Merge pull request KelvinTegelaar#275 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev

.github/workflows/dev_cippbcaom.yml

@@ -0,0 +1,30 @@
+# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
+# More GitHub Actions for Azure: https://github.com/Azure/actions
+
+name: Build and deploy Powershell project to Azure Function App - cippbcaom
+
+on:
+  push:
+    branches:
+      - dev
+  workflow_dispatch:
+
+env:
+  AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
+
+jobs:
+  deploy:
+    runs-on: windows-latest
+
+    steps:
+      - name: 'Checkout GitHub Action'
+        uses: actions/checkout@v4
+
+      - name: 'Run Azure Functions Action'
+        uses: Azure/functions-action@v1
+        id: fa
+        with:
+          app-name: 'cippbcaom'
+          slot-name: 'Production'
+          package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_0FE8CACBBF7D409DAAF132988BECEC4B }}

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/BPA/Push-BPACollectData.ps1

@@ -21,7 +21,7 @@ function Push-BPACollectData {
     $Table = Get-CippTable -tablename 'cachebpav2'
     $Rerun = Test-CIPPRerun -Type 'BPA' -Tenant $TenantName.defaultDomainName -API $Item.Template
     if ($Rerun) {
-        Write-Host 'Detected rerun. Exiting cleanly'
+        Write-Host 'Detected rerun for BPA. Exiting cleanly'
         exit 0
     }
     Write-Host "Working on BPA for $($TenantName.defaultDomainName) with GUID $($TenantName.customerId) - Report ID $($Item.Template)"

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1

@@ -13,14 +13,14 @@ Function Invoke-ExecAssignPolicy {
     $APIName = $TriggerMetadata.FunctionName
     Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    $Tenant = $request.query.tenantfilter
-    $ID = $request.query.id
-    $displayname = $request.query.Displayname
-    $AssignTo = if ($request.query.Assignto -ne 'on') { $request.query.Assignto }
+    $Tenant = $request.body.tenantfilter
+    $ID = $request.body.id
+    $displayname = $request.body.Displayname
+    $AssignTo = if ($request.body.Assignto -ne 'on') { $request.body.Assignto }
 
     $results = try {
         if ($AssignTo) {
-            $assign = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $tenant -GroupName $AssignTo -Type $Request.query.Type
+            $assign = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $tenant -GroupName $AssignTo -Type $Request.body.Type
             Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $AssignTo" -Sev 'Info'
         }
         "Successfully edited policy for $($Tenant)"

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1

@@ -31,7 +31,7 @@ Function Invoke-AddStandardsTemplate {
 
     }
     Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created CA Template $($Request.body.name) with GUID $GUID" -Sev 'Debug'
-    $body = [pscustomobject]@{'Results' = 'Successfully added template' }
+    $body = [pscustomobject]@{'Results' = 'Successfully added template'; id = $GUID }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ListBPA.ps1

@@ -34,9 +34,9 @@ Function Invoke-ListBPA {
 
 
     if ($Request.query.tenantFilter -ne 'AllTenants' -and $Style -eq 'Tenant') {
+        $CustomerId = (Get-Tenants -TenantFilter $Request.query.tenantFilter).customerId
         $mergedObject = New-Object pscustomobject
-
-        $Data = (Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$($Request.query.tenantFilter)'") | ForEach-Object {
+        $Data = (Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$CustomerId'") | ForEach-Object {
             $row = $_
             $JSONFields | ForEach-Object {
                 $jsonContent = $row.$_
@@ -48,6 +48,7 @@ Function Invoke-ListBPA {
                 }
             }
             $row.PSObject.Properties | ForEach-Object {
+                Write-Host "Adding $($_.Name) to mergedObject"
                 $mergedObject | Add-Member -NotePropertyName $_.Name -NotePropertyValue $_.Value -Force
             }
         }

Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1

@@ -17,7 +17,11 @@ Function Invoke-ListBreachesTenant {
     } else {
         $filter = $null
     }
-    $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json -ErrorAction SilentlyContinue
+    try {
+        $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json -ErrorAction SilentlyContinue
+    } catch {
+        $usersResults = $null
+    }
     if ($usersResults -eq $null) {
         $usersResults = @()
     }

Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntunePolicy.ps1

@@ -57,47 +57,48 @@ Function Invoke-ListIntunePolicy {
             $BulkResults = New-GraphBulkRequest -Requests $BulkRequests -tenantid $TenantFilter
 
             $GraphRequest = $BulkResults | ForEach-Object {
-            $URLName = $_.Id
-            $_.body.Value | ForEach-Object {
-                $policyTypeName = switch -Wildcard ($_.'assignments@odata.context') {
-                    '*microsoft.graph.windowsIdentityProtectionConfiguration*' { 'Identity Protection' }
-                    '*microsoft.graph.windows10EndpointProtectionConfiguration*' { 'Endpoint Protection' }
-                    '*microsoft.graph.windows10CustomConfiguration*' { 'Custom' }
-                    '*microsoft.graph.windows10DeviceFirmwareConfigurationInterface*' { 'Firmware Configuration' }
-                    '*groupPolicyConfigurations*' { 'Administrative Templates' }
-                    '*windowsDomainJoinConfiguration*' { 'Domain Join configuration' }
-                    '*windowsUpdateForBusinessConfiguration*' { 'Update Configuration' }
-                    '*windowsHealthMonitoringConfiguration*' { 'Health Monitoring' }
-                    '*microsoft.graph.macOSGeneralDeviceConfiguration*' { 'MacOS Configuration' }
-                    '*microsoft.graph.macOSEndpointProtectionConfiguration*' { 'MacOS Endpoint Protection' }
-                    '*microsoft.graph.androidWorkProfileGeneralDeviceConfiguration*' { 'Android Configuration' }
-                    default { $_.'assignments@odata.context' }
-                }
-                $Assignments = $_.assignments.target | Select-Object -Property '@odata.type', groupId
-                $PolicyAssignment = [System.Collections.Generic.List[string]]::new()
-                $PolicyExclude = [System.Collections.Generic.List[string]]::new()
-                ForEach ($target in $Assignments) {
-                    switch ($target.'@odata.type') {
-                        '#microsoft.graph.allDevicesAssignmentTarget' { $PolicyAssignment.Add('All Devices') }
-                        '#microsoft.graph.exclusionallDevicesAssignmentTarget' { $PolicyExclude.Add('All Devices') }
-                        '#microsoft.graph.allUsersAssignmentTarget' { $PolicyAssignment.Add('All Users') }
-                        '#microsoft.graph.exclusionallUsersAssignmentTarget' { $PolicyExclude.Add('All Users') }
-                        '#microsoft.graph.groupAssignmentTarget' { $PolicyAssignment.Add($Groups.Where({ $_.id -eq $target.groupId }).displayName) }
-                        '#microsoft.graph.exclusionGroupAssignmentTarget' { $PolicyExclude.Add($Groups.Where({ $_.id -eq $target.groupId }).displayName) }
-                        default {
-                            $PolicyAssignment.Add($null)
-                            $PolicyExclude.Add($null)
+                $URLName = $_.Id
+                $_.body.Value | ForEach-Object {
+                    $policyTypeName = switch -Wildcard ($_.'assignments@odata.context') {
+                        '*microsoft.graph.windowsIdentityProtectionConfiguration*' { 'Identity Protection' }
+                        '*microsoft.graph.windows10EndpointProtectionConfiguration*' { 'Endpoint Protection' }
+                        '*microsoft.graph.windows10CustomConfiguration*' { 'Custom' }
+                        '*microsoft.graph.windows10DeviceFirmwareConfigurationInterface*' { 'Firmware Configuration' }
+                        '*groupPolicyConfigurations*' { 'Administrative Templates' }
+                        '*windowsDomainJoinConfiguration*' { 'Domain Join configuration' }
+                        '*windowsUpdateForBusinessConfiguration*' { 'Update Configuration' }
+                        '*windowsHealthMonitoringConfiguration*' { 'Health Monitoring' }
+                        '*microsoft.graph.macOSGeneralDeviceConfiguration*' { 'MacOS Configuration' }
+                        '*microsoft.graph.macOSEndpointProtectionConfiguration*' { 'MacOS Endpoint Protection' }
+                        '*microsoft.graph.androidWorkProfileGeneralDeviceConfiguration*' { 'Android Configuration' }
+                        default { $_.'assignments@odata.context' }
+                    }
+                    $Assignments = $_.assignments.target | Select-Object -Property '@odata.type', groupId
+                    $PolicyAssignment = [System.Collections.Generic.List[string]]::new()
+                    $PolicyExclude = [System.Collections.Generic.List[string]]::new()
+                    ForEach ($target in $Assignments) {
+                        switch ($target.'@odata.type') {
+                            '#microsoft.graph.allDevicesAssignmentTarget' { $PolicyAssignment.Add('All Devices') }
+                            '#microsoft.graph.exclusionallDevicesAssignmentTarget' { $PolicyExclude.Add('All Devices') }
+                            '#microsoft.graph.allUsersAssignmentTarget' { $PolicyAssignment.Add('All Users') }
+                            '#microsoft.graph.allLicensedUsersAssignmentTarget' { $PolicyAssignment.Add('All Licenced Users') }
+                            '#microsoft.graph.exclusionallUsersAssignmentTarget' { $PolicyExclude.Add('All Users') }
+                            '#microsoft.graph.groupAssignmentTarget' { $PolicyAssignment.Add($Groups.Where({ $_.id -eq $target.groupId }).displayName) }
+                            '#microsoft.graph.exclusionGroupAssignmentTarget' { $PolicyExclude.Add($Groups.Where({ $_.id -eq $target.groupId }).displayName) }
+                            default {
+                                $PolicyAssignment.Add($null)
+                                $PolicyExclude.Add($null)
+                            }
                         }
                     }
-                }
-                if ($_.displayname -eq $null) { $_ | Add-Member -NotePropertyName displayName -NotePropertyValue $_.name }
-                $_ | Add-Member -NotePropertyName PolicyTypeName -NotePropertyValue $policyTypeName
-                $_ | Add-Member -NotePropertyName URLName -NotePropertyValue $URLName
-                $_ | Add-Member -NotePropertyName PolicyAssignment -NotePropertyValue ($PolicyAssignment -join ', ')
-                $_ | Add-Member -NotePropertyName PolicyExclude -NotePropertyValue ($PolicyExclude -join ', ')
-                $_
-            } | Where-Object { $_.DisplayName -ne $null }
-        }
+                    if ($_.displayname -eq $null) { $_ | Add-Member -NotePropertyName displayName -NotePropertyValue $_.name }
+                    $_ | Add-Member -NotePropertyName PolicyTypeName -NotePropertyValue $policyTypeName
+                    $_ | Add-Member -NotePropertyName URLName -NotePropertyValue $URLName
+                    $_ | Add-Member -NotePropertyName PolicyAssignment -NotePropertyValue ($PolicyAssignment -join ', ')
+                    $_ | Add-Member -NotePropertyName PolicyExclude -NotePropertyValue ($PolicyExclude -join ', ')
+                    $_
+                } | Where-Object { $_.DisplayName -ne $null }
+            }
         }
         $StatusCode = [HttpStatusCode]::OK
     } catch {

Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1

@@ -8,7 +8,7 @@ function New-GraphGetRequest {
         [string]$uri,
         [string]$tenantid,
         [string]$scope,
-        [bool]$AsApp,
+        $AsApp,
         [bool]$noPagination,
         $NoAuthCheck = $false,
         [bool]$skipTokenCache,

Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1

@@ -13,7 +13,11 @@ function Get-CIPPStandards {
     $Table = Get-CippTable -tablename 'templates'
     $Filter = "PartitionKey eq 'StandardsTemplateV2'"
     $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ForEach-Object {
-        ConvertFrom-Json -InputObject $_ -ErrorAction SilentlyContinue
+        #in the string $_, replace the word 'action' by the word 'Action'.
+        try {
+            $_ -replace 'Action', 'action' | ConvertFrom-Json -InputObject $_ -ErrorAction SilentlyContinue
+        } catch {
+        }
     } | Where-Object {
         $_.GUID -like $TemplateId -and $_.runManually -eq $runManually
     }

Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1

@@ -23,7 +23,7 @@ function New-BreachTenantSearch {
         @{
             RowKey       = $domain.domain
             PartitionKey = $TenantFilter
-            breaches     = "$($LatestBreach.Result | ConvertTo-Json)"
+            breaches     = "$($LatestBreach.Result | ConvertTo-Json -Depth 10 -Compress)"
             sum          = $SumOfBreaches
         }
     }