feat: Add DryRun mode in User Deprovision example script (#392)

examples/Mass Update User Zones/Mass_Update_User_Zones.ps1

@@ -7,7 +7,7 @@
 ########################################################################################
 
 param (
-    [switch]$simulate = $false
+    [switch]$DryRun = $false # if enabled, then no delete/create/update calls will be made, only read ones
 )
 
 ########################################################################################
@@ -110,8 +110,8 @@ function Write-Log { param ([string]$message, [string]$errorMessage = $null, [Ex
     }
 }
 
-if ($simulate) {
-    Write-Log "started in simulate mode" -output false
+if ($DryRun) {
+    Write-Log "started in DryRun mode" -output false
 } else {
     Write-Log "started" -output false
 }
@@ -244,7 +244,7 @@ ForEach($UserToUpdate in $UsersToUpdate) {
         # If the user's current storage policy is inherited from the enterprise, create a new assignment
         if ($($userStoragePolicy.assigned_to.type -eq "enterprise")) {
             try {
-                if (!$simulate) {
+                if (!$DryRun) {
                     $assignmentObjResp = "$(box storage-policies:assign $ZonesTable[$UserZone] $userObj.id --token=$adminToken --json 2>&1)"
                     $assignmentObj = $assignmentObjResp | ConvertFrom-Json
 
@@ -253,7 +253,7 @@ ForEach($UserToUpdate in $UsersToUpdate) {
                     " Assignment id: $($assignmentObj.id)") `
                     -output true
                 } else {
-                    Write-Log ("Would have assigned $($userObj.login) ($($userObj.id))" +`
+                    Write-Log ("`"DryRun`" mode is enabled. Script would have assigned $($userObj.login) ($($userObj.id))" +`
                     " to the specified zone: $UserZone ($($ZonesTable[$UserZone])).") `
                     -output true
                 }
@@ -267,14 +267,14 @@ ForEach($UserToUpdate in $UsersToUpdate) {
             # If the target zone is the same as the enterprise default zone, delete the current policy assignment
             if ($($ZonesTable[$UserZone] -eq $EnterprisePolicy)){
                 try {
-                    if (!$simulate) {
+                    if (!$DryRun) {
                         "$(box storage-policies:assignments:remove $userStoragePolicy.id --token=$adminToken)"
 
                         Write-Log ("Successfully reassigned $($userObj.login) ($($userObj.id))" +`
                         " to the specified zone: $UserZone ($($ZonesTable[$UserZone])).") `
                         -output true
                     } else {
-                        Write-Log ("Would have reassigned $($userObj.login) ($($userObj.id))" +`
+                        Write-Log ("`"DryRun`" mode is enabled. Script would have reassigned $($userObj.login) ($($userObj.id))" +`
                         " to the specified zone: $UserZone ($($ZonesTable[$UserZone])).") `
                         -output true
                     }
@@ -287,7 +287,7 @@ ForEach($UserToUpdate in $UsersToUpdate) {
             # Else reassign the user to the specified zone
             } else {
                 try {
-                    if (!$simulate) {
+                    if (!$DryRun) {
                         $assignmentObjResp = "$(box storage-policies:assign $ZonesTable[$UserZone] $userObj.id --token=$adminToken --json 2>&1)"
                         $assignmentObj = $assignmentObjResp | ConvertFrom-Json
 
@@ -296,7 +296,7 @@ ForEach($UserToUpdate in $UsersToUpdate) {
                         " Assignment id: $($assignmentObj.id)") `
                         -output true
                     } else {
-                        Write-Log ("Would have reassigned $($userObj.login) ($($userObj.id))" +`
+                        Write-Log ("`"DryRun`" mode is enabled. Script would have reassigned $($userObj.login) ($($userObj.id))" +`
                         " to the specified zone: $UserZone ($($ZonesTable[$UserZone])).") `
                         -output true
                     }

examples/Mass Update User Zones/README.md

@@ -74,8 +74,9 @@ If you would like to use Admin Console for zone assignment, see [here](https://s
 
 
 2. Update the [adminEmail][adminEmail-param] to the admin or co-admin login email address of the account that will be used to make zone assignments.  If you don't specify this value, the script will prompt you for it.
-3. Optional: To run the script in simulate mode, set the `simulate` boolean flag when running the script:
-`./Mass_Update_User_Zones.ps1 -simulate`
+3. Optional: To run the script in dry run mode, set the `DryRun` boolean flag when running the script:
+`./Mass_Update_User_Zones.ps1 -DryRun`.
+ Dry run doesn't mean that API calls won't be made, instead any create/update/delete calls will be skipped only.
 
