83 lines
3.4 KiB
PowerShell
83 lines
3.4 KiB
PowerShell
|
function Set-EagleEyePermissions {
|
||
|
<#
|
||
|
.SYNOPSIS
|
||
|
Sets the authorizedGroupsByOperation section values in the EagleEye web.config file
|
||
|
.PARAMETER bustCacheGroups
|
||
|
The comma separated list of security groups which should have Bust Cache permissions
|
||
|
.PARAMETER elevateLoggingGroups
|
||
|
The comma separated list of security groups which should have Elevate Logging permissions
|
||
|
.PARAMETER manipulateServiceGroups
|
||
|
The comma separated list of security groups which should have Manipulate Service Instance permissions
|
||
|
.PARAMETER defaultWebConfigLocation
|
||
|
The location of the EagleEye web.config file. Defaults to "C:\ProgramData\chocolatey\lib\Alkami.EagleEye\tools\web.config"
|
||
|
#>
|
||
|
[CmdletBinding()]
|
||
|
Param(
|
||
|
[Parameter(Mandatory = $true)]
|
||
|
[string]$bustCacheGroups,
|
||
|
[Parameter(Mandatory = $true)]
|
||
|
[string]$elevateLoggingGroups,
|
||
|
[Parameter(Mandatory = $true)]
|
||
|
[string]$manipulateServiceGroups,
|
||
|
[Parameter(Mandatory = $false)]
|
||
|
$defaultWebConfigLocation
|
||
|
)
|
||
|
|
||
|
$logLead = (Get-LogLeadName);
|
||
|
|
||
|
#Set $defaultWebConfigLocation default
|
||
|
if ([string]::IsNullOrEmpty($defaultWebConfigLocation)) {
|
||
|
$chocoInstallPath = Get-ChocolateyInstallPath
|
||
|
$defaultWebConfigLocation = Join-Path $chocoInstallPath "lib\Alkami.EagleEye\tools\web.config"
|
||
|
}
|
||
|
|
||
|
[HashTable[]]$groupHash = @(
|
||
|
@{ Key = "BustCache"; Value = $bustCacheGroups },
|
||
|
@{ Key = "ElevateLogging"; Value = $elevateLoggingGroups },
|
||
|
@{ Key = "ManipulateServiceInstance"; Value = $manipulateServiceGroups }
|
||
|
)
|
||
|
|
||
|
Write-Verbose ("$logLead : Checking for web.config at {0}" -f $defaultWebConfigLocation)
|
||
|
if (!(Test-Path $defaultWebConfigLocation)) {
|
||
|
Write-Output ("$logLead : EagleEye doesn't seem to be installed on this machine")
|
||
|
return
|
||
|
}
|
||
|
|
||
|
Write-Verbose ("$logLead : Attempting to read the web.config from {0}" -f $defaultWebConfigLocation)
|
||
|
[XML]$eagleEyeConfig = Get-Content $defaultWebConfigLocation -ErrorAction SilentlyContinue
|
||
|
|
||
|
if ($null -eq $eagleEyeConfig) {
|
||
|
Write-Error ("$logLead : Could Not Read the EagleEye configuration from {0}" -f $defaultWebConfigLocation)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
$authorizedGroupsXPath = "//authorizedGroupsByOperation"
|
||
|
$authorizedGroupsSection = $eagleEyeConfig.SelectNodes($authorizedGroupsXPath)
|
||
|
|
||
|
if ($null -eq $authorizedGroupsSection) {
|
||
|
Write-Error ("$logLead : Could not find a the authorized groups section with XPath {0}" -f $authorizedGroupsXPath)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
$targetSection = $authorizedGroupsSection | Select-Object -First 1
|
||
|
foreach ($group in $groupHash) {
|
||
|
$childNode = $targetSection.ChildNodes | Where-Object { $_.Key -eq $group.Key }
|
||
|
|
||
|
if ($null -eq $childNode) {
|
||
|
Write-Error ("$logLead : Unable to find a child node with Key {0}" -f $group.Key)
|
||
|
return
|
||
|
}
|
||
|
elseif ($childNode.Value -eq $group.Value) {
|
||
|
Write-Output ("$logLead : Authorized group section {0} already has correct value {1}" -f $group.Key, $group.Value)
|
||
|
continue
|
||
|
}
|
||
|
|
||
|
Write-Output ("$logLead : Setting authorized group section {0} to value {1}" -f $group.Key, $group.Value)
|
||
|
$childNode.SetAttribute("value", $group.value)
|
||
|
}
|
||
|
|
||
|
Write-Verbose ("$logLead : Saving modified web.config XML to {0}" -f $defaultWebConfigLocation)
|
||
|
$eagleEyeConfig.Save($defaultWebConfigLocation)
|
||
|
}
|
||
|
|