Skip to content

Commit a5743c4

Browse files
authored
Merge pull request #1022 from KelvinTegelaar/dev
[pull] dev from KelvinTegelaar:dev
2 parents 4587dbb + e22322c commit a5743c4

7 files changed

Lines changed: 99 additions & 12 deletions

File tree

Config/ExcludeSkuList.JSON

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,10 @@
5959
"GUID": "8c4ce438-32a7-4ac5-91a6-e22ae08d9c8b",
6060
"Product_Display_Name": "Rights Management Adhoc"
6161
},
62+
{
63+
"GUID": "093e8d14-a334-43d9-93e3-30589a8b47d0",
64+
"Product_Display_Name": "Rights Management Service Basic Content Protection"
65+
},
6266
{
6367
"GUID": "5b631642-bd26-49fe-bd20-1daaa972ef80",
6468
"Product_Display_Name": "Microsoft Power Apps for Developer"

Modules/CIPPCore/Public/Get-CIPPLicenseOverview.ps1

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,8 @@ function Get-CIPPLicenseOverview {
55
$TenantFilter,
66
$APIName = 'Get License Overview',
77
$Headers,
8-
[switch]$AlertMode
8+
[switch]$AlertMode,
9+
[switch]$IncludeExcluded
910
)
1011

1112
$Requests = @(
@@ -72,6 +73,7 @@ function Get-CIPPLicenseOverview {
7273
$null -eq $_.ExcludedEverywhere -or $_.ExcludedEverywhere -eq $true
7374
} | ForEach-Object { $_.GUID })
7475
}
76+
$DropdownVisibleGuids = @($ExcludedSkuList | Where-Object { $_.ShowInLicenseDropdown -eq $true } | ForEach-Object { $_.GUID })
7577

7678
$AllLicensedUsers = @(($Results | Where-Object { $_.id -eq 'licensedUsers' }).body.value) | Sort-Object -Property displayName
7779
$UsersBySku = @{}
@@ -120,7 +122,9 @@ function Get-CIPPLicenseOverview {
120122
$GraphRequest = foreach ($singleReq in $RawGraphRequest) {
121123
$skuId = $singleReq.Licenses
122124
foreach ($sku in $skuId) {
123-
if ($sku.skuId -in $EffectiveExcludedGuids) { continue }
125+
if ($sku.skuId -in $EffectiveExcludedGuids) {
126+
if (!$IncludeExcluded -or $sku.skuId -notin $DropdownVisibleGuids) { continue }
127+
}
124128
$PrettyNameAdmin = $AdminPortalLicenses | Where-Object { $_.aadSkuId -eq $sku.skuId } | Select-Object -ExpandProperty displayName -First 1
125129
$PrettyNameCSV = ($ConvertTable | Where-Object { $_.guid -eq $sku.skuid }).'Product_Display_Name' | Select-Object -Last 1
126130
$PrettyName = $PrettyNameAdmin ?? $PrettyNameCSV ?? $sku.skuPartNumber
@@ -172,4 +176,3 @@ function Get-CIPPLicenseOverview {
172176
}
173177
return ($GraphRequest | Sort-Object -Property License)
174178
}
175-

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,24 @@ function Invoke-ExecExcludeLicenses {
4444
$Result = "Success. $DisplayName($GUID) will now only be excluded from alerts."
4545
Write-LogMessage -API $APIName -headers $Headers -message $Result -Sev 'Info'
4646

47+
}
48+
'SetShowInDropdown' {
49+
$ShowInDropdown = $Request.Body.ShowInDropdown -eq $true
50+
$Filter = "RowKey eq '{0}' and PartitionKey eq 'License'" -f $GUID
51+
$Entity = Get-CIPPAzDataTableEntity @Table -Filter $Filter
52+
if (!$Entity) { throw "Excluded license not found: $GUID" }
53+
if (!$DisplayName) { $DisplayName = $Entity.Product_Display_Name }
54+
55+
$Entity | Add-Member -NotePropertyName 'ShowInLicenseDropdown' -NotePropertyValue $ShowInDropdown -Force
56+
Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force | Out-Null
57+
58+
$Result = if ($ShowInDropdown) {
59+
"Success. $DisplayName($GUID) will now be shown in license dropdowns."
60+
} else {
61+
"Success. $DisplayName($GUID) will now be hidden from license dropdowns."
62+
}
63+
Write-LogMessage -API $APIName -headers $Headers -message $Result -Sev 'Info'
64+
4765
}
4866
'RemoveExclusion' {
4967
$Filter = "RowKey eq '{0}' and PartitionKey eq 'License'" -f $GUID

