode Single -Title 'Select CIPP Role'
}
$CurrentUsers = Get-AzStaticWebAppUser -Name $swa.name -ResourceGroupName $ResourceGroup -AuthProvider all | Select-Object DisplayName, Role
$AllUsers = Get-AzADUser -Filter "userType eq 'Member' and accountEnabled eq true" | Select-Object DisplayName, UserPrincipalName
$SelectedUsers = $AllUsers | Where-Object { $CurrentUsers.DisplayName -notcontains $_.UserPrincipalName } | Sort-Object -Property DisplayName | Out-ConsoleGridView -Title "Select users for role '$Role'"
Write-Host "Selected users: $($SelectedUsers.UserPrincipalName -join ', ')"
Write-Host 'Generating invite links...'
$InviteList = foreach ($User in $SelectedUsers) {
$UserInvite = @{
InputObject = $swa
Domain = $Domain
Provider = 'aad'
UserDetail = $User.UserPrincipalName
Role = $Role
NumHoursToExpiration = $ExpirationHours
}
$Invite = New-AzStaticWebAppUserRoleInvitationLink @UserInvite
[PSCustomObject]@{
User = $User.UserPrincipalName
Role = $Role
Link = $Invite.InvitationUrl
Expires = $Invite.ExpiresOn
}
}
$InviteList
$InviteList | Export-Csv -Path '.\cipp-invites.csv' -Append
Write-Host 'Invitations exported to .\cipp-invites.csv'