Skip to content

Commit

Permalink
Merge pull request #42 from KelvinTegelaar/master
Browse files Browse the repository at this point in the history
[pull] master from KelvinTegelaar:master
  • Loading branch information
pull[bot] authored Jun 22, 2024
2 parents 0c02f90 + 784d666 commit 63e463c
Show file tree
Hide file tree
Showing 10 changed files with 63 additions and 26 deletions.
10 changes: 4 additions & 6 deletions BestPracticeAnalyser_OrchestrationStarter/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,10 @@ if ($Request.Query.TenantFilter) {
$TenantList = Get-Tenants
$Name = 'Best Practice Analyser (All Tenants)'
}
$CippRoot = (Get-Item $PSScriptRoot).Parent.FullName
$TemplatesLoc = Get-ChildItem "$CippRoot\Config\*.BPATemplate.json"
$Templates = $TemplatesLoc | ForEach-Object {
$Template = $(Get-Content $_) | ConvertFrom-Json
$Template.Name
}

$BPATemplateTable = Get-CippTable -tablename 'templates'
$Filter = "PartitionKey eq 'BPATemplate'"
$Templates = ((Get-CIPPAzDataTableEntity @BPATemplateTable -Filter $Filter).JSON | ConvertFrom-Json).Name

$BPAReports = foreach ($Tenant in $TenantList) {
foreach ($Template in $Templates) {
Expand Down
10 changes: 4 additions & 6 deletions BestPracticeAnalyser_OrchestrationStarterTimer/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,10 @@ if ($env:DEV_SKIP_BPA_TIMER) {

$TenantList = Get-Tenants

$CippRoot = (Get-Item $PSScriptRoot).Parent.FullName
$TemplatesLoc = Get-ChildItem "$CippRoot\Config\*.BPATemplate.json"
$Templates = $TemplatesLoc | ForEach-Object {
$Template = $(Get-Content $_) | ConvertFrom-Json
$Template.Name
}
$BPATemplateTable = Get-CippTable -tablename 'templates'
$Filter = "PartitionKey eq 'BPATemplate'"
$Templates = ((Get-CIPPAzDataTableEntity @BPATemplateTable -Filter $Filter).JSON | ConvertFrom-Json).Name


$BPAReports = foreach ($Tenant in $TenantList) {
foreach ($Template in $Templates) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,20 @@ function Push-BPACollectData {
param($Item)

$TenantName = Get-Tenants | Where-Object -Property defaultDomainName -EQ $Item.Tenant
$CippRoot = (Get-Item $PSScriptRoot).Parent.Parent.Parent.Parent.Parent.Parent.FullName
$TemplatesLoc = Get-ChildItem "$CippRoot\Config\*.BPATemplate.json"
$BPATemplateTable = Get-CippTable -tablename 'templates'
$Filter = "PartitionKey eq 'BPATemplate'"
$TemplatesLoc = (Get-CIPPAzDataTableEntity @BPATemplateTable -Filter $Filter).JSON | ConvertFrom-Json

$Templates = $TemplatesLoc | ForEach-Object {
$Template = $(Get-Content $_) | ConvertFrom-Json
$Template = $_
[PSCustomObject]@{
Data = $Template
Name = $Template.Name
Style = $Template.Style
}
}
$Table = Get-CippTable -tablename 'cachebpav2'

Write-Host "Working on BPA for $($TenantName.displayName) with GUID $($TenantName.customerId) - Report ID $($Item.Template)"
$Template = $Templates | Where-Object -Property Name -EQ -Value $Item.Template
# Build up the result object that will be stored in tables
$Result = @{
Expand All @@ -39,13 +41,13 @@ function Push-BPACollectData {
}
if ($Field.parameters.psobject.properties.name) {
$field.Parameters | ForEach-Object {
Write-Information "Doing: $($_.psobject.properties.name) with value $($_.psobject.properties.value)"
$paramsField[$_.psobject.properties.name] = $_.psobject.properties.value
}
}
$FieldInfo = New-GraphGetRequest @paramsField | Where-Object $filterscript | Select-Object $field.ExtractFields
}
'Exchange' {
Write-Host "Trying to execute $($field.Command) for $($TenantName.displayName) with GUID $($TenantName.customerId)"
if ($field.Command -notlike 'get-*') {
Write-LogMessage -API 'BPA' -tenant $tenant -message 'The BPA only supports get- exchange commands. A set or update command was used.' -sev Error
break
Expand Down Expand Up @@ -93,6 +95,7 @@ function Push-BPACollectData {
}
'JSON' {
if ($FieldInfo -eq $null) { $JsonString = '{}' } else { $JsonString = (ConvertTo-Json -Depth 15 -InputObject $FieldInfo -Compress) }
Write-Host "Adding $($field.Name) to table with value $JsonString"
$Result.Add($field.Name, $JSONString)
}
'string' {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ Function Invoke-GetCippAlerts {
Write-LogMessage -message 'Your CIPP API is out of date. Please update to the latest version' -API 'Updates' -tenant 'All Tenants' -sev Alert
}

if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.'; link = '/cipp/setup'; type = 'warning' }) }
if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.'; link = '/cipp/setup'; type = 'warning'; setupCompleted = $false }) }
if ($role -like '*superadmin*') { $Alerts.Add(@{Alert = 'You are logged in under a superadmin account. This account should not be used for normal usage.'; link = 'https://docs.cipp.app/setup/installation/owntenant'; type = 'danger' }) }
if ($env:WEBSITE_RUN_FROM_PACKAGE -ne '1' -and $env:AzureWebJobsStorage -ne 'UseDevelopmentStorage=true') {
$Alerts.Add(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,6 @@ Function Invoke-AddIntuneTemplate {
$TemplateJson = $Template | ConvertTo-Json -Depth 100
$DisplayName = $Template.name


