|
| 1 | +function Invoke-ExecSetCASMailbox { |
| 2 | + <# |
| 3 | + .FUNCTIONALITY |
| 4 | + Entrypoint |
| 5 | + .ROLE |
| 6 | + Exchange.Mailbox.ReadWrite |
| 7 | + #> |
| 8 | + [CmdletBinding()] |
| 9 | + param($Request, $TriggerMetadata) |
| 10 | + |
| 11 | + $APIName = $Request.Params.CIPPEndpoint |
| 12 | + $Headers = $Request.Headers |
| 13 | + |
| 14 | + $TenantFilter = $Request.Body.tenantFilter |
| 15 | + $Identity = $Request.Body.Identity |
| 16 | + $DisplayName = $Request.Body.DisplayName ?? $Identity |
| 17 | + |
| 18 | + # The CAS protocols we allow toggling. Note SmtpClientAuthenticationDisabled is inverted: |
| 19 | + # $true means SMTP client authentication is DISABLED for the mailbox. |
| 20 | + $ValidProtocols = @( |
| 21 | + 'OWAEnabled' |
| 22 | + 'ECPEnabled' |
| 23 | + 'IMAPEnabled' |
| 24 | + 'POPEnabled' |
| 25 | + 'MAPIEnabled' |
| 26 | + 'EWSEnabled' |
| 27 | + 'ActiveSyncEnabled' |
| 28 | + 'SmtpClientAuthenticationDisabled' |
| 29 | + ) |
| 30 | + |
| 31 | + # Build the cmdlet parameters from any valid protocol values supplied in the body. |
| 32 | + $CmdParams = @{ Identity = $Identity } |
| 33 | + foreach ($Protocol in $ValidProtocols) { |
| 34 | + if ($null -ne $Request.Body.$Protocol) { |
| 35 | + $CmdParams[$Protocol] = [System.Convert]::ToBoolean($Request.Body.$Protocol) |
| 36 | + } |
| 37 | + } |
| 38 | + |
| 39 | + # SMTP client authentication can only be turned off via this endpoint. Drop an enable |
| 40 | + # attempt (SmtpClientAuthenticationDisabled = $false) but still apply the other protocols. |
| 41 | + $Warnings = [System.Collections.Generic.List[string]]::new() |
| 42 | + if ($CmdParams.ContainsKey('SmtpClientAuthenticationDisabled') -and $CmdParams['SmtpClientAuthenticationDisabled'] -eq $false) { |
| 43 | + $null = $CmdParams.Remove('SmtpClientAuthenticationDisabled') |
| 44 | + $Warnings.Add('SMTP Client Authentication can only be disabled, not enabled, and was left unchanged.') |
| 45 | + } |
| 46 | + |
| 47 | + # Nothing left to apply: return the warning if we dropped one, otherwise a generic message. |
| 48 | + if ($CmdParams.Keys.Count -le 1) { |
| 49 | + $Results = $Warnings.Count -gt 0 ? ($Warnings -join ' ') : 'No CAS protocol settings were supplied.' |
| 50 | + Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message $Results -Sev 'Info' |
| 51 | + return ([HttpResponseContext]@{ |
| 52 | + StatusCode = [HttpStatusCode]::BadRequest |
| 53 | + Body = @{ 'Results' = $Results } |
| 54 | + }) |
| 55 | + } |
| 56 | + |
| 57 | + # Human readable summary of the change(s) for logging and the API result. |
| 58 | + $ChangeSummary = ($CmdParams.GetEnumerator() | Where-Object { $_.Key -ne 'Identity' } | ForEach-Object { |
| 59 | + '{0} = {1}' -f $_.Key, $_.Value |
| 60 | + }) -join ', ' |
| 61 | + |
| 62 | + try { |
| 63 | + $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-CASMailbox' -cmdParams $CmdParams |
| 64 | + $Results = "Successfully set CAS settings for $DisplayName ($ChangeSummary)" |
| 65 | + if ($Warnings.Count -gt 0) { |
| 66 | + $Results = '{0}. {1}' -f $Results, ($Warnings -join ' ') |
| 67 | + } |
| 68 | + Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message $Results -Sev Info |
| 69 | + $StatusCode = [HttpStatusCode]::OK |
| 70 | + } catch { |
| 71 | + $ErrorMessage = Get-CippException -Exception $_ |
| 72 | + $Results = "Failed to set CAS settings for $DisplayName. Error: $($ErrorMessage.NormalizedError)" |
| 73 | + Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message $Results -Sev Error -LogData $ErrorMessage |
| 74 | + $StatusCode = [HttpStatusCode]::InternalServerError |
| 75 | + } |
| 76 | + |
| 77 | + return ([HttpResponseContext]@{ |
| 78 | + StatusCode = $StatusCode |
| 79 | + Body = @{ 'Results' = $Results } |
| 80 | + }) |
| 81 | +} |
0 commit comments