Skip to content

Commit

Permalink
Merge pull request KelvinTegelaar#387 from KelvinTegelaar/dev
Browse files Browse the repository at this point in the history
Dev to release
  • Loading branch information
KelvinTegelaar authored Jul 21, 2023
2 parents 43b4591 + 9aa6a77 commit 5d0d69f
Show file tree
Hide file tree
Showing 79 changed files with 2,907 additions and 473 deletions.
8 changes: 8 additions & 0 deletions .github/pull.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
version: "1"
rules:
- base: master
upstream: KelvinTegelaar:master
mergeMethod: merge
- base: dev
upstream: KelvinTegelaar:dev
mergeMethod: none
29 changes: 29 additions & 0 deletions .github/workflows/dev_cipppwrro.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cipppwrro

on:
push:
branches:
- dev
workflow_dispatch:

env:
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root

jobs:
build-and-deploy:
runs-on: windows-latest
steps:
- name: 'Checkout GitHub Action'
uses: actions/checkout@v2

- name: 'Run Azure Functions Action'
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cipppwrro'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_7CFCA05390754624B5492AF7ECD3D826 }}
8 changes: 6 additions & 2 deletions AddAlert/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ $Results = foreach ($Tenant in $tenants) {
try {
$TenantID = if ($tenant -ne 'AllTenants') {
(get-tenants | Where-Object -Property defaultDomainName -EQ $Tenant).customerId
} else {
}
else {
'AllTenants'
}
$CompleteObject = @{
Expand All @@ -33,6 +34,8 @@ $Results = foreach ($Tenant in $tenants) {
DepTokenExpiry = [bool]$Request.body.DepTokenExpiry
NoCAConfig = [bool]$Request.body.NoCAConfig
SecDefaultsUpsell = [bool]$Request.body.SecDefaultsUpsell
SharePointQuota = [bool]$Request.body.SharePointQuota
ExpiringLicenses = [bool]$Request.body.ExpiringLicenses
type = 'Alert'
RowKey = $TenantID
PartitionKey = 'Alert'
Expand All @@ -49,7 +52,8 @@ $Results = foreach ($Tenant in $tenants) {
Add-AzDataTableEntity @Table -Entity $CompleteObject -Force
"Successfully added Alert for $($Tenant) to queue."
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Successfully added Alert for $($Tenant) to queue." -Sev 'Info'
} catch {
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Failed to add Alert for for $($Tenant) to queue" -Sev 'Error'
"Failed to add Alert for for $($Tenant) to queue $($_.Exception.message)"
}
Expand Down
17 changes: 2 additions & 15 deletions AddUser/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -89,21 +89,8 @@ catch {
$body = $results.add("We've failed to create the Aliases: $($_.Exception.Message)")
}
if ($Request.body.CopyFrom -ne "") {
$MemberIDs = "https://graph.microsoft.com/v1.0/directoryObjects/" + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($GraphRequest.id)" -tenantid $Userobj.tenantid).id
$addmemberbody = "{ `"[email protected]`": $(ConvertTo-Json @($MemberIDs)) }"
(New-GraphGETRequest -uri "https://graph.microsoft.com/beta/users/$($Request.body.CopyFrom)/memberOf" -tenantid $Userobj.tenantid) | ForEach-Object {
try {
Write-Host "name: $($_.displayName)"
$GroupResult = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($_.id)" -tenantid $Userobj.tenantid -type patch -body $addmemberbody -Verbose
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Added $($UserprincipalName) to group $($_.displayName)" -Sev "Info" -tenant $TenantFilter
$body = $results.add("Added group: $($_.displayName)")
}
catch {
$body = $results.add("We've failed to add the group $($_.displayName): $($_.Exception.Message)")
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Group adding failed for group $($_.displayName): $($_.Exception.Message)" -Sev "Error"
}
}

$CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -tenantid $Userobj.tenantid -CopyFromId $Request.body.CopyFrom -UserID $UserprincipalName -TenantFilter $Userobj.tenantid
$results.AddRange($CopyFrom)
}
$body = @{"Results" = @($results) }
# Associate values to output bindings by calling 'Push-OutputBinding'.
Expand Down
18 changes: 2 additions & 16 deletions EditUser/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -99,22 +99,8 @@ catch {
}

if ($Request.body.CopyFrom -ne "") {
$MemberIDs = "https://graph.microsoft.com/v1.0/directoryObjects/" + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($userobj.Userid)" -tenantid $Userobj.tenantid).id
$addmemberbody = "{ `"[email protected]`": $(ConvertTo-Json @($MemberIDs)) }"
(New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($Request.body.CopyFrom)/GetMemberGroups" -tenantid $Userobj.tenantid -type POST -body '{"securityEnabledOnly": false}').value | ForEach-Object {
try {
$groupname = (New-GraphGetRequest -tenantid $Userobj.tenantid -uri "https://graph.microsoft.com/beta/groups/$($_)").displayName
Write-Host "name: $groupname"
$GroupResult = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($_)" -tenantid $Userobj.tenantid -type patch -body $addmemberbody -ErrorAction Stop
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Added $($UserprincipalName) to group $groupresult.displayName)" -Sev "Info" -tenant $TenantFilter
$body = $results.add("Added group: $($groupname)")
}
catch {
$body = $results.add("We've failed to add the group $($groupname): $($_.Exception.Message)")
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Failed to add group. $($_.Exception.Message)" -Sev "Error"
}
}

$CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -tenantid $Userobj.tenantid -CopyFromId $Request.body.CopyFrom -UserID $user -TenantFilter $Userobj.tenantid
$results.AddRange($CopyFrom)
}
$body = @{"Results" = @($results) }
# Associate values to output bindings by calling 'Push-OutputBinding'.
Expand Down
2 changes: 2 additions & 0 deletions ExecBECRemediate/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,13 @@ try {
New-ExoRequest -tenantid $TenantFilter -cmdlet "Disable-InboxRule" -cmdParams @{Confirm = $false; Identity = $_.Identity } -anchor $SuspectUser
}
$results = [pscustomobject]@{"Results" = "Executed Remediation for $SuspectUser and tenant $($TenantFilter). The temporary password is $password and must be changed at next logon." }
Write-LogMessage -API "BECRemediate" -tenant $tenantfilter -message "Executed Remediation for $SuspectUser" -sev "Info"

}
catch {
#Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Failed to assign app $($appFilter): $($_.Exception.Message)" -Sev "Error"
$results = [pscustomobject]@{"Results" = "Failed to execute remediation. $($_.Exception.Message)" }
Write-LogMessage -API "BECRemediate" -tenant $tenantfilter -message "Executed Remediation for $SuspectUser failed" -sev "Error"
}

# Associate values to output bindings by calling 'Push-OutputBinding'.
Expand Down
8 changes: 2 additions & 6 deletions ExecConverttoSharedMailbox/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,10 @@ Write-Host "PowerShell HTTP trigger function processed a request."
# Interact with query parameters or the body of the request.
Try {
$MailboxType = if ($request.query.ConvertToUser -eq 'true') { "Regular" } else { "Shared" }
$tenantfilter = $Request.Query.TenantFilter
New-ExoRequest -tenantid $TenantFilter -cmdlet "Set-mailbox" -cmdParams @{Identity = $request.query.id; type = $MailboxType }

$Results = [pscustomobject]@{"Results" = "Successfully converted $($request.query.id)." }
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Converted mailbox $($request.query.id)" -Sev "Info"
$ConvertedMailbox = Set-CIPPMailboxType -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -MailboxType $MailboxType
$Results = [pscustomobject]@{"Results" = "$ConvertedMailbox" }
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Convert to shared mailbox failed: $($_.Exception.Message)" -Sev "Error"
$Results = [pscustomobject]@{"Results" = "Failed to convert $($request.query.id) - $($_.Exception.Message)" }
}
# Associate values to output bindings by calling 'Push-OutputBinding'.
Expand Down
8 changes: 2 additions & 6 deletions ExecCopyForSent/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,10 @@ Write-Host "PowerShell HTTP trigger function processed a request."
# Interact with query parameters or the body of the request.
Try {
$MessageCopyForSentAsEnabled = if ($request.query.MessageCopyForSentAsEnabled -eq 'false') { "false" } else { "true" }
$tenantfilter = $Request.Query.TenantFilter
New-ExoRequest -tenantid $TenantFilter -cmdlet "Set-mailbox" -cmdParams @{Identity = $request.query.id; MessageCopyForSentAsEnabled = $MessageCopyForSentAsEnabled }

