Add data collection for tests

Author: KelvinTegelaar

CIPPTimers.json

@@ -222,5 +222,14 @@
     "Priority": 21,
     "RunOnProcessor": true,
     "IsSystem": true
+  },
+  {
+    "Id": "9a7f8e6d-5c4b-3a2d-1e0f-9b8c7d6e5f4a",
+    "Command": "Start-CIPPDBCacheOrchestrator",
+    "Description": "Timer to collect and cache Microsoft Graph data for all tenants",
+    "Cron": "0 0 3 * * *",
+    "Priority": 22,
+    "RunOnProcessor": true,
+    "IsSystem": true
   }
 ]

Modules/CIPPCore/Public/Add-CIPPDbItem.ps1

@@ -0,0 +1,81 @@
+function Add-CIPPDbItem {
+    <#
+    .SYNOPSIS
+        Add items to the CIPP Reporting database
+
+    .DESCRIPTION
+        Adds items to the CippReportingDB table with support for bulk inserts and count mode
+
+    .PARAMETER TenantFilter
+        The tenant domain or GUID (used as partition key)
+
+    .PARAMETER Type
+        The type of data being stored (used in row key)
+
+    .PARAMETER Data
+        Array of items to add to the database
+
+    .PARAMETER Count
+        If specified, stores a single row with count of each object property as separate properties
+
+    .EXAMPLE
+        Add-CIPPDbItem -TenantFilter 'contoso.onmicrosoft.com' -Type 'Groups' -Data $GroupsData
+
+    .EXAMPLE
+        Add-CIPPDbItem -TenantFilter 'contoso.onmicrosoft.com' -Type 'Groups' -Data $GroupsData -Count
+    #>
+    [CmdletBinding()]
+    param(
+        [Parameter(Mandatory = $true)]
+        [string]$TenantFilter,
+
+        [Parameter(Mandatory = $true)]
+        [string]$Type,
+
+        [Parameter(Mandatory = $true)]
+        [AllowEmptyCollection()]
+        [array]$Data,
+
+        [Parameter(Mandatory = $false)]
+        [switch]$Count
+    )
+
+    try {
+        $Table = Get-CippTable -tablename 'CippReportingDB'
+
+        if ($Count) {
+            $Entity = @{
+                PartitionKey = $TenantFilter
+                RowKey       = "$Type-Count"
+                DataCount    = [int]$Data.Count
+            }
+
+            Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force | Out-Null
+
+        } else {
+            $Entities = foreach ($Item in $Data) {
+                $ItemId = $Item.id
+                @{
+                    PartitionKey = $TenantFilter
+                    RowKey       = "$Type-$ItemId"
+                    Data         = [string]($Item | ConvertTo-Json -Depth 10 -Compress)
+                    Type         = $Type
+                }
+            }
+
+            $BatchSize = 1000
+            for ($i = 0; $i -lt $Entities.Count; $i += $BatchSize) {
+                $Batch = $Entities[$i..([Math]::Min($i + $BatchSize - 1, $Entities.Count - 1))]
+                foreach ($Entity in $Batch) {
+                    Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force | Out-Null
+                }
+            }
+        }
+
+        Write-LogMessage -API 'CIPPDbItem' -tenant $TenantFilter -message "Added $($Data.Count) items of type $Type$(if ($Count) { ' (count mode)' })" -sev Info
+
+    } catch {
+        Write-LogMessage -API 'CIPPDbItem' -tenant $TenantFilter -message "Failed to add items of type $Type : $($_.Exception.Message)" -sev Error
+        throw
+    }
+}

