Skip to content

Commit a3e1248

Browse files
pull[bot]pull[bot]
authored
Merge pull request #472 from KelvinTegelaar/dev
[pull] dev from KelvinTegelaar:dev
2 parents c6fb7dd + 3a1bc38 commit a3e1248

File tree

3 files changed

+193
-63
lines changed

3 files changed

+193
-63
lines changed

Modules/CIPPCore/Public/Compare-CIPPIntuneObject.ps1

Lines changed: 130 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -217,47 +217,142 @@ function Compare-CIPPIntuneObject {
217217
} else {
218218
$intuneCollection = Get-Content .\intuneCollection.json | ConvertFrom-Json -ErrorAction SilentlyContinue
219219

220+
# Recursive function to process group setting collections at any depth
221+
function Process-GroupSettingChildren {
222+
param(
223+
[Parameter(Mandatory = $true)]
224+
$Children,
225+
[Parameter(Mandatory = $true)]
226+
[string]$Source,
227+
[Parameter(Mandatory = $true)]
228+
$IntuneCollection
229+
)
230+
231+
$results = [System.Collections.Generic.List[PSCustomObject]]::new()
232+
233+
foreach ($child in $Children) {
234+
$childIntuneObj = $IntuneCollection | Where-Object { $_.id -eq $child.settingDefinitionId }
235+
$childLabel = if ($childIntuneObj?.displayName) {
236+
$childIntuneObj.displayName
237+
} else {
238+
$child.settingDefinitionId
239+
}
240+
241+
switch ($child.'@odata.type') {
242+
'#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' {
243+
if ($child.groupSettingCollectionValue) {
244+
foreach ($groupValue in $child.groupSettingCollectionValue) {
245+
if ($groupValue.children) {
246+
$nestedResults = Process-GroupSettingChildren -Children $groupValue.children -Source $Source -IntuneCollection $IntuneCollection
247+
$results.AddRange($nestedResults)
248+
}
249+
}
250+
}
251+
}
252+
'#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' {
253+
$childValue = $null
254+
if ($child.choiceSettingValue?.value) {
255+
$option = $childIntuneObj.options | Where-Object {
256+
$_.id -eq $child.choiceSettingValue.value
257+
}
258+
$childValue = if ($option?.displayName) {
259+
$option.displayName
260+
} else {
261+
$child.choiceSettingValue.value
262+
}
263+
}
264+
265+
$results.Add([PSCustomObject]@{
266+
Key = "GroupChild-$($child.settingDefinitionId)"
267+
Label = $childLabel
268+
Value = $childValue
269+
Source = $Source
270+
})
271+
}
272+
'#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance' {
273+
$childValue = $null
274+
if ($null -ne $child.simpleSettingValue -and $null -ne $child.simpleSettingValue.value) {
275+
$childValue = $child.simpleSettingValue.value
276+
}
277+
278+
$results.Add([PSCustomObject]@{
279+
Key = "GroupChild-$($child.settingDefinitionId)"
280+
Label = $childLabel
281+
Value = $childValue
282+
Source = $Source
283+
})
284+
}
285+
'#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance' {
286+
if ($child.choiceSettingCollectionValue) {
287+
$values = [System.Collections.Generic.List[string]]::new()
288+
foreach ($choiceValue in $child.choiceSettingCollectionValue) {
289+
$option = $childIntuneObj.options | Where-Object {
290+
$_.id -eq $choiceValue.value
291+
}
292+
$displayValue = if ($option?.displayName) {
293+
$option.displayName
294+
} else {
295+
$choiceValue.value
296+
}
297+
$values.Add($displayValue)
298+
}
299+
$childValue = $values -join ', '
300+
301+
$results.Add([PSCustomObject]@{
302+
Key = "GroupChild-$($child.settingDefinitionId)"
303+
Label = $childLabel
304+
Value = $childValue
305+
Source = $Source
306+
})
307+
}
308+
}
309+
'#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' {
310+
if ($child.simpleSettingCollectionValue) {
311+
$values = [System.Collections.Generic.List[object]]::new()
312+
foreach ($simpleValue in $child.simpleSettingCollectionValue) {
313+
$values.Add($simpleValue.value)
314+
}
315+
$childValue = $values -join ', '
316+
317+
$results.Add([PSCustomObject]@{
318+
Key = "GroupChild-$($child.settingDefinitionId)"
319+
Label = $childLabel
320+
Value = $childValue
321+
Source = $Source
322+
})
323+
}
324+
}
325+
default {
326+
# Unknown setting type - could add logging here if needed
327+
}
328+
}
329+
330+