$Results = [pscustomobject]@{"Results" = "Successfully set MessageCopyForSentAsEnabled as $MessageCopyForSentAsEnabled on $($request.query.id)." }
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Successfully set MessageCopyForSentAsEnabled as $MessageCopyForSentAsEnabled on $($request.query.id)." -Sev "Info"
$MessageResult = Set-CIPPMessageCopy -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -MessageCopyForSentAsEnabled $MessageCopyForSentAsEnabled
$Results = [pscustomobject]@{"Results" = "$MessageResult" }
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled failed: $($_.Exception.Message)" -Sev "Error"
$Results = [pscustomobject]@{"Results" = "set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled failed - $($_.Exception.Message)" }
}

Expand Down
8 changes: 2 additions & 6 deletions ExecCreateTAP/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,9 @@ $APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"

# Interact with query parameters or the body of the request.
$TenantFilter = $Request.Query.TenantFilter
$Body = "{}"
try {
$GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($Request.query.ID)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body $Body -verbose
$Results = [pscustomobject]@{"Results" = "The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes" }
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created temporary access pass for user $($Request.Query.id)" -Sev "Info"

$TAP = New-CIPPTAP -userid $Request.query.ID -TenantFilter $Request.query.tenantfilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal'
$Results = [pscustomobject]@{"Results" = "$TAP" }
}
catch {
$Results = [pscustomobject]@{"Results" = "Failed. $($_.Exception.Message)" }
Expand Down
21 changes: 8 additions & 13 deletions ExecDeviceAction/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,17 @@ $APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"

# Interact with query parameters or the body of the request.
$tenantfilter = $Request.Query.TenantFilter
$DeviceFilter = $Request.Query.GUID
$Action = $Request.Query.Action
if ($Action -eq "setDeviceName") {
$ActionBody = @{ deviceName = $Request.Body.input } | convertto-json -compress
} else {
$ActionBody = if ($Request.body) { $Request.body | ConvertTo-Json } else { '{}' }
}
try {
$GraphRequest = New-Graphpostrequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices('$DeviceFilter')/$($Action)" -type POST -tenantid $TenantFilter -body $actionbody
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Queued $Action on $DeviceFilter" -Sev "Info"
$body = [pscustomobject]@{"Results" = "Queued $Action on $DeviceFilter" }


try {
if ($Request.Query.Action -eq "setDeviceName") {
$ActionBody = @{ deviceName = $Request.Body.input } | ConvertTo-Json -Compress
}
$ActionResult = New-CIPPDeviceAction -Action $Request.Query.Action -ActionBody $ActionBody -DeviceFilter $Request.Query.GUID -TenantFilter $Request.Query.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' -APINAME $APINAME
$body = [pscustomobject]@{"Results" = "$ActionResult" }

}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Failed to queue action $action on $DeviceFilter : $($_.Exception.Message)" -Sev "Error"
$body = [pscustomobject]@{"Results" = "Failed to queue action $action on $DeviceFilter $($_.Exception.Message)" }
}

Expand Down
6 changes: 1 addition & 5 deletions ExecDisableEmailForward/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,9 @@ try {
$Username = $request.body.user
$Tenantfilter = $request.body.tenantfilter
$Results = try {
$OoO = New-ExoRequest -tenantid $TenantFilter -cmdlet "Set-Mailbox" -cmdParams @{Identity = $request.body.user; ForwardingAddress = $null; ForwardingSMTPAddress = $null; DeliverToMailboxAndForward = $false }
"Disabled Email forwarding $username"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Disabled Email forwarding $($username)" -Sev "Info" -tenant $TenantFilter

Set-CIPPForwarding -userid $Request.body.user -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -Forward $null -keepCopy $false -ForwardingSMTPAddress $null -Disable $true
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Could not disable Email forwarding for $($username)" -Sev "Error" -tenant $TenantFilter
"Could not disable forwarding message for $($username). Error: $($_.Exception.Message)"
}

