forked from KelvinTegelaar/CIPP-API
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #9 from KelvinTegelaar/master
[pull] master from KelvinTegelaar:master
- Loading branch information
Showing
24 changed files
with
399 additions
and
220 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
Config/7547f73c-3cb0-460c-a4bd-391944908007.IntuneTemplate.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
{ | ||
"name": "CIPP Cyber Essentials Helper - Tenant view", | ||
"style": "Tenant", | ||
"Fields": [ | ||
{ | ||
"name": "deviceregister", | ||
"UseExistingInfo": false, | ||
"FrontendFields": [ | ||
{ | ||
"name": "Device Register", | ||
"value": "deviceregister", | ||
"desc": "These are all devices found in M365 to add to your CE Device Register.", | ||
"formatter": "table" | ||
} | ||
], | ||
"StoreAs": "JSON", | ||
"API": "Graph", | ||
"ExtractFields": [ | ||
"deviceName", | ||
"lastSyncDateTime", | ||
"osVersion", | ||
"userPrincipalName", | ||
"complianceState" | ||
], | ||
"URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices" | ||
}, | ||
{ | ||
"name": "adminsTable", | ||
"UseExistingInfo": false, | ||
"FrontendFields": [ | ||
{ | ||
"name": "Admins Table", | ||
"value": "adminsTable", | ||
"desc": "The list of admin accounts in your M365 environment. These must all be named and attached to actual users.", | ||
"formatter": "table" | ||
} | ||
], | ||
"StoreAs": "JSON", | ||
"API": "Graph", | ||
"ExtractFields": ["displayName", "userPrincipalName"], | ||
"URL": "https://graph.microsoft.com/beta/directoryRoles/roleTemplateId=62e90394-69f5-4237-9190-012177145e10/members" | ||
}, | ||
{ | ||
"name": "windowsProtectionState", | ||
"UseExistingInfo": false, | ||
"FrontendFields": [ | ||
{ | ||
"name": "Defender List", | ||
"value": "windowsProtectionState", | ||
"formatter": "table", | ||
"desc": "List of Defender protected workstations. Add this to your Malware Protection Audit List" | ||
} | ||
], | ||
"StoreAs": "JSON", | ||
"API": "Graph", | ||
"ExtractFields": ["windowsProtectionState"], | ||
"parameters": {}, | ||
"URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices?$expand=windowsProtectionState" | ||
}, | ||
{ | ||
"name": "detectedApps", | ||
"UseExistingInfo": false, | ||
"FrontendFields": [ | ||
{ | ||
"name": "Detected Apps", | ||
"value": "detectedApps", | ||
"desc": "All Detected Software and their version. Add this to your software audit list", | ||
"formatter": "table" | ||
} | ||
], | ||
"StoreAs": "JSON", | ||
"API": "Graph", | ||
"ExtractFields": ["displayName", "version", "platform", "publisher"], | ||
"URL": "https://graph.microsoft.com/beta/deviceManagement/detectedApps" | ||
}, | ||
{ | ||
"name": "userRegistrationDetails", | ||
"UseExistingInfo": false, | ||
"FrontendFields": [ | ||
{ | ||
"name": "User Registration Details", | ||
"desc": "All MFA settings (Requires a P1 Subscription)", | ||
"value": "userRegistrationDetails", | ||
"formatter": "table" | ||
} | ||
], | ||
"StoreAs": "JSON", | ||
"API": "Graph", | ||
"ExtractFields": [ | ||
"userDisplayName", | ||
"isAdmin", | ||
"isMFARegistered", | ||
"defaultMFAMethod" | ||
], | ||
"URL": "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails" | ||
} | ||
] | ||
} |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
22 changes: 22 additions & 0 deletions
22
Modules/CIPPCore/Public/Entrypoints/Invoke-ExecAddTrustedIP.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
using namespace System.Net | ||
|
||
Function Invoke-ExecAddTrustedIP { | ||
<# | ||
.FUNCTIONALITY | ||
Entrypoint | ||
#> | ||
[CmdletBinding()] | ||
param($Request, $TriggerMetadata) | ||
|
||
$Table = Get-CippTable -tablename 'trustedIps' | ||
Add-CIPPAzDataTableEntity @Table -Entity @{ | ||
PartitionKey = $request.query.tenantfilter | ||
RowKey = $Request.query.ip | ||
state = $request.query.State | ||
} -Force | ||
|
||
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | ||
StatusCode = [HttpStatusCode]::OK | ||
