Skip to content

Commit

Permalink
Merge pull request #67 from KelvinTegelaar/dev
Browse files Browse the repository at this point in the history 
[pull] dev from KelvinTegelaar:dev
  • Loading branch information
@pull
pull[bot] authored Feb 9, 2025
2 parents 2733a8e + 7db4fef commit d5ec830
Show file tree
Hide file tree
Showing 47 changed files with 198 additions and 188 deletions.
6 changes: 3 additions & 3 deletions Modules/CIPPCore/Public/Add-CIPPAlias.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ function Add-CIPPAlias {
$UserprincipalName,
$TenantFilter,
$APIName = 'Set Manager',
$ExecutingUser
$Headers
)

try {
Expand All @@ -16,10 +16,10 @@ function Add-CIPPAlias {
}
Write-Host "Resetting primary alias to $User"
New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($user)" -tenantid $TenantFilter -type 'patch' -body "{`"mail`": `"$User`"}" -verbose
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($TenantFilter) -message "Added alias $($Alias) to $($UserprincipalName)" -Sev 'Info'
Write-LogMessage -headers $Headers -API $APINAME -tenant $($TenantFilter) -message "Added alias $($Alias) to $($UserprincipalName)" -Sev 'Info'
return ("Added Aliases: $($Aliases -join ',')")
} catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($TenantFilter) -message "Failed to set alias. Error:$($_.Exception.Message)" -Sev 'Error'
Write-LogMessage -headers $Headers -API $APINAME -tenant $($TenantFilter) -message "Failed to set alias. Error:$($_.Exception.Message)" -Sev 'Error'
throw "Failed to set alias: $($_.Exception.Message)"
}
}
Expand Down
2 changes: 1 addition & 1 deletion .../CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOffboardingMailboxPermissions.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,5 @@ function Push-ExecOffboardingMailboxPermissions {
$Item
)

Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $Item.User -TenantFilter $Item.TenantFilter -APIName $Item.APINAME -ExecutingUser $Item.ExecutingUser
Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $Item.User -TenantFilter $Item.TenantFilter -APIName $Item.APINAME -Headers $Item.Headers
}
4 changes: 2 additions & 2 deletions Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,11 @@ Function Invoke-ExecListBackup {
}

$Result = Get-CIPPBackup @CippBackupParams
Write-Host ($Result | ConvertTo-Json)

if ($request.Query.NameOnly) {
$Result = $Result | Select-Object @{Name = 'BackupName'; exp = { $_.RowKey } }, Timestamp | Sort-Object Timestamp -Descending
}
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'Alerts' -message $request.body.text -Sev $request.body.Severity

# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Expand Down
2 changes: 1 addition & 1 deletion ...les/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Function Invoke-ExecSetCIPPAutoBackup {
Add-CIPPScheduledTask -Task $TaskBody -hidden $false
$Result = @{ 'Results' = 'Scheduled Task Successfully created' }
}
Write-LogMessage -headers $Request.Headers -API 'Alerts' -message $request.body.text -Sev $request.body.Severity
Write-LogMessage -headers $Request.Headers -API $Request.Params.CIPPEndpoint -message 'Scheduled automatic CIPP backups' -Sev 'Info'
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Expand Down
5 changes: 2 additions & 3 deletions Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,8 @@ Function Invoke-ExecPartnerMode {
Body = @{
results = @(
@{
result = "Set Tenant mode to $($Request.body.TenantMode)"
copyInfo = $null
state = 'info'
resultText = "Set Tenant mode to $($Request.body.TenantMode)"
state = 'success'
}
)
}
Expand Down
32 changes: 25 additions & 7 deletions Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRunBackup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,31 @@ Function Invoke-ExecRunBackup {
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
$CSVfile = New-CIPPBackup -BackupType 'CIPP'
$body = [pscustomobject]@{
'Results' = 'Created backup'
backup = $CSVfile.BackupData
} | ConvertTo-Json -Depth 5 -Compress
$APIName = $Request.Params.CIPPEndpoint

try {
$CSVfile = New-CIPPBackup -BackupType 'CIPP' -Request $Request
$body = [pscustomobject]@{
'Results' = @{
resultText = 'Created backup'
state = 'success'
}
backup = $CSVfile.BackupData
} | ConvertTo-Json -Depth 5 -Compress

Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Created CIPP backup' -Sev 'Info'

} catch {
$body = [pscustomobject]@{
'Results' = @(
@{
resultText = 'Failed to create backup'
state = 'error'
}
)
} | ConvertTo-Json -Depth 5 -Compress
Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Failed to create CIPP backup' -Sev 'Error' -LogData (Get-CippException -Exception $_)
}
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Expand Down
2 changes: 1 addition & 1 deletion ...les/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDelete.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ Function Invoke-ExecGroupsDelete {

# Interact with query parameters or the body of the request.
Try {
$RemoveResults = Remove-CIPPGroup -ID $Request.query.id -GroupType $Request.query.GroupType -tenantFilter $Request.query.TenantFilter -displayName $Request.query.displayName -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal'
$RemoveResults = Remove-CIPPGroup -ID $Request.query.id -GroupType $Request.query.GroupType -tenantFilter $Request.query.TenantFilter -displayName $Request.query.displayName -APIName $APINAME -Headers $Request.Headers
$Results = [pscustomobject]@{'Results' = $RemoveResults }
} catch {
$Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ Function Invoke-AddPolicy {
}
try {
Write-Host 'Calling Adding policy'
Set-CIPPIntunePolicy -TemplateType $Request.body.TemplateType -Description $description -DisplayName $displayname -RawJSON $RawJSON -AssignTo $AssignTo -tenantFilter $Tenant
Set-CIPPIntunePolicy -TemplateType $Request.body.TemplateType -Description $description -DisplayName $displayname -RawJSON $RawJSON -AssignTo $AssignTo -tenantFilter $Tenant -Headers $Request.Headers
Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($Tenant) -message "Added policy $($Displayname)" -Sev 'Info'
} catch {
"$($_.Exception.Message)"
Expand Down
4 changes: 2 additions & 2 deletions ...PPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,12 @@ Function Invoke-AddUser {
PSA = [bool]$Request.Body.PostExecution.PSA
}
}
Add-CIPPScheduledTask -Task $TaskBody -hidden $false -DisallowDuplicateName $true
Add-CIPPScheduledTask -Task $TaskBody -hidden $false -DisallowDuplicateName $true -Headers $Request.Headers
$body = [pscustomobject] @{
'Results' = @("Successfully created scheduled task to create user $($UserObj.DisplayName)")
}
} else {
$CreationResults = New-CIPPUserTask -userobj $UserObj -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal'
$CreationResults = New-CIPPUserTask -userobj $UserObj -APIName $APINAME -Headers $Request.Headers
$body = [pscustomobject] @{
'Results' = $CreationResults.Results
'Username' = $CreationResults.username
Expand Down
4 changes: 2 additions & 2 deletions ...PCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,12 +96,12 @@ Function Invoke-EditUser {
$null = $results.Add( 'Success. User license is already correct.' )
} else {
if ($UserObj.removeLicenses) {
$licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId
$licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId -Headers $Request.Headers
$null = $results.Add($licResults)
} else {
#Remove all objects from $CurrentLicenses.assignedLicenses.skuId that are in $licenses
$RemoveLicenses = $CurrentLicenses.assignedLicenses.skuId | Where-Object { $_ -notin $licenses }
$licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses
$licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses -Headers $Request.headers
$null = $results.Add($licResults)
}

