Merge branch 'KelvinTegelaar:master' into master

Jcblmao · Aug 17, 2023 · 4446f61 · 4446f61
2 parents dc7bc73 + 56c6b53
commit 4446f61
Show file tree

Hide file tree

Showing 60 changed files with 2,303 additions and 359 deletions.
diff --git a/AddAlert/run.ps1 b/AddAlert/run.ps1
@@ -15,41 +15,67 @@ $Results = foreach ($Tenant in $tenants) {
         else {
             'AllTenants'
         }
-        $CompleteObject = @{
-            tenant            = $tenant
-            tenantid          = $TenantID
-            AdminPassword     = [bool]$Request.body.AdminPassword
-            DefenderMalware   = [bool]$Request.body.DefenderMalware
-            DefenderStatus    = [bool]$Request.body.DefenderStatus
-            MFAAdmins         = [bool]$Request.body.MFAAdmins
-            MFAAlertUsers     = [bool]$Request.body.MFAAlertUsers
-            NewGA             = [bool]$Request.body.NewGA
-            NewRole           = [bool]$Request.body.NewRole
-            QuotaUsed         = [bool]$Request.body.QuotaUsed
-            UnusedLicenses    = [bool]$Request.body.UnusedLicenses
-            OverusedLicenses  = [bool]$Request.body.OverusedLicenses
-            AppSecretExpiry   = [bool]$Request.body.AppSecretExpiry
-            ApnCertExpiry     = [bool]$Request.body.ApnCertExpiry
-            VppTokenExpiry    = [bool]$Request.body.VppTokenExpiry
-            DepTokenExpiry    = [bool]$Request.body.DepTokenExpiry
-            NoCAConfig        = [bool]$Request.body.NoCAConfig
-            SecDefaultsUpsell = [bool]$Request.body.SecDefaultsUpsell
-            SharePointQuota   = [bool]$Request.body.SharePointQuota
-            ExpiringLicenses  = [bool]$Request.body.ExpiringLicenses
-            type              = 'Alert'
-            RowKey            = $TenantID
-            PartitionKey      = 'Alert'
-        }
-
-        $Table = get-cipptable -TableName 'SchedulerConfig'
-        <#$TableRow = @{
-            table          = ()
-            property       = $CompleteObject
-            UpdateExisting = $true
-        }#>
+        if ($Request.body.SetAlerts) {
+            $CompleteObject = @{
+                tenant            = $tenant
+                tenantid          = $TenantID
+                AdminPassword     = [bool]$Request.body.AdminPassword
+                DefenderMalware   = [bool]$Request.body.DefenderMalware
+                DefenderStatus    = [bool]$Request.body.DefenderStatus
+                MFAAdmins         = [bool]$Request.body.MFAAdmins
+                MFAAlertUsers     = [bool]$Request.body.MFAAlertUsers
+                NewGA             = [bool]$Request.body.NewGA
+                NewRole           = [bool]$Request.body.NewRole
+                QuotaUsed         = [bool]$Request.body.QuotaUsed
+                UnusedLicenses    = [bool]$Request.body.UnusedLicenses
+                OverusedLicenses  = [bool]$Request.body.OverusedLicenses
+                AppSecretExpiry   = [bool]$Request.body.AppSecretExpiry
+                ApnCertExpiry     = [bool]$Request.body.ApnCertExpiry
+                VppTokenExpiry    = [bool]$Request.body.VppTokenExpiry
+                DepTokenExpiry    = [bool]$Request.body.DepTokenExpiry
+                NoCAConfig        = [bool]$Request.body.NoCAConfig
+                SecDefaultsUpsell = [bool]$Request.body.SecDefaultsUpsell
+                SharePointQuota   = [bool]$Request.body.SharePointQuota
+                ExpiringLicenses  = [bool]$Request.body.ExpiringLicenses
+                type              = 'Alert'
+                RowKey            = $TenantID
+                PartitionKey      = 'Alert'
+            }
 
-        #Add-AzTableRow @TableRow | Out-Null
-        Add-AzDataTableEntity @Table -Entity $CompleteObject -Force
+            $Table = get-cipptable -TableName 'SchedulerConfig'
+            Add-AzDataTableEntity @Table -Entity $CompleteObject -Force
+        }
+        $URL = ($request.headers.'x-ms-original-url').split('/api') | Select-Object -First 1
+        if ($Tenant -eq 'AllTenants') {
+            Get-Tenants | ForEach-Object {
+                foreach ($eventType in $Request.body.EventTypes.value) {
+                    $params = @{
+                        TenantFilter     = $_.defaultDomainName
+                        auditLogAPI      = $true
+                        operations       = ($Request.body.Operations.value -join ',')
+                        allowedLocations = ($Request.body.AllowedLocations.value -join ',')
+                        BaseURL          = $URL
+                        EventType        = $eventType
+                        ExecutingUser    = $Request.headers.'x-ms-client-principal'
+                    }
+                    New-CIPPGraphSubscription @params
+                }
+            }
+        }
+        else {
+            foreach ($eventType in $Request.body.EventTypes.value) {
+                $params = @{
+                    TenantFilter     = $tenant
+                    auditLogAPI      = $true
+                    operations       = ($Request.body.Operations.value -join ',')
+                    allowedLocations = ($Request.body.AllowedLocations.value -join ',')
+                    BaseURL          = $URL
+                    EventType        = $eventType
+                    ExecutingUser    = $Request.headers.'x-ms-client-principal'
+                }
+                New-CIPPGraphSubscription @params
+            }
+        }
         "Successfully added Alert for $($Tenant) to queue."
         Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Successfully added Alert for $($Tenant) to queue." -Sev 'Info'
     }

diff --git a/AddCAPolicy/run.ps1 b/AddCAPolicy/run.ps1
@@ -38,7 +38,13 @@ $JSONObj = $request.body.RawJSON | ConvertFrom-Json | Select-Object * -ExcludePr
 Remove-EmptyArrays $JSONObj
 #Remove context as it does not belong in the payload.
 $JsonObj.grantControls.PSObject.Properties.Remove('[email protected]')
-$JsonObj.conditions.users.excludeGuestsOrExternalUsers.externalTenants.PSObject.Properties.Remove('@odata.type')
+if ($JSONObj.conditions.users.excludeGuestsOrExternalUsers.externalTenants.Members) {
+    $JsonObj.conditions.users.excludeGuestsOrExternalUsers.externalTenants.PSObject.Properties.Remove('@odata.context')
+    $JsonObj.conditions.users.excludeGuestsOrExternalUsers.externalTenants.PSObject.Properties.Remove('@odata.type')
+}
+if ($Request.body.newstate -and $Request.body.newstate -ne 'donotchange') {
+    $Jsonobj.state = $Request.body.newstate
+}
 $RawJSON = $JSONObj | ConvertTo-Json -Depth 10
 
 $results = foreach ($Tenant in $tenants) {