Merge pull request #350 from KelvinTegelaar/dev

pull[bot] · web-flow · commit e2fb8e411613 · 2025-07-10T06:41:05.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1
@@ -99,17 +99,17 @@ function Add-CIPPScheduledTask {
         $excludedTenants = if ($task.excludedTenants.value) {
             $task.excludedTenants.value -join ','
         }
-        
+
         # Handle tenant filter - support both single tenant and tenant groups
         $tenantFilter = $task.TenantFilter.value ? $task.TenantFilter.value : $task.TenantFilter
         $originalTenantFilter = $task.TenantFilter
-        
+
         # If tenant filter is a complex object (from form), extract the value
         if ($tenantFilter -is [PSCustomObject] -and $tenantFilter.value) {
             $originalTenantFilter = $tenantFilter
             $tenantFilter = $tenantFilter.value
         }
-        
+
         # If tenant filter is a string but still seems to be JSON, try to parse it
         if ($tenantFilter -is [string] -and $tenantFilter.StartsWith('{')) {
             try {
@@ -123,7 +123,7 @@ function Add-CIPPScheduledTask {
                 Write-Warning "Could not parse tenant filter JSON: $tenantFilter"
             }
         }
-        
+
         $entity = @{
             PartitionKey         = [string]'ScheduledTask'
             TaskState            = [string]'Planned'
@@ -140,7 +140,7 @@ function Add-CIPPScheduledTask {
             Hidden               = [bool]$Hidden
             Results              = 'Planned'
         }
-        
+
         # Store the original tenant filter for group expansion during execution
         if ($originalTenantFilter -is [PSCustomObject] -and $originalTenantFilter.type -eq 'Group') {
             $entity['TenantGroup'] = [string]($originalTenantFilter | ConvertTo-Json -Compress)
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItemDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItemDetails.ps1
@@ -66,7 +66,7 @@ function Invoke-ListScheduledItemDetails {
                 $TenantGroupForDisplay = [PSCustomObject]@{
                     label = $TenantGroupObject.label
                     value = $TenantGroupObject.value
-                    type = 'Group'
+                    type  = 'Group'
                 }
                 $Task | Add-Member -NotePropertyName TenantGroupInfo -NotePropertyValue $TenantGroupForDisplay -Force
                 # Update the tenant to show the group object for proper formatting
@@ -81,7 +81,7 @@ function Invoke-ListScheduledItemDetails {
         $TenantForDisplay = [PSCustomObject]@{
             label = $Task.Tenant
             value = $Task.Tenant
-            type = 'Tenant'
+            type  = 'Tenant'
         }
         $Task.Tenant = $TenantForDisplay
     }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1
@@ -89,14 +89,18 @@ function Invoke-ListScheduledItems {
                     }
                     $Task | Add-Member -NotePropertyName TenantGroupInfo -NotePropertyValue $TenantGroupForDisplay -Force
                     # Update the tenant to show the group object for proper formatting
-                    $Task.Tenant = @($TenantGroupForDisplay)
+                    $Task.Tenant = $TenantGroupForDisplay
                 }
             } catch {
                 Write-Warning "Failed to parse tenant group information for task $($Task.RowKey): $($_.Exception.Message)"
                 # Fall back to keeping original tenant value
             }
         } else {
-            $Task.Tenant = @($Task.Tenant)
+            $Task.Tenant = [PSCustomObject]@{
+                label = $Task.Tenant
+                value = $Task.Tenant
+                type  = 'Tenant'
+            }
         }
 
         $Task
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1
@@ -1,6 +1,6 @@
 using namespace System.Net
 
-Function Invoke-ListAlertsQueue {
+function Invoke-ListAlertsQueue {
     <#
     .FUNCTIONALITY
         Entrypoint
@@ -70,22 +70,87 @@ Function Invoke-ListAlertsQueue {
             $ExcludedTenants = @()
         }
 
