Skip to content

Commit cf27f11

Browse files
authored
Merge pull request #1089 from KelvinTegelaar/dev
[pull] dev from KelvinTegelaar:dev
2 parents c44c9cc + 532b20b commit cf27f11

6 files changed

Lines changed: 36 additions & 5 deletions

File tree

.github/workflows/Conventional_Commits.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
github-token: ${{ secrets.GITHUB_TOKEN }}
2525
script: |
2626
const title = context.payload.pull_request.title || '';
27-
const pattern = /^(feat|fix|docs|style|refactor|perf|test|chore|ci|build|revert)(\(.+\))?!?: .+/;
27+
const pattern = /^(feat|fix|docs|style|refactor|perf|test|chore|ci|build|revert)(\(.+\))?!?: .+/i;
2828
2929
if (pattern.test(title)) {
3030
console.log(`✓ PR title follows Conventional Commits format: "${title}"`);

Modules/CIPPCore/Public/Add-CIPPApplicationPermission.ps1

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@ function Add-CIPPApplicationPermission {
122122
if (!$svcPrincipalId) { continue }
123123

124124
foreach ($SingleResource in $App.ResourceAccess | Where-Object -Property Type -EQ 'Role') {
125-
if ($SingleResource.id -in $CurrentRoles.appRoleId) { continue }
125+
if ($CurrentRoles | Where-Object { $_.appRoleId -eq $SingleResource.id -and $_.resourceId -eq $svcPrincipalId.id }) { continue }
126126
[pscustomobject]@{
127127
principalId = $($ourSVCPrincipal.id)
128128
resourceId = $($svcPrincipalId.id)

Modules/CIPPCore/Public/Authentication/Get-CIPPRolePermissions.ps1

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,13 @@ function Get-CIPPRolePermissions {
2525
try {
2626
$ValidPermissions = Get-CippHttpPermissions
2727
if (@($ValidPermissions).Count -gt 0) {
28-
$Permissions = @($Permissions | Where-Object { $ValidPermissions -contains $_ })
28+
$ValidBases = [System.Collections.Generic.HashSet[string]]::new([System.StringComparer]::OrdinalIgnoreCase)
29+
foreach ($ValidPermission in $ValidPermissions) {
30+
$null = $ValidBases.Add(($ValidPermission -replace '\.(ReadWrite|Read)$', ''))
31+
}
32+
$Permissions = @($Permissions | Where-Object {
33+
$ValidBases.Contains(($_ -replace '\.(ReadWrite|Read)$', ''))
34+
})
2935
}
3036
} catch {
3137
Write-Warning "Unable to resolve valid permissions to filter role '$RoleName': $($_.Exception.Message)"

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecCompareIntunePolicy.ps1

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ function Invoke-ExecCompareIntunePolicy {
2222
'windowsQualityUpdatePolicies' = 'windowsQualityUpdatePolicies'
2323
'windowsQualityUpdateProfiles' = 'windowsQualityUpdateProfiles'
2424
'Intents' = 'Intents'
25+
'ManagedAppPolicies' = 'AppProtection'
2526
}
2627

2728
try {

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ListIntunePolicy.ps1

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -225,6 +225,11 @@ function Invoke-ListIntunePolicy {
225225
method = 'GET'
226226
url = "/deviceManagement/intents?`$top=1000"
227227
}
228+
@{
229+
id = 'ManagedAppPolicies'
230+
method = 'GET'
231+
url = '/deviceAppManagement/managedAppPolicies?$orderby=displayName'
232+
}
228233
)
229234

230235
$BulkResults = New-GraphBulkRequest -Requests $BulkRequests -tenantid $TenantFilter
@@ -236,6 +241,7 @@ function Invoke-ListIntunePolicy {
236241
$URLName = $_.Id
237242
$_.body.Value | ForEach-Object {
238243
$AssignmentContext = $_.'assignments@odata.context'
244+
$PolicyODataType = $_.'@odata.type'
239245
$policyTypeName = switch -Wildcard ($AssignmentContext) {
240246
'*microsoft.graph.windowsIdentityProtectionConfiguration*' { 'Identity Protection' }
241247
'*microsoft.graph.windows10EndpointProtectionConfiguration*' { 'Endpoint Protection' }
@@ -264,6 +270,14 @@ function Invoke-ListIntunePolicy {
264270
$policyTypeName = switch ($URLName) {
265271
'deviceCompliancePolicies' { 'Compliance Policy' }
266272
'Intents' { 'Endpoint Security' }
273+
'ManagedAppPolicies' {
274+
switch -Wildcard ($PolicyODataType) {
275+
'*iosManagedAppProtection*' { 'iOS App Protection' }
276+
'*androidManagedAppProtection*' { 'Android App Protection' }
277+
'*windowsManagedAppProtection*' { 'Windows App Protection' }
278+
default { 'App Protection' }
279+
}
280+
}
267281
default { $AssignmentContext }
268282
}
269283
}

Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1552,6 +1552,16 @@ function Invoke-NinjaOneTenantSync {
15521552

15531553
### M365 Links Section
15541554
if ($MappedFields.TenantLinks) {
1555+
try {
1556+
$SharePointAdminUrl = (Get-SharePointAdminLink -TenantFilter $TenantFilter).AdminUrl
1557+
} catch {
1558+
$SharePointTenantName = ($Customer.initialDomainName -split '\.')[0]
1559+
if ($SharePointTenantName) {
1560+
Write-Information "NinjaOneSync: Get-SharePointAdminLink failed for $($Customer.defaultDomainName), using fallback SharePoint admin URL '$SharePointAdminUrl'. Error: $($_.Exception.Message)"
1561+
$SharePointAdminUrl = "https://$SharePointTenantName-admin.sharepoint.com"
1562+
}
1563+
}
1564+
15551565
$ManagementLinksData = @(
15561566
@{
15571567
Name = 'M365 Admin Portal'
@@ -1575,7 +1585,7 @@ function Invoke-NinjaOneTenantSync {
15751585
},
15761586
@{
15771587
Name = 'SharePoint Admin'
1578-
Link = "https://admin.microsoft.com/Partner/beginclientsession.aspx?CTID=$($Customer.customerId)&CSDEST=SharePoint"
1588+
Link = $SharePointAdminUrl ?? "https://$($Customer.defaultDomainName)-admin.sharepoint.com"
15791589
Icon = 'fas fa-shapes'
15801590
},
15811591
@{
@@ -2241,7 +2251,7 @@ function Invoke-NinjaOneTenantSync {
22412251
Write-LogMessage -API 'NinjaOneSync' -tenant $TenantFilter -message "CVE sync — skipped $SkippedCount rows (missing deviceName or cveId)" -sev 'Warning'
22422252
}
22432253
}
2244-
$CsvBytes = New-VulnCsvBytes -TenantFilter $TenantFilter -Rows $CsvRows -Headers @($DeviceIdHeader, $CveIdHeader)
2254+
$CsvBytes = New-VulnCsvBytes -Rows $CsvRows -Headers @($DeviceIdHeader, $CveIdHeader)
22452255

22462256
if ($CsvBytes -and $CsvBytes.Length -gt 0) {
22472257
$UploadUri = "$NinjaBaseUrl/vulnerability/scan-groups/$ResolvedScanGroupId/upload"

0 commit comments

Comments
 (0)