From 7997ee59d23721d4c9273a06981b59b97423c2ca Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 12 Jan 2025 14:39:41 -0500 Subject: [PATCH 1/2] add body support --- .../Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 | 7 ++----- .../Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 | 7 ++----- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 index f57c65330f6f..6ef66517cef1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 @@ -10,11 +10,8 @@ Function Invoke-ExecAutoExtendGDAP { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - # Interact with query parameters or the body of the request. - $Results = Set-CIPPGDAPAutoExtend -RelationShipid $Request.query.ID + $Id = $Request.query.ID ?? $Request.Body.ID + $Results = Set-CIPPGDAPAutoExtend -RelationShipid $Id # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 index c6a60971f1c6..6a41ac39fb5f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 @@ -9,10 +9,7 @@ Function Invoke-ExecGDAPRemoveGArole { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - $GDAPID = $request.query.GDAPId + $GDAPID = $request.query.GDAPId ?? $request.Body.GDAPId try { $CheckActive = New-GraphGetRequest -NoAuthCheck $True -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$($GDAPID)" -tenantid $env:TenantID @@ -36,7 +33,7 @@ Function Invoke-ExecGDAPRemoveGArole { $Message = "Relationship status is currently $($CheckActive.status), it is not possible to remove the Global Administrator role in this state." } if ('62e90394-69f5-4237-9190-012177145e10' -notin $CheckActive.accessDetails.unifiedRoles.roleDefinitionId) { - $Message = "This relationship does not contain the Global Administrator role." + $Message = 'This relationship does not contain the Global Administrator role.' } } } catch { From 8c50115bd60325471c72184deb64d4d4ebc52cf6 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 14 Jan 2025 12:54:36 -0500 Subject: [PATCH 2/2] Change NoAuthCheck to default $false --- Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index b399d43038ca..7d8d3ff3ad99 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -10,7 +10,7 @@ function New-GraphGetRequest { [string]$scope, [bool]$AsApp, [bool]$noPagination, - [bool]$NoAuthCheck, + $NoAuthCheck = $false, [bool]$skipTokenCache, $Caller, [switch]$ComplexFilter,