Skip to content

Commit

Permalink
Merge branch 'KelvinTegelaar:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
Parad0xMS authored Jan 16, 2024
2 parents bfc692e + 0996269 commit ea4e5f4
Show file tree
Hide file tree
Showing 23 changed files with 398 additions and 219 deletions.
19 changes: 0 additions & 19 deletions BestPracticeAnalyser_List/function.json

This file was deleted.

26 changes: 0 additions & 26 deletions BestPracticeAnalyser_List/run.ps1

This file was deleted.

18 changes: 10 additions & 8 deletions Config/CIPPDefaultTable.BPATemplate.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"name": "CIPP Best Practices v1.0 - Table view",
"name": "CIPP Best Practices v1.5 - Table view",
"style": "Table",
"Fields": [
{
Expand Down Expand Up @@ -172,19 +172,21 @@
"FrontendFields": [
{
"name": "Current Secure Score",
"value": "CurrentSecureScore.currentScore"
},
{
"name": "Max Secure Score",
"value": "CurrentSecureScore.maxScore"
"value": "CurrentSecureScore.currentScore / CurrentSecureScore.maxScore * 100",
"formatter": "math",
"showAs": "percentage"
},
{
"name": "Average Comparative Score (All Tenants)",
"value": "CurrentSecureScore.averageComparativeScores[0].averageScore"
"value": "CurrentSecureScore.averageComparativeScores[0].averageScore / CurrentSecureScore.maxScore * 100",
"formatter": "math",
"showAs": "percentage"
},
{
"name": "Average Comparative Score (Similiar Size Tenants)",
"value": "CurrentSecureScore.averageComparativeScores[1].averageScore"
"value": "CurrentSecureScore.averageComparativeScores[1].averageScore / CurrentSecureScore.maxScore * 100",
"formatter": "math",
"showAs": "percentage"
}
]
}
Expand Down
98 changes: 98 additions & 0 deletions Config/CyberEssentials.BPATemplate.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
{
"name": "CIPP Cyber Essentials Helper - Tenant view",
"style": "Tenant",
"Fields": [
{
"name": "deviceregister",
"UseExistingInfo": false,
"FrontendFields": [
{
"name": "Device Register",
"value": "deviceregister",
"desc": "These are all devices found in M365 to add to your CE Device Register.",
"formatter": "table"
}
],
"StoreAs": "JSON",
"API": "Graph",
"ExtractFields": [
"deviceName",
"lastSyncDateTime",
"osVersion",
"userPrincipalName",
"complianceState"
],
"URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices"
},
{
"name": "adminsTable",
"UseExistingInfo": false,
"FrontendFields": [
{
"name": "Admins Table",
"value": "adminsTable",
"desc": "The list of admin accounts in your M365 environment. These must all be named and attached to actual users.",
"formatter": "table"
}
],
"StoreAs": "JSON",
"API": "Graph",
"ExtractFields": ["displayName", "userPrincipalName"],
"URL": "https://graph.microsoft.com/beta/directoryRoles/roleTemplateId=62e90394-69f5-4237-9190-012177145e10/members"
},
{
"name": "windowsProtectionState",
"UseExistingInfo": false,
"FrontendFields": [
{
"name": "Defender List",
"value": "windowsProtectionState",
"formatter": "table",
"desc": "List of Defender protected workstations. Add this to your Malware Protection Audit List"
}
],
"StoreAs": "JSON",
"API": "Graph",
"ExtractFields": ["windowsProtectionState"],
"parameters": {},
"URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices?$expand=windowsProtectionState"
},
{
"name": "detectedApps",
"UseExistingInfo": false,
"FrontendFields": [
{
"name": "Detected Apps",
"value": "detectedApps",
"desc": "All Detected Software and their version. Add this to your software audit list",
"formatter": "table"
}
],
"StoreAs": "JSON",
"API": "Graph",
"ExtractFields": ["displayName", "version", "platform", "publisher"],
"URL": "https://graph.microsoft.com/beta/deviceManagement/detectedApps"
},
{
"name": "userRegistrationDetails",
"UseExistingInfo": false,
"FrontendFields": [
{
"name": "User Registration Details",
"desc": "All MFA settings (Requires a P1 Subscription)",
"value": "userRegistrationDetails",
"formatter": "table"
}
],
"StoreAs": "JSON",
"API": "Graph",
"ExtractFields": [
"userDisplayName",
"isAdmin",
"isMFARegistered",
"defaultMFAMethod"
],
"URL": "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails"
}
]
}
19 changes: 0 additions & 19 deletions DomainAnalyser_List/function.json

This file was deleted.

