Skip to content

Commit 92fb8a3

Browse files
KelvinTegelaarKelvinTegelaar
authored
Merge pull request KelvinTegelaar#1518 from kris6673/fix-add-default-back
Fix: Re-add Set-CIPPCalendarPermission refactor and clean up logging
2 parents 086f442 + eeac022 commit 92fb8a3

File tree

1 file changed

+48
-73
lines changed

1 file changed

+48
-73
lines changed

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Administration/Invoke-ExecModifyCalPerms.ps1

Lines changed: 48 additions & 73 deletions
Original file line numberDiff line numberDiff line change
@@ -11,30 +11,30 @@ Function Invoke-ExecModifyCalPerms {
1111
param($Request, $TriggerMetadata)
1212

1313
$APIName = $Request.Params.CIPPEndpoint
14-
Write-LogMessage -headers $Request.Headers -API $APINAME-message 'Accessed this API' -Sev 'Debug'
15-
16-
$Username = $request.body.userID
17-
$Tenantfilter = $request.body.tenantfilter
18-
$Permissions = $request.body.permissions
14+
$Headers = $Request.Headers
15+
Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
1916

20-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Processing request for user: $Username, tenant: $Tenantfilter" -Sev 'Debug'
17+
$Username = $Request.Body.userID
18+
$TenantFilter = $Request.Body.tenantFilter
19+
$Permissions = $Request.Body.permissions
2120

22-
if ($username -eq $null) {
23-
Write-LogMessage -headers $Request.Headers -API $APINAME-message 'Username is null' -Sev 'Error'
21+
Write-LogMessage -headers $Headers -API $APIName -message "Processing request for user: $Username, tenant: $TenantFilter" -Sev 'Debug'
22+
23+
if ($null -eq $Username) {
24+
Write-LogMessage -headers $Headers -API $APIName -message 'Username is null' -Sev 'Error'
2425
$body = [pscustomobject]@{'Results' = @('Username is required') }
2526
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
2627
StatusCode = [HttpStatusCode]::BadRequest
2728
Body = $Body
2829
})
2930
return
3031
}
31-
32+
3233
try {
33-
$userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)" -tenantid $Tenantfilter).id
34-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Retrieved user ID: $userid" -Sev 'Debug'
35-
}
36-
catch {
37-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Failed to get user ID: $($_.Exception.Message)" -Sev 'Error'
34+
$UserId = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($Username)" -tenantid $TenantFilter).id
35+
Write-LogMessage -headers $Headers -API $APIName -message "Retrieved user ID: $UserId" -Sev 'Debug'
36+
} catch {
37+
Write-LogMessage -headers $Headers -API $APIName -message "Failed to get user ID: $($_.Exception.Message)" -Sev 'Error'
3838
$body = [pscustomobject]@{'Results' = @("Failed to get user ID: $($_.Exception.Message)") }
3939
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
4040
StatusCode = [HttpStatusCode]::NotFound
@@ -43,98 +43,73 @@ Function Invoke-ExecModifyCalPerms {
4343
return
4444
}
4545

46-
$Results = [System.Collections.ArrayList]::new()
46+
$Results = [System.Collections.Generic.List[string]]::new()
4747
$HasErrors = $false
4848

4949
# Convert permissions to array format if it's an object with numeric keys
5050
if ($Permissions -is [PSCustomObject]) {
5151
if ($Permissions.PSObject.Properties.Name -match '^\d+$') {
5252
$Permissions = $Permissions.PSObject.Properties.Value
53-
}
54-
else {
53+
} else {
5554
$Permissions = @($Permissions)
5655
}
5756
}
5857

59-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Processing $($Permissions.Count) permission entries" -Sev 'Debug'
58+
Write-LogMessage -headers $Headers -API $APIName -message "Processing $($Permissions.Count) permission entries" -Sev 'Debug'
6059

6160
foreach ($Permission in $Permissions) {
62-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Processing permission: $($Permission | ConvertTo-Json)" -Sev 'Debug'
63-
61+
Write-LogMessage -headers $Headers -API $APIName -message "Processing permission: $($Permission | ConvertTo-Json)" -Sev 'Debug'
62+
6463
$PermissionLevel = $Permission.PermissionLevel.value ?? $Permission.PermissionLevel
6564
$Modification = $Permission.Modification
6665
$CanViewPrivateItems = $Permission.CanViewPrivateItems ?? $false
67-
68-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Permission Level: $PermissionLevel, Modification: $Modification, CanViewPrivateItems: $CanViewPrivateItems" -Sev 'Debug'
69-
66+
$FolderName = $Permission.FolderName ?? 'Calendar'
67+
68+
Write-LogMessage -headers $Headers -API $APIName -message "Permission Level: $PermissionLevel, Modification: $Modification, CanViewPrivateItems: $CanViewPrivateItems, FolderName: $FolderName" -Sev 'Debug'
69+
7070
# Handle UserID as array or single value
7171
$TargetUsers = @($Permission.UserID | ForEach-Object { $_.value ?? $_ })
7272

