|
1 | 1 | using namespace System.Net |
2 | 2 |
|
3 | | -Function Invoke-ListAlertsQueue { |
| 3 | +function Invoke-ListAlertsQueue { |
4 | 4 | <# |
5 | 5 | .FUNCTIONALITY |
6 | 6 | Entrypoint |
@@ -70,22 +70,87 @@ Function Invoke-ListAlertsQueue { |
70 | 70 | $ExcludedTenants = @() |
71 | 71 | } |
72 | 72 |
|
| 73 | + # Handle tenant group display information for alerts |
| 74 | + $TenantsForDisplay = @() |
| 75 | + if ($Task.TenantGroup) { |
| 76 | + try { |
| 77 | + $TenantGroupObject = $Task.TenantGroup | ConvertFrom-Json -ErrorAction SilentlyContinue |
| 78 | + if ($TenantGroupObject) { |
| 79 | + # Create a tenant group object for display |
| 80 | + $TenantGroupForDisplay = [PSCustomObject]@{ |
| 81 | + label = $TenantGroupObject.label |
| 82 | + value = $TenantGroupObject.value |
| 83 | + type = 'Group' |
| 84 | + } |
| 85 | + $TenantsForDisplay = @($TenantGroupForDisplay) |
| 86 | + } |
| 87 | + } catch { |
| 88 | + Write-Warning "Failed to parse tenant group information for alert task $($Task.RowKey): $($_.Exception.Message)" |
| 89 | + # Fall back to regular tenant display |
| 90 | + $TenantsForDisplay = @($Task.Tenant) |
| 91 | + } |
| 92 | + } else { |
| 93 | + # For regular tenants, create a tenant object for consistent formatting |
| 94 | + $TenantForDisplay = [PSCustomObject]@{ |
| 95 | + label = $Task.Tenant |
| 96 | + value = $Task.Tenant |
| 97 | + type = 'Tenant' |
| 98 | + } |
| 99 | + $TenantsForDisplay = @($TenantForDisplay) |
| 100 | + } |
| 101 | + |
73 | 102 | $TaskEntry = [PSCustomObject]@{ |
74 | 103 | RowKey = $Task.RowKey |
75 | 104 | PartitionKey = $Task.PartitionKey |
76 | 105 | excludedTenants = @($ExcludedTenants) |
77 | | - Tenants = @($Task.Tenant) |
| 106 | + Tenants = $TenantsForDisplay |
78 | 107 | Conditions = $Task.Name |
79 | 108 | Actions = $Task.PostExecution |
80 | 109 | LogType = 'Scripted' |
81 | 110 | EventType = 'Scheduled Task' |
82 | 111 | RepeatsEvery = $Task.Recurrence |
83 | 112 | RawAlert = $Task |
84 | 113 | } |
| 114 | + |
85 | 115 | if ($AllowedTenants -notcontains 'AllTenants') { |
86 | | - $Tenant = $TenantList | Where-Object -Property defaultDomainName -EQ $Task.Tenant |
87 | | - if ($AllowedTenants -contains $Tenant.customerId) { |
88 | | - $AllTasksArrayList.Add($TaskEntry) |
| 116 | + # For tenant groups, we need to expand and check access |
| 117 | + if ($Task.TenantGroup) { |
| 118 | + try { |
| 119 | + $TenantGroupObject = $Task.TenantGroup | ConvertFrom-Json -ErrorAction SilentlyContinue |
| 120 | + if ($TenantGroupObject) { |
| 121 | + # Create a tenant filter object for expansion |
| 122 | + $TenantFilterForExpansion = @([PSCustomObject]@{ |
| 123 | + type = 'Group' |
| 124 | + value = $TenantGroupObject.value |
| 125 | + label = $TenantGroupObject.label |
| 126 | + }) |
| 127 | + |
| 128 | + # Expand the tenant group to individual tenants |
| 129 | + $ExpandedTenants = Expand-CIPPTenantGroups -TenantFilter $TenantFilterForExpansion |
| 130 | + |
| 131 | + # Check if user has access to any tenant in the group |
| 132 | + $HasAccess = $false |
| 133 | + foreach ($ExpandedTenant in $ExpandedTenants) { |
| 134 | + $TenantInfo = $TenantList | Where-Object -Property defaultDomainName -EQ $ExpandedTenant.value |
| 135 | + if ($TenantInfo -and $AllowedTenants -contains $TenantInfo.customerId) { |
| 136 | + $HasAccess = $true |
| 137 | + break |
| 138 | + } |
| 139 | + } |
| 140 | + |
| 141 | + if ($HasAccess) { |
| 142 | + $AllTasksArrayList.Add($TaskEntry) |
| 143 | + } |
| 144 | + } |
| 145 | + } catch { |
| 146 | + Write-Warning "Failed to expand tenant group for access check: $($_.Exception.Message)" |
| 147 | + } |
| 148 | + } else { |
| 149 | + # Regular tenant access check |
| 150 | + $Tenant = $TenantList | Where-Object -Property defaultDomainName -EQ $Task.Tenant |
| 151 | + if ($AllowedTenants -contains $Tenant.customerId) { |
| 152 | + $AllTasksArrayList.Add($TaskEntry) |
| 153 | + } |
89 | 154 | } |
90 | 155 | } else { |
91 | 156 | $AllTasksArrayList.Add($TaskEntry) |
|
0 commit comments