}
'windowsDriverUpdateProfiles' {
$Type = 'windowsDriverUpdateProfiles'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ Function Invoke-ListBPA {

# Get all possible JSON files for reports, find the correct one, select the Columns
$JSONFields = @()
$Columns = $null
$BPATemplateTable = Get-CippTable -tablename 'templates'
$Filter = "PartitionKey eq 'BPATemplate'"
$Templates = (Get-CIPPAzDataTableEntity @BPATemplateTable -Filter $Filter).JSON | ConvertFrom-Json
Expand Down Expand Up @@ -74,7 +73,7 @@ Function Invoke-ListBPA {

$Results = [PSCustomObject]@{
Data = @($Data)
Columns = $Columns
Columns = @($Columns)
Style = $Style
}

Expand Down
4 changes: 2 additions & 2 deletions Modules/CIPPCore/Public/GraphHelper/New-ExoRequest.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,14 @@ function New-ExoRequest ($tenantid, $cmdlet, $cmdParams, $useSystemMailbox, $Anc
if ($cmdparams.anr) { $Anchor = $cmdparams.anr }
if ($cmdparams.User) { $Anchor = $cmdparams.User }
if ($cmdparams.mailbox) { $Anchor = $cmdparams.mailbox }

if ($cmdlet -eq 'Set-AdminAuditLogConfig') { $anchor = "UPN:SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}@$($OnMicrosoft)" }
if (!$Anchor -or $useSystemMailbox) {
if (!$Tenant.initialDomainName -or $Tenant.initialDomainName -notlike '*onmicrosoft.com*') {
$OnMicrosoft = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains?$top=999' -tenantid $tenantid -NoAuthCheck $NoAuthCheck | Where-Object -Property isInitial -EQ $true).id
} else {
$OnMicrosoft = $Tenant.initialDomainName
}
$anchor = "UPN:SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}@$($OnMicrosoft)"
$anchor = "UPN:SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@$($OnMicrosoft)"
}
#if the anchor is a GUID, try looking up the user.
if ($Anchor -match '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$') {
Expand Down
38 changes: 38 additions & 0 deletions Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
using namespace System.Net

Function Invoke-RemoveBPATemplate {
<#
.FUNCTIONALITY
Entrypoint
.ROLE
Tenant.ConditionalAccess.ReadWrite
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'

$ID = $request.query.TemplateName
try {
$Table = Get-CippTable -tablename 'templates'

$Filter = "PartitionKey eq 'BPATemplate' and RowKey eq '$id'"
$ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
Remove-AzDataTableEntity @Table -Entity $clearRow
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Removed BPA Template with ID $ID." -Sev 'Info'
$body = [pscustomobject]@{'Results' = 'Successfully removed BPA Template' }
} catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to remove BPA template $ID. $($_.Exception.Message)" -Sev 'Error'
$body = [pscustomobject]@{'Results' = "Failed to remove template: $($_.Exception.Message)" }
}


# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body
})


}
6 changes: 4 additions & 2 deletions Modules/CIPPCore/Public/Set-CIPPAssignedPolicy.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ function Set-CIPPAssignedPolicy {
$PolicyId,
$Type,
$TenantFilter,
$PlatformType = 'deviceManagement',
$PlatformType,
$APIName = 'Assign Policy',
$ExecutingUser
)

if (!$PlatformType) { $PlatformType = 'deviceManagement' }
try {
$assignmentsObject = switch ($GroupName) {
'allLicensedUsers' {
Expand Down Expand Up @@ -70,9 +70,11 @@ function Set-CIPPAssignedPolicy {
assignments = @($assignmentsObject)
}
if ($PSCmdlet.ShouldProcess($GroupName, "Assigning policy $PolicyId")) {
Write-Host "https://graph.microsoft.com/beta/$($PlatformType)/$Type('$($PolicyId)')/assign"
$null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$($PlatformType)/$Type('$($PolicyId)')/assign" -tenantid $tenantFilter -type POST -body ($assignmentsObject | ConvertTo-Json -Depth 10)
Write-LogMessage -user $ExecutingUser -API $APIName -message "Assigned Policy to $($GroupName)" -Sev 'Info' -tenant $TenantFilter
}

return "Assigned policy to $($GroupName) Policy ID is $($PolicyId)."
} catch {
Write-LogMessage -user $ExecutingUser -API $APIName -message "Failed to assign Policy to $GroupName. Policy ID is $($PolicyId)." -Sev 'Error' -tenant $TenantFilter -LogData (Get-CippException -Exception $_)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ function New-GradientServiceSyncRun {
Import-Module '.\Modules\CIPPCore'
Write-Host "Doing $domainName"
try {
$Licrequest = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/subscribedSkus' -tenantid $_.defaultDomainName -ErrorAction Stop
$Licrequest = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/subscribedSkus' -tenantid $_.defaultDomainName -ErrorAction Stop | Where-Object -Property skuId -NotIn $ExcludedSkuList.RowKey
[PSCustomObject]@{
Tenant = $domainName
Licenses = $Licrequest
Expand Down

0 comments on commit 63e463c

Please sign in to comment.