Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev

KelvinTegelaar · KelvinTegelaar · commit 788ca88db184 · 2025-11-21T17:30:43.000+01:00
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLogs.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLogs.ps1
@@ -9,6 +9,9 @@ function Invoke-ListLogs {
     param($Request, $TriggerMetadata)
     $Table = Get-CIPPTable
 
+    $TemplatesTable = Get-CIPPTable -tablename 'templates'
+    $Templates = Get-CIPPAzDataTableEntity @TemplatesTable
+
     $ReturnedLog = if ($Request.Query.ListLogs) {
         Get-AzDataTableEntity @Table -Property PartitionKey | Sort-Object -Unique PartitionKey | Select-Object PartitionKey | ForEach-Object {
             @{
@@ -32,13 +35,11 @@ function Invoke-ListLogs {
             if ($AllowedTenants -contains 'AllTenants' -or ($AllowedTenants -notcontains 'AllTenants' -and ($TenantList.defaultDomainName -contains $Row.Tenant -or $Row.Tenant -eq 'CIPP' -or $TenantList.customerId -contains $Row.TenantId)) ) {
 
                 if ($Row.StandardTemplateId) {
-                    $TemplatesTable = Get-CIPPTable -tablename 'templates'
-                    $Templates = Get-CIPPAzDataTableEntity @TemplatesTable
-
                     $Standard = ($Templates | Where-Object { $_.RowKey -eq $Row.StandardTemplateId }).JSON | ConvertFrom-Json
 
                     $StandardInfo = @{
-                        Standard = $Standard.templateName
+                        Template = $Standard.templateName
+                        Standard = $Row.Standard
                     }
 
                     if ($Row.IntuneTemplateId) {
@@ -84,6 +85,7 @@ function Invoke-ListLogs {
             $username = $Request.Query.User ?? '*'
             $TenantFilter = $Request.Query.Tenant
             $ApiFilter = $Request.Query.API
+            $StandardFilter = $Request.Query.StandardTemplateId
 
             $StartDate = $Request.Query.StartDate ?? $Request.Query.DateFilter
             $EndDate = $Request.Query.EndDate ?? $Request.Query.DateFilter
@@ -114,7 +116,8 @@ function Invoke-ListLogs {
             $_.Severity -in $LogLevel -and
             $_.Username -like $username -and
             ($TenantFilter -eq $null -or $TenantFilter -eq 'AllTenants' -or $_.Tenant -like "*$TenantFilter*" -or $_.TenantID -eq $TenantFilter) -and
-            ($ApiFilter -eq $null -or $_.API -match "$ApiFilter")
+            ($ApiFilter -eq $null -or $_.API -match "$ApiFilter") -and
+            ($StandardFilter -eq $null -or $_.StandardTemplateId -eq $StandardFilter)
         }
 
         if ($AllowedTenants -notcontains 'AllTenants') {
@@ -123,26 +126,46 @@ function Invoke-ListLogs {
 
         foreach ($Row in $Rows) {
             if ($AllowedTenants -contains 'AllTenants' -or ($AllowedTenants -notcontains 'AllTenants' -and ($TenantList.defaultDomainName -contains $Row.Tenant -or $Row.Tenant -eq 'CIPP' -or $TenantList.customerId -contains $Row.TenantId)) ) {
+                if ($Row.StandardTemplateId) {
+                    $Standard = ($Templates | Where-Object { $_.RowKey -eq $Row.StandardTemplateId }).JSON | ConvertFrom-Json
+
+                    $StandardInfo = @{
+                        Template = $Standard.templateName
+                        Standard = $Row.Standard
+                    }
+
+                    if ($Row.IntuneTemplateId) {
+                        $IntuneTemplate = ($Templates | Where-Object { $_.RowKey -eq $Row.IntuneTemplateId }).JSON | ConvertFrom-Json
+                        $StandardInfo.IntunePolicy = $IntuneTemplate.displayName
+                    }
+                    if ($Row.ConditionalAccessTemplateId) {
+                        $ConditionalAccessTemplate = ($Templates | Where-Object { $_.RowKey -eq $Row.ConditionalAccessTemplateId }).JSON | ConvertFrom-Json
+                        $StandardInfo.ConditionalAccessPolicy = $ConditionalAccessTemplate.displayName
+                    }
+                } else {
+                    $StandardInfo = @{}
+                }
 
