Skip to content

Commit

Permalink
Merge branch 'KelvinTegelaar:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
dsghi authored Jun 27, 2024
2 parents 77ca3da + 3a2416c commit 76e163c
Show file tree
Hide file tree
Showing 13 changed files with 617 additions and 574 deletions.
365 changes: 184 additions & 181 deletions Cache_SAMSetup/SAMManifest.json

Large diffs are not rendered by default.

7 changes: 3 additions & 4 deletions Modules/CIPPCore/Public/Alerts/Get-CIPPAlertQuotaUsed.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ function Get-CIPPAlertQuotaUsed {
} catch {
return
}
$AlertData | ForEach-Object {
$OverQuota = $AlertData | ForEach-Object {
if ($_.StorageUsedInBytes -eq 0 -or $_.prohibitSendReceiveQuotaInBytes -eq 0) { return }
$PercentLeft = [math]::round(($_.storageUsedInBytes / $_.prohibitSendReceiveQuotaInBytes) * 100)
try {
Expand All @@ -33,6 +33,5 @@ function Get-CIPPAlertQuotaUsed {
}

}
Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData

}
Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $OverQuota
}
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ function Get-CIPPAlertSharepointQuota {
$TenantFilter
)
Try {
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -tenantid $TenantFilter).id.Split('.')[0]
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -asApp $true -tenantid $TenantFilter).id.Split('.')[0]
$sharepointToken = (Get-GraphToken -scope "https://$($tenantName)-admin.sharepoint.com/.default" -tenantid $TenantFilter)
$sharepointToken.Add('accept', 'application/json')
$sharepointQuota = (Invoke-RestMethod -Method 'GET' -Headers $sharepointToken -Uri "https://$($tenantName)-admin.sharepoint.com/_api/StorageQuotas()?api-version=1.3.2" -ErrorAction Stop).value
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Function Invoke-ListSharepointQuota {
$UsedStoragePercentage = 'Not Supported'
} else {
try {
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -tenantid $TenantFilter).id.Split('.')[0]
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -asApp $true -tenantid $TenantFilter).id.Split('.')[0]

$sharepointToken = (Get-GraphToken -scope "https://$($tenantName)-admin.sharepoint.com/.default" -tenantid $TenantFilter)
$sharepointToken.Add('accept', 'application/json')
Expand Down
5 changes: 4 additions & 1 deletion Modules/CIPPCore/Public/SAMManifest.json
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,10 @@
{ "id": "4c06a06a-098a-4063-868e-5dfee3827264", "type": "Scope" },
{ "id": "1bfefb4e-e0b5-418b-a88f-73c46d2cc8e9", "type": "Role" },
{ "id": "e67e6727-c080-415e-b521-e3f35d5248e9", "type": "Scope" },
{ "id": "b6890674-9dd5-4e42-bb15-5af07f541ae1", "type": "Role" }
{ "id": "b6890674-9dd5-4e42-bb15-5af07f541ae1", "type": "Role" },
{ "id": "9e4862a5-b68f-479e-848a-4e07e25c9916", "type": "Scope" },
{ "id": "bb6f654c-d7fd-4ae3-85c3-fc380934f515", "type": "Scope" },
{ "id": "e0a7cdbb-08b0-4697-8264-0069786e9674", "type": "Scope" }
]
},
{
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Set-CIPPSharePointPerms.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ function Set-CIPPSharePointPerms {
if (!$URL) {
$URL = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserId)/Drives" -asapp $true -tenantid $TenantFilter).WebUrl
}
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -tenantid $TenantFilter).id.Split('.')[0]
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -asApp $true -tenantid $TenantFilter).id.Split('.')[0]
$AdminUrl = "https://$($tenantName)-admin.sharepoint.com"
$XML = @"
<Request xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009" AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName=".NET Library">
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,24 @@ function Invoke-CIPPStandardAntiPhishPolicy {
EnableOrganizationDomainsProtection = $true
}

try {
if ($CurrentState.Name -eq $PolicyName) {
if ($CurrentState.Name -eq $PolicyName) {
try {
$cmdparams.Add('Identity', $PolicyName)
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AntiPhishPolicy' -cmdparams $cmdparams
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AntiPhishPolicy' -cmdparams $cmdparams -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated Anti-phishing Policy' -sev Info
} else {
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to update Anti-phishing Policy. Error: $ErrorMessage" -sev Error
}
} else {
try {
$cmdparams.Add('Name', $PolicyName)
New-ExoRequest -tenantid $Tenant -cmdlet 'New-AntiPhishPolicy' -cmdparams $cmdparams
New-ExoRequest -tenantid $Tenant -cmdlet 'New-AntiPhishPolicy' -cmdparams $cmdparams -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Created Anti-phishing Policy' -sev Info
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to create Anti-phishing Policy. Error: $ErrorMessage" -sev Error
}
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to create Anti-phishing Policy. Error: $ErrorMessage" -sev Error
}
}

