Merge pull request #624 from KelvinTegelaar/dev

pull[bot] · web-flow · commit 253ffa27a261 · 2025-12-17T20:58:41.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Domains/Invoke-AddDomain.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Domains/Invoke-AddDomain.ps1
@@ -0,0 +1,50 @@
+function Invoke-AddDomain {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Tenant.Administration.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $TenantFilter = $Request.Body.tenantFilter
+    $DomainName = $Request.Body.domain
+
+    # Interact with query parameters or the body of the request.
+    try {
+        if ([string]::IsNullOrWhiteSpace($DomainName)) {
+            throw 'Domain name is required'
+        }
+
+        # Validate domain name format
+        if ($DomainName -notmatch '^[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$') {
+            throw 'Invalid domain name format'
+        }
+
+        Write-Information "Adding domain $DomainName to tenant $TenantFilter"
+
+        $Body = @{
+            id = $DomainName
+        } | ConvertTo-Json -Compress
+
+        $GraphRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $TenantFilter -type POST -body $Body -AsApp $true
+
+        $Result = "Successfully added domain $DomainName to tenant $TenantFilter. Please verify the domain to complete setup."
+        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Added domain $DomainName" -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to add domain $DomainName`: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Failed to add domain $DomainName`: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
+    }
+
+    return ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
+        })
+
+}
+
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Domains/Invoke-ExecDomainAction.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Domains/Invoke-ExecDomainAction.ps1
@@ -0,0 +1,91 @@
+function Invoke-ExecDomainAction {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Tenant.Administration.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $TenantFilter = $Request.Body.tenantFilter
+    $DomainName = $Request.Body.domain
+    $Action = $Request.Body.Action
+
+    try {
+        if ([string]::IsNullOrWhiteSpace($DomainName)) {
+            throw 'Domain name is required'
+        }
+
+        if ([string]::IsNullOrWhiteSpace($Action)) {
+            throw 'Action is required'
+        }
+
+        switch ($Action) {
+            'verify' {
+                Write-Information "Verifying domain $DomainName for tenant $TenantFilter"
+
+                $Body = @{
+                    verificationDnsRecordCollection = @()
+                } | ConvertTo-Json -Compress
+
+                $null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/domains/$DomainName/verify" -tenantid $TenantFilter -type POST -body $Body -AsApp $true
+
+                $Result = @{
+                    resultText = "Domain $DomainName has been verified successfully."
+                    state      = 'success'
+                }
+
+                Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Verified domain $DomainName" -Sev 'Info'
+                $StatusCode = [HttpStatusCode]::OK
+            }
+            'delete' {
+                Write-Information "Deleting domain $DomainName from tenant $TenantFilter"
+
+                $null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/domains/$DomainName" -tenantid $TenantFilter -type DELETE -AsApp $true
+
+                $Result = @{
+                    resultText = "Domain $DomainName has been deleted successfully."
+                    state      = 'success'
+                }
+
+                Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Deleted domain $DomainName" -Sev 'Info'
+                $StatusCode = [HttpStatusCode]::OK
+            }
+            'setDefault' {
+                Write-Information "Setting domain $DomainName as default for tenant $TenantFilter"
+
+                $Body = @{
+                    isDefault = $true
+                } | ConvertTo-Json -Compress
+
+                $GraphRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/domains/$DomainName" -tenantid $TenantFilter -type PATCH -body $Body -AsApp $true
+
+                $Result = @{
+                    resultText = "Domain $DomainName has been set as the default domain successfully."
+                    state      = 'success'
+                }
+
+                Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Set domain $DomainName as default" -Sev 'Info'
+                $StatusCode = [HttpStatusCode]::OK
+            }
+            default {
+                throw "Invalid action: $Action"
+            }
+        }
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = @{
+            resultText = "Failed to perform action on domain $DomainName`: $($ErrorMessage.NormalizedError)"
+            state      = 'error'
+        }
+        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Failed to perform action on domain $DomainName`: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
+    }
+
+    return ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
+        })
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1
@@ -11,8 +11,6 @@ function Invoke-ExecGDAPInvite {
     $APIName = $Request.Params.CIPPEndpoint
     $Headers = $Request.Headers
 
-
-
     $Action = $Request.Body.Action ?? $Request.Query.Action ?? 'Create'
     $InviteId = $Request.Body.InviteId
     $Reference = $Request.Body.Reference
@@ -23,8 +21,8 @@ function Invoke-ExecGDAPInvite {
         $user = $headers.'x-ms-client-principal'
         $Technician = ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($user)) | ConvertFrom-Json).userDetails
     } elseif ($Headers.'x-ms-client-principal-idp' -eq 'aad') {
-        $Table = Get-CIPPTable -TableName 'ApiClients'
-        $Client = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($headers.'x-ms-client-principal-name')'"
+        $ApiClientTable = Get-CIPPTable -TableName 'ApiClients'
+        $Client = Get-CIPPAzDataTableEntity @ApiClientTable -Filter "RowKey eq '$($headers.'x-ms-client-principal-name')'"
         $Technician = $Client.AppName ?? 'CIPP-API'
     } else {
         try {