Body = @{ results = "Added $($Request.query.ip) to database with state $($Request.query.state) for $($Request.query.tenantfilter)" } | ||
}) | ||
} |
51 changes: 51 additions & 0 deletions
51
Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCAExclusion.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
using namespace System.Net | ||
|
||
Function Invoke-ExecCAExclusion { | ||
<# | ||
.FUNCTIONALITY | ||
Entrypoint | ||
#> | ||
[CmdletBinding()] | ||
param($Request, $TriggerMetadata) | ||
|
||
$APIName = $TriggerMetadata.FunctionName | ||
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' | ||
#If UserId is a guid, get the user's UPN | ||
if ($Request.body.UserId -match '^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$') { | ||
$Username = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.body.UserId)" -tenantid $Request.body.TenantFilter).userPrincipalName | ||
} | ||
if ($Request.body.vacation -eq 'true') { | ||
$StartDate = $Request.body.StartDate | ||
$TaskBody = @{ | ||
TenantFilter = $Request.body.TenantFilter | ||
Name = "Add CA Exclusion Vacation Mode: $Username - $($Request.body.TenantFilter)" | ||
Command = @{ | ||
value = 'Set-CIPPCAExclusion' | ||
label = 'Set-CIPPCAExclusion' | ||
} | ||
Parameters = @{ | ||
ExclusionType = 'Add' | ||
UserID = $Request.body.UserID | ||
PolicyId = $Request.body.PolicyId | ||
UserName = $Username | ||
} | ||
ScheduledTime = $StartDate | ||
} | ||
Add-CIPPScheduledTask -Task $TaskBody -hidden $false | ||
#Removal of the exclusion | ||
$TaskBody.Parameters.ExclusionType = 'Remove' | ||
$TaskBody.Name = "Remove CA Exclusion Vacation Mode: $username - $($Request.body.TenantFilter)" | ||
$TaskBody.ScheduledTime = $Request.body.EndDate | ||
Add-CIPPScheduledTask -Task $TaskBody -hidden $false | ||
$body = @{ Results = "Successfully added vacation mode schedule for $Username." } | ||
} else { | ||
Set-CIPPCAExclusion -TenantFilter $Request.body.TenantFilter -ExclusionType $Request.body.ExclusionType -UserID $Request.body.UserID -PolicyId $Request.body.PolicyId -executingUser $request.headers.'x-ms-client-principal' -UserName $Username | ||
} | ||
|
||
|
||
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | ||
StatusCode = [HttpStatusCode]::OK | ||
Body = $Body | ||
}) | ||
|
||
} |
34 changes: 13 additions & 21 deletions
34
Modules/CIPPCore/Public/Entrypoints/Invoke-ExecGeoIPLookup.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,31 +1,23 @@ | ||
using namespace System.Net | ||
using namespace System.Net | ||
|
||
Function Invoke-ExecGeoIPLookup { | ||
Function Invoke-ExecGeoIPLookup { | ||
<# | ||
.FUNCTIONALITY | ||
Entrypoint | ||
#> | ||
[CmdletBinding()] | ||
param($Request, $TriggerMetadata) | ||
|
||
$APIName = $TriggerMetadata.FunctionName | ||
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' | ||
Write-Host $Request.Query.IP | ||
$location = Get-CIPPGeoIPLocation -IP $Request.query.IP | ||
$ARINInfo = Invoke-RestMethod -Uri "https://whois.arin.net/rest/ip/$($Request.Query.IP)" -Method Get -ContentType "application/json" -Headers @{Accept = "application/json" } | ||
$LocationInfo = [pscustomobject]@{ | ||
location = $location | ||
arin = $ARINInfo | ||
startaddress = $arininfo.net.startaddress.'$' | ||
endAddress = $arininfo.net.endAddress.'$' | ||
OrgRef = $arininfo.net.orgRef.'@NAME' | ||
SubnetName = $arininfo.net.name.'$' | ||
} | ||
$APIName = $TriggerMetadata.FunctionName | ||
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' | ||
Write-Host $Request.Query.IP | ||
$locationInfo = Get-CIPPGeoIPLocation -IP $Request.query.IP | ||
|
||
|
||
# Associate values to output bindings by calling 'Push-OutputBinding'. | ||
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | ||
StatusCode = [HttpStatusCode]::OK | ||
Body = $LocationInfo | ||
}) | ||
# Associate values to output bindings by calling 'Push-OutputBinding'. | ||
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | ||
StatusCode = [HttpStatusCode]::OK | ||
Body = $LocationInfo | ||
}) | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.