Merge pull request #300 from KelvinTegelaar/dev

pull[bot] · web-flow · commit a8298c71b06b · 2025-06-10T00:41:05.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertHuntressRogueApps.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertHuntressRogueApps.ps1
@@ -13,18 +13,16 @@ function Get-CIPPAlertHuntressRogueApps {
     Param (
         [Parameter(Mandatory = $false)]
         [Alias('input')]
-        $InputValue,
-        $TenantFilter,
-        [Parameter(Mandatory = $false)]
-        [bool]$IgnoreDisabledApps = $false
+        [bool]$InputValue = $false,
+        $TenantFilter
     )
 
     try {
         $RogueApps = Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/huntresslabs/rogueapps/main/public/rogueapps.json'
         $RogueAppFilter = $RogueApps.appId -join "','"
         $ServicePrincipals = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/servicePrincipals?`$filter=appId in ('$RogueAppFilter')" -tenantid $TenantFilter
         # If IgnoreDisabledApps is true, filter out disabled service principals
-        if ($IgnoreDisabledApps) {
+        if ($InputValue) {
             $ServicePrincipals = $ServicePrincipals | Where-Object { $_.accountEnabled -eq $true }
         }
 
diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertOnedriveQuota.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertOnedriveQuota.ps1
@@ -0,0 +1,46 @@
+function Get-CIPPAlertOneDriveQuota {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    #>
+    [CmdletBinding()]
+    Param (
+        [Parameter(Mandatory)]
+        $TenantFilter,
+        [Alias('input')]
+        [ValidateRange(0,100)]
+        [int]$InputValue = 90
+    )
+
+    try {
+        $Usage = New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/reports/getOneDriveUsageAccountDetail(period='D7')?`$format=application/json&`$top=999" -AsApp $true
+        if (!$Usage) {
+            Write-AlertMessage -tenant $($TenantFilter) -message "OneDrive quota Alert: Unable to get OneDrive usage: Error occurred: No data returned from API."
+            return
+        }
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-AlertMessage -tenant $($TenantFilter) -message "OneDrive quota Alert: Unable to get OneDrive usage: Error occurred: $ErrorMessage"
+        return
+    }
+
+    #Check if the OneDrive quota is over the threshold
+    $OverQuota = $Usage | ForEach-Object {
+        if ($_.StorageUsedInBytes -eq 0 -or $_.storageAllocatedInBytes -eq 0) { return }
+        try {
+            $UsagePercent  = [math]::Round(($_.storageUsedInBytes / $_.storageAllocatedInBytes) * 100)
+        } catch { $UsagePercent = 100 }
+
+        if ($UsagePercent -gt $InputValue) {
+            $GBLeft = [math]::Round(($_.storageAllocatedInBytes - $_.storageUsedInBytes) / 1GB)
+            "$($_.ownerPrincipalName): OneDrive is $UsagePercent% full. OneDrive has $($GBLeft)GB storage left"
+        }
+
+    }
+
+    #If the quota is over the threshold, send an alert
+    if ($OverQuota) {
+        Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $OverQuota
+    }
+}
diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1
@@ -67,7 +67,7 @@ function Get-Tenants {
                 relationshipEnd = $Relationship.endDateTime
             }
         }
-        $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false"
+        $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false and delegatedPrivilegeStatus ne 'directTenant'"
         $CurrentTenants | Where-Object { $_.customerId -notin $GDAPList.customerId -and $_.customerId -ne $env:TenantID } | ForEach-Object {
             Remove-AzDataTableEntity -Force @TenantsTable -Entity $_
         }
diff --git a/cspell.json b/cspell.json
@@ -1,70 +1,75 @@
 {
-    "version": "0.2",
-    "ignorePaths": [],
-    "dictionaryDefinitions": [],