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ListExcludedLicenses.ps1

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,9 @@ function Invoke-ListExcludedLicenses {
2929
if ($null -eq $_.ExcludedEverywhere) {
3030
$_ | Add-Member -NotePropertyName 'ExcludedEverywhere' -NotePropertyValue $true -Force
3131
}
32+
if ($null -eq $_.ShowInLicenseDropdown) {
33+
$_ | Add-Member -NotePropertyName 'ShowInLicenseDropdown' -NotePropertyValue $false -Force
34+
}
3235
$ExclusionType = if ($_.ExcludedEverywhere -eq $true) { 'Excluded Everywhere' } else { 'Excluded from Alerts Only' }
3336
$_ | Add-Member -NotePropertyName 'ExclusionType' -NotePropertyValue $ExclusionType -Force
3437
$_

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-EditIntunePolicy.ps1

Lines changed: 35 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -13,24 +13,52 @@ function Invoke-EditIntunePolicy {
1313

1414

1515
# Interact with query parameters or the body of the request.
16-
$TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
17-
$ID = $Request.Query.ID ?? $Request.Body.ID
18-
$DisplayName = $Request.Query.newDisplayName ?? $Request.Body.newDisplayName
19-
$PolicyType = $Request.Query.policyType ?? $Request.Body.policyType
16+
$TenantFilter = $Request.Body.tenantFilter
17+
$ID = $Request.Body.ID
18+
$DisplayName = $Request.Body.newDisplayName
19+
$PolicyType = $Request.Body.policyType
20+
$PlatformType = $Request.Body.platformType ?? 'deviceManagement'
21+
22+
# The description is optional and may be sent as an empty string to clear it,
23+
# so track whether the caller actually supplied the key.
24+
$DescriptionProvided = $Request.Body.PSObject.Properties.Name -contains 'description'
25+
$Description = $Request.Body.description
2026

2127
try {
28+
# App protection policy lists expose the singular @odata.type as the URLName, but a
29+
# Graph PATCH needs the plural collection segment. Normalize the known types here.
30+
$PolicyType = switch ($PolicyType) {
31+
'androidManagedAppProtection' { 'androidManagedAppProtections' }
32+
'iosManagedAppProtection' { 'iosManagedAppProtections' }
33+
'windowsManagedAppProtection' { 'windowsManagedAppProtections' }
34+
'mdmWindowsInformationProtectionPolicy' { 'mdmWindowsInformationProtectionPolicies' }
35+
'windowsInformationProtectionPolicy' { 'windowsInformationProtectionPolicies' }
36+
'targetedManagedAppConfiguration' { 'targetedManagedAppConfigurations' }
37+
default { $PolicyType }
38+
}
39+
2240
$properties = @{}
2341

24-
# Only add displayName if it's provided
42+
# Settings catalog policies (configurationPolicies) store the name in the 'name'
43+
# property rather than 'displayName'.
44+
$NameProperty = if ($PolicyType -ieq 'configurationPolicies') { 'name' } else { 'displayName' }
45+
46+
# Only add the name if it's provided
2547
if ($DisplayName) {
26-
$properties['displayName'] = $DisplayName
48+
$properties[$NameProperty] = $DisplayName
49+
}
50+
51+
# Only add description if the caller supplied it (empty string clears it)
52+
if ($DescriptionProvided) {
53+
$properties['description'] = $Description
2754
}
2855

2956
# Update the policy
30-
$Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$PolicyType/$ID" -tenantid $TenantFilter -type PATCH -body ($properties | ConvertTo-Json) -asapp $true
57+
$Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$PolicyType/$ID" -tenantid $TenantFilter -type PATCH -body ($properties | ConvertTo-Json) -asapp $true
3158