Expand Down
4 changes: 2 additions & 2 deletions ...blic/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,9 +36,9 @@ Function Invoke-ExecOffboardUser {
PSA = [bool]$Request.Body.PostExecution.psa
}
}
Add-CIPPScheduledTask -Task $taskObject -hidden $false
Add-CIPPScheduledTask -Task $taskObject -hidden $false -Headers $Request.Headers
} else {
Invoke-CIPPOffboardingJob -Username $Username -TenantFilter $Tenantfilter -Options $Request.body -APIName $APIName -ExecutingUser $request.headers.'x-ms-client-principal'
Invoke-CIPPOffboardingJob -Username $Username -TenantFilter $Tenantfilter -Options $Request.body -APIName $APIName -Headers $Request.Headers
}
$StatusCode = [HttpStatusCode]::OK

Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionParameters.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ function Invoke-ListFunctionParameters {
$CommandQuery.Name = $Function
}
$IgnoreList = 'entryPoint', 'internal'
$CommonParameters = @('Verbose', 'Debug', 'ErrorAction', 'WarningAction', 'InformationAction', 'ErrorVariable', 'WarningVariable', 'InformationVariable', 'OutVariable', 'OutBuffer', 'PipelineVariable', 'TenantFilter', 'APIName', 'ExecutingUser', 'ProgressAction', 'WhatIf', 'Confirm', 'Headers')
$CommonParameters = @('Verbose', 'Debug', 'ErrorAction', 'WarningAction', 'InformationAction', 'ErrorVariable', 'WarningVariable', 'InformationVariable', 'OutVariable', 'OutBuffer', 'PipelineVariable', 'TenantFilter', 'APIName', 'ExecutingUser', 'ProgressAction', 'WhatIf', 'Confirm', 'Headers', 'NoAuthCheck')
$TemporaryBlacklist = 'Get-CIPPAuthentication', 'Invoke-CippWebhookProcessing', 'Invoke-ListFunctionParameters', 'New-CIPPAPIConfig', 'New-CIPPGraphSubscription'
try {
if ($Module -eq 'ExchangeOnlineManagement') {
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ function Get-Tenants {
}

if ($TenantFilter) {
Write-Information "Getting tenant $TenantFilter"
#Write-Information "Getting tenant $TenantFilter"
if ($TenantFilter -match '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$') {
$Filter = "{0} and customerId eq '{1}'" -f $Filter, $TenantFilter
# create where-object scriptblock
Expand Down
60 changes: 26 additions & 34 deletions Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ function Invoke-CIPPOffboardingJob {
[switch]$RunScheduled,
$Options,
$APIName = 'Offboard user',
$ExecutingUser
$Headers
)
if ($Options -is [string]) {
$Options = $Options | ConvertFrom-Json
Expand All @@ -16,81 +16,74 @@ function Invoke-CIPPOffboardingJob {
Write-Host "Running offboarding job for $username with options: $($Options | ConvertTo-Json -Depth 10)"
$Return = switch ($Options) {
{ $_.'ConvertToShared' -eq $true } {
Set-CIPPMailboxType -ExecutingUser $ExecutingUser -tenantFilter $tenantFilter -userid $username -username $username -MailboxType 'Shared' -APIName $APIName
Set-CIPPMailboxType -Headers $Headers -tenantFilter $tenantFilter -userid $username -username $username -MailboxType 'Shared' -APIName $APIName
}
{ $_.RevokeSessions -eq $true } {
Revoke-CIPPSessions -tenantFilter $tenantFilter -username $username -userid $userid -ExecutingUser $ExecutingUser -APIName $APIName
Revoke-CIPPSessions -tenantFilter $tenantFilter -username $username -userid $userid -Headers $Headers -APIName $APIName
}
{ $_.ResetPass -eq $true } {
Set-CIPPResetPassword -tenantFilter $tenantFilter -userid $username -ExecutingUser $ExecutingUser -APIName $APIName
Set-CIPPResetPassword -tenantFilter $tenantFilter -userid $username -Headers $Headers -APIName $APIName
}
{ $_.RemoveGroups -eq $true } {
Remove-CIPPGroups -userid $userid -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -Username "$Username"
Remove-CIPPGroups -userid $userid -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -Username "$Username"
}

