# ------------------------------------------------------------------
# AUTHOR: [LucidLink Support]
# NAME: jit_permissions_script.ps1
# VERSION: 2.0
# DESCRIPTION: Lists "Just-in-Time" SSO permissions/shares from backup 
# and imports into JIT SSO integrated Filespace
#
# THE SCRIPT IS PROVIDED “AS IS” AND “AS AVAILABLE” AND IS WITHOUT
# WARRANTY OF ANY KIND. PLEASE REVIEW ALL TERMS AND CONDITIONS.
# https://www.lucidlink.com/legal-documents
# ------------------------------------------------------------------

Param(
[string]$ROOTPWD
)

# --- Ensure password ---
if ([string]::IsNullOrEmpty($ROOTPWD)) {
    Write-Host "Usage: .\jit_permissions_script.ps1 <rootpwd> `r`nRequest failed with: Bad Request `r`nEmpty required parameter 'password' is not allowed!"
    exit 1;
}

# --- Identify Filespace format --- 
$PERMISSIONVER="2.2"

$INSTANCE1STATUS = lucid status 
$FSFORMAT1 = $INSTANCE1STATUS -match "Filespace format:" -replace "[^0-9-.]" , ''

if ($PERMISSIONVER -gt $FSFORMAT1) {
	$COMMAND1="share"
	$COLUMNS="`$SHAREDPATH, `$USERGROUP, `$TYPE, `$SHAREDAS, `$PERMISSIONS = `$LINES -split ';'"
	$OPTION1="--permissions"
} else {
	$COMMAND1="permission"
	$COLUMNS="`$SHAREDPATH, `$USERGROUP, `$TYPE, `$PERMISSIONS = `$LINES -split ';'"
	$OPTION1="--access"
}

# --- Ensure backup exists ---
$BACKUPFILE="jit_"+"$COMMAND1"+"s_backup.txt"
if (!(Test-Path $BACKUPFILE)) {
  Write-Host "Error: your $BACKUPFILE backup file does not exist make sure to backup your configuration exactly as instructed in Step 1." -ForegroundColor darkred -BackgroundColor black
  exit 1
}

# --- List and filter JIT permissions/shares user and group assingments ---
$SOURCESHARES = get-content $BACKUPFILE
$SHARES = $SOURCESHARES.replace('read, write','read,write').replace('[user]',';user').replace('[group]',';group') -match "sso\\" -replace '\s{2,}', ';' -replace ' ;', ';'

# --- Loop through assigning SSO users and groups to permissions/shares ---
foreach ($LINES in $SHARES) {
Invoke-Expression $COLUMNS
Start-Process -WindowStyle hidden -FilePath "C:\Program Files\Lucid\Resources\Lucid.exe" -ArgumentList "$COMMAND1 --set ""$SHAREDPATH"" --$TYPE ""$USERGROUP"" $OPTION1 $PERMISSIONS --password ""$ROOTPWD""" -Wait -RedirectStandardOutput jit_permissions_output.txt -RedirectStandardError jit_permissions_error_output.txt
Get-Content jit_permissions_output.txt, jit_permissions_error_output.txt
Get-Content jit_permissions_output.txt, jit_permissions_error_output.txt | Out-File jit_permissions_log.txt -Append
}

exit