42 changes: 0 additions & 42 deletions DomainAnalyser_List/run.ps1

This file was deleted.

22 changes: 22 additions & 0 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-ExecAddTrustedIP.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
using namespace System.Net

Function Invoke-ExecAddTrustedIP {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$Table = Get-CippTable -tablename 'trustedIps'
Add-CIPPAzDataTableEntity @Table -Entity @{
PartitionKey = $request.query.tenantfilter
RowKey = $Request.query.ip
state = $request.query.State
} -Force

Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = @{ results = "Added $($Request.query.ip) to database with state $($Request.query.state) for $($Request.query.tenantfilter)" }
})
}
51 changes: 51 additions & 0 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCAExclusion.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
using namespace System.Net

Function Invoke-ExecCAExclusion {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
#If UserId is a guid, get the user's UPN
if ($Request.body.UserId -match '^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$') {
$Username = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.body.UserId)" -tenantid $Request.body.TenantFilter).userPrincipalName
}
if ($Request.body.vacation -eq 'true') {
$StartDate = $Request.body.StartDate
$TaskBody = @{
TenantFilter = $Request.body.TenantFilter
Name = "Add CA Exclusion Vacation Mode: $Username - $($Request.body.TenantFilter)"
Command = @{
value = 'Set-CIPPCAExclusion'
label = 'Set-CIPPCAExclusion'
}
Parameters = @{
ExclusionType = 'Add'
UserID = $Request.body.UserID
PolicyId = $Request.body.PolicyId
UserName = $Username
}
ScheduledTime = $StartDate
}
Add-CIPPScheduledTask -Task $TaskBody -hidden $false
#Removal of the exclusion
$TaskBody.Parameters.ExclusionType = 'Remove'
$TaskBody.Name = "Remove CA Exclusion Vacation Mode: $username - $($Request.body.TenantFilter)"
$TaskBody.ScheduledTime = $Request.body.EndDate
Add-CIPPScheduledTask -Task $TaskBody -hidden $false
$body = @{ Results = "Successfully added vacation mode schedule for $Username." }
} else {
Set-CIPPCAExclusion -TenantFilter $Request.body.TenantFilter -ExclusionType $Request.body.ExclusionType -UserID $Request.body.UserID -PolicyId $Request.body.PolicyId -executingUser $request.headers.'x-ms-client-principal' -UserName $Username
}


Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $Body
})

}
34 changes: 13 additions & 21 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-ExecGeoIPLookup.ps1
Original file line number Diff line number Diff line change
@@ -1,31 +1,23 @@
using namespace System.Net
using namespace System.Net

Function Invoke-ExecGeoIPLookup {
Function Invoke-ExecGeoIPLookup {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
Write-Host $Request.Query.IP
$location = Get-CIPPGeoIPLocation -IP $Request.query.IP
$ARINInfo = Invoke-RestMethod -Uri "https://whois.arin.net/rest/ip/$($Request.Query.IP)" -Method Get -ContentType "application/json" -Headers @{Accept = "application/json" }
$LocationInfo = [pscustomobject]@{
location = $location
arin = $ARINInfo
startaddress = $arininfo.net.startaddress.'$'
endAddress = $arininfo.net.endAddress.'$'
OrgRef = $arininfo.net.orgRef.'@NAME'
SubnetName = $arininfo.net.name.'$'
}
$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
Write-Host $Request.Query.IP
$locationInfo = Get-CIPPGeoIPLocation -IP $Request.query.IP


# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $LocationInfo
})
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $LocationInfo
})

}
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ Function Invoke-ExecOffboardUser {
[CmdletBinding()]
param($Request, $TriggerMetadata)
try {
$APIName = 'ExecOffboardUser'
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
$Username = $request.body.user
$Tenantfilter = $request.body.tenantfilter
Expand Down
Loading

0 comments on commit ea4e5f4

Please sign in to comment.