Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev

Author: JohnDuprey

Cache_SAMSetup/PermissionsTranslator.json

@@ -11,33 +11,33 @@ Function Invoke-ExecSetOoO {
     param($Request, $TriggerMetadata)
     try {
         $APIName = $Request.Params.CIPPEndpoint
-        Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-        $Username = $request.body.userId
-        $Tenantfilter = $request.body.tenantfilter
-        if ($Request.body.input) {
-            $InternalMessage = $Request.body.input
-            $ExternalMessage = $Request.body.input
+        Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+        $Username = $Request.Body.userId
+        $TenantFilter = $Request.Body.tenantFilter
+        if ($Request.Body.input) {
+            $InternalMessage = $Request.Body.input
+            $ExternalMessage = $Request.Body.input
         } else {
-            $InternalMessage = $Request.body.InternalMessage
-            $ExternalMessage = $Request.body.ExternalMessage
+            $InternalMessage = $Request.Body.InternalMessage
+            $ExternalMessage = $Request.Body.ExternalMessage
         }
         #if starttime and endtime are a number, they are unix timestamps and need to be converted to datetime, otherwise just use them.
-        $StartTime = if ($Request.body.StartTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.body.StartTime).DateTime } else { $Request.body.StartTime }
-        $EndTime = if ($Request.body.EndTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.body.EndTime).DateTime } else { $Request.body.EndTime }
+        $StartTime = if ($Request.Body.StartTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Body.StartTime).DateTime } else { $Request.Body.StartTime }
+        $EndTime = if ($Request.Body.EndTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Body.EndTime).DateTime } else { $Request.Body.EndTime }
 
         $Results = try {
             if ($Request.Body.AutoReplyState.value -ne 'Scheduled') {
-                Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -State $Request.Body.AutoReplyState.value
+                Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -State $Request.Body.AutoReplyState.value
             } else {
-                Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -StartTime $StartTime -EndTime $EndTime -State $Request.Body.AutoReplyState.value
+                Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -StartTime $StartTime -EndTime $EndTime -State $Request.Body.AutoReplyState.value
             }
         } catch {
-            "Could not add out of office message for $($username). Error: $($_.Exception.Message)"
+            "Could not add out of office message for $($Username). Error: $($_.Exception.Message)"
         }
 
-        $body = [pscustomobject]@{'Results' = $($results) }
+        $Body = [PSCustomObject]@{'Results' = $($Results) }
     } catch {
-        $body = [pscustomobject]@{'Results' = "Could not set Out of Office user: $($_.Exception.message)" }
+        $Body = [PSCustomObject]@{'Results' = "Could not set Out of Office user: $($_.Exception.Message)" }
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Administration/Invoke-ExecSetOoO.ps1

@@ -20,27 +20,29 @@ Function Invoke-ListSharedMailboxAccountEnabled {
     # Get Shared Mailbox Stuff
     try {
         $SharedMailboxList = (New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($TenantFilter)/Mailbox?`$filter=RecipientTypeDetails eq 'SharedMailbox'" -Tenantid $TenantFilter -scope ExchangeOnline)
-        $AllUsersAccountState = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/users?select=id,userPrincipalName,accountEnabled,displayName,givenName,surname,onPremisesSyncEnabled' -tenantid $TenantFilter
-        $EnabledUsersWithSharedMailbox = foreach ($SharedMailbox in $SharedMailboxList) {
+        $AllUsersInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/users?$select=id,userPrincipalName,accountEnabled,displayName,givenName,surname,onPremisesSyncEnabled,assignedLicenses' -tenantid $TenantFilter
+        $SharedMailboxDetails = foreach ($SharedMailbox in $SharedMailboxList) {
             # Match the User
-            $User = $AllUsersAccountState | Where-Object { $_.userPrincipalName -eq $SharedMailbox.userPrincipalName } | Select-Object -Property id, userPrincipalName, accountEnabled, displayName, givenName, surname, onPremisesSyncEnabled -First 1
-            if ($User.accountEnabled) {
-                $User | Select-Object `
-                @{Name = 'UserPrincipalName'; Expression = { $User.UserPrincipalName } }, `
-                @{Name = 'displayName'; Expression = { $User.displayName } },
-                @{Name = 'givenName'; Expression = { $User.givenName } },
-                @{Name = 'surname'; Expression = { $User.surname } },
-                @{Name = 'accountEnabled'; Expression = { $User.accountEnabled } },
-                @{Name = 'id'; Expression = { $User.id } },
-                @{Name = 'onPremisesSyncEnabled'; Expression = { $User.onPremisesSyncEnabled } }
-
+            $User = $AllUsersInfo | Where-Object { $_.userPrincipalName -eq $SharedMailbox.userPrincipalName } | Select-Object -First 1
+
+            if ($User) {
+                # Return all shared mailboxes with license information
+                [PSCustomObject]@{
+                    UserPrincipalName = $User.userPrincipalName
+                    displayName = $User.displayName
+                    givenName = $User.givenName
+                    surname = $User.surname
+                    accountEnabled = $User.accountEnabled
+                    assignedLicenses = $User.assignedLicenses
+                    id = $User.id
+                    onPremisesSyncEnabled = $User.onPremisesSyncEnabled
+                }
             }
         }
     } catch {
-        Write-LogMessage -API 'Tenant' -tenant $TenantFilter -message "Shared Mailbox Enabled Accounts on $($TenantFilter). Error: $($_.exception.message)" -sev 'Error'
+        Write-LogMessage -API 'Tenant' -tenant $TenantFilter -message "Shared Mailbox List on $($TenantFilter). Error: $($_.exception.message)" -sev 'Error'
     }
-
-    $GraphRequest = $EnabledUsersWithSharedMailbox
+    $GraphRequest = $SharedMailboxDetails
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSharedMailboxAccountEnabled.ps1

