Merge pull request #552 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev

Author: pull[bot]

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-CIPPStandard.ps1

@@ -27,17 +27,19 @@ function Push-CIPPStandard {
         Write-Information "Rerun is set to false. We'll be running $FunctionName"
     }
 
-    $script:StandardInfo = @{
+    $StandardInfo = @{
         Standard           = $Standard
         StandardTemplateId = $Item.templateId
     }
     if ($Standard -eq 'IntuneTemplate') {
-        $script:StandardInfo.IntuneTemplateId = $Item.Settings.TemplateList.value
+        $StandardInfo.IntuneTemplateId = $Item.Settings.TemplateList.value
     }
     if ($Standard -eq 'ConditionalAccessTemplate') {
-        $script:StandardInfo.ConditionalAccessTemplateId = $Item.Settings.TemplateList.value
+        $StandardInfo.ConditionalAccessTemplateId = $Item.Settings.TemplateList.value
     }
 
+    $Script:StandardInfo = $StandardInfo
+
     try {
         # Convert settings to JSON, replace %variables%, then convert back to object
         $SettingsJSON = $Item.Settings | ConvertTo-Json -Depth 10 -Compress

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCloneTemplate.ps1

@@ -0,0 +1,63 @@
+function Invoke-ExecCloneTemplate {
+    <#
+    .FUNCTIONALITY
+        Entrypoint,AnyTenant
+    .ROLE
+        CIPP.Core.ReadWrite
+    #>
+    param(
+        $Request,
+        $TriggerMetadata
+    )
+
+    $GUID = $Request.Query.GUID ?? $Request.Body.GUID
+    $Type = $Request.Query.Type ?? $Request.Body.Type
+
+    if ($GUID -and $Type) {
+        $Table = Get-CIPPTable -tablename templates
+        $Template = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$Type' and RowKey eq '$GUID'"
+
+        if ($Template) {
+            $NewGuid = [guid]::NewGuid().ToString()
+            $Template.RowKey = $NewGuid
+            $Template.JSON = $Template.JSON -replace $GUID, $NewGuid
+            $Template.Package = $null
+            $Template.SHA = $null
+            try {
+                Add-CIPPAzDataTableEntity @Table -Entity $Template
+                $body = @{
+                    Results = @{
+                        state      = 'success'
+                        resultText = 'Template cloned successfully'
+                    }
+                }
+            } catch {
+                $body = @{
+                    Results = @{
+                        state      = 'error'
+                        resultText = 'Failed to clone template'
+                        details    = Get-CIPPException -Exception $_
+                    }
+                }
+            }
+        } else {
+            $body = @{
+                Results = @{
+                    state      = 'error'
+                    resultText = 'Template not found'
+                }
+            }
+        }
+    } else {
+        $body = @{
+            Results = @{
+                state      = 'error'
+                resultText = 'GUID or Type not provided'
+            }
+        }
+    }
+    return ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $body
+        })
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecEditTemplate.ps1

@@ -17,15 +17,30 @@ function Invoke-ExecEditTemplate {
 
         if ($Type -eq 'IntuneTemplate') {
             Write-Host 'Intune Template'
-            $OriginalTemplate = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'IntuneTemplate' and RowKey eq '$GUID'"
-            $OriginalJSON = $OriginalTemplate.JSON
-            $OriginalTemplate = ($OriginalJSON | ConvertFrom-Json -Depth 100)
+            $Template = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'IntuneTemplate' and RowKey eq '$GUID'"
+            $OriginalJSON = $Template.JSON
+
+            if ($Template.SHA) {
+                $NewGuid = [guid]::NewGuid().ToString()
+            } else {
+                $NewGuid = $GUID
+            }
             if ($Request.Body.parsedRAWJson) {
                 $RawJSON = ConvertTo-Json -Compress -Depth 100 -InputObject $Request.Body.parsedRAWJson
             } else {
                 $RawJSON = $OriginalJSON
             }
-            Set-CIPPIntuneTemplate -RawJSON $RawJSON -GUID $GUID -DisplayName $Request.Body.displayName -Description $Request.Body.description -templateType $OriginalTemplate.Type -Headers $Request.Headers
+
+            $IntuneTemplate = @{
+                GUID         = $NewGuid
+                RawJson      = $RawJSON
+                DisplayName  = $Request.Body.displayName
+                Description  = $Request.Body.description
+                templateType = $Template.Type
+                Package      = $Template.Package
+                Headers      = $Request.Headers
+            }
+            Set-CIPPIntuneTemplate @IntuneTemplate
         } else {
             $Table.Force = $true
             Add-CIPPAzDataTableEntity @Table -Entity @{

