Merge pull request KelvinTegelaar#1347 from kris6673/ExecEditCalendarPermissions

KelvinTegelaar · web-flow · commit ce9d7f97a202 · 2025-03-12T11:32:20.000+01:00
Enhance ExecEditCalendarPermissions API endpoint for better error handling and logging
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Administration/Invoke-ExecEditCalendarPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Administration/Invoke-ExecEditCalendarPermissions.ps1
@@ -11,30 +11,32 @@ Function Invoke-ExecEditCalendarPermissions {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Extract parameters from query or body
-    $TenantFilter = if ($Request.query.TenantFilter) { $Request.query.TenantFilter } else { $Request.Body.TenantFilter }
-    $UserID = if ($Request.query.UserID) { $Request.query.UserID } else { $Request.Body.UserID }
-    $UserToGetPermissions = if ($Request.query.UserToGetPermissions) { $Request.query.UserToGetPermissions } else { $Request.Body.UserToGetPermissions.value }
-    $Permissions = if ($Request.query.Permissions) { @($Request.query.Permissions) } else { @($Request.Body.Permissions.value) }
-    $FolderName = if ($Request.query.FolderName) { $Request.query.FolderName } else { $Request.Body.FolderName }
-    $RemoveAccess = if ($Request.query.RemoveAccess) { $Request.query.RemoveAccess } else { $Request.Body.RemoveAccess.value }
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $UserID = $Request.Query.UserID ?? $Request.Body.UserID
+    $UserToGetPermissions = $Request.Query.UserToGetPermissions ? $Request.Query.UserToGetPermissions ?? $Request.Body.UserToGetPermissions.value
+    $Permissions = @($Request.Query.Permissions) ?? @($Request.Body.Permissions.value)
+    $FolderName = $Request.Query.FolderName ?? $Request.Body.FolderName
+    $RemoveAccess = $Request.Query.RemoveAccess ?? $Request.Body.RemoveAccess.value
 
     try {
         if ($RemoveAccess) {
-            $result = Set-CIPPCalendarPermission -UserID $UserID -FolderName $FolderName -RemoveAccess $RemoveAccess -TenantFilter $TenantFilter
+            $Result = Set-CIPPCalendarPermission -Headers $Headers -UserID $UserID -FolderName $FolderName -RemoveAccess $RemoveAccess -TenantFilter $TenantFilter
         } else {
-            $result = Set-CIPPCalendarPermission -UserID $UserID -FolderName $FolderName -TenantFilter $TenantFilter -UserToGetPermissions $UserToGetPermissions -Permissions $Permissions
+            $Result = Set-CIPPCalendarPermission -Headers $Headers -UserID $UserID -FolderName $FolderName -TenantFilter $TenantFilter -UserToGetPermissions $UserToGetPermissions -Permissions $Permissions
         }
+    $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception
-        $Result = $ErrorMessage
+        $Result = $_.Exception.Message
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = @{Results = $Result }
+            StatusCode = $StatusCode
+            Body       = @{Results = $Result}
         })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1
@@ -9,45 +9,46 @@ Function Invoke-ExecOffboardUser {
     #>
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
-    $AllUsers = $Request.body.user.value
-    $Tenantfilter = $request.body.tenantfilter.value
+    $AllUsers = $Request.Body.user.value
+    $TenantFilter = $request.Body.tenantFilter.value
     $Results = foreach ($username in $AllUsers) {
         try {
             $APIName = 'ExecOffboardUser'
-            Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+            $Headers = $Request.Headers
+            Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-            if ($Request.body.Scheduled.enabled) {
+            if ($Request.Body.Scheduled.enabled) {
                 $taskObject = [PSCustomObject]@{
-                    TenantFilter  = $Tenantfilter
+                    TenantFilter  = $TenantFilter
                     Name          = "Offboarding: $Username"
                     Command       = @{
                         value = 'Invoke-CIPPOffboardingJob'
                     }
                     Parameters    = [pscustomobject]@{
                         Username     = $Username
                         APIName      = 'Scheduled Offboarding'
-                        options      = $request.body
+                        options      = $Request.Body
                         RunScheduled = $true
                     }
-                    ScheduledTime = $Request.body.scheduled.date
+                    ScheduledTime = $Request.Body.scheduled.date
                     PostExecution = @{
                         Webhook = [bool]$Request.Body.PostExecution.webhook
                         Email   = [bool]$Request.Body.PostExecution.email
                         PSA     = [bool]$Request.Body.PostExecution.psa
                     }
                 }
-                Add-CIPPScheduledTask -Task $taskObject -hidden $false -Headers $Request.Headers
+                Add-CIPPScheduledTask -Task $taskObject -hidden $false -Headers $Headers
             } else {
-                Invoke-CIPPOffboardingJob -Username $Username -TenantFilter $Tenantfilter -Options $Request.body -APIName $APIName -Headers $Request.Headers
+                Invoke-CIPPOffboardingJob -Username $Username -TenantFilter $TenantFilter -Options $Request.Body -APIName $APIName -Headers $Headers
             }
             $StatusCode = [HttpStatusCode]::OK
 
         } catch {
             $StatusCode = [HttpStatusCode]::Forbidden
-            $body = $_.Exception.message
+            $_.Exception.message
         }
     }
-    $body = [pscustomobject]@{'Results' = @($results) }
+    $body = [pscustomobject]@{'Results' = @($Results) }
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
             Body       = $Body
diff --git a/Modules/CIPPCore/Public/Set-CIPPCalendarPermission.ps1 b/Modules/CIPPCore/Public/Set-CIPPCalendarPermission.ps1
@@ -1,6 +1,8 @@
 function Set-CIPPCalendarPermission {
     [CmdletBinding(SupportsShouldProcess = $true)]
     param(
+        $APIName = 'Set Calendar Permissions',
+        $Headers,
         $RemoveAccess,
         $TenantFilter,
         $UserID,
@@ -27,7 +29,7 @@ function Set-CIPPCalendarPermission {
             if ($PSCmdlet.ShouldProcess("$UserID\$folderName", "Remove permissions for $LoggingName")) {
                 $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-MailboxFolderPermission' -cmdParams @{Identity = "$($UserID):\$folderName"; User = $RemoveAccess }
                 $Result = "Successfully removed access for $LoggingName from calendar $($CalParam.Identity)"
-                Write-LogMessage -API 'CalendarPermissions' -tenant $TenantFilter -message "Successfully removed access for $LoggingName from calendar $($UserID)" -sev Info
+                Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -sev Info
             }
         } else {
             if ($PSCmdlet.ShouldProcess("$UserID\$folderName", "Set permissions for $LoggingName to $Permissions")) {
@@ -36,13 +38,15 @@ function Set-CIPPCalendarPermission {
                 } catch {
                     $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Add-MailboxFolderPermission' -cmdParams $CalParam -Anchor $UserID
                 }
-                Write-LogMessage -API 'CalendarPermissions' -tenant $TenantFilter -message "Calendar permissions added for $LoggingName on $UserID." -sev Info
+                Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message "Successfully set Calendar permissions $Permissions for $LoggingName on $UserID." -sev Info
                 $Result = "Successfully set permissions on folder $($CalParam.Identity). The user $LoggingName now has $Permissions permissions on this folder."
             }
         }
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception
-        $Result = $ErrorMessage
+        $ErrorMessage = Get-CippException -Message $_
+        $Result = "Failed to set calendar permissions for $LoggingName on $UserID: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -sev Error -LogData $ErrorMessage
+        throw $Result
     }
 
     return $Result