@@ -53,13 +53,54 @@ Function Invoke-EditRoomMailbox {
         }
     }
 
+
+    # Then update the calendar properties
+    $UpdateCalendarParams = @{
+        Identity = $MailboxObject.roomId
+    }
+
+    $CalendarProperties = @(
+        'AllowConflicts', 'AllowRecurringMeetings', 'BookingWindowInDays',
+        'MaximumDurationInMinutes', 'ProcessExternalMeetingMessages', 'EnforceCapacity',
+        'ForwardRequestsToDelegates', 'ScheduleOnlyDuringWorkHours ', 'AutomateProcessing'
+    )
+
+    foreach ($prop in $CalendarProperties) {
+        if (![string]::IsNullOrWhiteSpace($MailboxObject.$prop)) {
+            $UpdateCalendarParams[$prop] = $MailboxObject.$prop
+        }
+    }
+
+    # Then update the calendar configuration
+    $UpdateCalendarConfigParams = @{
+        Identity = $MailboxObject.roomId
+    }
+
+    $CalendarConfiguration = @(
+        'WorkDays', 'WorkHoursStartTime', 'WorkHoursEndTime', 'WorkingHoursTimeZone'
+    )
+
+    foreach ($prop in $CalendarConfiguration) {
+        if (![string]::IsNullOrWhiteSpace($MailboxObject.$prop)) {
+            $UpdateCalendarConfigParams[$prop] = $MailboxObject.$prop
+        }
+    }
+
     try {
         # Update mailbox properties
         $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Set-Mailbox' -cmdParams $UpdateMailboxParams
 
         # Update place properties
         $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Set-Place' -cmdParams $UpdatePlaceParams
-        $Results.Add("Successfully updated room: $($MailboxObject.DisplayName)")
+        $Results.Add("Successfully updated room: $($MailboxObject.DisplayName) (Place Properties)")
+
+        # Update calendar properties
+        $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Set-CalendarProcessing' -cmdParams $UpdateCalendarParams
+        $Results.Add("Successfully updated room: $($MailboxObject.DisplayName) (Calendar Properties)")
+
+        # Update calendar configuration properties
+        $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Set-MailboxCalendarConfiguration' -cmdParams $UpdateCalendarConfigParams
+        $Results.Add("Successfully updated room: $($MailboxObject.DisplayName) (Calendar Configuration)")
 
         Write-LogMessage -headers $Request.Headers -API $APIName -tenant $Tenant -message "Updated room $($MailboxObject.DisplayName)" -Sev 'Info'
         $StatusCode = [HttpStatusCode]::OK

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Resources/Invoke-EditRoomMailbox.ps1

@@ -32,7 +32,17 @@ Function Invoke-ListRooms {
                 Identity = $RoomId
             } | Select-Object -ExcludeProperty *@odata.type*
 
