Merge remote-tracking branch 'upstream/dev' into dev

DChorn-ANS · Jul 31, 2023 · 564c0b0 · 564c0b0
2 parents 3c08aaa + 5c89831
commit 564c0b0
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 3 deletions.
diff --git a/ExecEditMailboxPermissions/run.ps1 b/ExecEditMailboxPermissions/run.ps1
@@ -79,6 +79,34 @@ foreach ($UserSendAs in $RemoveSendAs) {
     }
 }
 
+$AddSendOnBehalf = ($Request.body.AddSendOnBehalf).value
+
+foreach ($UserSendOnBehalf in $AddSendOnBehalf) { 
+    try {
+        $MailboxPerms = New-ExoRequest -Anchor $username -tenantid $Tenantfilter -cmdlet "Set-Mailbox" -cmdParams @{Identity = $userid; GrantSendonBehalfTo = @{'@odata.type' = '#Exchange.GenericHashTable'; add = $UserSendOnBehalf}; }
+        $results.add( "added $UserSendOnBehalf to $($username) with Send On Behalf Permissions")
+        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME-message "Gave send on behalf permissions to $($UserSendOnBehalf) on $($username)" -Sev "Info" -tenant $TenantFilter
+    }
+    catch {
+        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME-message "Could not add send on behalf permissions for $($UserSendOnBehalf) on $($username)" -Sev "Error" -tenant $TenantFilter
+        $results.add("Could not add send on behalf permissions for $($username). Error: $($_.Exception.Message)")
+    }
+}
+
+$RemoveSendOnBehalf = ($Request.body.RemoveSendOnBehalf).value
+
+foreach ($UserSendOnBehalf in $RemoveSendOnBehalf) { 
+    try {
+        $MailboxPerms = New-ExoRequest -Anchor $username -tenantid $Tenantfilter -cmdlet "Set-Mailbox" -cmdParams @{Identity = $userid; GrantSendonBehalfTo = @{'@odata.type' = '#Exchange.GenericHashTable'; remove = $UserSendOnBehalf}; }
+        $results.add( "Removed Send On Behalf Permissions $UserSendOnBehalf on $($username)")
+        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME-message "Removed Send On Behalf Permissions to $($UserSendOnBehalf) on $($username)" -Sev "Info" -tenant $TenantFilter
+    }
+    catch {
+        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME-message "Could not Remove send on behalf permissions for $($UserSendOnBehalf) on $($username)" -Sev "Error" -tenant $TenantFilter
+        $results.add("Could not remove send on behalf permissions for $($username). Error: $($_.Exception.Message)")
+    }
+}
+
 $body = [pscustomobject]@{"Results" = @($results) }
 
 # Associate values to output bindings by calling 'Push-OutputBinding'.

diff --git a/ListIntuneTemplates/run.ps1 b/ListIntuneTemplates/run.ps1
@@ -23,6 +23,16 @@ $Templates = Get-ChildItem "Config\*.IntuneTemplate.json" | ForEach-Object {
 $Table = Get-CippTable -tablename 'templates'
 $Filter = "PartitionKey eq 'IntuneTemplate'" 
 $Templates = (Get-AzDataTableEntity @Table -Filter $Filter).JSON | ConvertFrom-Json
+if ($Request.query.View) {
+    $Templates = $Templates | ForEach-Object {
+        $data = $_.RAWJson | ConvertFrom-Json
+        $data | Add-Member -NotePropertyName "displayName" -NotePropertyValue $_.Displayname
+        $data | Add-Member -NotePropertyName "description" -NotePropertyValue $_.Description
+        $data | Add-Member -NotePropertyName "Type" -NotePropertyValue $_.Type
+        $data | Add-Member -NotePropertyName "GUID" -NotePropertyValue $_.GUID
+        $data 
+    }
+}
 
 if ($Request.query.ID) { $Templates = $Templates | Where-Object -Property guid -EQ $Request.query.id }
 