 ## 2. Run the script
 Change the directory to the folder containing the script.

examples/User Deprovisioning/README.md

@@ -43,6 +43,9 @@ This Box CLI script deprovision a list of users by first transfering user conten
 	```
 3. Optional: To skip transfer of user content before deletion, set [TransferContent](Users_Deprovision.ps1#L15) to "N".
 4. Optional: Update Archive folder name by changing  [EmployeeArchiveFolderName](Users_Deprovision.ps1#L18) to any name of your choice.
+5. Optional: To run the script in dry run mode, set the `DryRun` boolean flag when running the script:
+`./Users_Deprovision.ps1 -DryRun`.
+ Dry run doesn't mean that API calls won't be made, instead any create/update/delete calls will be skipped only.
 
 ## 2. Run the script
 Change the directory to the folder containing the script. In this example, it is the `User Deprovisioning` folder.

examples/User Deprovisioning/Users_Deprovision.ps1

@@ -3,6 +3,11 @@
 
 #APPLICATION ACCESS LEVEL (FOR JWT APPS): App + Enterprise Access
 #APPLICATION SCOPES: Read & Write all folders stored in Box, Manage users, & Make API calls using the as-user header
+########################################################################################
+
+param (
+    [switch]$DryRun = $false # if enabled, then no delete/create/update calls will be made, only read ones
+)
 
 ########################################################################################
 ###   SCRIPT CONFIG - MODIFY THESE FOR YOUR ENVIRONMENT   ##############################
@@ -95,7 +100,11 @@ function Write-Log { param ([string]$message, [string]$errorMessage = $null, [Ex
 
 # Main function
 Function Start-Script {
-    Write-Log "Starting User Deprovisioning script..." -output false
+    if ($DryRun) {
+        Write-Log "Starting User Deprovisioning script in DryRun mode" -output false
+    } else {
+        Write-Log "Starting User Deprovisioning script" -output false
+    }
 
     # Get employees json file and convert from CSV to an array of objects
     Try {
@@ -140,14 +149,18 @@ Function Start-Script {
 
     # Create new "Employee Archive" folder if it doens't exist
     if($null -eq $EmployeeArchiveFolderID) {
-        try {
-            $EmployeeArchiveFolderResp = "$(box folders:create 0 "$EmployeeArchiveFolderName" --fields="id" --json 2>&1)"
-            $EmployeeArchiveFolderID = $EmployeeArchiveFolderResp | ConvertFrom-Json | ForEach-Object { $_.id }
-            Write-Log "Successfully created new '$EmployeeArchiveFolderName' root folder with ID: $($EmployeeArchiveFolderID)." -output true
-            Write-Log $EmployeeArchiveFolderResp
-        } catch {
-            Write-Log "Could not create new '$EmployeeArchiveFolderName' root folder. See log for details." -errorMessage $EmployeeArchiveFolderResp -output true -color Red
-            break
+        if(!$DryRun) {
+            try {
+                $EmployeeArchiveFolderResp = "$(box folders:create 0 "$EmployeeArchiveFolderName" --fields="id" --json 2>&1)"
+                $EmployeeArchiveFolderID = $EmployeeArchiveFolderResp | ConvertFrom-Json | ForEach-Object { $_.id }
+                Write-Log "Successfully created new '$EmployeeArchiveFolderName' root folder with ID: $($EmployeeArchiveFolderID)." -output true
+                Write-Log $EmployeeArchiveFolderResp
+            } catch {
+                Write-Log "Could not create new '$EmployeeArchiveFolderName' root folder. See log for details." -errorMessage $EmployeeArchiveFolderResp -output true -color Red
+                break
+            }
+        } else {
+            Write-Log "`"DryRun`" mode is enabled. Script would have created new '$EmployeeArchiveFolderName' root folder." -output true
         }
     }
 
@@ -177,45 +190,55 @@ Function Start-Script {
         }
 
         if($TransferContent -eq "Y") {
-            # Transfer users content to current user's root folder before deleting user
-            Write-Log "Transferring $($FoundEmployee.name) content over to current user's Root folder with name ""$($FoundEmployee.login) - $($FoundEmployee.name)'s Files and Folders""..." -output true
-
-            try {
-                $NewFolderResp = "$(box users:transfer-content $FoundEmployeeID $UserId --json 2>&1)"
-                $NewFolder = $NewFolderResp | ConvertFrom-Json
-                Write-Log "Successfully transferred content to ""$($FoundEmployee.login) - $($FoundEmployee.name)'s Files and Folders""." -output true
-                Write-Log $NewFolderResp
-            } catch {
-                Write-Log "Skipping this employee. Could not transfer $($FoundEmployee.name) content over to current user's Root folder. See log for details." -errorMessage $NewFolderResp -output true -color Red
-                continue
+            if(!$DryRun) {