# Also process any children within choice setting values
331+
if ($child.choiceSettingValue?.children) {
332+
$nestedResults = Process-GroupSettingChildren -Children $child.choiceSettingValue.children -Source $Source -IntuneCollection $IntuneCollection
333+
$results.AddRange($nestedResults)
334+
}
335+
}
336+
337+
return $results
338+
}
339+
220340
# Process reference object settings
221341
$referenceItems = $ReferenceObject.settings | ForEach-Object {
222342
$settingInstance = $_.settingInstance
223343
$intuneObj = $intuneCollection | Where-Object { $_.id -eq $settingInstance.settingDefinitionId }
224344
$tempOutput = switch ($settingInstance.'@odata.type') {
225345
'#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' {
226346
if ($null -ne $settingInstance.groupSettingCollectionValue) {
347+
$groupResults = [System.Collections.Generic.List[PSCustomObject]]::new()
227348
foreach ($groupValue in $settingInstance.groupSettingCollectionValue) {
228349
if ($groupValue.children -is [System.Array]) {
229-
foreach ($child in $groupValue.children) {
230-
$childIntuneObj = $intuneCollection | Where-Object { $_.id -eq $child.settingDefinitionId }
231-
$childLabel = if ($childIntuneObj?.displayName) {
232-
$childIntuneObj.displayName
233-
} else {
234-
$child.settingDefinitionId
235-
}
236-
$childValue = $null
237-
if ($child.choiceSettingValue?.value) {
238-
$option = $childIntuneObj.options | Where-Object {
239-
$_.id -eq $child.choiceSettingValue.value
240-
}
241-
$childValue = if ($option?.displayName) {
242-
$option.displayName
243-
} else {
244-
$child.choiceSettingValue.value
245-
}
246-
}
247-
if (!$childValue -and $null -ne $child.simpleSettingValue -and $null -ne $child.simpleSettingValue.value) {
248-
$childValue = $child.simpleSettingValue.value
249-
}
250-
251-
# Add object to our temporary list
252-
[PSCustomObject]@{
253-
Key = "GroupChild-$($child.settingDefinitionId)"
254-
Label = $childLabel
255-
Value = $childValue
256-
Source = 'Reference'
257-
}
258-
}
350+
$childResults = Process-GroupSettingChildren -Children $groupValue.children -Source 'Reference' -IntuneCollection $intuneCollection
351+
$groupResults.AddRange($childResults)
259352
}
260353
}
354+
# Return the results from the recursive processing
355+
$groupResults
261356
}
262357
}
263358
default {
@@ -321,40 +416,15 @@ function Compare-CIPPIntuneObject {
321416
$tempOutput = switch ($settingInstance.'@odata.type') {
322417
'#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' {
323418
if ($null -ne $settingInstance.groupSettingCollectionValue) {
419+
$groupResults = [System.Collections.Generic.List[PSCustomObject]]::new()
324420
foreach ($groupValue in $settingInstance.groupSettingCollectionValue) {
325421
if ($groupValue.children -is [System.Array]) {
326-
foreach ($child in $groupValue.children) {
327-
$childIntuneObj = $intuneCollection | Where-Object { $_.id -eq $child.settingDefinitionId }
328-
$childLabel = if ($childIntuneObj?.displayName) {
329-
$childIntuneObj.displayName
330-
} else {
331-
$child.settingDefinitionId
332-
}
333-
$childValue = $null
334-
if ($child.choiceSettingValue?.value) {
335-
$option = $childIntuneObj.options | Where-Object {
336-
$_.id -eq $child.choiceSettingValue.value
337-
}
338-
$childValue = if ($option?.displayName) {
339-
$option.displayName
340-
} else {
341-
$child.choiceSettingValue.value
342-
}
343-
}
344-
if (!$childValue -and $null -ne $child.simpleSettingValue -and $null -ne $child.simpleSettingValue.value) {
345-
$childValue = $child.simpleSettingValue.value
346-
}
347-
348-
# Add object to our temporary list
349-
[PSCustomObject]@{
350-
Key = "GroupChild-$($child.settingDefinitionId)"
351-
Label = $childLabel
352-
Value = $childValue
353-
Source = 'Difference'
354-
}
355-
}
422+
$childResults = Process-GroupSettingChildren -Children $groupValue.children -Source 'Difference' -IntuneCollection $intuneCollection
423+
$groupResults.AddRange($childResults)
356424
}
357425
}
426+
# Return the results from the recursive processing
427+
$groupResults
358428
}
359429
}
360430
default {