Expand Down
10 changes: 3 additions & 7 deletions ExecDisableUser/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,10 @@ using namespace System.Net
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"

# Interact with query parameters or the body of the request.
$TenantFilter = $Request.Query.TenantFilter
$Body = if ($Request.Query.Enable) { '{"accountEnabled":"true"}' } else { '{"accountEnabled":"false"}' }
try {
$GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.query.ID)" -tenantid $TenantFilter -type PATCH -body $Body -verbose
$Results = [pscustomobject]@{"Results" = "Successfully changed state for $($Request.query.ID)" }
([System.Convert]::ToBoolean($Request.Query.Enable))
$State = Set-CIPPSignInState -userid $Request.query.ID -TenantFilter $Request.Query.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -AccountEnabled ([System.Convert]::ToBoolean($Request.Query.Enable))
$Results = [pscustomobject]@{"Results" = "$State" }
}
catch {
$Results = [pscustomobject]@{"Results" = "Failed. $($_.Exception.Message)" }
Expand Down
17 changes: 2 additions & 15 deletions ExecEditCalendarPermissions/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -12,25 +12,12 @@ $Permissions = @($Request.query.permissions)
$folderName = $Request.query.folderName


$CalParam = [PSCustomObject]@{
Identity = "$($UserID):\$folderName"
AccessRights = @($Permissions)
User = $UserToGetPermissions
}
try {
if ($Request.query.removeaccess) {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Remove-MailboxFolderPermission" -cmdParams @{Identity = "$($UserID):\$folderName"; User = $Request.query.RemoveAccess }
$Result = "Successfully removed access for $($Request.query.RemoveAccess) from calender $($CalParam.Identity)"
$result = Set-CIPPCalenderPermission -UserID $UserID -folderName $folderName -RemoveAccess $Request.query.removeaccess -TenantFilter $TenantFilter
}
else {
try {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Set-MailboxFolderPermission" -cmdParams $CalParam -Anchor $($UserID)
}
catch {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Add-MailboxFolderPermission" -cmdParams $CalParam -Anchor $($UserID)
}
Write-LogMessage -API 'List Calendar Permissions' -tenant $tenantfilter -message "Calendar permissions listed for $($tenantfilter)" -sev Debug

$result = Set-CIPPCalenderPermission -UserID $UserID -folderName $folderName -TenantFilter $Tenantfilter -UserToGetPermissions $UserToGetPermissions -Permissions $Permissions
$Result = "Successfully set permissions on folder $($CalParam.Identity). The user $UserToGetPermissions now has $Permissions permissions on this folder."
}
}
Expand Down
10 changes: 3 additions & 7 deletions ExecEnableArchive/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,11 @@ Write-Host "PowerShell HTTP trigger function processed a request."

# Interact with query parameters or the body of the request.
Try {
$tenantfilter = $Request.Query.TenantFilter
New-ExoRequest -tenantid $TenantFilter -cmdlet "Enable-Mailbox" -cmdParams @{Identity = $request.query.id; Archive = $true }

$Results = [pscustomobject]@{"Results" = "Successfully completed task." }
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Added archive to $($request.query.id)" -Sev "Info"
$ResultsArch = Set-CIPPMailboxArchive -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -ArchiveEnabled $true
$Results = [pscustomobject]@{"Results" = "$ResultsArch" }
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Failed to add archive $($_.Exception.Message)" -Sev "Error"
$Results = [pscustomobject]@{"Results" = "Failed. $_.Exception.Message" }
$Results = [pscustomobject]@{"Results" = "Failed. $($_.Exception.Message)" }
}
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
Expand Down
4 changes: 3 additions & 1 deletion ExecExtensionTest/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@ try {
$Results = [pscustomobject]@{"Results" = "Succesfully Connected to Gradient" }

}

"CIPP-API" {
$Results = [pscustomobject]@{"Results" = "You cannot test the CIPP-API from CIPP. Please check the documentation on how to test the CIPP-API." }
}
}
}
catch {
Expand Down
Loading

0 comments on commit 5d0d69f

Please sign in to comment.