function p4tempauth
#grants and revokes temporary local access to a user object. Mostly useful for reverting files and performing local operations on disabled or broken user accounts.
{param([Parameter(Mandatory = $true)]$username,$authgroup,$justification,[switch]$silent,[switch]$grant,[switch]$revoke)
	$servercheck = p4get-server
	if ($servercheck.pingsuccess.equals($true))
	{
		$p4user = p4get-user $username #find the user we're asking to grant rights for
		if (!$justification)
		{
			$justification = "none"
		}
		if ($p4user) #if the user was found
		{
			if (!$authgroup) #if authgroup was not specified, find the default.
			{
				$authgroup = p4get-authgroups #grab the auth groups for this depot
				if ($authgroup.count)
				{
					$authgroup = $authgroup[0].name #the first auth group in the array is always the parent authgroup
				}
				else
				{
					$authgroup = $authgroup.name
				}
			}
			$groupobject = p4get-group $authgroup #get the details of the authgroup (memberships, owners, subgroups etc)
			if ($grant)
			{
				$groupobject.users += $p4user.user #push the requested user onto the group array.
			}
			if ($revoke)
			{
				$groupobject.users = @($groupobject.users | where-object {$_ -ne $p4user.User}) #remove the requested user from the array
			}
			$file = p4add-groupspec -group $groupobject.group -users $groupobject.users -owners $groupobject.owners -subgroups $groupobject.subgroups -maxlocktime $groupobject.maxlocktime -timeout $groupboject.timeout -maxresults $groupobject.maxresults -maxscanrows $groupobject.maxscanrows# generate a groupspec
			$result = $file | p4 group -i #feed groupspec into perforce to update group.
			if (!$silent)
			{
				return new-object psobject -property @{"username" = $p4user.user;"grant" = $grant;"revoke" = $revoke;"authgroup" = $authgroup;"justification" = $justification}
			}
		}
		else
		{
			write-error "No user named $username found"
		}
	}
}