permission sets

Author: JohnDuprey

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Application Approval/Invoke-ExecAppPermissionTemplate.ps1

@@ -1,7 +1,7 @@
 function Invoke-ExecAppPermissionTemplate {
     <#
     .FUNCTIONALITY
-        Entrypoint
+        Entrypoint,AnyTenant
     .ROLE
         Tenant.Application.ReadWrite
     #>
@@ -12,7 +12,9 @@ function Invoke-ExecAppPermissionTemplate {
 
     $User = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Request.Headers.'x-ms-client-principal')) | ConvertFrom-Json
 
-    switch ($Request.Query.Action) {
+    $Action = $Request.Query.Action ?? $Request.Body.Action
+
+    switch ($Action) {
         'Save' {
             try {
                 $Permissions = $Request.Body.Permissions
@@ -25,8 +27,11 @@ function Invoke-ExecAppPermissionTemplate {
                 }
                 $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force
                 $Body = @{
-                    'Results'    = 'Template Saved'
-                    'TemplateId' = $Entity.RowKey
+                    'Results'  = 'Template Saved'
+                    'Metadata' = @{
+                        'TemplateName' = $Entity.TemplateName
+                        'TemplateId'   = $Entity.RowKey
+                    }
                 }
                 Write-LogMessage -headers $Request.Headers -API 'ExecAppPermissionTemplate' -message "Permissions Saved for template: $($Request.Body.TemplateName)" -Sev 'Info' -LogData $Permissions
             } catch {
@@ -35,8 +40,39 @@ function Invoke-ExecAppPermissionTemplate {
                 }
             }
         }
+        'Delete' {
+            try {
+                $TemplateId = $Request.Body.TemplateId
+                $Template = (Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Templates' and RowKey eq '$TemplateId'")
+                $TemplateName = $Template.TemplateName
+
+                if ($TemplateId) {
+                    $null = Remove-AzDataTableEntity @Table -Entity $Template -Force
+                    $Body = @{
+                        'Results' = "Successfully deleted template '$TemplateName'"
+                    }
+                    Write-LogMessage -headers $Request.Headers -API 'ExecAppPermissionTemplate' -message "Permission template deleted: $TemplateName" -Sev 'Info'
+                } else {
+                    $Body = @{
+                        'Results' = 'No Template ID provided for deletion'
+                    }
+                }
+            } catch {
+                $Body = @{
+                    'Results' = "Failed to delete template: $($_.Exception.Message)"
+                }
+            }
+        }
         default {
-            $Body = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Templates'" | ForEach-Object {
+            # Check if TemplateId is provided to filter results
+            $filter = "PartitionKey eq 'Templates'"
+            if ($Request.Query.TemplateId) {
+                $templateId = $Request.Query.TemplateId
+                $filter = "PartitionKey eq 'Templates' and RowKey eq '$templateId'"
+                Write-LogMessage -headers $Request.Headers -API 'ExecAppPermissionTemplate' -message "Retrieved specific template: $templateId" -Sev 'Info'
+            }
+
+            $Body = Get-CIPPAzDataTableEntity @Table -Filter $filter | ForEach-Object {
                 [PSCustomObject]@{
                     TemplateId   = $_.RowKey
                     TemplateName = $_.TemplateName