forked from KelvinTegelaar/CIPP-API
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun.ps1
122 lines (105 loc) · 6.09 KB
/
run.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
using namespace System.Net
# Input bindings are passed in via param block.
param($Request, $TriggerMetadata)
$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"
$GUID = (New-Guid).GUID
try {
if ($Request.body.rawJSON) {
if (!$Request.body.displayname) { throw "You must enter a displayname" }
if ($null -eq ($Request.body.Rawjson | ConvertFrom-Json)) { throw "the JSON is invalid" }
$object = [PSCustomObject]@{
Displayname = $request.body.displayname
Description = $request.body.description
RAWJson = $request.body.RawJSON
Type = $request.body.TemplateType
GUID = $GUID
} | ConvertTo-Json
$Table = Get-CippTable -tablename 'templates'
$Table.Force = $true
Add-AzDataTableEntity @Table -Entity @{
JSON = "$object"
RowKey = "$GUID"
PartitionKey = "IntuneTemplate"
}
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created intune policy template named $($Request.body.displayname) with GUID $GUID" -Sev "Debug"
$body = [pscustomobject]@{"Results" = "Successfully added template" }
}
else {
$TenantFilter = $request.query.TenantFilter
$URLName = $Request.query.URLName
$ID = $request.query.id
switch ($URLName) {
"configurationPolicies" {
$Type = "Catalog"
$Template = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)('$($ID)')?`$expand=settings" -tenantid $tenantfilter | Select-Object name, description, settings, platforms, technologies, templateReference
$TemplateJson = $Template | ConvertTo-Json -Depth 10
$DisplayName = $template.name
}
"deviceConfigurations" {
$Type = "Device"
$Template = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)/$($ID)" -tenantid $tenantfilter | Select-Object * -ExcludeProperty id, lastModifiedDateTime, '@odata.context', 'ScopeTagIds', 'supportsScopeTags', 'createdDateTime'
Write-Host ($Template | ConvertTo-Json)
$DisplayName = $template.displayName
$TemplateJson = ConvertTo-Json -InputObject $Template -Depth 10 -Compress
}
"groupPolicyConfigurations" {
$Type = "Admin"
$Template = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)('$($ID)')" -tenantid $tenantfilter
$DisplayName = $Template.displayName
$TemplateJsonItems = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)('$($ID)')/definitionValues?`$expand=definition" -tenantid $tenantfilter
$TemplateJsonSource = foreach ($TemplateJsonItem in $TemplateJsonItems) {
$presentationValues = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)('$($ID)')/definitionValues('$($TemplateJsonItem.id)')/presentationValues?`$expand=presentation" -tenantid $tenantfilter | ForEach-Object {
$obj = $_
if ($obj.id) {
$PresObj = @{
id = $obj.id
"[email protected]" = "https://graph.microsoft.com/beta/deviceManagement/groupPolicyDefinitions('$($TemplateJsonItem.definition.id)')/presentations('$($obj.presentation.id)')"
}
if ($obj.values) { $PresObj['values'] = $obj.values }
if ($obj.value) { $PresObj['value'] = $obj.value }
if ($obj.'@odata.type') { $PresObj['@odata.type'] = $obj.'@odata.type' }
[pscustomobject]$PresObj
}
}
[PSCustomObject]@{
'[email protected]' = "https://graph.microsoft.com/beta/deviceManagement/groupPolicyDefinitions('$($TemplateJsonItem.definition.id)')"
enabled = $TemplateJsonItem.enabled
presentationValues = @($presentationValues)
}
}
$inputvar = [pscustomobject]@{
added = @($TemplateJsonSource)
updated = @()
deletedIds = @()
}
$TemplateJson = (ConvertTo-Json -InputObject $inputvar -Depth 15 -Compress)
}
}
$object = [PSCustomObject]@{
Displayname = $DisplayName
Description = $Template.Description
RAWJson = $TemplateJson
Type = $Type
GUID = $GUID
} | ConvertTo-Json
$Table = Get-CippTable -tablename 'templates'
$Table.Force = $true
Add-AzDataTableEntity @Table -Entity @{
JSON = "$object"
RowKey = "$GUID"
PartitionKey = "IntuneTemplate"
}
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created intune policy template $($Request.body.displayname) with GUID $GUID using an original policy from a tenant" -Sev "Debug"
$body = [pscustomobject]@{"Results" = "Successfully added template" }
}
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Intune Template Deployment failed: $($_.Exception.Message)" -Sev "Error"
$body = [pscustomobject]@{"Results" = "Intune Template Deployment failed: $($_.Exception.Message)" }
}
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body
})