Merge pull request KelvinTegelaar#1645 from PeterVive/intune-policy-listview-customgroupassignment

KelvinTegelaar · web-flow · commit 440f5f27308a · 2025-10-02T23:25:30.000+02:00
Allow assignment of intune policies to custom group from table list
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1
@@ -24,13 +24,26 @@ Function Invoke-ExecAssignPolicy {
 
     $results = try {
         if ($AssignTo) {
-            $null = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $TenantFilter -GroupName $AssignTo -Type $Type -Headers $Headers
+            $AssignmentResult = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $TenantFilter -GroupName $AssignTo -Type $Type -Headers $Headers
+            if ($AssignmentResult) {
+                # Check if it's a warning message (no groups found)
+                if ($AssignmentResult -like "*No groups found*") {
+                    $StatusCode = [HttpStatusCode]::BadRequest
+                } else {
+                    $StatusCode = [HttpStatusCode]::OK
+                }
+                $AssignmentResult
+            } else {
+                $StatusCode = [HttpStatusCode]::OK
+                "Successfully edited policy for $($TenantFilter)"
+            }
+        } else {
+            $StatusCode = [HttpStatusCode]::OK
+            "Successfully edited policy for $($TenantFilter)"
         }
-        "Successfully edited policy for $($TenantFilter)"
-        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        "Failed to add policy for $($TenantFilter): $($_.Exception.Message)"
         $StatusCode = [HttpStatusCode]::InternalServerError
+        "Failed to add policy for $($TenantFilter): $($_.Exception.Message)"
     }
 
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPAssignedPolicy.ps1 b/Modules/CIPPCore/Public/Set-CIPPAssignedPolicy.ps1
@@ -51,7 +51,6 @@ function Set-CIPPAssignedPolicy {
                 )
             }
             default {
-                Write-Host "We're supposed to assign a custom group. The group is $GroupName"
                 $GroupNames = $GroupName.Split(',').Trim()
                 $GroupIds = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/groups?$select=id,displayName&$top=999' -tenantid $TenantFilter |
                     ForEach-Object {
@@ -61,6 +60,13 @@ function Set-CIPPAssignedPolicy {
                             }
                         }
                     }
+                
+                if (-not $GroupIds -or $GroupIds.Count -eq 0) {
+                    $ErrorMessage = "No groups found matching the specified name(s): $GroupName. Policy not assigned."
+                    Write-LogMessage -headers $Headers -API $APIName -message $ErrorMessage -Sev 'Warning' -tenant $TenantFilter
+                    return $ErrorMessage
+                }
+                
                 foreach ($gid in $GroupIds) {
                     $assignmentsList.Add(
                         @{
@@ -102,19 +108,21 @@ function Set-CIPPAssignedPolicy {
         }
 
         $AssignJSON = $assignmentsObject | ConvertTo-Json -Depth 10 -Compress
-        Write-Host "AssignJSON: $AssignJSON"
         if ($PSCmdlet.ShouldProcess($GroupName, "Assigning policy $PolicyId")) {
             $uri = "https://graph.microsoft.com/beta/$($PlatformType)/$Type('$($PolicyId)')/assign"
             $null = New-GraphPOSTRequest -uri $uri -tenantid $TenantFilter -type POST -body $AssignJSON
             if ($ExcludeGroup) {
                 Write-LogMessage -headers $Headers -API $APIName -message "Assigned group '$GroupName' and excluded group '$ExcludeGroup' on Policy $PolicyId" -Sev 'Info' -tenant $TenantFilter
+                return "Successfully assigned group '$GroupName' and excluded group '$ExcludeGroup' on Policy $PolicyId"
             } else {
                 Write-LogMessage -headers $Headers -API $APIName -message "Assigned group '$GroupName' on Policy $PolicyId" -Sev 'Info' -tenant $TenantFilter
+                return "Successfully assigned group '$GroupName' on Policy $PolicyId"
             }
         }
 
     } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
         Write-LogMessage -headers $Headers -API $APIName -message "Failed to assign $GroupName to Policy $PolicyId, using Platform $PlatformType and $Type. The error is:$ErrorMessage" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        return "Failed to assign $GroupName to Policy $PolicyId. Error: $ErrorMessage"
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -51,7 +51,6 @@ function Set-CIPPAssignedPolicy {`
`51`	`51`	`)`
`52`	`52`	`}`
`53`	`53`	`default {`
`54`		`- Write-Host "We're supposed to assign a custom group. The group is $GroupName"`
`55`	`54`	`$GroupNames = $GroupName.Split(',').Trim()`
`56`	`55`	`$GroupIds = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/groups?$select=id,displayName&$top=999' -tenantid $TenantFilter \|`
`57`	`56`	`ForEach-Object {`
`@@ -61,6 +60,13 @@ function Set-CIPPAssignedPolicy {`
`61`	`60`	`}`
`62`	`61`	`}`
`63`	`62`	`}`
	`63`	`+`
	`64`	`+ if (-not $GroupIds -or $GroupIds.Count -eq 0) {`
	`65`	`+ $ErrorMessage = "No groups found matching the specified name(s): $GroupName. Policy not assigned."`
	`66`	`+ Write-LogMessage -headers $Headers -API $APIName -message $ErrorMessage -Sev 'Warning' -tenant $TenantFilter`
	`67`	`+ return $ErrorMessage`
	`68`	`+ }`
	`69`	`+`
`64`	`70`	`foreach ($gid in $GroupIds) {`
`65`	`71`	`$assignmentsList.Add(`
`66`	`72`	`@{`
`@@ -102,19 +108,21 @@ function Set-CIPPAssignedPolicy {`
`102`	`108`	`}`
`103`	`109`
`104`	`110`	`$AssignJSON = $assignmentsObject \| ConvertTo-Json -Depth 10 -Compress`
`105`		`- Write-Host "AssignJSON: $AssignJSON"`
`106`	`111`	`if ($PSCmdlet.ShouldProcess($GroupName, "Assigning policy $PolicyId")) {`
`107`	`112`	`$uri = "https://graph.microsoft.com/beta/$($PlatformType)/$Type('$($PolicyId)')/assign"`
`108`	`113`	`$null = New-GraphPOSTRequest -uri $uri -tenantid $TenantFilter -type POST -body $AssignJSON`
`109`	`114`	`if ($ExcludeGroup) {`
`110`	`115`	`Write-LogMessage -headers $Headers -API $APIName -message "Assigned group '$GroupName' and excluded group '$ExcludeGroup' on Policy $PolicyId" -Sev 'Info' -tenant $TenantFilter`
	`116`	`+ return "Successfully assigned group '$GroupName' and excluded group '$ExcludeGroup' on Policy $PolicyId"`
`111`	`117`	`} else {`
`112`	`118`	`Write-LogMessage -headers $Headers -API $APIName -message "Assigned group '$GroupName' on Policy $PolicyId" -Sev 'Info' -tenant $TenantFilter`
	`119`	`+ return "Successfully assigned group '$GroupName' on Policy $PolicyId"`
`113`	`120`	`}`
`114`	`121`	`}`
`115`	`122`
`116`	`123`	`} catch {`
`117`	`124`	`$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message`
`118`	`125`	`Write-LogMessage -headers $Headers -API $APIName -message "Failed to assign $GroupName to Policy $PolicyId, using Platform $PlatformType and $Type. The error is:$ErrorMessage" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage`
	`126`	`+ return "Failed to assign $GroupName to Policy $PolicyId. Error: $ErrorMessage"`
`119`	`127`	`}`
`120`	`128`	`}`