diff --git a/ListmailboxPermissions/run.ps1 b/ListmailboxPermissions/run.ps1
@@ -19,8 +19,9 @@ try {
     $base64IdentityParam = [Convert]::ToBase64String($Bytes)   
     $PermsRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Mailbox('$($Request.Query.UserID)')/MailboxPermission" -Tenantid $tenantfilter -scope ExchangeOnline 
     $PermsRequest2 = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Recipient('$base64IdentityParam')?`$expand=RecipientPermission&isEncoded=true" -Tenantid $tenantfilter -scope ExchangeOnline 
+    $PermRequest3 = New-ExoRequest -Anchor $Request.Query.UserID -tenantid $Tenantfilter -cmdlet "Get-Mailbox" -cmdParams @{Identity = $($Request.Query.UserID); }
 
-    $GraphRequest = foreach ($Perm in $PermsRequest, $PermsRequest2.RecipientPermission) {
+    $GraphRequest = foreach ($Perm in $PermsRequest, $PermsRequest2.RecipientPermission, $PermRequest3) {
 
         if ($perm.Trustee) {
             $perm | Where-Object Trustee | ForEach-Object { [PSCustomObject]@{
@@ -37,6 +38,13 @@ try {
                 }        
             }
         }
+        if ($perm.GrantSendonBehalfTo -ne $null) {
+            $perm.GrantSendonBehalfTo | ForEach-Object { [PSCustomObject]@{
+                    User        = $_
+                    Permissions = "SendOnBehalf"
+                }        
+            }
+        }
     }
     $StatusCode = [HttpStatusCode]::OK
 }

diff --git a/Modules/CIPPCore/Public/New-CIPPGraphSubscription.ps1 b/Modules/CIPPCore/Public/New-CIPPGraphSubscription.ps1
@@ -26,7 +26,7 @@ function New-CIPPGraphSubscription {
                     "address" = "https://webhook.site/9650bc4a-0120-41de-8ffd-6616e71244e1/"
                 }
             } | ConvertTo-Json
-            $AuditLog = New-GraphPOSTRequest -uri "https://manage.office.com/api/v1.0/$($TenantFilter)/activity/feed/subscriptions/start?contentType=$EventType&PublisherIdentifier=$($TenantFilter)" -tenantid $TenantFilter -type POST -body $AuditLogparams -verbose
+            $AuditLog = New-GraphPOSTRequest -uri "https://manage.office.com/api/v1.0/$($TenantFilter)/activity/feed/subscriptions/start?contentType=$EventType&PublisherIdentifier=$($TenantFilter)" -tenantid $TenantFilter -type -scope "https://manage.office.com/.default" POST -body $AuditLogparams -verbose
             $WebhookRow = @{
                 PartitionKey           = [string]$TenantFilter
                 RowKey                 = [string]$CIPPID

diff --git a/Modules/CIPPCore/Public/Remove-CIPPGraphSubcription.ps1 b/Modules/CIPPCore/Public/Remove-CIPPGraphSubcription.ps1
@@ -10,7 +10,7 @@ function Remove-CIPPGraphSubscription {
         $WebhookTable = Get-CIPPTable -TableName webhookTable
         $WebhookRow = Get-AzDataTableEntity @WebhookTable | Where-Object { $_.RowKey -eq $CIPPID }
         if ($WebhookRow.Resource -eq "M365AuditLogs") {
-            $AuditLog = New-GraphPOSTRequest -uri "https://manage.office.com/api/v1.0/$($TenantFilter)/activity/feed/subscriptions/stop?contentType=$($WebhookRow.EventType)" -tenantid $TenantFilter -type POST -body "{}" -verbose
+            $AuditLog = New-GraphPOSTRequest -uri "https://manage.office.com/api/v1.0/$($TenantFilter)/activity/feed/subscriptions/stop?contentType=$($WebhookRow.EventType)" -scope "https://manage.office.com/.default" -tenantid $TenantFilter -type POST -body "{}" -verbose
 
         }
         else {