Merge pull request #308 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev

Author: pull[bot]

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-EditIntunePolicy.ps1

@@ -0,0 +1,51 @@
+using namespace System.Net
+
+Function Invoke-EditIntunePolicy {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Endpoint.MEM.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.ID ?? $Request.Body.ID
+    $DisplayName = $Request.Query.newDisplayName ?? $Request.Body.newDisplayName
+    $PolicyType = $Request.Query.policyType ?? $Request.Body.policyType
+
+    try {
+        $properties = @{}
+
+        # Only add displayName if it's provided
+        if ($DisplayName) {
+            $properties["displayName"] = $DisplayName
+        }
+
+        # Update the policy
+        $Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$PolicyType/$ID" -tenantid $TenantFilter -type PATCH -body ($properties | ConvertTo-Json) -asapp $true
+
+        $Result = "Successfully updated Intune policy $($ID)"
+        if ($DisplayName) { $Result += " name to '$($DisplayName)'" }
+
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to update Intune policy $($ID): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
+    }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
+        })
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-EditPolicy.ps1

@@ -10,6 +10,8 @@ Function Invoke-EditPolicy {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
+    # Note, suspect this is deprecated - rvdwegen
+
     $APIName = $Request.Params.CIPPEndpoint
     $Headers = $Request.Headers
     Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1

@@ -18,16 +18,31 @@ Function Invoke-EditCAPolicy {
     $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
     $ID = $Request.Query.GUID ?? $Request.Body.GUID
     $State = $Request.Query.State ?? $Request.Body.State
+    $DisplayName = $Request.Query.newDisplayName ?? $Request.Body.newDisplayName
 
     try {
-        $EditBody = "{`"state`": `"$($State)`"}"
-        $Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta//identity/conditionalAccess/policies/$($ID)" -tenantid $TenantFilter -type PATCH -body $EditBody -asapp $true
-        $Result = "Successfully set CA policy $($ID) to $($State)"
+        $properties = @{}
+
+        # Conditionally add properties
+        if ($State) {
+            $properties["state"] = $State
+        }
+
+        if ($DisplayName) {
+            $properties["displayName"] = $DisplayName
+        }
+
+        $Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta//identity/conditionalAccess/policies/$($ID)" -tenantid $TenantFilter -type PATCH -body ($properties | ConvertTo-Json) -asapp $true
+
+        $Result = "Successfully updated CA policy $($ID)"
+        if ($State) { $Result += " state to $($State)" }
+        if ($DisplayName) { $Result += " name to '$($DisplayName)'" }
+
         Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Info'
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        $Result = "Failed to set CA policy $($ID) to $($State): $($ErrorMessage.NormalizedError)"
+        $Result = "Failed to update CA policy $($ID): $($ErrorMessage.NormalizedError)"
         Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Error' -LogData $ErrorMessage
         $StatusCode = [HttpStatusCode]::InternalServerError
     }

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDefaultSharingLink.ps1

@@ -0,0 +1,73 @@
+function Invoke-CIPPStandardDefaultSharingLink {
+    <#
+    .FUNCTIONALITY
+        Internal
+    .COMPONENT
+        (APIName) DefaultSharingLink
+    .SYNOPSIS
+        (Label) Set Default Sharing Link Settings
+    .DESCRIPTION
+        (Helptext) Sets the default sharing link type to Internal and permission to View in SharePoint and OneDrive.
+        (DocsDescription) Sets the default sharing link type to Internal and permission to View in SharePoint and OneDrive.
+    .NOTES
+        CAT
+            SharePoint Standards
+        TAG
+        ADDEDCOMPONENT
+        IMPACT
+            Medium Impact
+        ADDEDDATE
+            2025-06-13
+        POWERSHELLEQUIVALENT
+            Set-SPOTenant -DefaultSharingLinkType Internal -DefaultLinkPermission View
+        RECOMMENDEDBY
+        UPDATECOMMENTBLOCK
+            Run the Tools\Update-StandardsComments.ps1 script to update this comment block
+    .LINK
+        https://docs.cipp.app/user-documentation/tenant/standards/list-standards
+    #>
+
+    param($Tenant, $Settings)
+
+    $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant |
+        Select-Object -Property DefaultSharingLinkType, DefaultLinkPermission
+
+    $StateIsCorrect = ($CurrentState.DefaultSharingLinkType -eq 2) -and ($CurrentState.DefaultLinkPermission -eq 1)
+
+    if ($Settings.remediate -eq $true) {
+        if ($StateIsCorrect -eq $true) {
+            Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Default sharing link settings are already configured correctly' -Sev Info
+        } else {
+            $Properties = @{
+                DefaultSharingLinkType = 2  # Internal
+                DefaultLinkPermission  = 1  # View
+            }
+
+            try {
+                Get-CIPPSPOTenant -TenantFilter $Tenant | Set-CIPPSPOTenant -Properties $Properties
+                Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Successfully set default sharing link settings' -Sev Info
+            } catch {
+                $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+                Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Failed to set default sharing link settings. Error: $ErrorMessage" -Sev Error
+            }
+        }
+    }
+
+    if ($Settings.alert -eq $true) {
+        if ($StateIsCorrect -eq $true) {
+            Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Default sharing link settings are configured correctly' -Sev Info
+        } else {
+            Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Default sharing link settings are not configured correctly' -Sev Alert
+        }
+    }
+
+    if ($Settings.report -eq $true) {
+        Add-CIPPBPAField -FieldName 'DefaultSharingLink' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
+        if ($StateIsCorrect) {
+            $FieldValue = $true
+        } else {
+            $FieldValue = $CurrentState
+        }
+        Set-CIPPStandardsCompareField -FieldName 'standards.DefaultSharingLink' -FieldValue $FieldValue -Tenant $Tenant
+    }
+}