commit d59730017e4b79e5d91e8392ce6bba1cb015faf2
Author: eeckert <eeckert@mpe.ca>
Date:   Thu Sep 14 10:56:07 2023 -0600

    migrate to new repo

diff --git a/API Tokens/Get_Bearer_Token.ps1 b/API Tokens/Get_Bearer_Token.ps1
new file mode 100644
index 0000000..fa78725
--- /dev/null
+++ b/API Tokens/Get_Bearer_Token.ps1	
@@ -0,0 +1,52 @@
+<#
+Script to generate bearer token for Egnyte API. Bearer token is then used in future reqeusts. 
+#>
+
+$BasePath = 'https://mpe.egnyte.com'
+$OAuthPath = $BasePath + '/puboauth/token'
+
+# Get path to store bearer.token file. 
+if (!($Tokenfolderpath)) {
+    Add-Type -AssemblyName System.Windows.Forms
+    $FileBrowser = New-Object System.Windows.Forms.FolderBrowserDialog
+    $FileBrowser.Description = 'Locate bearer.token file'
+    $FileBrowser.UseDescriptionForTitle
+    $null = $FileBrowser.ShowDialog()
+    $Tokenfolderpath = $FileBrowser.SelectedPath
+
+}
+
+$key_path = $Tokenfolderpath + '\Egnyte Key.token'
+$Secret_path = $Tokenfolderpath + '\Egnyte Secret.token'
+
+
+$client_id = get-content -Path $key_path | ConvertTo-SecureString | ConvertFrom-SecureString -AsPlainText
+$client_secret = get-content -Path $Secret_path | ConvertTo-SecureString | ConvertFrom-SecureString -AsPlainText
+if (!($EG_User)) {
+    $EG_User = read-host -Prompt "Enter your Egnyte (non-sso) username. The API will impersonate this user:"
+}
+
+if (!($EG_Password)) {
+    $EG_Password = read-host -Prompt "Enter your Egnyte (non-sso) Password" -MaskInput
+}
+
+
+$eg_grant_type = 'grant_type=password'
+$EG_Scopes = 'Egnyte.permission Egnyte.filesystem'
+
+$eg_auth_token = "client_id=$client_id&client_secret=$client_secret&username=$EG_User&password=$EG_Password&$eg_grant_type&scope=$eg_scopes" #| ConvertTo-SecureString -AsPlainText
+
+$eg_header = @{
+    'Content-Type' = 'application/x-www-form-urlencoded'
+    'Connection'   = 'close'
+    'grant_type'   = 'password'
+}
+
+# Send actual request
+$eg_auth_response = Invoke-WebRequest -Uri $OAuthPath -HttpVersion 1.1 -Method Post -body $eg_auth_token -Headers $eg_header
+
+$eg_bearer_token = ($eg_auth_response.Content | ConvertFrom-Json).access_token
+
+#Save Bearer Token to file for furture use
+$TokenPath = $Tokenfolderpath + '\' + $env:COMPUTERNAME + '-' + $env:USERNAME + ' Bearer.token'
+$eg_bearer_token | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Set-Content -Path $TokenPath
\ No newline at end of file
diff --git a/API Tokens/Revoke-OldToken.ps1 b/API Tokens/Revoke-OldToken.ps1
new file mode 100644
index 0000000..da43f0b
--- /dev/null
+++ b/API Tokens/Revoke-OldToken.ps1	
@@ -0,0 +1,26 @@
+$token1 = Get-content -Path .\bearer.token
+$client_secret = 'MAhCqnVAUUq7RvR73wMd5FB9dUP3hhfwGCB7jrXcG8g9gzCQ3a'
+$token = 'token=' + $token1 + '&client_secret=' + $client_secret
+
+$BasePath = 'https://mpe.egnyte.com'
+$RevokePath = $BasePath + '/pubapi/v1/tokens/revoke'
+
+$eg_header = @{
+    'Content-Type' = 'application/x-www-form-urlencoded'
+    'Connection' = 'close'
+    'Authorization' = 'Bearer ' + $token1
+}
+
+# $body = @{
+#     $
+
+
+# }
+
+$Revoke_Response = Invoke-WebRequest -Uri $RevokePath -HttpVersion 1.1 -Method Post -body $token -Headers $eg_header
+
+if ($Revoke_Response.StatusCode -eq 200) {
+    write-output "token revoked successfully, deleting"
+    remove-item .\bearer.token
+
+}
diff --git a/Permissions/HR_Permissions.ps1 b/Permissions/HR_Permissions.ps1
new file mode 100644
index 0000000..1e40c63
--- /dev/null
+++ b/Permissions/HR_Permissions.ps1
@@ -0,0 +1,164 @@
+<#
+Script to add Satey to Each folder under /Shared/HR Folder where folder name = Safety. 
+
+#>
+
+
+##Relative path to the same folder as the script 
+$pathForLogs = "logs.txt"
+
+# get Bearer Token
+if (!($token1)) {
+    # Get path to store bearer.token file. 