-    "dictionaries": [],
-    "words": [
-        "ADMS",
-        "AITM",
-        "Autotask",
-        "Bluetrait",
-        "CIPP",
-        "CIPP-API",
-        "Connectwise",
-        "Datto",
-        "Entra",
-        "GDAP",
-        "Intune",
-        "OBEE",
-        "Passwordless",
-        "PSTN",
-        "Sherweb",
-        "SSPR",
-        "Terrl",
-        "TNEF",
-        "winmail",
-        "Yubikey"
-    ],
-    "ignoreWords": [
-        "tenantid",
-        "APINAME",
-        "CIPPBPA",
-        "CIPPCA",
-        "CIPPSPO",
-        "CIPPAPI",
-        "Addins",
-        "Helptext",
-        "ADDEDCOMPONENT",
-        "ADDEDDATE",
-        "POWERSHELLEQUIVALENT",
-        "RECOMMENDEDBY",
-        "UPDATECOMMENTBLOCK",
-        "DISABLEDFEATURES",
-        "pscustomobject",
-        "microsoftonline",
-        "mdo_safeattachments",
-        "mdo_highconfidencespamaction",
-        "mdo_highconfidencephishaction",
-        "mdo_phisspamacation",
-        "mdo_spam_notifications_only_for_admins",
-        "mdo_antiphishingpolicies",
-        "mdo_phishthresholdlevel",
-        "mdo_autoforwardingmode",
-        "mdo_blockmailforward",
-        "mdo_zapspam",
-        "mdo_zapphish",
-        "mdo_zapmalware",
-        "mdo_safedocuments",
-        "mdo_commonattachmentsfilter",
-        "mdo_safeattachmentpolicy",
-        "mdo_safelinksforemail",
-        "mdo_safelinksforOfficeApps",
-        "exo_storageproviderrestricted",
-        "exo_individualsharing",
-        "exo_outlookaddins",
-        "exo_mailboxaudit",
-        "exo_mailtipsenabled",
-        "mip_search_auditlog"
-    ],
-    "import": []
+  "version": "0.2",
+  "ignorePaths": [],
+  "dictionaryDefinitions": [],
+  "dictionaries": [],
+  "words": [
+    "ADMS",
+    "AITM",
+    "Autotask",
+    "Bluetrait",
+    "cipp",
+    "CIPP",
+    "CIPP-API",
+    "Connectwise",
+    "Datto",
+    "Entra",
+    "GDAP",
+    "Intune",
+    "OBEE",
+    "Passwordless",
+    "passwordless",
+    "PSTN",
+    "Sherweb",
+    "SSPR",
+    "Standardcal",
+    "Terrl",
+    "TNEF",
+    "winmail",
+    "Yubikey"
+  ],
+  "ignoreWords": [
+    "tenantid",
+    "jnlp",
+    "APINAME",
+    "CIPPBPA",
+    "CIPPCA",
+    "CIPPSPO",
+    "CIPPAPI",
+    "donotchange",
+    "Addins",
+    "Helptext",
+    "ADDEDCOMPONENT",
+    "ADDEDDATE",
+    "POWERSHELLEQUIVALENT",
+    "RECOMMENDEDBY",
+    "UPDATECOMMENTBLOCK",
+    "DISABLEDFEATURES",
+    "pscustomobject",
+    "microsoftonline",
+    "mdo_safeattachments",
+    "mdo_highconfidencespamaction",
+    "mdo_highconfidencephishaction",
+    "mdo_phisspamacation",
+    "mdo_spam_notifications_only_for_admins",
+    "mdo_antiphishingpolicies",
+    "mdo_phishthresholdlevel",
+    "mdo_autoforwardingmode",
+    "mdo_blockmailforward",
+    "mdo_zapspam",
+    "mdo_zapphish",
+    "mdo_zapmalware",
+    "mdo_safedocuments",
+    "mdo_commonattachmentsfilter",
+    "mdo_safeattachmentpolicy",
+    "mdo_safelinksforemail",
+    "mdo_safelinksforOfficeApps",
+    "exo_storageproviderrestricted",
+    "exo_individualsharing",
+    "exo_outlookaddins",
+    "exo_mailboxaudit",
+    "exo_mailtipsenabled",
+    "mip_search_auditlog"
+  ],
+  "import": []
 }

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ function Get-Tenants {`
`67`	`67`	`relationshipEnd = $Relationship.endDateTime`
`68`	`68`	`}`
`69`	`69`	`}`
`70`		`- $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false"`
	`70`	`+ $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false and delegatedPrivilegeStatus ne 'directTenant'"`
`71`	`71`	`$CurrentTenants \| Where-Object { $_.customerId -notin $GDAPList.customerId -and $_.customerId -ne $env:TenantID } \| ForEach-Object {`
`72`	`72`	`Remove-AzDataTableEntity -Force @TenantsTable -Entity $_`
`73`	`73`	`}`