+        # Handle tenant group display information for alerts
+        $TenantsForDisplay = @()
+        if ($Task.TenantGroup) {
+            try {
+                $TenantGroupObject = $Task.TenantGroup | ConvertFrom-Json -ErrorAction SilentlyContinue
+                if ($TenantGroupObject) {
+                    # Create a tenant group object for display
+                    $TenantGroupForDisplay = [PSCustomObject]@{
+                        label = $TenantGroupObject.label
+                        value = $TenantGroupObject.value
+                        type  = 'Group'
+                    }
+                    $TenantsForDisplay = @($TenantGroupForDisplay)
+                }
+            } catch {
+                Write-Warning "Failed to parse tenant group information for alert task $($Task.RowKey): $($_.Exception.Message)"
+                # Fall back to regular tenant display
+                $TenantsForDisplay = @($Task.Tenant)
+            }
+        } else {
+            # For regular tenants, create a tenant object for consistent formatting
+            $TenantForDisplay = [PSCustomObject]@{
+                label = $Task.Tenant
+                value = $Task.Tenant
+                type  = 'Tenant'
+            }
+            $TenantsForDisplay = @($TenantForDisplay)
+        }
+
         $TaskEntry = [PSCustomObject]@{
             RowKey          = $Task.RowKey
             PartitionKey    = $Task.PartitionKey
             excludedTenants = @($ExcludedTenants)
-            Tenants         = @($Task.Tenant)
+            Tenants         = $TenantsForDisplay
             Conditions      = $Task.Name
             Actions         = $Task.PostExecution
             LogType         = 'Scripted'
             EventType       = 'Scheduled Task'
             RepeatsEvery    = $Task.Recurrence
             RawAlert        = $Task
         }
+
         if ($AllowedTenants -notcontains 'AllTenants') {
-            $Tenant = $TenantList | Where-Object -Property defaultDomainName -EQ $Task.Tenant
-            if ($AllowedTenants -contains $Tenant.customerId) {
-                $AllTasksArrayList.Add($TaskEntry)
+            # For tenant groups, we need to expand and check access
+            if ($Task.TenantGroup) {
+                try {
+                    $TenantGroupObject = $Task.TenantGroup | ConvertFrom-Json -ErrorAction SilentlyContinue
+                    if ($TenantGroupObject) {
+                        # Create a tenant filter object for expansion
+                        $TenantFilterForExpansion = @([PSCustomObject]@{
+                                type  = 'Group'
+                                value = $TenantGroupObject.value
+                                label = $TenantGroupObject.label
+                            })
+
+                        # Expand the tenant group to individual tenants
+                        $ExpandedTenants = Expand-CIPPTenantGroups -TenantFilter $TenantFilterForExpansion
+
+                        # Check if user has access to any tenant in the group
+                        $HasAccess = $false
+                        foreach ($ExpandedTenant in $ExpandedTenants) {
+                            $TenantInfo = $TenantList | Where-Object -Property defaultDomainName -EQ $ExpandedTenant.value
+                            if ($TenantInfo -and $AllowedTenants -contains $TenantInfo.customerId) {
+                                $HasAccess = $true
+                                break
+                            }
+                        }
+
+                        if ($HasAccess) {
+                            $AllTasksArrayList.Add($TaskEntry)
+                        }
+                    }
+                } catch {
+                    Write-Warning "Failed to expand tenant group for access check: $($_.Exception.Message)"
+                }
+            } else {
+                # Regular tenant access check
+                $Tenant = $TenantList | Where-Object -Property defaultDomainName -EQ $Task.Tenant
+                if ($AllowedTenants -contains $Tenant.customerId) {
+                    $AllTasksArrayList.Add($TaskEntry)
+                }
             }
         } else {
             $AllTasksArrayList.Add($TaskEntry)
diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1
@@ -55,20 +55,20 @@ function Start-UserTasksOrchestrator {
                     try {
                         $TenantGroupObject = $task.TenantGroup | ConvertFrom-Json
                         Write-Host "Expanding tenant group: $($TenantGroupObject.label) with ID: $($TenantGroupObject.value)"
-                        
+
                         # Create a tenant filter object for expansion
                         $TenantFilterForExpansion = @([PSCustomObject]@{
-                            type = 'Group'
-                            value = $TenantGroupObject.value
-                            label = $TenantGroupObject.label
-                        })
-                        
+                                type  = 'Group'
+                                value = $TenantGroupObject.value
+                                label = $TenantGroupObject.label
+                            })
+
                         # Expand the tenant group to individual tenants
                         $ExpandedTenants = Expand-CIPPTenantGroups -TenantFilter $TenantFilterForExpansion
-                        
+
                         $ExcludedTenants = $task.excludedTenants -split ','
                         Write-Host "Excluded Tenants from this task: $ExcludedTenants"
-                        
+
                         $GroupTenantCommands = foreach ($ExpandedTenant in $ExpandedTenants | Where-Object { $_.value -notin $ExcludedTenants }) {
                             $NewParams = $task.Parameters.Clone()
                             if ((Get-Command $task.Command).Parameters.TenantFilter) {
@@ -85,7 +85,7 @@ function Start-UserTasksOrchestrator {
                     } catch {
                         Write-Host "Error expanding tenant group: $($_.Exception.Message)"
                         Write-LogMessage -API 'Scheduler_UserTasks' -tenant $tenant -message "Failed to expand tenant group for task $($task.Name): $($_.Exception.Message)" -sev Error
-                        
+
                         # Fall back to treating as single tenant
                         if ((Get-Command $task.Command).Parameters.TenantFilter) {
                             $ScheduledCommand.Parameters['TenantFilter'] = $task.Tenant

