Skip to content

Commit

Permalink
Merge pull request #43 from KelvinTegelaar/master
Browse files Browse the repository at this point in the history
[pull] master from KelvinTegelaar:master
  • Loading branch information
martyn-gg authored Aug 14, 2024
2 parents 691a029 + 3ac3aae commit 6da0c74
Show file tree
Hide file tree
Showing 35 changed files with 193 additions and 244 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippz6s4d
name: Build and deploy Powershell project to Azure Function App - cipp4i6t3

on:
push:
Expand All @@ -24,7 +24,7 @@ jobs:
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippz6s4d'
app-name: 'cipp4i6t3'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_D27E7CF0887F4E4591F3957CCA96F0FD }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_9D257A31ACA24925A112AF5FFC2BEAFE }}
30 changes: 0 additions & 30 deletions .github/workflows/dev_cipphfjdq.yml

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippacnqv
name: Build and deploy Powershell project to Azure Function App - cippkwn4s

on:
push:
Expand All @@ -23,17 +23,17 @@ jobs:
uses: actions/checkout@v4

- name: Login to Azure
uses: azure/login@v1
uses: azure/login@v2
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_6085081ED1124B799258E9FF743FF4B9 }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_9BDB2DDBFAFA4BC19C20A58B204BFAF3 }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_02B5224812794971B05EDD557AF2B867 }}
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_B6BCC8886F40482FB8B43907FCDA6596 }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_0D1C65B9099F48FABDF7F7052EA6887F }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_76518AE5ECB34375A414DEEE1119C161 }}

- name: 'Run Azure Functions Action'
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippacnqv'
app-name: 'cippkwn4s'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}

Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippckdtz
name: Build and deploy Powershell project to Azure Function App - cipplwwww

on:
push:
Expand All @@ -24,7 +24,7 @@ jobs:
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippckdtz'
app-name: 'cipplwwww'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_726578DA8A7243BF9D82FE123C2F6E7F }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_00A9A6DFE9244C2EA8952190FFF10F45 }}
30 changes: 0 additions & 30 deletions .github/workflows/dev_cippopy3o.yml

This file was deleted.

29 changes: 0 additions & 29 deletions .github/workflows/dev_cipppwrro.yml

This file was deleted.

29 changes: 0 additions & 29 deletions .github/workflows/ninjaone_cipp426ns.yml

This file was deleted.

2 changes: 1 addition & 1 deletion Config/standards.json
Original file line number Diff line number Diff line change
Expand Up @@ -2235,7 +2235,7 @@
"value": "none"
},
{
"label": "Restirct sharing to specific domains",
"label": "Restrict sharing to specific domains",
"value": "allowList"
},
{
Expand Down
Original file line number Diff line number Diff line change
@@ -1,15 +1,24 @@
function Push-AuditLogTenant {
Param($Item)

# Get Table contexts
$AuditBundleTable = Get-CippTable -tablename 'AuditLogBundles'
$SchedulerConfig = Get-CIPPTable -TableName 'SchedulerConfig'
$CIPPURL = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" | Select-Object -First 1 -ExpandProperty CIPPURL
$WebhookTable = Get-CippTable -tablename 'webhookTable'
$Webhooks = Get-CIPPAzDataTableEntity @WebhookTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and Version eq '3'" | Where-Object { $_.Resource -match '^Audit' }
$ExistingBundles = Get-CIPPAzDataTableEntity @AuditBundleTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and ContentType eq '$ContentType'"
$ConfigTable = Get-CIPPTable -TableName 'WebhookRules'

# Query CIPPURL for linking
$CIPPURL = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" | Select-Object -First 1 -ExpandProperty CIPPURL

# Get all webhooks for the tenant
$Webhooks = Get-CIPPAzDataTableEntity @WebhookTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and Version eq '3'" | Where-Object { $_.Resource -match '^Audit' }

# Get webhook rules
$ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable

# Date filter for existing bundles
$LastHour = (Get-Date).AddHours(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss')

$NewBundles = [System.Collections.Generic.List[object]]::new()
foreach ($Webhook in $Webhooks) {
# only process webhooks that are configured in the webhookrules table
Expand All @@ -28,6 +37,7 @@ function Push-AuditLogTenant {
EndTime = $Item.EndTime
}
$LogBundles = Get-CIPPAuditLogContentBundles @ContentBundleQuery
$ExistingBundles = Get-CIPPAzDataTableEntity @AuditBundleTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and ContentType eq '$LogType' and Timestamp ge datetime'$($LastHour)'"

foreach ($Bundle in $LogBundles) {
if ($ExistingBundles.RowKey -notcontains $Bundle.contentId) {
Expand Down Expand Up @@ -61,5 +71,4 @@ function Push-AuditLogTenant {
$InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress)
Write-Host "Started orchestration with ID = '$InstanceId'"
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@