-            if ($RoomMailbox -and $PlaceDetails) {
+            # Get calendar properties
+            $CalendarProperties = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-CalendarProcessing' -cmdParams @{
+                Identity = $RoomId
+            } | Select-Object -ExcludeProperty *@odata.type*
+
+            # Get calendar properties
+            $CalendarConfigurationProperties = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MailboxCalendarConfiguration' -cmdParams @{
+                Identity = $RoomId
+            } | Select-Object -ExcludeProperty *@odata.type*
+
+            if ($RoomMailbox -and $PlaceDetails -and $CalendarProperties -and $CalendarConfigurationProperties) {
                 $GraphRequest = @(
                     [PSCustomObject]@{
                         # Core Mailbox Properties
@@ -70,6 +80,23 @@ Function Invoke-ListRooms {
                         phone                         = if ([string]::IsNullOrWhiteSpace($PlaceDetails.Phone)) { $null } else { $PlaceDetails.Phone }
                         tags                          = $PlaceDetails.Tags
                         spaceType                     = $PlaceDetails.SpaceType
+
+                        # Calendar Properties
+                        AllowConflicts                = $CalendarProperties.AllowConflicts
+                        AllowRecurringMeetings        = $CalendarProperties.AllowRecurringMeetings
+                        BookingWindowInDays           = $CalendarProperties.BookingWindowInDays
+                        MaximumDurationInMinutes      = $CalendarProperties.MaximumDurationInMinutes
+                        ProcessExternalMeetingMessages= $CalendarProperties.ProcessExternalMeetingMessages
+                        EnforceCapacity               = $CalendarProperties.EnforceCapacity
+                        ForwardRequestsToDelegates    = $CalendarProperties.ForwardRequestsToDelegates
+                        ScheduleOnlyDuringWorkHours   = $CalendarProperties.ScheduleOnlyDuringWorkHours
+                        AutomateProcessing            = $CalendarProperties.AutomateProcessing
+
+                        # Calendar Configuration Properties
+                        WorkDays                      = if ([string]::IsNullOrWhiteSpace($CalendarConfigurationProperties.WorkDays)) { $null } else { $CalendarConfigurationProperties.WorkDays }
+                        WorkHoursStartTime            = if ([string]::IsNullOrWhiteSpace($CalendarConfigurationProperties.WorkHoursStartTime)) { $null } else { $CalendarConfigurationProperties.WorkHoursStartTime }
+                        WorkHoursEndTime              = if ([string]::IsNullOrWhiteSpace($CalendarConfigurationProperties.WorkHoursEndTime)) { $null } else { $CalendarConfigurationProperties.WorkHoursEndTime }
+                        WorkingHoursTimeZone          = $CalendarConfigurationProperties.WorkingHoursTimeZone
                     }
                 )
             }

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Resources/Invoke-ListRooms.ps1

@@ -17,13 +17,19 @@ Function Invoke-AddTenantAllowBlockList {
     $BlockListObject = $Request.Body
     if ($Request.Body.tenantId -eq 'AllTenants') { $Tenants = (Get-Tenants).defaultDomainName } else { $Tenants = @($Request.body.tenantId) }
     $Results = [System.Collections.Generic.List[string]]::new()
+    $Entries = @()
+    if ($BlockListObject.entries -is [array]) {
+        $Entries = $BlockListObject.entries
+    } else {
+        $Entries = @($BlockListObject.entries -split "[,;]" | Where-Object { $_ -ne "" } | ForEach-Object { $_.Trim() })
+    }
     foreach ($Tenant in $Tenants) {
         try {
             $ExoRequest = @{
                 tenantid  = $Tenant
                 cmdlet    = 'New-TenantAllowBlockListItems'
                 cmdParams = @{
-                    Entries                     = [string[]]$BlockListObject.entries
+                    Entries                     = $Entries
                     ListType                    = [string]$BlockListObject.listType
                     Notes                       = [string]$BlockListObject.notes
                     $BlockListObject.listMethod = [bool]$true
@@ -32,6 +38,8 @@ Function Invoke-AddTenantAllowBlockList {
 
             if ($BlockListObject.NoExpiration -eq $true) {
                 $ExoRequest.cmdParams.NoExpiration = $true
+            } elseif ($BlockListObject.RemoveAfter -eq $true) {
+                $ExoRequest.cmdParams.RemoveAfter = 45
             }
 
             New-ExoRequest @ExoRequest

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Spamfilter/Invoke-AddTenantAllowBlockList.ps1

@@ -121,11 +121,8 @@ function Invoke-ExecJITAdmin {
                 $PasswordExpiration = $TapRequest.LifetimeInMinutes
 
                 $PasswordLink = New-PwPushLink -Payload $TempPass
-                if ($PasswordLink) {
-                    $Password = $PasswordLink
-                } else {
-                    $Password = $TempPass
-                }
+                $Password = $PasswordLink ? $PasswordLink : $TempPass
+
                 $Results.Add("Temporary Access Pass: $Password")
                 $Results.Add("This TAP is usable starting at $($TapRequest.startDateTime) UTC for the next $PasswordExpiration minutes")
             } catch {

