infocynic/SyncDelegateGroupFromRole.ps1

## SyncDelegateGroupFromRole.ps1
param (
    [Parameter(Mandatory = $true, HelpMessage = "Specify the target org alias or username.")]
    [string]$targetOrg,

    [Parameter(Mandatory = $true, HelpMessage = "Specify the DeveloperName of the DelegateGroup.")]
    [string]$delegateGroup,

    [Parameter(Mandatory = $true, HelpMessage = "Specify the DeveloperName of the Role.")]
    [string]$roleName
)

# Step 1: Query existing group members
$groupMembersQuery = "SELECT Id, UserOrGroupId FROM DelegateGroupMember WHERE DelegateGroupId IN (SELECT Id FROM DelegateGroup WHERE DeveloperName = '$delegateGroup')"
$groupMembersResult = sf data:query --query="$groupMembersQuery" --target-org="$targetOrg" --use-tooling-api --json
$existingGroupMembers = ($groupMembersResult | ConvertFrom-Json).result.records

# Step 2: Query existing role members
$roleMembersQuery = "SELECT Id FROM User WHERE UserRole.DeveloperName = '$roleName' AND IsActive = true"
$roleMembersResult = sf data:query --query="$roleMembersQuery" --target-org="$targetOrg" --json
$existingRoleMembers = ($roleMembersResult | ConvertFrom-Json).result.records

# Step 3: Compare user/group IDs
$groupMembersToRemove = @()
$usersToAddToGroup = @()

foreach ($groupMember in $existingGroupMembers) {
    if ($groupMember.UserOrGroupId -notin $existingRoleMembers.Id) {
        $groupMembersToRemove += $groupMember.Id
    }
}

foreach ($roleMember in $existingRoleMembers) {
    if ($roleMember.Id -notin $existingGroupMembers.UserOrGroupId) {
        $usersToAddToGroup += $roleMember.Id
    }
}

# Step 4: Remove group members
foreach ($groupMemberId in $groupMembersToRemove) {
    sf data:record:delete --sobject=DelegateGroupMember --record-id=$groupMemberId --use-tooling-api --target-org=$targetOrg
}

# Step 5: Add users to the group
$groupIdQuery = "SELECT Id FROM DelegateGroup WHERE DeveloperName = '$delegateGroup' LIMIT 1"
$groupIdResult = sf data:query --query="$groupIdQuery" --target-org="$targetOrg" --use-tooling-api --json
$groupId = ($groupIdResult | ConvertFrom-Json).result.records[0].Id

foreach ($userId in $usersToAddToGroup) {
    $groupMemberToAdd = "UserOrGroupId=$userId DelegateGroupId=$groupId"

    sf data:create:record --sobject=DelegateGroupMember --values="$groupMemberToAdd" --use-tooling-api --target-org=$targetOrg
}
	param (
	[Parameter(Mandatory = $true, HelpMessage = "Specify the target org alias or username.")]
	[string]$targetOrg,

	[Parameter(Mandatory = $true, HelpMessage = "Specify the DeveloperName of the DelegateGroup.")]
	[string]$delegateGroup,

	[Parameter(Mandatory = $true, HelpMessage = "Specify the DeveloperName of the Role.")]
	[string]$roleName
	)

	# Step 1: Query existing group members
	$groupMembersQuery = "SELECT Id, UserOrGroupId FROM DelegateGroupMember WHERE DelegateGroupId IN (SELECT Id FROM DelegateGroup WHERE DeveloperName = '$delegateGroup')"
	$groupMembersResult = sf data:query --query="$groupMembersQuery" --target-org="$targetOrg" --use-tooling-api --json
	$existingGroupMembers = ($groupMembersResult \| ConvertFrom-Json).result.records

	# Step 2: Query existing role members
	$roleMembersQuery = "SELECT Id FROM User WHERE UserRole.DeveloperName = '$roleName' AND IsActive = true"
	$roleMembersResult = sf data:query --query="$roleMembersQuery" --target-org="$targetOrg" --json
	$existingRoleMembers = ($roleMembersResult \| ConvertFrom-Json).result.records

	# Step 3: Compare user/group IDs
	$groupMembersToRemove = @()
	$usersToAddToGroup = @()

	foreach ($groupMember in $existingGroupMembers) {
	if ($groupMember.UserOrGroupId -notin $existingRoleMembers.Id) {
	$groupMembersToRemove += $groupMember.Id
	}
	}

	foreach ($roleMember in $existingRoleMembers) {
	if ($roleMember.Id -notin $existingGroupMembers.UserOrGroupId) {
	$usersToAddToGroup += $roleMember.Id
	}
	}

	# Step 4: Remove group members
	foreach ($groupMemberId in $groupMembersToRemove) {
	sf data:record:delete --sobject=DelegateGroupMember --record-id=$groupMemberId --use-tooling-api --target-org=$targetOrg
	}

	# Step 5: Add users to the group
	$groupIdQuery = "SELECT Id FROM DelegateGroup WHERE DeveloperName = '$delegateGroup' LIMIT 1"
	$groupIdResult = sf data:query --query="$groupIdQuery" --target-org="$targetOrg" --use-tooling-api --json
	$groupId = ($groupIdResult \| ConvertFrom-Json).result.records[0].Id

	foreach ($userId in $usersToAddToGroup) {
	$groupMemberToAdd = "UserOrGroupId=$userId DelegateGroupId=$groupId"

	sf data:create:record --sobject=DelegateGroupMember --values="$groupMemberToAdd" --use-tooling-api --target-org=$targetOrg
	}