+                # Transfer users content to current user's root folder before deleting user
+                Write-Log "Transferring $($FoundEmployee.name) content over to current user's Root folder with name ""$($FoundEmployee.login) - $($FoundEmployee.name)'s Files and Folders""..." -output true
+
+                try {
+                    $NewFolderResp = "$(box users:transfer-content $FoundEmployeeID $UserId --json 2>&1)"
+                    $NewFolder = $NewFolderResp | ConvertFrom-Json
+                    Write-Log "Successfully transferred content to ""$($FoundEmployee.login) - $($FoundEmployee.name)'s Files and Folders""." -output true
+                    Write-Log $NewFolderResp
+                } catch {
+                    Write-Log "Skipping this employee. Could not transfer $($FoundEmployee.name) content over to current user's Root folder. See log for details." -errorMessage $NewFolderResp -output true -color Red
+                    continue
+                }
+
+                # Move transferred folder to "Employee Archive" folder
+                $TransferredFolder = $NewFolder.id
+                try {
+                    $MoveFolderResp = "$(box folders:move $TransferredFolder $EmployeeArchiveFolderID --json 2>&1)"
+                    $MoveFolderResp | ConvertFrom-Json | Out-Null
+                    Write-Log "Successfully moved transferred employee content $($FoundEmployee.name) with User ID: $($FoundEmployeeID) to '$EmployeeArchiveFolderName' folder with ID: $EmployeeArchiveFolderID." -output true
+                    Write-Log $MoveFolderResp
+                } catch {
+                    Write-Log "Skipping this employee. Could not move transferred folder with ID: $TransferredFolder to $EmployeeArchiveFolderName folder with ID: $EmployeeArchiveFolderID. See log for details." -errorMessage $MoveFolderResp -output true -color Red
+                    continue
+                }
+            } else {
+                Write-Log ("`"DryRun`" mode is enabled. Script would have transferred employee's content" +`
+                " to `"$($FoundEmployee.login) - $($FoundEmployee.name)'s Files and Folders`"" +`
+                " and then moved it to `"$EmployeeArchiveFolderName`" folder.") `
+                -output true
             }
-
-            # Move transferred folder to "Employee Archive" folder
-            $TransferredFolder = $NewFolder.id
-            try {
-                $MoveFolderResp = "$(box folders:move $TransferredFolder $EmployeeArchiveFolderID --json 2>&1)"
-                $MoveFolderResp | ConvertFrom-Json | Out-Null
-                Write-Log "Successfully moved transferred employee content $($FoundEmployee.name) with User ID: $($FoundEmployeeID) to '$EmployeeArchiveFolderName' folder with ID: $EmployeeArchiveFolderID." -output true
-                Write-Log $MoveFolderResp
-            } catch {
-                Write-Log "Skipping this employee. Could not move transferred folder with ID: $TransferredFolder to $EmployeeArchiveFolderName folder with ID: $EmployeeArchiveFolderID. See log for details." -errorMessage $MoveFolderResp -output true -color Red
-                continue
-           }
         }
 
         # Delete user
-        try {
-            # Because of the "-q" flag, the users:delete command returns an error if it occurs or null otherwise
-            $DeleteUserResp = "$(box users:delete $FoundEmployeeID -q 2>&1)"
-            if(!$DeleteUserResp) {
-                Write-Log "Successfully deleted employee $($FoundEmployee.name) with ID: $($FoundEmployeeID)." -output true
-            } else {
+        if(!$DryRun) {
+            try {
+                $DeleteUserResp = "$(box users:delete $FoundEmployeeID 2>&1)"
+                if($LASTEXITCODE -eq 0) {
+                    Write-Log "Successfully deleted employee $($FoundEmployee.name) with ID: $($FoundEmployeeID)." -output true
+                } else {
+                    Write-Log "Could not delete employee $($FoundEmployee.name) with ID: $($FoundEmployeeID). See log for details." -errorMessage $DeleteUserResp -output true -color Red
+                    continue
+                }
+            } catch {
                 Write-Log "Could not delete employee $($FoundEmployee.name) with ID: $($FoundEmployeeID). See log for details." -errorMessage $DeleteUserResp -output true -color Red
                 continue
             }
-        } catch {
-            Write-Log "Could not delete employee $($FoundEmployee.name) with ID: $($FoundEmployeeID). See log for details." -errorMessage $DeleteUserResp -output true -color Red
-            continue
+        } else {
+            Write-Log "`"DryRun`" mode is enabled. Script would have deleted employee $($FoundEmployee.name) with ID: $($FoundEmployeeID)." -output true
         }
     }