Ber*_*ty. 3 powershell json psobject
我不明白为什么我无法更改这些变量。如果我在调试模式下将它们输入控制台,它就会打印这些值。同样奇怪的是我如何能够更改第 24 行上的 allowedRequestors 变量,但不能更改其他任何变量。有谁知道为什么其他变量会发生这种情况?
$FilePath = "C:\Users\Desktop\TestScripts\testBulkAP.csv"
$headers = & $PSScriptRoot\GetToken.ps1
## preparing create Catalog data
$accesspacakgeRequest = '{"displayName":"","description":"sddsds","isHidden":false,"catalogId":"","accessPackageResourceRoleScopes":[],"accessPackageAssignmentPolicies":[{"displayName":"Initial Policy","description":"Initial Policy","durationInDays":365,"expirationDateTime":null,"canExtend":false,"requestApprovalSettings":null,"accessReviewSettings":null,"notificationSettings":null,"additionalInfo":null,"isDenyPolicy":false,"id":"","activeAssignmentCount":0,"accessPackageId":"00000000-0000-0000-0000-000000000000","accessPackageCatalog":null,"createdDateTime":null,"modifiedDateTime":null,"createdBy":"","modifiedBy":"","countOfUsersIncludedInPolicy":null,"requestorSettings":{"acceptRequests":true,"scopeType":"NoSubjects","allowedRequestors":[],"isOnBehalfAllowed":false},"questions":[]}]}'
$emlRequestUrl = "https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackages"
$accesspacakgeRequestObject = ConvertFrom-Json -InputObject $accesspacakgeRequest
$Content = Import-Csv $FilePath
foreach($assignmentData in $Content) {
$accesspacakgeRequestObject.catalogId = $assignmentData.catalogId
$accesspacakgeRequestObject.displayName = $assignmentData.displayName
$accesspacakgeRequestObject.description = $assignmentData.description
$accesspacakgeRequestObject.accessPackageAssignmentPolicies.requestorSettings.scopeType = $assignmentData.scope
if ($assignmentData.scope -eq "SpecificDirectorySubjects") {
$accesspacakgeRequestObject.accessPackageAssignmentPolicies.requestorSettings.allowedRequestors += New-Object -TypeName psobject -Property @{'@odata.type' = '#microsoft.graph.groupMembers'; 'id' = $assignmentData.groupId; 'description' = $assignmentData.groupName; 'isBackup' = 'false'}
}
$numApprovalStages = [int]$assignmentData.approvalStages
if ($numApprovalStages -gt 0) {
$accesspacakgeRequestObject.accessPackageAssignmentPolicies.requestApprovalSettings += New-Object -TypeName psobject -Property @{'approvalMode' = 'Serial'; 'isApprovalRequired' = 'true'; 'isApprovalRequiredForExtension' = 'false'; 'isRequestorJustificationRequired' = 'false'; 'approvalStages' = @()}
for ($i=1;$i -le [int]$assignmentData.approvalStages; $i++)
{
$accesspacakgeRequestObject.accessPackageAssignmentPolicies.requestApprovalSettings.approvalStages += New-Object -TypeName psobject -Property @{'approvalStageTimeOutInDays' = '14'; 'primaryApprovers' = @(); escalationApprovers = @();'isEscalationEnabled' = 'false'; 'escalationTimeInMinutes' = '0'; 'isApproverJustificationRequired' = 'true'}
$accesspacakgeRequestObject.accessPackageAssignmentPolicies.requestApprovalSettings.approvalStages.primaryApprovers += New-Object -TypeName psobject -Property @{'@odata.type' = '#microsoft.graph.singleUser'; "displayName" = ''; 'objectId' = Get-Variable -Name "assignmentData.approver$1" -ValueOnly; 'isBackup' = 'false'}
}
}
$requestbody = $accesspacakgeRequestObject | ConvertTo-Json -Depth 10
$response = Invoke-RestMethod $emlRequestUrl -Headers $headers -Method Post -Body $requestbody -UseBasicParsing -ErrorAction Continue
}
错误信息是:
The property 'requestApprovalSettings' cannot be found on this object. Verify that the property exists and can be set.
At C:\Users\Desktop\TestScripts\AddAccessPackageAndPolicyWITHAPPROVER.ps1:30 char:5
+ $accesspacakgeRequestObject.accessPackageAssignmentPolicies.reque ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
The property 'approvalStages' cannot be found on this object. Verify that the property exists and can be set.
At C:\Users\Desktop\TestScripts\AddAccessPackageAndPolicyWITHAPPROVER.ps1:34 char:9
+ $accesspacakgeRequestObject.accessPackageAssignmentPolicies.r ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
Get-Variable : Cannot find a variable with the name 'assignmentData.approver1'.
At C:\Users\Desktop\TestScripts\AddAccessPackageAndPolicyWITHAPPROVER.ps1:35 char:250
+ ... objectId' = Get-Variable -Name "assignmentData.approver$i" -ValueOnly ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (assignmentData.approver1:String) [Get-Variable], ItemNotFoundException
+ FullyQualifiedErrorId : VariableNotFound,Microsoft.PowerShell.Commands.GetVariableCommand
The property 'primaryApprovers' cannot be found on this object. Verify that the property exists and can be set.
At C:\Users\Desktop\TestScripts\AddAccessPackageAndPolicyWITHAPPROVER.ps1:35 char:250
+ ... objectId' = Get-Variable -Name "assignmentData.approver$i" -ValueOnly ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
该.accessPackageAssignmentPolicies属性包含一个数组([...]- 包含在 JSON 输入中)。
即使该数组恰好只包含一个元素,您仍然需要通过索引访问它才能设置其(唯一)元素的属性;例如:
# Note the `[0]`
$accesspacakgeRequestObject.accessPackageAssignmentPolicies[0].requestorSettings.scopeType = $assignmentData.scope
请注意,由于称为成员访问枚举的功能,获取属性并不严格需要此索引访问。
这种可能令人惊讶的不对称性(需要对设置进行索引访问)是设计使然的,但是,请参阅此答案以获取更多信息。
| 归档时间: |
|
| 查看次数: |
23027 次 |
| 最近记录: |