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1

@@ -1,22 +1,22 @@
 function Write-AlertTrace {
     <#
     .FUNCTIONALITY
-    Internal function. Pleases most of write-alertmessage for alerting purposes
+    Internal function. Pleases most of Write-AlertTrace for alerting purposes
     #>
     Param(
         $cmdletName,
         $data,
         $tenantFilter
-    )   
+    )
     $Table = Get-CIPPTable -tablename AlertLastRun
     $PartitionKey = (Get-Date -UFormat '%Y%m%d').ToString()
     #Get current row and compare the $logData object. If it's the same, don't write it.
     $Row = Get-CIPPAzDataTableEntity @table -Filter "RowKey eq '$($tenantFilter)-$($cmdletName)' and PartitionKey eq '$PartitionKey'"
     try {
         $RowData = $Row.LogData
-        $Compare = Compare-Object $RowData ($data | ConvertTo-Json -Compress -Depth 10 | Out-String)
+        $Compare = Compare-Object $RowData (ConvertTo-Json -InputObject $data -Compress -Depth 10 | Out-String)
         if ($Compare) {
-            $LogData = ConvertTo-Json $data -Compress -Depth 10 | Out-String
+            $LogData = ConvertTo-Json -InputObject $data -Compress -Depth 10 | Out-String
             $TableRow = @{
                 'PartitionKey' = $PartitionKey
                 'RowKey'       = "$($tenantFilter)-$($cmdletName)"
@@ -27,7 +27,7 @@ function Write-AlertTrace {
             return $data
         }
     } catch {
-        $LogData = ConvertTo-Json $data -Compress -Depth 10 | Out-String
+        $LogData = ConvertTo-Json -InputObject $data -Compress -Depth 10 | Out-String
         $TableRow = @{
             'PartitionKey' = $PartitionKey
             'RowKey'       = "$($tenantFilter)-$($cmdletName)"
@@ -38,4 +38,4 @@ function Write-AlertTrace {
         return $data
     }
 
-}
+}

Modules/CIPPCore/Public/GraphHelper/Write-AlertTrace.ps1

@@ -10,19 +10,20 @@ function New-CIPPTAP {
     try {
         $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body '{}' -verbose
         Write-LogMessage -headers $Headers -API $APIName -message "Created Temporary Access Password (TAP) for $userid" -Sev 'Info' -tenant $TenantFilter
-        $Results = [System.Collections.Generic.List[string]]::new()
-        $Results.Add("The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes")
-        $Results.Add("$($GraphRequest.temporaryAccessPass)")
-        return $Results
+        return @{
+            resultText          = "The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes"
+            copyField           = $GraphRequest.temporaryAccessPass
+            temporaryAccessPass = $GraphRequest.temporaryAccessPass
+            lifetimeInMinutes   = $GraphRequest.LifetimeInMinutes
+            startDateTime       = $GraphRequest.startDateTime
+            state               = 'success'
+        }
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
         $Result = "Failed to create Temporary Access Password (TAP) for $($userid): $($ErrorMessage.NormalizedError)"
         Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        throw @{ Results = $Result }
-
-
+        throw $Result
     }
-
 }
 

Modules/CIPPCore/Public/New-CIPPTAP.ps1

@@ -21,8 +21,8 @@ function Set-CIPPOutOfOffice {
         }
         if ($State -ne 'Scheduled') {
             $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-MailboxAutoReplyConfiguration' -cmdParams @{Identity = $userid; AutoReplyState = $State; InternalMessage = $InternalMessage; ExternalMessage = $ExternalMessage } -Anchor $userid
-            Write-LogMessage -headers $Headers -API $APIName -message "Set Out-of-office for $($userid) to $state" -Sev 'Info' -tenant $TenantFilter
-            return "Set Out-of-office for $($userid) to $state."
+            Write-LogMessage -headers $Headers -API $APIName -message "Set Out-of-office for $($userid) to $State" -Sev 'Info' -tenant $TenantFilter
+            return "Set Out-of-office for $($userid) to $State."
         } else {
             $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-MailboxAutoReplyConfiguration' -cmdParams @{Identity = $userid; AutoReplyState = $State; InternalMessage = $InternalMessage; ExternalMessage = $ExternalMessage; StartTime = $StartTime; EndTime = $EndTime } -Anchor $userid
             Write-LogMessage -headers $Headers -API $APIName -message "Scheduled Out-of-office for $($userid) between $StartTime and $EndTime" -Sev 'Info' -tenant $TenantFilter