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPDBCacheData.ps1

@@ -0,0 +1,103 @@
+function Push-CIPPDBCacheData {
+    <#
+    .SYNOPSIS
+        Activity function to collect and cache all data for a single tenant
+
+    .DESCRIPTION
+        Calls all collection functions sequentially, storing data immediately after each collection
+
+    .FUNCTIONALITY
+        Entrypoint
+    #>
+    [CmdletBinding()]
+    param($Item)
+
+    $TenantFilter = $Item.TenantFilter
+    #This collects all data for a tenant and caches it in the CIPP Reporting database. DO NOT ADD PROCESSING OR LOGIC HERE.
+    #The point of this file is to always be <10 minutes execution time.
+    try {
+        Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Starting database cache collection for tenant' -sev Info
+
+        try { Set-CIPPDBCacheUsers -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Users collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheGroups -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Groups collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheGuests -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Guests collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheServicePrincipals -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ServicePrincipals collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheApps -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Apps collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheDevices -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Devices collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheManagedDevices -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ManagedDevices collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheOrganization -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Organization collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheRoles -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Roles collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheAdminConsentRequestPolicy -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "AdminConsentRequestPolicy collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheDeviceSettings -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "DeviceSettings collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheDirectoryRecommendations -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "DirectoryRecommendations collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheCrossTenantAccessPolicy -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "CrossTenantAccessPolicy collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheDefaultAppManagementPolicy -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "DefaultAppManagementPolicy collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheSettings -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Settings collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheSecureScore -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "SecureScore collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheIntunePolicies -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "IntunePolicies collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCacheConditionalAccessPolicies -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ConditionalAccessPolicies collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        try { Set-CIPPDBCachePIMSettings -TenantFilter $TenantFilter } catch {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "PIMSettings collection failed: $($_.Exception.Message)" -sev Error
+        }
+
+        Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Completed database cache collection for tenant' -sev Info
+
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Failed to complete database cache collection: $($ErrorMessage.NormalizedError)" -sev Error -LogData $ErrorMessage
+    }
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Invoke-ListTests.ps1

@@ -0,0 +1,66 @@
+function Invoke-ListTests {
+    <#
+    .SYNOPSIS
+        Lists tests for a tenant, optionally filtered by report ID
+
+    .FUNCTIONALITY
+        Entrypoint
+
+    .ROLE
+        Tenant.Reports.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $TriggerMetadata.FunctionName
+    Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    try {
+        $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+        $ReportId = $Request.Query.reportId ?? $Request.Body.reportId
+
+        if (-not $TenantFilter) {
+            throw 'TenantFilter parameter is required'
+        }
+
+        $TestResultsData = Get-CIPPTestResults -TenantFilter $TenantFilter
+
+        if ($ReportId) {
+            $ReportTable = Get-CippTable -tablename 'CippReportTemplates'
+            $Filter = "PartitionKey eq 'ReportTemplate' and RowKey eq '{0}'" -f $ReportId
+            $ReportTemplate = Get-CIPPAzDataTableEntity @ReportTable -Filter $Filter
+
+            if ($ReportTemplate) {
+                $ReportTests = $ReportTemplate.Tests | ConvertFrom-Json
+                $FilteredTests = $TestResultsData.TestResults | Where-Object { $ReportTests -contains $_.TestId }
+                $TestResultsData.TestResults = $FilteredTests
+            } else {
+                Write-LogMessage -API $APIName -tenant $TenantFilter -message "Report template '$ReportId' not found" -sev Warning
+                $TestResultsData.TestResults = @()
+            }
+        }
+
+        $TestCounts = @{
+            Successful = @($TestResultsData.TestResults | Where-Object { $_.Result -eq 'Passed' }).Count
+            Failed     = @($TestResultsData.TestResults | Where-Object { $_.Result -eq 'Failed' }).Count
+            Skipped    = @($TestResultsData.TestResults | Where-Object { $_.Result -eq 'Skipped' }).Count
+            Total      = @($TestResultsData.TestResults).Count
+        }
+
+        $TestResultsData | Add-Member -NotePropertyName 'TestCounts' -NotePropertyValue $TestCounts -Force
+
+        $StatusCode = [HttpStatusCode]::OK
+        $Body = $TestResultsData
+
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        Write-LogMessage -API $APIName -tenant $TenantFilter -message "Error retrieving tests: $($ErrorMessage.NormalizedError)" -sev Error -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::BadRequest
+        $Body = @{ Error = $ErrorMessage.NormalizedError }
+    }
+
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = $Body
+        })
+}

Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-CIPPDBCacheOrchestrator.ps1