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ListCustomVariables.ps1

@@ -174,6 +174,14 @@ function Invoke-ListCustomVariables {
             $ReservedVariables = $ReservedVariables | Where-Object { $_.Category -ne 'system' }
         }
 
+        # Filter out global reserved variables if requested (for tenant group rules)
+        # These variables are the same for all tenants so they're not useful for grouping
+        if ($Request.Query.excludeGlobalReserved -eq 'true') {
+            $ReservedVariables = $ReservedVariables | Where-Object {
+                $_.Category -notin @('partner', 'cipp', 'system')
+            }
+        }
+
         # Add reserved variables first
         foreach ($Variable in $ReservedVariables) {
             $VariableMap[$Variable.Name] = $Variable

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUserDefaults.ps1

@@ -0,0 +1,140 @@
+function Invoke-AddUserDefaults {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Identity.User.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+
+    try {
+        # Extract data from request body - matching CippAddEditUser.jsx field names
+        $TenantFilter = $Request.Body.tenantFilter
+        $TemplateName = $Request.Body.templateName
+        $DefaultForTenant = $Request.Body.defaultForTenant
+
+        Write-Host "Creating template '$TemplateName' for tenant: $TenantFilter"
+
+        # User fields
+        $GivenName = $Request.Body.givenName
+        $Surname = $Request.Body.surname
+        $DisplayName = $Request.Body.displayName
+
+        # Handle autocomplete fields - extract value if it's an object
+        $UsernameFormat = if ($Request.Body.usernameFormat -is [string]) {
+            $Request.Body.usernameFormat
+        } else {
+            $Request.Body.usernameFormat.value
+        }
+
+        $PrimDomain = if ($Request.Body.primDomain -is [string]) {
+            $Request.Body.primDomain
+        } else {
+            $Request.Body.primDomain.value
+        }
+
+        $AddedAliases = $Request.Body.addedAliases
+
+        # Settings
+        $Autopassword = $Request.Body.Autopassword
+        $Password = $Request.Body.password
+        $MustChangePass = $Request.Body.MustChangePass
+
+        $UsageLocation = if ($Request.Body.usageLocation -is [string]) {
+            $Request.Body.usageLocation
+        } else {
+            $Request.Body.usageLocation.value
+        }
+
+        $Licenses = $Request.Body.licenses
+        $RemoveLicenses = $Request.Body.removeLicenses
+
+        # Job and Location fields
+        $JobTitle = $Request.Body.jobTitle
+        $StreetAddress = $Request.Body.streetAddress
+        $City = $Request.Body.city
+        $State = $Request.Body.state
+        $PostalCode = $Request.Body.postalCode
+        $Country = $Request.Body.country
+        $CompanyName = $Request.Body.companyName
+        $Department = $Request.Body.department
+
+        # Contact fields
+        $MobilePhone = $Request.Body.mobilePhone
+        $BusinessPhones = $Request.Body.'businessPhones[0]'
+        $OtherMails = $Request.Body.otherMails
+
+        # User relations
+        $SetManager = $Request.Body.setManager
+        $SetSponsor = $Request.Body.setSponsor
+        $CopyFrom = $Request.Body.copyFrom
+
+        # Create template object with all fields from CippAddEditUser
+        $TemplateObject = @{
+            tenantFilter     = $TenantFilter
+            templateName     = $TemplateName
+            defaultForTenant = [bool]$DefaultForTenant
+            givenName        = $GivenName
+            surname          = $Surname
+            displayName      = $DisplayName
+            usernameFormat   = $UsernameFormat
+            primDomain       = $PrimDomain
+            addedAliases     = $AddedAliases
+            Autopassword     = $Autopassword
+            password         = $Password
+            MustChangePass   = $MustChangePass
+            usageLocation    = $UsageLocation
+            licenses         = $Licenses
+            removeLicenses   = $RemoveLicenses
+            jobTitle         = $JobTitle
+            streetAddress    = $StreetAddress
+            city             = $City
+            state            = $State
+            postalCode       = $PostalCode
+            country          = $Country
+            companyName      = $CompanyName
+            department       = $Department
+            mobilePhone      = $MobilePhone
+            businessPhones   = $BusinessPhones
+            otherMails       = $OtherMails
+            setManager       = $SetManager
+            setSponsor       = $SetSponsor
+            copyFrom         = $CopyFrom
+        }
+
+        # Generate GUID for the template
+        $GUID = (New-Guid).GUID
+
+        # Convert to JSON
+        $JSON = ConvertTo-Json -InputObject $TemplateObject -Depth 100 -Compress
+
+        # Store in table
+        $Table = Get-CippTable -tablename 'templates'
+        $Table.Force = $true
+        Add-CIPPAzDataTableEntity @Table -Entity @{
+            JSON         = "$JSON"
+            RowKey       = "$GUID"
+            PartitionKey = 'UserDefaultTemplate'
+            GUID         = "$GUID"
+        }
+
+        $Result = "Created User Default Template '$($TemplateName)' with GUID $GUID"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
+
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to create User Default Template: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
+    }
+
+    return ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{'Results' = "$Result" }
+        })
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListNewUserDefaults.ps1