73-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Target Users: $($TargetUsers -join ', ')" -Sev 'Debug'
73+
Write-LogMessage -headers $Headers -API $APIName -message "Target Users: $($TargetUsers -join ', ')" -Sev 'Debug'
7474

7575
foreach ($TargetUser in $TargetUsers) {
7676
try {
77-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Processing target user: $TargetUser" -Sev 'Debug'
78-
79-
if ($Modification -eq 'Remove') {
80-
try {
81-
$CalPerms = New-ExoRequest -Anchor $username -tenantid $Tenantfilter -cmdlet 'Remove-MailboxFolderPermission' -cmdParams @{
82-
Identity = "$($userid):\Calendar"
83-
User = $TargetUser
84-
Confirm = $false
85-
}
86-
$null = $results.Add("Removed $($TargetUser) from $($username) Calendar permissions")
87-
}
88-
catch {
89-
$null = $results.Add("No existing permissions to remove for $($TargetUser)")
90-
}
91-
}
92-
else {
93-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Setting permissions with AccessRights: $PermissionLevel" -Sev 'Debug'
94-
95-
$cmdParams = @{
96-
Identity = "$($userid):\Calendar"
97-
User = $TargetUser
98-
AccessRights = $PermissionLevel
99-
Confirm = $false
100-
}
101-
102-
if ($CanViewPrivateItems) {
103-
$cmdParams['SharingPermissionFlags'] = 'Delegate,CanViewPrivateItems'
104-
}
105-
106-
try {
107-
# Try Add first
108-
$CalPerms = New-ExoRequest -Anchor $username -tenantid $Tenantfilter -cmdlet 'Add-MailboxFolderPermission' -cmdParams $cmdParams
109-
$null = $results.Add("Granted $($TargetUser) $($PermissionLevel) access to $($username) Calendar$($CanViewPrivateItems ? ' with access to private items' : '')")
110-
}
111-
catch {
112-
# If Add fails, try Set
113-
$CalPerms = New-ExoRequest -Anchor $username -tenantid $Tenantfilter -cmdlet 'Set-MailboxFolderPermission' -cmdParams $cmdParams
114-
$null = $results.Add("Updated $($TargetUser) $($PermissionLevel) access to $($username) Calendar$($CanViewPrivateItems ? ' with access to private items' : '')")
115-
}
77+
Write-LogMessage -headers $Headers -API $APIName -message "Processing target user: $TargetUser" -Sev 'Debug'
78+
$Params = @{
79+
APIName = $APIName
80+
Headers = $Headers
81+
RemoveAccess = if ($Modification -eq 'Remove') { $TargetUser } else { $null }
82+
TenantFilter = $TenantFilter
83+
UserID = $UserId
84+
folderName = $FolderName
85+
UserToGetPermissions = $TargetUser
86+
LoggingName = $TargetUser
87+
Permissions = $PermissionLevel
88+
CanViewPrivateItems = $CanViewPrivateItems
11689
}
117-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Successfully executed $($PermissionLevel) permission modification for $($TargetUser) on $($username)" -Sev 'Info' -tenant $TenantFilter
118-
}
119-
catch {
90+
91+
# Write-Host "Request params: $($Params | ConvertTo-Json)"
92+
$Result = Set-CIPPCalendarPermission @Params
93+
94+
$null = $Results.Add($Result)
95+
} catch {
12096
$HasErrors = $true
121-
Write-LogMessage -headers $Request.Headers -API $APINAME-message "Could not execute $($PermissionLevel) permission modification for $($TargetUser) on $($username). Error: $($_.Exception.Message)" -Sev 'Error' -tenant $TenantFilter
122-
$null = $results.Add("Could not execute $($PermissionLevel) permission modification for $($TargetUser) on $($username). Error: $($_.Exception.Message)")
97+
$null = $Results.Add("$($_.Exception.Message)")
12398
}
12499
}
125100
}
126101

127-
if ($results.Count -eq 0) {
128-
Write-LogMessage -headers $Request.Headers -API $APINAME-message 'No results were generated from the operation' -Sev 'Warning'
129-
$null = $results.Add('No results were generated from the operation. Please check the logs for more details.')
102+
if ($Results.Count -eq 0) {
103+
Write-LogMessage -headers $Headers -API $APIName -message 'No results were generated from the operation' -Sev 'Warning'
104+
$null = $Results.Add('No results were generated from the operation. Please check the logs for more details.')
130105
$HasErrors = $true
131106
}
132107

133-
$body = [pscustomobject]@{'Results' = @($results) }
108+
$Body = [pscustomobject]@{'Results' = @($Results) }
134109

135110
# Associate values to output bindings by calling 'Push-OutputBinding'.
136111
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
137112
StatusCode = if ($HasErrors) { [HttpStatusCode]::InternalServerError } else { [HttpStatusCode]::OK }
138113
Body = $Body
139114
})
140-
}
115+
}

0 commit comments

Comments
 (0)