Merge pull request KelvinTegelaar#95 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev

Author: kris6673

Modules/CIPPCore/Public/Add-CIPPDelegatedPermission.ps1

@@ -85,14 +85,19 @@ function Add-CIPPDelegatedPermission {
         $OldScope = ($CurrentDelegatedScopes | Where-Object -Property Resourceid -EQ $svcPrincipalId.id)
 
         if (!$OldScope) {
-            $Createbody = @{
-                clientId    = $ourSVCPrincipal.id
-                consentType = 'AllPrincipals'
-                resourceId  = $svcPrincipalId.id
-                scope       = $NewScope
-            } | ConvertTo-Json -Compress
-            $CreateRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/v1.0/oauth2PermissionGrants' -tenantid $Tenantfilter -body $Createbody -type POST -NoAuthCheck $true
-            $Results.add("Successfully added permissions for $($svcPrincipalId.displayName)")
+            try {
+                $Createbody = @{
+                    clientId    = $ourSVCPrincipal.id
+                    consentType = 'AllPrincipals'
+                    resourceId  = $svcPrincipalId.id
+                    scope       = $NewScope
+                } | ConvertTo-Json -Compress
+                $CreateRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/v1.0/oauth2PermissionGrants' -tenantid $Tenantfilter -body $Createbody -type POST -NoAuthCheck $true
+                $Results.add("Successfully added permissions for $($svcPrincipalId.displayName)")
+            } catch {
+                $Results.add("Failed to add permissions for $($svcPrincipalId.displayName): $(Get-NormalizedError -message $_.Exception.Message)")
+                continue
+            }
         } else {
             # Cleanup multiple scope entries and patch first id
             if (($OldScope.id | Measure-Object).Count -gt 1) {

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-ExecAppUpload.ps1

@@ -14,9 +14,9 @@ function Invoke-ExecAppUpload {
     if ($Config -and $Config.state -eq $true) {
         if ($env:CIPP_PROCESSOR -ne 'true') {
             $ProcessorFunction = [PSCustomObject]@{
-                PartitionKey      = 'Function'
-                RowKey            = 'Start-ApplicationOrchestrator'
-                ProcessorFunction = 'Start-ApplicationOrchestrator'
+                PartitionKey = 'Function'
+                RowKey       = 'Start-ApplicationOrchestrator'
+
             }
             $ProcessorQueue = Get-CIPPTable -TableName 'ProcessorQueue'
             Add-AzDataTableEntity @ProcessorQueue -Entity $ProcessorFunction -Force

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecDomainAnalyser.ps1

@@ -14,9 +14,9 @@ function Invoke-ExecDomainAnalyser {
     if ($Config -and $Config.state -eq $true) {
         if ($env:CIPP_PROCESSOR -ne 'true') {
             $ProcessorFunction = [PSCustomObject]@{
-                PartitionKey      = 'Function'
-                RowKey            = 'Start-DomainOrchestrator'
-                ProcessorFunction = 'Start-DomainOrchestrator'
+                PartitionKey = 'Function'
+                RowKey       = 'Start-DomainOrchestrator'
+                FunctionName = 'Start-DomainOrchestrator'
             }
             $ProcessorQueue = Get-CIPPTable -TableName 'ProcessorQueue'
             Add-AzDataTableEntity @ProcessorQueue -Entity $ProcessorFunction -Force

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1

@@ -19,10 +19,10 @@ Function Invoke-ExecStandardsRun {
     if ($Config -and $Config.state -eq $true) {
         if ($env:CIPP_PROCESSOR -ne 'true') {
             $ProcessorFunction = [PSCustomObject]@{
-                PartitionKey      = 'Function'
-                RowKey            = "Invoke-CIPPStandardsRun-$tenantfilter"
-                ProcessorFunction = 'Invoke-CIPPStandardsRun'
-                Parameters        = [string](ConvertTo-Json -Compress -InputObject @{
+                PartitionKey = 'Function'
+                RowKey       = "Invoke-CIPPStandardsRun-$tenantfilter"
+                FunctionName = 'Invoke-CIPPStandardsRun'
+                Parameters   = [string](ConvertTo-Json -Compress -InputObject @{
                         TenantFilter = $tenantfilter
                         Force        = $true
                     })

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ListBPA.ps1

@@ -80,13 +80,19 @@ Function Invoke-ListBPA {
     $Results = [PSCustomObject]@{
         Data    = @($Data)
         Columns = @($Columns)
+        Keys    = $Data | ForEach-Object {
+            $_.PSObject.Properties |
+            Where-Object { $_.Name -ne 'PartitionKey' -and $_.Name -ne 'RowKey' -and $_.Name -ne 'Timestamp' } |
+            ForEach-Object { $_.Name }
+        } | Select-Object -Unique
         Style   = $Style
     }
 
     if (!$Results) {
         $Results = @{
             Columns = @( value = 'Results'; name = 'Results')
             Data    = @(@{ Results = 'The BPA has not yet run.' })
+            Keys    = @()
         }
     }
 

Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPProcessorQueue.ps1

@@ -10,8 +10,8 @@ function Start-CIPPProcessorQueue {
     $QueueItems = Get-CIPPAzDataTableEntity @QueueTable -Filter "PartitionKey eq 'Function'"
 
     foreach ($QueueItem in $QueueItems) {
-        if ($PSCmdlet.ShouldProcess("Processing function $($QueueItem.ProcessorFunction)")) {
-            Write-Information "Running queued function $($QueueItem.ProcessorFunction)"
+        if ($PSCmdlet.ShouldProcess("Processing function $($QueueItem.FunctionName)")) {
+            Write-Information "Running queued function $($QueueItem.FunctionName)"
             if ($QueueItem.Parameters) {
                 try {
                     $Parameters = $QueueItem.Parameters | ConvertFrom-Json -AsHashtable
@@ -21,14 +21,14 @@ function Start-CIPPProcessorQueue {
             } else {
                 $Parameters = @{}
             }
-            if (Get-Command -Name $QueueItem.ProcessorFunction -Module CIPPCore -ErrorAction SilentlyContinue) {
+            if (Get-Command -Name $QueueItem.FunctionName -Module CIPPCore -ErrorAction SilentlyContinue) {
                 try {
-                    Invoke-Command -ScriptBlock { & $QueueItem.ProcessorFunction @Parameters }
+                    Invoke-Command -ScriptBlock { & $QueueItem.FunctionName @Parameters }
                 } catch {
-                    Write-Warning "Failed to run function $($QueueItem.ProcessorFunction). Error: $($_.Exception.Message)"
+                    Write-Warning "Failed to run function $($QueueItem.FunctionName). Error: $($_.Exception.Message)"
                 }
             } else {
-                Write-Warning "Function $($QueueItem.ProcessorFunction) not found"
+                Write-Warning "Function $($QueueItem.FunctionName) not found"
             }
             Remove-AzDataTableEntity @QueueTable -Entity $QueueItem
         }

Modules/CIPPCore/Public/Get-CIPPDomainAnalyser.ps1

@@ -17,7 +17,8 @@ function Get-CIPPDomainAnalyser {
     $DomainTable = Get-CIPPTable -Table 'Domains'
 
     # Get all the things
-
+    #Transform the tenantFilter to the GUID.
+    $TenantFilter = (Get-Tenants -TenantFilter $tenantFilter).customerId
     if ($TenantFilter -ne 'AllTenants' -and ![string]::IsNullOrEmpty($TenantFilter)) {
         $DomainTable.Filter = "TenantGUID eq '{0}'" -f $TenantFilter
     }

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1

@@ -33,13 +33,13 @@ function Invoke-CIPPStandardAuditLog {
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'AuditLog'
 
     Write-Host ($Settings | ConvertTo-Json)
-    $AuditLogEnabled = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AdminAuditLogConfig' -Select UnifiedAuditLogIngestionEnabled).UnifiedAuditLogIngestionEnabled
+    $AuditLogEnabled = [bool](New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AdminAuditLogConfig' -Select UnifiedAuditLogIngestionEnabled).UnifiedAuditLogIngestionEnabled
 
     If ($Settings.remediate -eq $true) {
         Write-Host 'Time to remediate'
 
         $DehydratedTenant = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig' -Select IsDehydrated).IsDehydrated
-        if ($DehydratedTenant) {
+        if ($DehydratedTenant -eq $true) {
             try {
                 New-ExoRequest -tenantid $Tenant -cmdlet 'Enable-OrganizationCustomization'
                 Write-LogMessage -API 'Standards' -tenant $tenant -message 'Organization customization enabled.' -sev Info
@@ -50,7 +50,7 @@ function Invoke-CIPPStandardAuditLog {
         }
 
         try {
-            if ($AuditLogEnabled) {
+            if ($AuditLogEnabled -eq $true) {
                 Write-LogMessage -API 'Standards' -tenant $tenant -message 'Unified Audit Log already enabled.' -sev Info
             } else {
                 New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AdminAuditLogConfig' -cmdParams @{UnifiedAuditLogIngestionEnabled = $true }
@@ -64,7 +64,7 @@ function Invoke-CIPPStandardAuditLog {
     }
     if ($Settings.alert -eq $true) {
 
-        if ($AuditLogEnabled) {
+        if ($AuditLogEnabled -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Unified Audit Log is enabled' -sev Info
         } else {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Unified Audit Log is not enabled' -sev Alert

Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1

@@ -21,6 +21,7 @@ function Test-CIPPAuditLogRules {
         'SAS:ProcessAuth'
         'deviceAuth:ReprocessTls'
         'Consent:Set'
+        'Login:reprocess'
     )
 
     $TrustedIPTable = Get-CIPPTable -TableName 'trustedIps'