SecureItem PowerShell Azure Function (before)

secureitem-before.ps1

# POST method: $req
$requestBody = Get-Content $req -Raw | ConvertFrom-Json
Write-Output $requestBody

#Execute the normal function logic
$list = $requestBody.list
$id = $requestBody.itemId
$readAccess = $requestBody.readAccess
$writeAccess = $requestBody.writeAccess

#Connect to the SharePoint site
Connect-PnPOnline -Url $env:SPUrl -AppId $env:AppId -AppSecret $env:AppSecret

#Get the list item
$item = Get-PnPListItem -List $list -Id $id

#Give the item Author back write permission
Set-PnPListItemPermission -List $list -Identity $id -User $item.FieldValues["Author"].Email -AddRole 'Contribute' -ClearExisting

#Give read access for those that require it
forEach($user in $readAccess) {
    Set-PnPListItemPermission -List $list -Identity $id -User $user -AddRole 'Read' 
}

#Give write access to those who require it
forEach($user in $writeAccess) {
    Set-PnPListItemPermission -List $list -Identity $id -User $user -AddRole 'Contribute' 
}

#Send the response
Out-File -Encoding Ascii -FilePath $res -inputObject "Updated security for: $list - $id"