{ $_.'HideFromGAL' -eq $true } {
Set-CIPPHideFromGAL -tenantFilter $tenantFilter -userid $username -HideFromGAL $true -ExecutingUser $ExecutingUser -APIName $APIName
Set-CIPPHideFromGAL -tenantFilter $tenantFilter -userid $username -HideFromGAL $true -Headers $Headers -APIName $APIName
}
{ $_.'DisableSignIn' -eq $true } {
Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -ExecutingUser $ExecutingUser -APIName $APIName
Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -Headers $Headers -APIName $APIName
}

{ $_.'OnedriveAccess' } {
$Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $tenantFilter -userid $username -OnedriveAccessUser $_.value -ExecutingUser $ExecutingUser -APIName $APIName }
$Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $tenantFilter -userid $username -OnedriveAccessUser $_.value -Headers $Headers -APIName $APIName }
}

{ $_.'AccessNoAutomap' } {
$Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName }
$Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
}
{ $_.'AccessAutomap' } {
$Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName }
$Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
}

{ $_.'OOO' } {
Set-CIPPOutOfOffice -tenantFilter $tenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -ExecutingUser $ExecutingUser -APIName $APIName -state 'Enabled'
Set-CIPPOutOfOffice -tenantFilter $tenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -Headers $Headers -APIName $APIName -state 'Enabled'
}
{ $_.'forward' } {
if (!$Options.keepCopy) {
Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -ExecutingUser $ExecutingUser -APIName $APIName
Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -Headers $Headers -APIName $APIName
} else {
$KeepCopy = [boolean]$Options.keepCopy
Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -KeepCopy $KeepCopy -ExecutingUser $ExecutingUser -APIName $APIName
Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -KeepCopy $KeepCopy -Headers $Headers -APIName $APIName
}
}
{ $_.'RemoveLicenses' -eq $true } {
Remove-CIPPLicense -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -Schedule
Remove-CIPPLicense -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -Schedule
}

{ $_.'deleteuser' -eq $true } {
Remove-CIPPUser -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName
Remove-CIPPUser -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
}

{ $_.'removeRules' -eq $true } {
Write-Host "Removing rules for $username"
Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -RemoveAllRules
Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -RemoveAllRules
}

{ $_.'removeMobile' -eq $true } {
Remove-CIPPMobileDevice -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName
Remove-CIPPMobileDevice -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
}
{ $_.'removeCalendarInvites' -eq $true } {
Remove-CIPPCalendarInvites -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName
Remove-CIPPCalendarInvites -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
}
{ $_.'removePermissions' } {
if ($RunScheduled) {
Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $UserName -TenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $ExecutingUser
Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $UserName -TenantFilter $TenantFilter -APIName $APINAME -Headers $Headers

} else {
$Queue = New-CippQueueEntry -Name "Offboarding - Mailbox Permissions: $Username" -TotalTasks 1
$InputObject = [PSCustomObject]@{
Batch = @(
[PSCustomObject]@{
'FunctionName' = 'ExecOffboardingMailboxPermissions'
'TenantFilter' = $TenantFilter
'User' = $Username
'ExecutingUser' = $ExecutingUser
'APINAME' = $APINAME
'QueueId' = $Queue.RowKey
'FunctionName' = 'ExecOffboardingMailboxPermissions'
'TenantFilter' = $TenantFilter
'User' = $Username
'Headers' = $Headers
'APINAME' = $APINAME
'QueueId' = $Queue.RowKey
}
)
OrchestratorName = "OffboardingMailboxPermissions_$Username"
Expand All @@ -101,9 +94,8 @@ function Invoke-CIPPOffboardingJob {
}
}
{ $_.'RemoveMFADevices' } {
Remove-CIPPUserMFA -UserPrincipalName $Username -TenantFilter $TenantFilter -ExecutingUser $ExecutingUser
Remove-CIPPUserMFA -UserPrincipalName $Username -TenantFilter $TenantFilter -Headers $Headers
}

}
return $Return

Expand Down
Loading

0 comments on commit d5ec830

Please sign in to comment.