Skip to content

Commit

Permalink
Add warning to Get-PnPFlow command about required permissions (pnp#4474)
Browse files Browse the repository at this point in the history 
* Add warning to Get-PnPFlow command about required permissions

* Added requiredApiDelegatedPermissions

---------

Co-authored-by: Gautam Sheth <[email protected]>
  • Loading branch information
@NishkalankBezawada @gautamdsheth
NishkalankBezawada and gautamdsheth authored Oct 28, 2024
1 parent 6bfa732 commit 65f61bb
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 28 deletions.
4 changes: 4 additions & 0 deletions documentation/Get-PnPFlow.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ title: Get-PnPFlow
**Required Permissions**

* Azure: management.azure.com
* Azure Service Management : user_impersonation
* Dynamics CRM : user_impersonation
* PowerApps Service : User
* Link to Required permissions reference : https://pnp.github.io/powershell/articles/determinepermissions.html#help-i-cant-figure-out-which-permissions-i-need

Returns Power Automate Flows

Expand Down
67 changes: 39 additions & 28 deletions src/Commands/PowerPlatform/PowerAutomate/GetFlow.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,14 @@
using System.Management.Automation;
using PnP.PowerShell.Commands.Enums;
using PnP.PowerShell.Commands.Utilities;
using PnP.PowerShell.Commands.Attributes;
using System;

namespace PnP.PowerShell.Commands.PowerPlatform.PowerAutomate
{
[Cmdlet(VerbsCommon.Get, "PnPFlow", DefaultParameterSetName = ParameterSet_ALL)]
[ApiNotAvailableUnderApplicationPermissions]
[RequiredApiDelegatedPermissions("azure/user_impersonation")]
public class GetFlow : PnPAzureManagementApiCmdlet
{
private const string ParameterSet_BYIDENTITY = "By Identity";
Expand All @@ -29,43 +33,50 @@ public class GetFlow : PnPAzureManagementApiCmdlet

protected override void ExecuteCmdlet()
{
var environmentName = ParameterSpecified(nameof(Environment)) ? Environment.GetName() : PowerPlatformUtility.GetDefaultEnvironment(this, Connection, Connection.AzureEnvironment, AccessToken)?.Name;
string baseUrl = PowerPlatformUtility.GetPowerAutomateEndpoint(Connection.AzureEnvironment);

if (ParameterSpecified(nameof(Identity)))
try
{
var flowName = Identity.GetName();

WriteVerbose($"Retrieving specific Power Automate Flow with the provided name '{flowName}' within the environment '{environmentName}'");
var environmentName = ParameterSpecified(nameof(Environment)) ? Environment.GetName() : PowerPlatformUtility.GetDefaultEnvironment(this, Connection, Connection.AzureEnvironment, AccessToken)?.Name;
string baseUrl = PowerPlatformUtility.GetPowerAutomateEndpoint(Connection.AzureEnvironment);

var result = GraphHelper.Get<Model.PowerPlatform.PowerAutomate.Flow>(this, Connection, baseUrl + $"/providers/Microsoft.ProcessSimple{(AsAdmin ? "/scopes/admin" : "")}/environments/{environmentName}/flows/{flowName}?api-version=2016-11-01", AccessToken);
WriteObject(result, false);
}
else
{
string filter = null;
switch (SharingStatus)
if (ParameterSpecified(nameof(Identity)))
{
case FlowSharingStatus.SharedWithMe:
filter = "search('team')";
break;
var flowName = Identity.GetName();

case FlowSharingStatus.Personal:
filter = "search('personal')";
break;
WriteVerbose($"Retrieving specific Power Automate Flow with the provided name '{flowName}' within the environment '{environmentName}'");

case FlowSharingStatus.All:
filter = "search('team AND personal')";
break;
var result = GraphHelper.Get<Model.PowerPlatform.PowerAutomate.Flow>(this, Connection, baseUrl + $"/providers/Microsoft.ProcessSimple{(AsAdmin ? "/scopes/admin" : "")}/environments/{environmentName}/flows/{flowName}?api-version=2016-11-01", AccessToken);
WriteObject(result, false);
}
else
{
string filter = null;
switch (SharingStatus)
{
case FlowSharingStatus.SharedWithMe:
filter = "search('team')";
break;

case FlowSharingStatus.Personal:
filter = "search('personal')";
break;

WriteVerbose($"Retrieving all Power Automate Flows within environment '{environmentName}'{(filter != null ? $" with filter '{filter}'" : "")}");
case FlowSharingStatus.All:
filter = "search('team AND personal')";
break;
}

var flowUrl = $"{baseUrl}/providers/Microsoft.ProcessSimple{(AsAdmin ? "/scopes/admin" : "")}/environments/{environmentName}/{(AsAdmin ? "v2" : "")}/flows?api-version=2016-11-01{(filter != null ? $"&$filter={filter}" : "")}";
var flows = GraphHelper.GetResultCollection<Model.PowerPlatform.PowerAutomate.Flow>(this, Connection, flowUrl, AccessToken);

WriteObject(flows, true);
WriteVerbose($"Retrieving all Power Automate Flows within environment '{environmentName}'{(filter != null ? $" with filter '{filter}'" : "")}");

var flowUrl = $"{baseUrl}/providers/Microsoft.ProcessSimple{(AsAdmin ? "/scopes/admin" : "")}/environments/{environmentName}/{(AsAdmin ? "v2" : "")}/flows?api-version=2016-11-01{(filter != null ? $"&$filter={filter}" : "")}";
var flows = GraphHelper.GetResultCollection<Model.PowerPlatform.PowerAutomate.Flow>(this, Connection, flowUrl, AccessToken);

WriteObject(flows, true);

}
}
catch (Exception e)
{
WriteError(new ErrorRecord(new Exception("Make sure you have granted access to Azure AD App to Interact with Power Platform, To help understand the required permissions visit https://pnp.github.io/powershell/articles/determinepermissions.html#help-i-cant-figure-out-which-permissions-i-need"), e.Message, ErrorCategory.AuthenticationError, null));
}
}
}
Expand Down

0 comments on commit 65f61bb

Please sign in to comment.