+    Add-Type -AssemblyName System.Windows.Forms
+    $FileBrowser = New-Object System.Windows.Forms.OpenFileDialog
+    $null = $FileBrowser.ShowDialog()
+    $token1 = Get-content -Path $FileBrowser.FileName | ConvertTo-SecureString | ConvertFrom-SecureString -AsPlainText 
+}
+
+#Log successful start
+$currentTime = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
+$message = "[$currentTime] Script started"
+$message | Out-File -FilePath $pathForLogs -Append
+
+# Set constants
+# LIST FILE / FOLDER resource '/pubapi/v1/fs/{Full Path to File/Folder}'
+$BasePath = 'https://mpe.egnyte.com'
+$BaseFolderpath = '/Shared/H-Human Resources'
+$resourceURI = '/pubapi/v1/fs' + $BaseFolderpath
+$fs_header = @{
+    'Authorization' = 'Bearer ' + $token1
+    'Content-Type'  = 'application/json'
+}
+
+if ($null -eq $last_refresh -or $last_refresh -le (Get-Date).AddHours(-1)) {
+    $refreshdata = 'Y' # auto-refresh data after 1 hour old
+}
+# variable to track queries per second from Egnyte
+$Global_QPS = 0
+$Global_QPS_limit = 10
+
+function shouldISleep {
+    if ($Global_QPS -gt ($Global_QPS_limit - 3)) {
+        return $true
+    }
+    else {
+        return $false
+    }
+}
+
+function EGGroup-SetFolderPermission {
+    param (
+        $FolderPathToChange,
+        $GroupPermissionsName,
+        $GroupPermissionLevel
+    )
+    if (shouldISleep) {
+        Write-Host -ForegroundColor DarkGray "API QPS Limit Approaching - Throttling - Current Value: $Global_QPS"
+        Start-Sleep 1
+    }
+    $path_1 = ($FolderPathToChange).Replace('#', '%23')
+    Write-Host -ForegroundColor Yellow "Processing" $path_1
+
+    $resourceURI = '/pubapi/v2/perms' + $path_1
+    $uri = $BasePath + $resourceURI
+
+    $req_body = [PSCustomObject]@{
+        groupPerms = 
+        @{
+            $GroupPermissionsName = $GroupPermissionLevel
+        }
+                
+    } | ConvertTo-Json
+
+    #Send the API request
+    $sub_response = Invoke-WebRequest -uri $uri -Headers $fs_header -Body $req_body -Method Post
+
+    $Global_QPS = $sub_response.headers.'x-accesstoken-qps-current'
+
+    if ($sub_response.StatusCode -ne 204) {
+        $currentTime = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
+        $errorMessage = "[$currentTime] An error occurred (status code not 204)"
+        $errorMessage | Out-File -FilePath $pathForLogs -Append
+        Write-Host "ERROR" -ForegroundColor DarkRed
+    }
+}
+
+
+
+
+# Get's folder list from egnyte - first layer
+$uri = $BasePath + $resourceURI
+
+if (!($fs_response) -or $refreshdata -eq 'Y' ) {
+    # Onyly hit the API if needed
+    $fs_response = Invoke-WebRequest -Uri $uri -Headers $fs_header
+    $Global_QPS = $fs_response.headers.'x-accesstoken-qps-current'
+    $last_refresh = get-date
+}
+
+$fs_folder_data = $fs_response.Content | ConvertFrom-Json 
+
+
+foreach ($office_folder in $fs_folder_data.folders) {
+    write-host -ForegroundColor Green "Processing" $office_folder.name
+    $Paths = @(($office_folder.path + '/Current Employees'), ($office_folder.path + '/Past Employees'))
+
+    
+
+    foreach ($path in $paths) {
+        write-host -ForegroundColor Blue "Processing" $path
+
+        # Determine Office Admin Group
+        switch ($office_folder.name) {
+            'Lethbridge' { $Office_short_code = 'LB' }   
+            'Calgary' { $Office_short_code = 'CG' }   
+            'Edmonton' { $Office_short_code = 'ED' }   
+            'Grande Prairie' { $Office_short_code = 'GP' }   
+            'Red Deer' { $Office_short_code = 'RD' }   
+            'Medicine Hat' { $Office_short_code = 'MH' }   
+            'Regina' { $Office_short_code = 'RG' }   
+            'Saskatoon' { $Office_short_code = 'SK' }   
+            'Winnipeg' { $Office_short_code = 'WP' }   
+            'Vancouver' { $Office_short_code = 'VC' }   
+            # Lethbridge { $Office_short_code = 'LB' }   
+        
+        }
+
+        $resourceURI = '/pubapi/v1/fs' + $path
+        $uri = $BasePath + $resourceURI
+
+        if (!($response) -or $refreshdata -eq 'Y' ) {
+            # Only hit the API if needed
+            # Start-Sleep -Seconds 2
+            $response = Invoke-WebRequest -Uri $uri -Headers $fs_header
+            $Global_QPS = $response.headers.'x-accesstoken-qps-current'
+            $last_refresh = get-date
+        }
+        $path_folder_list = ($response.content | convertfrom-json).folders
+        
+        $path_folder_list.path | ForEach-Object {
+        
+            # Education, Internal Forms, Safety and Performance folders need custom permissions
+            # Education
+            $EG_Group = $Office_short_code + ' Admin'
+            $EG_Permission = 'Editor'
+            $EG_Path = $_ + '/Education'
+            EGGroup-SetFolderPermission $EG_Path $EG_Group $EG_Permission
+
+            #Internal Forms
+            $EG_Path = $_ + '/Internal Forms'
+            EGGroup-SetFolderPermission $EG_Path $EG_Group $EG_Permission
+
+            # Safety
+            $EG_Group = 'Safety Liason - ' + $office_folder.name
+            $EG_Permission = 'Full'
+            $EG_Path = $_ + '/Safety'
+            EGGroup-SetFolderPermission $EG_Path $EG_Group $EG_Permission
+        }
+    }
+}
+
+$currentTime = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
+$message = "[$currentTime] Script completed successfully"
+$message | Out-File -FilePath $pathForLogs -Append
\ No newline at end of file