Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…

… dev
KelvinTegelaar · Jan 17, 2025 · 2d33d5c · 2d33d5c
2 parents a561840 + b100fe2
commit 2d33d5c
Show file tree

Hide file tree

Showing 14 changed files with 760 additions and 230 deletions.
diff --git a/ConversionTable.csv b/ConversionTable.csv
diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1
@@ -18,7 +18,7 @@ function Get-CIPPAlertMFAAdmins {
             }
         }
         if (!$DuoActive) {
-            $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&$filter=IsAdmin eq true and userDisplayName ne ''On-Premises Directory Synchronization Service Account''' -tenantid $($TenantFilter) | Where-Object -Property 'isMfaRegistered' -EQ $false
+            $users = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?`$top=999&filter=IsAdmin eq true and isMfaRegistered eq false and userType eq 'member'&`$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered,IsAdmin" -tenantid $($TenantFilter) | Where-Object { $_.userDisplayName -ne 'On-Premises Directory Synchronization Service Account' }
             if ($users.UserPrincipalName) {
                 $AlertData = "The following admins do not have MFA registered: $($users.UserPrincipalName -join ', ')"
                 Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData

diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1
@@ -12,7 +12,7 @@ function Get-CIPPAlertMFAAlertUsers {
     )
     try {
 
-        $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&filter=isMfaRegistered eq false and userType eq ''member'' and userDisplayName ne ''On-Premises Directory Synchronization Service Account''&$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered' -tenantid $($TenantFilter)
+        $users = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?`$top=999&filter=IsAdmin eq false and isMfaRegistered eq false and userType eq 'member'&`$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered,IsAdmin" -tenantid $($TenantFilter) | Where-Object { $_.userDisplayName -ne 'On-Premises Directory Synchronization Service Account' }
         if ($users.UserPrincipalName) {
             $AlertData = "The following $($users.Count) users do not have MFA registered: $($users.UserPrincipalName -join ', ')"
             Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData

diff --git a/Modules/CIPPCore/Public/ConversionTable.csv b/Modules/CIPPCore/Public/ConversionTable.csv
diff --git a/...PPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1 b/...PPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1
@@ -10,24 +10,35 @@ Function Invoke-ExecAssignAPDevice {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
     $APIName = $TriggerMetadata.FunctionName
-    Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    $tenantfilter = $Request.Body.TenantFilter
+    $User = $request.headers.'x-ms-client-principal'
+    Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.body.tenantFilter
+
+
     try {
+        $UserObject = $Request.body.user.addedFields
+        $DeviceObject = $Request.body.device
+        $SerialNumber = $Request.body.serialNumber
         $body = @{
-            UserPrincipalName   = $Request.body.UserPrincipalName
-            addressableUserName = $Request.body.addressableUserName
+            userPrincipalName   = $UserObject.userPrincipalName
+            addressableUserName = $UserObject.addressableUserName
         } | ConvertTo-Json
-        New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeviceIdentities/$($request.body.Device)/UpdateDeviceProperties" -tenantid $TenantFilter -body $body -method POST
-        $Results = "Successfully assigned device to $($Request.body.UserPrincipalName) for $($tenantfilter)"
+        New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeviceIdentities/$($DeviceObject)/UpdateDeviceProperties" -tenantid $TenantFilter -body $body -method POST | Out-Null
+        Write-LogMessage -user $User -API $APINAME -message "Successfully assigned device: $DeviceObject with Serial: $SerialNumber to $($UserObject.userPrincipalName) for $($TenantFilter)" -Sev Info
+        $Results = "Successfully assigned device: $DeviceObject with Serial: $SerialNumber to  $($UserObject.userPrincipalName) for $($TenantFilter)"
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = "Could not $($Request.body.UserPrincipalName) to $($Request.body.device) for $($tenantfilter) Error: $($_.Exception.Message)"
+        $ErrorMessage = Get-CippException -Exception $_
+        Write-LogMessage -user $User -API $APINAME -message "Could not assign $($UserObject.userPrincipalName) to $($DeviceObject) for $($TenantFilter) Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage
+        $Results = "Could not assign $($UserObject.userPrincipalName) to $($DeviceObject) for $($TenantFilter) Error: $($ErrorMessage.NormalizedError)"
+        $StatusCode = [HttpStatusCode]::BadRequest
     }
 
     $Results = [pscustomobject]@{'Results' = "$results" }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })