diff --git a/Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1 b/Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1 index 760e4fe66791..3bd121c0c1c6 100644 --- a/Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1 @@ -19,12 +19,14 @@ function Add-CIPPAzDataTableEntity { } catch [System.Exception] { if ($_.Exception.ErrorCode -eq 'PropertyValueTooLarge' -or $_.Exception.ErrorCode -eq 'EntityTooLarge' -or $_.Exception.ErrorCode -eq 'RequestBodyTooLarge') { try { + Write-Host 'Entity is too large. Splitting entity into multiple parts.' + Write-Information ($SingleEnt | ConvertTo-Json) $largePropertyNames = [System.Collections.Generic.List[string]]::new() $entitySize = 0 # Convert $SingleEnt to hashtable if it is a PSObject if ($SingleEnt -is [System.Management.Automation.PSCustomObject]) { - $SingleEnt = $SingleEnt | ConvertTo-Json -Depth 100 | ConvertFrom-Json -AsHashtable + $SingleEnt = $SingleEnt | ConvertTo-Json -Depth 100 -Compress | ConvertFrom-Json -AsHashtable } foreach ($key in $SingleEnt.Keys) { @@ -35,7 +37,7 @@ function Add-CIPPAzDataTableEntity { } } - if ($largePropertyNames.Count -gt 0) { + if (($largePropertyNames | Measure-Object).Count -gt 0) { $splitInfoList = [System.Collections.Generic.List[object]]::new() foreach ($largePropertyName in $largePropertyNames) { $dataString = $SingleEnt[$largePropertyName] @@ -45,20 +47,20 @@ function Add-CIPPAzDataTableEntity { $start = $i * $MaxSize $splitData.Add($dataString.Substring($start, [Math]::Min($MaxSize, $dataString.Length - $start))) > $null } - + $splitDataCount = ($splitData | Measure-Object).Count $splitPropertyNames = [System.Collections.Generic.List[object]]::new() - for ($i = 0; $i -lt $splitData.Count; $i++) { - $splitPropertyNames.Add("${largePropertyName}_Part$i") > $null + for ($i = 0; $i -lt $splitDataCount; $i++) { + $splitPropertyNames.Add("${largePropertyName}_Part$i") } $splitInfo = @{ OriginalHeader = $largePropertyName SplitHeaders = $splitPropertyNames } - $splitInfoList.Add($splitInfo) > $null + $splitInfoList.Add($splitInfo) $SingleEnt.Remove($largePropertyName) - for ($i = 0; $i -lt $splitData.Count; $i++) { + for ($i = 0; $i -lt $splitDataCount; $i++) { $SingleEnt[$splitPropertyNames[$i]] = $splitData[$i] } } @@ -67,7 +69,7 @@ function Add-CIPPAzDataTableEntity { } # Check if the entity is still too large - $entitySize = [System.Text.Encoding]::UTF8.GetByteCount($($SingleEnt | ConvertTo-Json)) + $entitySize = [System.Text.Encoding]::UTF8.GetByteCount($($SingleEnt | ConvertTo-Json -Compress)) if ($entitySize -gt $MaxRowSize) { $rows = [System.Collections.Generic.List[object]]::new() $originalPartitionKey = $SingleEnt.PartitionKey @@ -89,7 +91,7 @@ function Add-CIPPAzDataTableEntity { $propertiesToRemove = [System.Collections.Generic.List[object]]::new() foreach ($key in $SingleEnt.Keys) { - $newEntitySize = [System.Text.Encoding]::UTF8.GetByteCount($($newEntity | ConvertTo-Json)) + $newEntitySize = [System.Text.Encoding]::UTF8.GetByteCount($($newEntity | ConvertTo-Json -Compress)) if ($newEntitySize -lt $MaxRowSize) { $propertySize = [System.Text.Encoding]::UTF8.GetByteCount($SingleEnt[$key].ToString()) if ($propertySize -gt $MaxRowSize) { @@ -103,7 +105,7 @@ function Add-CIPPAzDataTableEntity { $splitPropertyNames = [System.Collections.Generic.List[object]]::new() for ($i = 0; $i -lt $splitData.Count; $i++) { - $splitPropertyNames.Add("${key}_Part$i") > $null + $splitPropertyNames.Add("${key}_Part$i") } for ($i = 0; $i -lt $splitData.Count; $i++) { @@ -112,7 +114,7 @@ function Add-CIPPAzDataTableEntity { } else { $newEntity[$key] = $SingleEnt[$key] } - $propertiesToRemove.Add($key) > $null + $propertiesToRemove.Add($key) } } @@ -120,21 +122,21 @@ function Add-CIPPAzDataTableEntity { $SingleEnt.Remove($prop) } - $rows.Add($newEntity) > $null - $entitySize = [System.Text.Encoding]::UTF8.GetByteCount($($SingleEnt | ConvertTo-Json)) + $rows.Add($newEntity) + $entitySize = [System.Text.Encoding]::UTF8.GetByteCount($($SingleEnt | ConvertTo-Json -Compress)) } - if ($SingleEnt.Count -gt 0) { + if (($SingleEnt | Measure-Object).Count -gt 0) { $SingleEnt['RowKey'] = "$($originalRowKey)-part$entityIndex" $SingleEnt['OriginalEntityId'] = $originalRowKey $SingleEnt['PartIndex'] = $entityIndex $SingleEnt['PartitionKey'] = $originalPartitionKey - $rows.Add($SingleEnt) > $null + $rows.Add($SingleEnt) } foreach ($row in $rows) { - Write-Information "current entity is $($row.RowKey) with $($row.PartitionKey). Our size is $([System.Text.Encoding]::UTF8.GetByteCount($($row | ConvertTo-Json)))" + Write-Information "current entity is $($row.RowKey) with $($row.PartitionKey). Our size is $([System.Text.Encoding]::UTF8.GetByteCount($($row | ConvertTo-Json -Compress)))" Add-AzDataTableEntity -Context $Context -Force:$Force -CreateTableIfNotExists:$CreateTableIfNotExists -Entity $row } } else { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAzBobbyTables.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAzBobbyTables.ps1 index 410b76853378..88080bdcf5b4 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAzBobbyTables.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAzBobbyTables.ps1 @@ -53,6 +53,6 @@ function Invoke-ExecAzBobbyTables { Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = $StatusCode - Body = $Results + Body = @($Results) }) } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 700ff7065585..5e3726e5d73f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -17,7 +17,7 @@ Function Invoke-ExecAccessChecks { $LastRun = (Get-Date).ToUniversalTime() switch ($Request.Query.Type) { 'Permissions' { - if ($Request.Query.SkipCache -ne 'true') { + if ($Request.Query.SkipCache -ne 'true' -or $Request.Query.SkipCache -ne $true) { try { $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" $Results = $Cache.Data | ConvertFrom-Json @@ -41,7 +41,7 @@ Function Invoke-ExecAccessChecks { $AccessChecks = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'TenantAccessChecks'" if (!$Request.Body.TenantId) { try { - $Tenants = Get-Tenants -IncludeErrors + $Tenants = Get-Tenants -IncludeErrors | Where-Object { $_.customerId -ne $ENV:TenantID } $Results = foreach ($Tenant in $Tenants) { $TenantCheck = $AccessChecks | Where-Object -Property RowKey -EQ $Tenant.customerId | Select-Object -Property Data $TenantResult = [PSCustomObject]@{ @@ -81,8 +81,8 @@ Function Invoke-ExecAccessChecks { } } - if ($Request.Query.SkipCache -eq 'true') { - $null = Test-CIPPAccessTenant -ExecutingUser $Request.Headers.'x-ms-client-principal' + if ($Request.Query.SkipCache -eq 'true' -or $Request.Query.SkipCache -eq $true) { + $Message = Test-CIPPAccessTenant -ExecutingUser $Request.Headers.'x-ms-client-principal' } if ($Request.Body.TenantId) { @@ -93,7 +93,7 @@ Function Invoke-ExecAccessChecks { } 'GDAP' { - if (!$Request.Query.SkipCache -eq 'true') { + if (!$Request.Query.SkipCache -eq 'true' -or !$Request.Query.SkipCache -eq $true) { try { $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'" $Results = $Cache.Data | ConvertFrom-Json @@ -114,12 +114,16 @@ Function Invoke-ExecAccessChecks { } } } + $Metadata = @{ + LastRun = $LastRun + } + if ($Message) { + $Metadata.AlertMessage = $Message + } $body = [pscustomobject]@{ 'Results' = $Results - 'Metadata' = @{ - 'LastRun' = $LastRun - } + 'Metadata' = $Metadata } # Associate values to output bindings by calling 'Push-OutputBinding'. diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 index c96f93f810f4..a47643c18b7c 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 @@ -182,7 +182,9 @@ function Test-CIPPAccessPermissions { Data = [string](ConvertTo-Json -InputObject $AccessCheck -Depth 10 -Compress) } } - Add-CIPPAzDataTableEntity @Table -Entity $Data -Force + try { + Add-CIPPAzDataTableEntity @Table -Entity $Data -Force + } catch {} return $AccessCheck } diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 index d5b3b06098c3..575993740ca6 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 @@ -133,7 +133,11 @@ function Test-CIPPAccessTenant { Data = [string]($Results | ConvertTo-Json -Depth 10 -Compress) } $Table = Get-CIPPTable -TableName 'AccessChecks' - $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force + try { + $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force + } catch { + Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $Tenant.defaultDomainName -message "Failed to add access check for $($Tenant.customerId): $($_.Exception.Message)" -Sev 'Error' -LogData (Get-CippException -Exception $_) + } } return $Results diff --git a/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 b/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 index 5fe7a789ed03..09cf46fe35c4 100644 --- a/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 @@ -107,6 +107,7 @@ function Test-CIPPGDAPRelationships { $Table = Get-CIPPTable -TableName AccessChecks $Data = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'AccessCheck' and RowKey eq 'GDAPRelationships'" + if ($Data) { $Data.Data = [string](ConvertTo-Json -InputObject $GDAPRelationships -Depth 10 -Compress) } else { @@ -116,7 +117,9 @@ function Test-CIPPGDAPRelationships { Data = [string](ConvertTo-Json -InputObject $GDAPRelationships -Depth 10 -Compress) } } - Add-CIPPAzDataTableEntity @Table -Entity $Data -Force + try { + Add-CIPPAzDataTableEntity @Table -Entity $Data -Force + } catch {} return $GDAPRelationships }