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-RemoveTenantCapabilitiesCache.ps1

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
using namespace System.Net
2+
3+
function Invoke-RemoveTenantCapabilitiesCache {
4+
<#
5+
.FUNCTIONALITY
6+
Entrypoint,AnyTenant
7+
.ROLE
8+
Tenant.Administration.ReadWrite
9+
#>
10+
[CmdletBinding()]
11+
param($Request, $TriggerMetadata)
12+
13+
$APIName = $Request.Params.CIPPEndpoint
14+
$Headers = $Request.Headers
15+
Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
16+
17+
# Get the tenant identifier from query parameters
18+
$DefaultDomainName = $Request.Query.defaultDomainName
19+
if (-not $DefaultDomainName) {
20+
$body = [pscustomobject]@{'Results' = 'Missing required parameter: defaultDomainName' }
21+
$StatusCode = [HttpStatusCode]::BadRequest
22+
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
23+
StatusCode = $StatusCode
24+
Body = $body
25+
})
26+
return
27+
}
28+
29+
try {
30+
# Get the CacheCapabilities table
31+
$Table = Get-CippTable -tablename 'CacheCapabilities'
32+
33+
# Find the cache entry for this tenant
34+
$Filter = "PartitionKey eq 'Capabilities' and RowKey eq '$DefaultDomainName'"
35+
$CacheEntry = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
36+
37+
if ($CacheEntry) {
38+
# Remove the cache entry
39+
Remove-AzDataTableEntity -Force @Table -Entity $CacheEntry
40+
Write-LogMessage -Headers $Headers -API $APIName -message "Removed capabilities cache for tenant $DefaultDomainName." -Sev 'Info'
41+
$body = [pscustomobject]@{'Results' = "Successfully removed capabilities cache for tenant $DefaultDomainName" }
42+
$StatusCode = [HttpStatusCode]::OK
43+
} else {
44+
Write-LogMessage -Headers $Headers -API $APIName -message "No capabilities cache found for tenant $DefaultDomainName." -Sev 'Info'
45+
$body = [pscustomobject]@{'Results' = "No capabilities cache found for tenant $DefaultDomainName" }
46+
$StatusCode = [HttpStatusCode]::OK
47+
}
48+
} catch {
49+
$ErrorMessage = Get-CippException -Exception $_
50+
Write-LogMessage -Headers $Headers -API $APIName -message "Failed to remove capabilities cache for tenant $DefaultDomainName. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
51+
$StatusCode = [HttpStatusCode]::InternalServerError
52+
$body = [pscustomobject]@{'Results' = "Failed to remove capabilities cache: $($ErrorMessage.NormalizedError)" }
53+
}
54+
55+
# Associate values to output bindings by calling 'Push-OutputBinding'.
56+
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
57+
StatusCode = $StatusCode
58+
Body = $body
59+
})
60+
}

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -124,10 +124,10 @@ function Invoke-CIPPStandardSpamFilterPolicy {
124124
($CurrentState.PhishZapEnabled -eq $true) -and
125125
($CurrentState.SpamZapEnabled -eq $true) -and
126126
($CurrentState.EnableLanguageBlockList -eq $Settings.EnableLanguageBlockList) -and
127-
(($null -eq $CurrentState.LanguageBlockList -and $null -eq $Settings.LanguageBlockList.value) -or ($null -ne $CurrentState.LanguageBlockList -and $null -ne $Settings.LanguageBlockList.value -and !(Compare-Object -ReferenceObject $CurrentState.LanguageBlockList -DifferenceObject $Settings.LanguageBlockList.value))) -and
127+
((($null -eq $CurrentState.LanguageBlockList -or $CurrentState.LanguageBlockList.Count -eq 0) -and ($null -eq $Settings.LanguageBlockList.value)) -or ($null -ne $CurrentState.LanguageBlockList -and $CurrentState.LanguageBlockList.Count -gt 0 -and $null -ne $Settings.LanguageBlockList.value -and !(Compare-Object -ReferenceObject $CurrentState.LanguageBlockList -DifferenceObject $Settings.LanguageBlockList.value))) -and
128128
($CurrentState.EnableRegionBlockList -eq $Settings.EnableRegionBlockList) -and
129-
(($null -eq $CurrentState.RegionBlockList -and $null -eq $Settings.RegionBlockList.value) -or ($null -ne $CurrentState.RegionBlockList -and $null -ne $Settings.RegionBlockList.value -and !(Compare-Object -ReferenceObject $CurrentState.RegionBlockList -DifferenceObject $Settings.RegionBlockList.value))) -and
130-
(($null -eq $CurrentState.AllowedSenderDomains -and $null -eq ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains)) -or ($null -ne $CurrentState.AllowedSenderDomains -and $null -ne ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains) -and !(Compare-Object -ReferenceObject $CurrentState.AllowedSenderDomains -DifferenceObject ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains))))
129+
((($null -eq $CurrentState.RegionBlockList -or $CurrentState.RegionBlockList.Count -eq 0) -and ($null -eq $Settings.RegionBlockList.value)) -or ($null -ne $CurrentState.RegionBlockList -and $CurrentState.RegionBlockList.Count -gt 0 -and $null -ne $Settings.RegionBlockList.value -and !(Compare-Object -ReferenceObject $CurrentState.RegionBlockList -DifferenceObject $Settings.RegionBlockList.value))) -and
130+
((($null -eq $CurrentState.AllowedSenderDomains -or $CurrentState.AllowedSenderDomains.Count -eq 0) -and ($null -eq ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains))) -or ($null -ne $CurrentState.AllowedSenderDomains -and $CurrentState.AllowedSenderDomains.Count -gt 0 -and $null -ne ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains) -and !(Compare-Object -ReferenceObject $CurrentState.AllowedSenderDomains -DifferenceObject ($Settings.AllowedSenderDomains.value ?? $Settings.AllowedSenderDomains))))
131131
}
132132
catch {
133133
$StateIsCorrect = $false

0 commit comments

Comments
 (0)