From 81309bb7e373e27b73731263fbc2f58dfada54a0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 27 Jul 2023 01:26:41 +0200 Subject: [PATCH 1/4] updated cpv row processing --- UpdatePermissions/run.ps1 | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/UpdatePermissions/run.ps1 b/UpdatePermissions/run.ps1 index bfbc0249231f..3ccdedfeb161 100644 --- a/UpdatePermissions/run.ps1 +++ b/UpdatePermissions/run.ps1 @@ -1,9 +1,29 @@ # Input bindings are passed in via param block. param($Timer) -#Switched to run for every tenant always, to make sure app permissions get applied succesfully. +# Get the current universal time in the default string format. +$currentUTCtime = (Get-Date).ToUniversalTime() + +$Table = Get-CIPPTable -TableName cpvtenants +$CPVRows = Get-AzDataTableEntity @Table + $Tenants = get-tenants +$TenantList = $CPVRows.Tenant foreach ($Row in $Tenants ) { - Write-Host "Processing tenants" - Push-OutputBinding -Name Msg -Value $row.customerId -} + Write-Output "Processing tenants" + + if (!$CPVRows) { + Write-Output "No list available" + Push-OutputBinding -Name Msg -Value $row.customerId + } + + if ($Row.customerId -notin $TenantList) { + Write-Output "Not in the list: $($row.customerId)" + Push-OutputBinding -Name Msg -Value $row.customerId + } + + if ($CPVRows | Where-Object { $_.Tenant -eq $row.customerId } | Where-Object { $_.LastApply -EQ $null -or (Get-Date $_.LastApply).AddDays(-14) -gt $currentUTCtime }) { + Write-Output "In list, Old age." + Push-OutputBinding -Name Msg -Value $row.customerId + } +} \ No newline at end of file From 75734d07cffc0415fa1ba9f858ac3109cf1dc22b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 27 Jul 2023 01:28:36 +0200 Subject: [PATCH 2/4] update permissions queue --- UpdatePermissionsQueue/run.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/UpdatePermissionsQueue/run.ps1 b/UpdatePermissionsQueue/run.ps1 index 4853558dde82..17e9c30df1c5 100644 --- a/UpdatePermissionsQueue/run.ps1 +++ b/UpdatePermissionsQueue/run.ps1 @@ -52,13 +52,13 @@ $GraphRequest = $ExpectedPermissions.requiredResourceAccess | ForEach-Object { "Could not set CPV permissions for $PermissionsName. Does the Tenant have a license for this API? Error: $($_.Exception.message)" } } -$ourSVCPrincipal = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/servicePrincipals(appId='$($ENV:applicationid)')" -tenantid $Tenantfilter +$ourSVCPrincipal = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/servicePrincipals(appId='$($ENV:applicationid)')" -tenantid $Tenantfilter.customerid # if the app svc principal exists, consent app permissions $apps = $ExpectedPermissions $Grants = foreach ($App in $apps.requiredResourceAccess) { try { - $svcPrincipalId = New-GraphGETRequest -uri "https://graph.microsoft.com/v1.0/servicePrincipals(appId='$($app.resourceAppId)')" -tenantid $tenantfilter + $svcPrincipalId = New-GraphGETRequest -uri "https://graph.microsoft.com/v1.0/servicePrincipals(appId='$($app.resourceAppId)')" -tenantid $Tenantfilter.customerid } catch { continue @@ -73,7 +73,7 @@ $Grants = foreach ($App in $apps.requiredResourceAccess) { } foreach ($Grant in $grants) { try { - $SettingsRequest = New-GraphPOSTRequest -body ($grant | ConvertTo-Json) -uri "https://graph.microsoft.com/beta/servicePrincipals/$($ourSVCPrincipal.id)/appRoleAssignedTo" -tenantid $tenantfilter -type POST + $SettingsRequest = New-GraphPOSTRequest -body ($grant | ConvertTo-Json) -uri "https://graph.microsoft.com/beta/servicePrincipals/$($ourSVCPrincipal.id)/appRoleAssignedTo" -tenantid $Tenantfilter.customerid -type POST } catch { "Failed to grant $($grant.appRoleId) to $($grant.resourceId): $($_.Exception.Message). " From 3d66fbd86d37f72084d77500db9218d275a16553 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 27 Jul 2023 01:37:15 +0200 Subject: [PATCH 3/4] hotfix --- SendStats/function.json | 2 +- SendStats/run.ps1 | 1 + version_latest.txt | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/SendStats/function.json b/SendStats/function.json index 828a2484ee7d..b47dd4f6ee24 100644 --- a/SendStats/function.json +++ b/SendStats/function.json @@ -4,7 +4,7 @@ "name": "Timer", "type": "timerTrigger", "direction": "in", - "schedule": "0 0 0 * * 0" + "schedule": "0 0 0 * * *" } ] } \ No newline at end of file diff --git a/SendStats/run.ps1 b/SendStats/run.ps1 index 6454323da94e..5e86e35e980f 100644 --- a/SendStats/run.ps1 +++ b/SendStats/run.ps1 @@ -13,6 +13,7 @@ Set-Location (Get-Item $PSScriptRoot).Parent.FullName $APIVersion = Get-Content "version_latest.txt" | Out-String $SendingObject = [PSCustomObject]@{ + rgid = $env:WEBSITE_SITE_NAME SetupComplete = $SetupComplete RunningVersionAPI = $APIVersion.trim() CountOfTotalTenants = $tenantcount diff --git a/version_latest.txt b/version_latest.txt index aaaff9192695..00e897bdaeb8 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -3.8.1 \ No newline at end of file +3.8.2 \ No newline at end of file From f0278eeed17670f9b7b8876c86a6ea422c873f58 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 27 Jul 2023 01:38:47 +0200 Subject: [PATCH 4/4] add continue statement --- UpdatePermissions/run.ps1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/UpdatePermissions/run.ps1 b/UpdatePermissions/run.ps1 index 3ccdedfeb161..70b088355d1c 100644 --- a/UpdatePermissions/run.ps1 +++ b/UpdatePermissions/run.ps1 @@ -15,15 +15,19 @@ foreach ($Row in $Tenants ) { if (!$CPVRows) { Write-Output "No list available" Push-OutputBinding -Name Msg -Value $row.customerId + continue } if ($Row.customerId -notin $TenantList) { Write-Output "Not in the list: $($row.customerId)" Push-OutputBinding -Name Msg -Value $row.customerId + continue + } if ($CPVRows | Where-Object { $_.Tenant -eq $row.customerId } | Where-Object { $_.LastApply -EQ $null -or (Get-Date $_.LastApply).AddDays(-14) -gt $currentUTCtime }) { Write-Output "In list, Old age." Push-OutputBinding -Name Msg -Value $row.customerId + continue } } \ No newline at end of file