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ function Invoke-ListScheduledItemDetails {`
`66`	`66`	`$TenantGroupForDisplay = [PSCustomObject]@{`
`67`	`67`	`label = $TenantGroupObject.label`
`68`	`68`	`value = $TenantGroupObject.value`
`69`		`- type = 'Group'`
	`69`	`+ type = 'Group'`
`70`	`70`	`}`
`71`	`71`	`$Task \| Add-Member -NotePropertyName TenantGroupInfo -NotePropertyValue $TenantGroupForDisplay -Force`
`72`	`72`	`# Update the tenant to show the group object for proper formatting`
`@@ -81,7 +81,7 @@ function Invoke-ListScheduledItemDetails {`
`81`	`81`	`$TenantForDisplay = [PSCustomObject]@{`
`82`	`82`	`label = $Task.Tenant`
`83`	`83`	`value = $Task.Tenant`
`84`		`- type = 'Tenant'`
	`84`	`+ type = 'Tenant'`
`85`	`85`	`}`
`86`	`86`	`$Task.Tenant = $TenantForDisplay`
`87`	`87`	`}`
Original file line number	Diff line number	Diff line change
`@@ -89,14 +89,18 @@ function Invoke-ListScheduledItems {`
`89`	`89`	`}`
`90`	`90`	`$Task \| Add-Member -NotePropertyName TenantGroupInfo -NotePropertyValue $TenantGroupForDisplay -Force`
`91`	`91`	`# Update the tenant to show the group object for proper formatting`
`92`		`- $Task.Tenant = @($TenantGroupForDisplay)`
	`92`	`+ $Task.Tenant = $TenantGroupForDisplay`
`93`	`93`	`}`
`94`	`94`	`} catch {`
`95`	`95`	`Write-Warning "Failed to parse tenant group information for task $($Task.RowKey): $($_.Exception.Message)"`
`96`	`96`	`# Fall back to keeping original tenant value`
`97`	`97`	`}`
`98`	`98`	`} else {`
`99`		`- $Task.Tenant = @($Task.Tenant)`
	`99`	`+ $Task.Tenant = [PSCustomObject]@{`
	`100`	`+ label = $Task.Tenant`
	`101`	`+ value = $Task.Tenant`
	`102`	`+ type = 'Tenant'`
	`103`	`+ }`
`100`	`104`	`}`
`101`	`105`
`102`	`106`	`$Task`