Expand All @@ -86,19 +91,24 @@ function Invoke-CIPPStandardAntiPhishPolicy {
RecipientDomainIs = $AcceptedDomains.Name
}

try {
if ($RuleState.Name -eq "CIPP $PolicyName") {
if ($RuleState.Name -eq "CIPP $PolicyName") {
try {
$cmdparams.Add('Identity', "CIPP $PolicyName")
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AntiPhishRule' -cmdparams $cmdparams
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated AntiPhish Rule' -sev Info
} else {
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AntiPhishRule' -cmdparams $cmdparams -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated Anti-phishing Rule' -sev Info
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to update Anti-phishing Rule. Error: $ErrorMessage" -sev Error
}
} else {
try {
$cmdparams.Add('Name', "CIPP $PolicyName")
New-ExoRequest -tenantid $Tenant -cmdlet 'New-AntiPhishRule' -cmdparams $cmdparams
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Created AntiPhish Rule' -sev Info
New-ExoRequest -tenantid $Tenant -cmdlet 'New-AntiPhishRule' -cmdparams $cmdparams -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Created Anti-phishing Rule' -sev Info
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to create Anti-phishing Rule. Error: $ErrorMessage" -sev Error
}
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to create AntiPhish Rule. Error: $ErrorMessage" -sev Error
}
}
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,50 +1,48 @@
function Invoke-CIPPStandardAtpPolicyForO365 {
<#
.FUNCTIONALITY
Internal
#>

param($Tenant, $Settings)
$AtpPolicyForO365State = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AtpPolicyForO365' |
Select-Object EnableATPForSPOTeamsODB, EnableSafeDocs, AllowSafeDocsOpen

$StateIsCorrect = if (
($AtpPolicyForO365State.EnableATPForSPOTeamsODB -eq $true) -and
($AtpPolicyForO365State.EnableSafeDocs -eq $true) -and
($AtpPolicyForO365State.AllowSafeDocsOpen -eq $Settings.AllowSafeDocsOpen)
) { $true } else { $false }

if ($Settings.remediate -eq $true) {
if ($StateIsCorrect -eq $true) {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 already set.' -sev Info
} else {
$cmdparams = @{
EnableATPForSPOTeamsODB = $true
EnableSafeDocs = $true
AllowSafeDocsOpen = $Settings.AllowSafeDocsOpen
}

try {
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AntiPhishPolicy' -cmdparams $cmdparams
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated Atp Policy For O365' -sev Info
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to set Atp Policy For O365. Error: $ErrorMessage" -sev Error
}
}
}

if ($Settings.alert -eq $true) {

if ($StateIsCorrect -eq $true) {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 is enabled' -sev Info
} else {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 is not enabled' -sev Alert
}
}

if ($Settings.report -eq $true) {
Add-CIPPBPAField -FieldName 'AtpPolicyForO365' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
}

}
function Invoke-CIPPStandardAtpPolicyForO365 {
<#
.FUNCTIONALITY
Internal
#>

param($Tenant, $Settings)
$CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AtpPolicyForO365' |
Select-Object EnableATPForSPOTeamsODB, EnableSafeDocs, AllowSafeDocsOpen

$StateIsCorrect = ($CurrentState.EnableATPForSPOTeamsODB -eq $true) -and
($CurrentState.EnableSafeDocs -eq $true) -and
($CurrentState.AllowSafeDocsOpen -eq $Settings.AllowSafeDocsOpen)

if ($Settings.remediate -eq $true) {
if ($StateIsCorrect -eq $true) {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 already set.' -sev Info
} else {
$cmdparams = @{
EnableATPForSPOTeamsODB = $true
EnableSafeDocs = $true
AllowSafeDocsOpen = $Settings.AllowSafeDocsOpen
}

try {
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-AtpPolicyForO365' -cmdparams $cmdparams -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated Atp Policy For O365' -sev Info
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to set Atp Policy For O365. Error: $ErrorMessage" -sev Error
}
}
}

if ($Settings.alert -eq $true) {

if ($StateIsCorrect -eq $true) {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 is enabled' -sev Info
} else {
Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Atp Policy For O365 is not enabled' -sev Alert
}
}

if ($Settings.report -eq $true) {
Add-CIPPBPAField -FieldName 'AtpPolicyForO365' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ function Invoke-CIPPStandardDisableAddShortcutsToOneDrive {
}

try {
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -tenantid $TenantFilter).id.Split('.')[0]
$tenantName = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/root' -asApp $true -tenantid $TenantFilter).id.Split('.')[0]
$AdminUrl = "https://$($tenantName)-admin.sharepoint.com"
$graphRequest = @{
'scope' = "$AdminURL/.default"
Expand Down
Loading

0 comments on commit 76e163c

Please sign in to comment.