@@ -0,0 +1,50 @@
+function Start-CIPPDBCacheOrchestrator {
+    <#
+    .SYNOPSIS
+        Orchestrates database cache collection across all tenants
+
+    .DESCRIPTION
+        Creates per-tenant jobs to collect and cache Microsoft Graph data
+
+    .FUNCTIONALITY
+        Entrypoint
+    #>
+    [CmdletBinding()]
+    param()
+
+    try {
+        Write-LogMessage -API 'CIPPDBCache' -message 'Starting database cache orchestration' -sev Info
+
+        $TenantList = Get-Tenants | Where-Object { $_.defaultDomainName -ne $null }
+
+        if ($TenantList.Count -eq 0) {
+            Write-LogMessage -API 'CIPPDBCache' -message 'No tenants found for cache collection' -sev Warning
+            return
+        }
+
+        $Queue = New-CippQueueEntry -Name 'Database Cache Collection' -TotalTasks $TenantList.Count
+
+        $Batch = foreach ($Tenant in $TenantList) {
+            [PSCustomObject]@{
+                FunctionName = 'Push-CIPPDBCacheData'
+                TenantFilter = $Tenant.defaultDomainName
+                QueueId      = $Queue.RowKey
+                QueueName    = "DB Cache - $($Tenant.defaultDomainName)"
+            }
+        }
+
+        $InputObject = [PSCustomObject]@{
+            Batch            = @($Batch)
+            OrchestratorName = 'CIPPDBCacheOrchestrator'
+            SkipLog          = $false
+        }
+
+        Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Compress -Depth 5)
+
+        Write-LogMessage -API 'CIPPDBCache' -message "Queued database cache collection for $($TenantList.Count) tenants" -sev Info
+
+    } catch {
+        Write-LogMessage -API 'CIPPDBCache' -message "Failed to start orchestration: $($_.Exception.Message)" -sev Error
+        throw
+    }
+}

Modules/CIPPCore/Public/Get-CIPPDbItem.ps1

@@ -0,0 +1,57 @@
+function Get-CIPPDbItem {
+    <#
+    .SYNOPSIS
+        Get specific items from the CIPP Reporting database
+
+    .DESCRIPTION
+        Retrieves items from the CippReportingDB table using partition key (tenant) and type
+
+    .PARAMETER TenantFilter
+        The tenant domain or GUID (partition key)
+
+    .PARAMETER Type
+        The type of data to retrieve (used in row key filter)
+
+    .PARAMETER CountsOnly
+        If specified, returns all count rows for the tenant
+
+    .EXAMPLE
+        Get-CIPPDbItem -TenantFilter 'contoso.onmicrosoft.com' -Type 'Groups'
+
+    .EXAMPLE
+        Get-CIPPDbItem -TenantFilter 'contoso.onmicrosoft.com' -CountsOnly
+    #>
+    [CmdletBinding()]
+    param(
+        [Parameter(Mandatory = $true)]
+        [string]$TenantFilter,
+
+        [Parameter(Mandatory = $false)]
+        [string]$Type,
+
+        [Parameter(Mandatory = $false)]
+        [switch]$CountsOnly
+    )
+
+    try {
+        $Table = Get-CippTable -tablename 'CippReportingDB'
+
+        if ($CountsOnly) {
+            $Filter = "PartitionKey eq '{0}'" -f $TenantFilter
+            $Results = Get-CIPPAzDataTableEntity @Table -Filter $Filter
+            $Results = $Results | Where-Object { $_.RowKey -like '*-Count' }
+        } else {
+            if (-not $Type) {
+                throw 'Type parameter is required when CountsOnly is not specified'
+            }
+            $Filter = "PartitionKey eq '{0}' and RowKey ge '{1}-' and RowKey lt '{1}.'" -f $TenantFilter, $Type
+            $Results = Get-CIPPAzDataTableEntity @Table -Filter $Filter
+        }
+
+        return $Results
+
+    } catch {
+        Write-LogMessage -API 'CIPPDbItem' -tenant $TenantFilter -message "Failed to get items$(if ($Type) { " of type $Type" })$(if ($CountsOnly) { ' (counts only)' }): $($_.Exception.Message)" -sev Error
+        throw
+    }
+}