                 $LogData = if ($Row.LogData -and (Test-Json -Json $Row.LogData -ErrorAction SilentlyContinue)) {
                     $Row.LogData | ConvertFrom-Json
                 } else { $Row.LogData }
                 [PSCustomObject]@{
-                    DateTime = $Row.Timestamp
-                    Tenant   = $Row.Tenant
-                    API      = $Row.API
-                    Message  = $Row.Message
-                    User     = $Row.Username
-                    Severity = $Row.Severity
-                    LogData  = $LogData
-                    TenantID = if ($Row.TenantID -ne $null) {
+                    DateTime     = $Row.Timestamp
+                    Tenant       = $Row.Tenant
+                    API          = $Row.API
+                    Message      = $Row.Message
+                    User         = $Row.Username
+                    Severity     = $Row.Severity
+                    LogData      = $LogData
+                    TenantID     = if ($Row.TenantID -ne $null) {
                         $Row.TenantID
                     } else {
                         'None'
                     }
-                    AppId    = $Row.AppId
-                    IP       = $Row.IP
-                    RowKey   = $Row.RowKey
+                    AppId        = $Row.AppId
+                    IP           = $Row.IP
+                    RowKey       = $Row.RowKey
+                    StandardInfo = $StandardInfo
                 }
             }
         }
diff --git a/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 b/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1
@@ -153,7 +153,7 @@ function New-CIPPCAPolicy {
                     name       = ($CheckExisting | Where-Object -Property displayName -EQ $Location.displayName).displayName
                     templateId = $location.id
                 }
-                Write-LogMessage -Headers $User -API $APINAME -message "Matched a CA policy with the existing Named Location: $($location.displayName)" -Sev 'Info'
+                Write-LogMessage -Tenant $TenantFilter -Headers $User -API $APINAME -message "Matched a CA policy with the existing Named Location: $($location.displayName)" -Sev 'Info'
 
             } else {
                 if ($location.countriesAndRegions) { $location.countriesAndRegions = @($location.countriesAndRegions) }
@@ -169,7 +169,7 @@ function New-CIPPCAPolicy {
                     Start-Sleep -Seconds 2
                     $retryCount++
                 } while ((!$LocationRequest -or !$LocationRequest.id) -and ($retryCount -lt 5))
-                Write-LogMessage -Headers $User -API $APINAME -message "Created new Named Location: $($location.displayName)" -Sev 'Info'
+                Write-LogMessage -Tenant $TenantFilter -Headers $User -API $APINAME -message "Created new Named Location: $($location.displayName)" -Sev 'Info'
                 [pscustomobject]@{
                     id   = $GraphRequest.id
                     name = $GraphRequest.displayName
@@ -248,7 +248,7 @@ function New-CIPPCAPolicy {
                 }
             } catch {
                 $ErrorMessage = Get-CippException -Exception $_
-                Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to replace displayNames for conditional access rule $($JSONobj.displayName). Error: $($ErrorMessage.NormalizedError)" -sev 'Error' -LogData $ErrorMessage
+                Write-LogMessage -API 'Standards' -tenant $TenantFilter -message "Failed to replace displayNames for conditional access rule $($JSONobj.displayName). Error: $($ErrorMessage.NormalizedError)" -sev 'Error' -LogData $ErrorMessage
                 throw "Failed to replace displayNames for conditional access rule $($JSONobj.displayName): $($ErrorMessage.NormalizedError)"
             }
         }
@@ -278,8 +278,8 @@ function New-CIPPCAPolicy {
         #Send request to disable security defaults.
         $body = '{ "isEnabled": false }'
         try {
-            $null = New-GraphPostRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy' -Type patch -Body $body -asApp $true -ContentType 'application/json'
-            Write-LogMessage -Headers $User -API 'Create CA Policy' -tenant $($Tenant) -message "Disabled Security Defaults for tenant $($TenantFilter)" -Sev 'Info'
+            $null = New-GraphPostRequest -tenantid $TenantFilter -Uri 'https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy' -Type patch -Body $body -asApp $true -ContentType 'application/json'
+            Write-LogMessage -Headers $User -API 'Create CA Policy' -tenant $TenantFilter -message "Disabled Security Defaults for tenant $($TenantFilter)" -Sev 'Info'
             Start-Sleep 3
         } catch {
             $ErrorMessage = Get-CippException -Exception $_
@@ -340,7 +340,7 @@ function New-CIPPCAPolicy {
         }
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to create or update conditional access rule $($JSONobj.displayName): $($ErrorMessage.NormalizedError) " -sev 'Error' -LogData $ErrorMessage
+        Write-LogMessage -API 'Standards' -tenant $TenantFilter -message "Failed to create or update conditional access rule $($JSONobj.displayName): $($ErrorMessage.NormalizedError) " -sev 'Error' -LogData $ErrorMessage
 
         Write-Warning "Failed to create or update conditional access rule $($JSONobj.displayName): $($ErrorMessage.NormalizedError)"
         Write-Information $_.InvocationInfo.PositionMessage