Function Invoke-ExecOffloadFunctions {
<#
.FUNCTIONALITY
Entrypoint
.ROLE
CIPP.SuperAdmin.ReadWrite
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$roles = ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($request.headers.'x-ms-client-principal')) | ConvertFrom-Json).userRoles
if ('superadmin' -notin $roles) {
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::Forbidden
Body = @{ error = 'You do not have permission to perform this action.' }
})
return
} else {
$Table = Get-CippTable -tablename 'Config'

if ($Request.Query.Action -eq 'ListCurrent') {
$CurrentState = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'OffloadFunctions' and RowKey eq 'OffloadFunctions'"
$CurrentState = if (!$CurrentState) {
[PSCustomObject]@{
OffloadFunctions = $false
}
} else {
[PSCustomObject]@{
OffloadFunctions = $CurrentState.state
}
}
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $CurrentState
})
} else {
Add-CIPPAzDataTableEntity @Table -Entity @{
PartitionKey = 'OffloadFunctions'
RowKey = 'OffloadFunctions'
state = $request.Body.OffloadFunctions
} -Force

if ($Request.Body.OffloadFunctions) {
$Results = 'Enabled Offload Functions'
} else {
$Results = 'Disabled Offload Functions'
}
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = @{ results = $Results }
})
}

}
}
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ Function Invoke-ExecStandardsRun {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
$tenantfilter = if ($Request.Query.TenantFilter) { $Request.Query.TenantFilter } else { 'allTenants' }
try {
$null = Invoke-CIPPStandardsRun -Tenantfilter $tenantfilter
$null = Invoke-CIPPStandardsRun -Tenantfilter $tenantfilter -Force
$Results = "Successfully Started Standards Run for Tenant $tenantfilter"
} catch {
$Results = "Failed to start standards run for $tenantfilter. Error: $($_.Exception.Message)"
Expand Down
35 changes: 6 additions & 29 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-PublicPhishingCheck.ps1

Large diffs are not rendered by default.

3 changes: 1 addition & 2 deletions Modules/CIPPCore/Public/GraphHelper/Write-LogMessage.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ function Write-LogMessage {
if (!$tenant) { $tenant = 'None' }
if (!$username) { $username = 'CIPP' }
if ($sev -eq 'Debug' -and $env:DebugMode -ne $true) {
Write-Information 'Not writing to log file - Debug mode is not enabled.'
return
}
$PartitionKey = (Get-Date -UFormat '%Y%m%d').ToString()
Expand All @@ -48,4 +47,4 @@ function Write-LogMessage {

$Table.Entity = $TableRow
Add-CIPPAzDataTableEntity @Table | Out-Null
}
}
12 changes: 10 additions & 2 deletions Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,20 @@ function Invoke-CIPPStandardsRun {
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[string]$TenantFilter = 'allTenants'
[string]$TenantFilter = 'allTenants',
[switch]$Force
)
Write-Host "Starting process for standards - $($tenantFilter)"

$AllTasks = Get-CIPPStandards -TenantFilter $TenantFilter

if ($Force.IsPresent) {
Write-Host 'Clearing Rerun Cache'
foreach ($Task in $AllTasks) {
$null = Test-CIPPRerun -Type Standard -Tenant $Task.Tenant -Settings @{} -API $Task.Standard
}
}

#For each item in our object, run the queue.
$Queue = New-CippQueueEntry -Name "Applying Standards ($TenantFilter)" -TotalTasks ($AllTasks | Measure-Object).Count

Expand All @@ -26,4 +34,4 @@ function Invoke-CIPPStandardsRun {
$InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress)
Write-Host "Started orchestration with ID = '$InstanceId'"
#$Orchestrator = New-OrchestrationCheckStatusResponse -Request $Request -InstanceId $InstanceId
}
}
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Set-CIPPAssignedPolicy.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,6 @@ function Set-CIPPAssignedPolicy {
} catch {
#$ErrorMessage = Get-CippException -Exception $_
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
Write-LogMessage -user $ExecutingUser -API $APIName -message "Failed to assign $GroupName to Policy $PolicyId. Error:$ErrorMessage" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
Write-LogMessage -user $ExecutingUser -API $APIName -message "Failed to assign $GroupName to Policy $PolicyId, using Platform $PlatformType and $Type. The error is:$ErrorMessage" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
}
}
Loading

0 comments on commit 6da0c74

Please sign in to comment.