This repository has been archived by the owner on Jan 19, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 659
/
Copy pathCmdletMicrosoftGraphApiPermission.cs
138 lines (110 loc) · 4.27 KB
/
CmdletMicrosoftGraphApiPermission.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
using System;
using System.Runtime.Serialization;
namespace PnP.PowerShell.CmdletHelpAttributes
{
/// <summary>
/// Defines the supported API permissions for the Microsoft Graph Api configurable in Azure Active Directory
/// </summary>
[Flags]
public enum MicrosoftGraphApiPermission : int
{
None = 0,
#region Groups - https://docs.microsoft.com/graph/permissions-reference#group-permissions
/// <summary>
/// Read all Groups
/// </summary>
[EnumMember(Value = "Group.Read.All")]
Group_Read_All = 1,
/// <summary>
/// Read and write all groups
/// </summary>
[EnumMember(Value = "Group.ReadWrite.All")]
Group_ReadWrite_All = 2,
/// <summary>
/// Read group memberships
/// </summary>
[EnumMember(Value = "GroupMember.Read.All")]
GroupMember_Read_All = 4,
/// <summary>
/// Read and write group memberships
/// </summary>
[EnumMember(Value = "GroupMember.ReadWrite.All")]
GroupMember_ReadWrite_All = 8,
/// <summary>
/// Create groups
/// </summary>
[EnumMember(Value = "Group.Create")]
Group_Create = 16,
#endregion
#region Directory - https://docs.microsoft.com/graph/permissions-reference#directory-permissions
/// <summary>
/// Read directory data
/// </summary>
[EnumMember(Value = "Directory.Read.All")]
Directory_Read_All = 32,
/// <summary>
/// Read and write directory data
/// </summary>
[EnumMember(Value = "Directory.ReadWrite.All")]
Directory_ReadWrite_All = 64,
#endregion
#region User - https://docs.microsoft.com/en-us/graph/permissions-reference#user-permissions
/// <summary>
/// Read all users' full profiles
/// </summary>
[EnumMember(Value = "User.Read.All")]
User_Read_All = 128,
/// <summary>
/// Read and write all users' full profiles
/// </summary>
[EnumMember(Value = "User.ReadWrite.All")]
User_ReadWrite_All = 256,
/// <summary>
/// Invite guest users to the organization
/// </summary>
[EnumMember(Value = "User.Invite.All")]
User_Invite_All = 512,
/// <summary>
/// Export users' data
/// </summary>
[EnumMember(Value = "User.Export.All")]
User_Export_All = 1024,
/// <summary>
/// Manage all user identities
/// </summary>
[EnumMember(Value = "User.ManageIdentities.All")]
User_ManageIdentities_All = 2048,
#endregion
#region AppCatalog - https://docs.microsoft.com/en-gb/graph/permissions-reference#appcatalog-resource-permissions
[EnumMember(Value = "AppCatalog.Read.All")]
AppCatalog_Read_All = 4096,
[EnumMember(Value = "AppCatalog.ReadWrite.All")]
AppCatalog_ReadWrite_All = 8192,
#endregion
}
/// <summary>
/// Add this attribute on a cmdlet class in order to provide the Api permission needed to execute the cmdlet
/// </summary>
[AttributeUsage(AttributeTargets.Class, AllowMultiple = true)]
public sealed class CmdletMicrosoftGraphApiPermission : CmdletApiPermissionBase
{
/// <summary>
/// Friendly name for this API used in the generated documentation
/// </summary>
public override string ApiName => "Microsoft Graph API";
/// <summary>
/// One or more permissions of which only one is needed to granted to the token
/// </summary>
public MicrosoftGraphApiPermission OrApiPermissions { get; set; }
public MicrosoftGraphApiPermission AndApiPermissions { get; set; }
/// <summary>
/// Constructs a new ApiPermissionAttribute
/// </summary>
/// <param name="apiPermission">One or more possible permissions of which only one is needed to be granted in the token</param>
public CmdletMicrosoftGraphApiPermission(MicrosoftGraphApiPermission orPermissions, MicrosoftGraphApiPermission andPermissions = MicrosoftGraphApiPermission.None)
{
OrApiPermissions = orPermissions;
AndApiPermissions = andPermissions;
}
}
}