3259
$Result = "Successfully updated Intune policy $($ID)"
3360
if ($DisplayName) { $Result += " name to '$($DisplayName)'" }
61+
if ($DescriptionProvided) { $Result += ' and description' }
3462

3563
Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Info'
3664
$StatusCode = [HttpStatusCode]::OK

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/Invoke-ListLicenses.ps1

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@ function Invoke-ListLicenses {
1111
param($Request, $TriggerMetadata)
1212
# Interact with query parameters or the body of the request.
1313
$TenantFilter = $Request.Query.tenantFilter
14+
$IncludeExcluded = $Request.Query.IncludeExcluded -eq 'true'
1415
if ($TenantFilter -ne 'AllTenants') {
15-
$GraphRequest = Get-CIPPLicenseOverview -TenantFilter $TenantFilter | ForEach-Object {
16+
$GraphRequest = Get-CIPPLicenseOverview -TenantFilter $TenantFilter -IncludeExcluded:$IncludeExcluded | ForEach-Object {
1617
$_
1718
}
1819
} else {

Modules/CippExtensions/Public/Hudu/Invoke-HuduExtensionSync.ps1

Lines changed: 31 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,7 @@ function Invoke-HuduExtensionSync {
121121
}
122122

123123
$HuduRelations = Get-HuduRelations
124-
$Links = @(
124+
[System.Collections.ArrayList]$Links = @(
125125
@{
126126
Title = 'M365 Admin Portal'
127127
URL = 'https://admin.cloud.microsoft?delegatedOrg={0}' -f $Tenant.initialDomainName
@@ -153,6 +153,31 @@ function Invoke-HuduExtensionSync {
153153
Icon = 'fas fa-server'
154154
}
155155
)
156+
if($Configuration.IncludeDefenderLink)
157+
{
158+
$Links.Add(@{
159+
Title = 'Defender Portal'
160+
URL = 'https://security.microsoft.com/?tid={0}' -f $Tenant.customerId
161+
Icon = 'fas fa-shield'
162+
})
163+
}
164+
if($Configuration.IncludeComplianceLink)
165+
{
166+
$Links.Add(@{
167+
Title = 'Compliance Portal'
168+
URL = 'https://compliance.microsoft.com/?tid={0}' -f $Tenant.customerId
169+
Icon = 'fas fa-caret-up'
170+
})
171+
}
172+
if($Configuration.IncludeParterCenterLink)
173+
{
174+
$Links.Add(@{
175+
Title = 'Partner Center Portals'
176+
URL = 'https://partner.microsoft.com/dashboard/v2/customers/{0}/servicemanagementpage' -f $Tenant.customerId
177+
Icon = 'fas fa-arrow-up-right-from-square'
178+
})
179+
}
180+
156181
$FormattedLinks = foreach ($Link in $Links) {
157182
Get-HuduLinkBlock @Link
158183
}
@@ -183,6 +208,11 @@ function Invoke-HuduExtensionSync {
183208
</header>"
184209

185210
$post = '</div>'
211+
212+
if($Configuration.HideEmptyRoles) {
213+
$Roles = $Roles | Where-Object { $_.ParsedMembers }
214+
}
215+
186216
$RolesHtml = $Roles | Select-Object DisplayName, Description, ParsedMembers | ConvertTo-Html -PreContent $pre -PostContent $post -Fragment | ForEach-Object { $tmp = $_ -replace '&lt;', '<'; $tmp -replace '&gt;', '>'; } | Out-String
187217

188218
$AdminUsers = (($Roles | Where-Object { $_.displayName -match 'Administrator' }).Members | Where-Object { $null -ne $_.displayName } | Select-Object @{N = 'Name'; E = { "<a target='_blank' href='https://entra.microsoft.com/$($Tenant.defaultDomainName)/#blade/Microsoft_AAD_IAM/UserDetailsMenuBlade/Profile/userId/$($_.Id)'>$($_.displayName) - $($_.userPrincipalName)</a>" } } -Unique).name -join '<br/>'

0 commit comments

Comments
 (0)