@@ -0,0 +1,57 @@
+function Invoke-ListNewUserDefaults {
+    <#
+    .FUNCTIONALITY
+        Entrypoint,AnyTenant
+    .ROLE
+        Identity.User.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    Write-Host 'Listing New User Default Templates'
+
+    # Get the TenantFilter from query parameters
+    $TenantFilter = $Request.Query.TenantFilter
+    Write-Host "TenantFilter from request: $TenantFilter"
+
+    # Get the templates table
+    $Table = Get-CippTable -tablename 'templates'
+    $Filter = "PartitionKey eq 'UserDefaultTemplate'"
+
+    # Retrieve all User Default templates
+    $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter) | ForEach-Object {
+        try {
+            $row = $_
+            $data = $row.JSON | ConvertFrom-Json -Depth 100 -ErrorAction Stop
+            $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $row.GUID -Force
+            $data | Add-Member -NotePropertyName 'RowKey' -NotePropertyValue $row.RowKey -Force
+            Write-Host "Template found: $($data.templateName), tenantFilter: $($data.tenantFilter)"
+            $data
+        } catch {
+            Write-Warning "Failed to process User Default template: $($row.RowKey) - $($_.Exception.Message)"
+        }
+    }
+
+    Write-Host "Total templates before filtering: $($Templates.Count)"
+
+    # Filter by tenant if TenantFilter is provided
+    if ($TenantFilter) {
+        $Templates = $Templates | Where-Object -Property tenantFilter -EQ $TenantFilter
+        Write-Host "Templates after filtering: $($Templates.Count)"
+    }
+
+    # Sort by template name
+    $Templates = $Templates | Sort-Object -Property templateName
+
+    # If a specific ID is requested, filter to that template
+    if ($Request.query.ID) {
+        $Templates = $Templates | Where-Object -Property GUID -EQ $Request.query.ID
+    }
+
+    $Templates = ConvertTo-Json -InputObject @($Templates) -Depth 100
+
+    return ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Templates
+        })
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-RemoveUserDefaultTemplate.ps1

@@ -0,0 +1,42 @@
+function Invoke-RemoveUserDefaultTemplate {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Identity.User.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+
+    try {
+        $ID = $Request.Query.ID ?? $Request.Body.ID
+        $Table = Get-CippTable -tablename 'templates'
+        $Filter = "PartitionKey eq 'UserDefaultTemplate' and RowKey eq '$ID'"
+        $Template = Get-CIPPAzDataTableEntity @Table -Filter $Filter
+
+        if ($Template) {
+            Remove-AzDataTableEntity @Table -Entity $Template
+            $Result = "Successfully deleted User Default Template with ID: $ID"
+            Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Info'
+            $StatusCode = [HttpStatusCode]::OK
+        } else {
+            $Result = "User Default Template with ID $ID not found"
+            Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Warning'
+            $StatusCode = [HttpStatusCode]::NotFound
+        }
+
+    } catch {
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to delete User Default Template: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
+    }
+
+    return ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{'Results' = "$Result" }
+        })
+}