Skip to content

Commit

Permalink
Merge pull request #1092 from JohnDuprey/dev
Browse files Browse the repository at this point in the history
BEC & Quarantined messages
  • Loading branch information
JohnDuprey authored Aug 27, 2024
2 parents e24facf + 26b7346 commit c4d90ca
Show file tree
Hide file tree
Showing 4 changed files with 55 additions and 11 deletions.
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
using namespace System.Net

Function Invoke-ListMailQuarantine {
function Invoke-ListMailQuarantineMessage {
<#
.FUNCTIONALITY
Entrypoint
Expand All @@ -12,21 +10,27 @@ Function Invoke-ListMailQuarantine {

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
$Tenantfilter = $request.Query.tenantfilter
$Tenantfilter = $Request.Query.Tenantfilter

try {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-QuarantineMessage' -cmdParams @{ 'PageSize' = 1000 }
$GraphRequest = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Export-QuarantineMessage' -cmdParams @{ 'Identity' = $Request.Query.Identity }
$EmlBase64 = $GraphRequest.Eml
$EmlContent = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($EmlBase64))
$Body = @{
'Identity' = $Request.Query.Identity
'Message' = $EmlContent
}
$StatusCode = [HttpStatusCode]::OK
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
$StatusCode = [HttpStatusCode]::Forbidden
$GraphRequest = $ErrorMessage
$Body = $ErrorMessage
}

# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = $StatusCode
Body = @($GraphRequest)
Body = $Body
})

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
function Invoke-ListMailQuarantine {
<#
.FUNCTIONALITY
Entrypoint
.ROLE
Exchange.SpamFilter.ReadWrite
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
$Tenantfilter = $request.Query.tenantfilter

try {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-QuarantineMessage' -cmdParams @{ 'PageSize' = 1000 }
$StatusCode = [HttpStatusCode]::OK
} catch {
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
$StatusCode = [HttpStatusCode]::Forbidden
$GraphRequest = $ErrorMessage
}

# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = $StatusCode
Body = @($GraphRequest)
})

}
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,17 @@ Function Invoke-ExecBECRemediate {
$Step = 'Disable Inbox Rules'
$Rules = New-ExoRequest -anchor $username -tenantid $TenantFilter -cmdlet 'Get-InboxRule' -cmdParams @{Mailbox = $username; IncludeHidden = $true }
$RuleDisabled = 0
$RuleFailed = 0
if (($Rules | Measure-Object).Count -gt 0) {
$Rules | Where-Object { $_.Name -ne 'Junk E-Mail Rule' } | ForEach-Object {
$null = New-ExoRequest -anchor $username -tenantid $TenantFilter -cmdlet 'Disable-InboxRule' -cmdParams @{Confirm = $false; Identity = $_.Identity }
"Disabled Inbox Rule $($_.Identity) for $username"
$RuleDisabled++
try {
$null = New-ExoRequest -anchor $username -tenantid $TenantFilter -cmdlet 'Disable-InboxRule' -cmdParams @{Confirm = $false; Identity = $_.Identity }
"Disabled Inbox Rule '$($_.Identity)' for $username"
$RuleDisabled++
} catch {
"Failed to disable Inbox Rule '$($_.Identity)' for $username"
$RuleFailed++
}
}
}
if ($RuleDisabled -gt 0) {
Expand All @@ -45,6 +51,10 @@ Function Invoke-ExecBECRemediate {
"No Inbox Rules found for $username. We have not disabled any rules."
}

if ($RuleFailed -gt 0) {
"Failed to disable $RuleFailed Inbox Rules for $username"
}

Write-LogMessage -API 'BECRemediate' -tenant $tenantfilter -message "Executed Remediation for $username" -sev 'Info'

} catch {
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ function Test-CIPPAccessPermissions {
$null = Get-CIPPAuthentication
$GraphToken = Get-GraphToken -returnRefresh $true -SkipCache $true
if ($GraphToken) {
$GraphPermissions = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/myorganization/applications?`$filter=appId eq '$env:ApplicationID'" -NoAuthCheck $true
$GraphPermissions = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/myorganization/applications(appId='$env:ApplicationID')" -NoAuthCheck $true
}
if ($env:MSI_SECRET) {
try {
Expand Down

0 comments on commit c4d90ca

Please sign in to comment.