Merge pull request #16 from KelvinTegelaar/master

[pull] master from KelvinTegelaar:master

Config/CIPPDefaultTable.BPATemplate.json

@@ -1,5 +1,5 @@
 {
-  "name": "CIPP Best Practices v1.0 - Table view",
+  "name": "CIPP Best Practices v1.5 - Table view",
   "style": "Table",
   "Fields": [
     {
@@ -172,19 +172,21 @@
       "FrontendFields": [
         {
           "name": "Current Secure Score",
-          "value": "CurrentSecureScore.currentScore"
-        },
-        {
-          "name": "Max Secure Score",
-          "value": "CurrentSecureScore.maxScore"
+          "value": "CurrentSecureScore.currentScore / CurrentSecureScore.maxScore * 100",
+          "formatter": "math",
+          "showAs": "percentage"
         },
         {
           "name": "Average Comparative Score (All Tenants)",
-          "value": "CurrentSecureScore.averageComparativeScores[0].averageScore"
+          "value": "CurrentSecureScore.averageComparativeScores[0].averageScore / CurrentSecureScore.maxScore * 100",
+          "formatter": "math",
+          "showAs": "percentage"
         },
         {
           "name": "Average Comparative Score (Similiar Size Tenants)",
-          "value": "CurrentSecureScore.averageComparativeScores[1].averageScore"
+          "value": "CurrentSecureScore.averageComparativeScores[1].averageScore / CurrentSecureScore.maxScore * 100",
+          "formatter": "math",
+          "showAs": "percentage"
         }
       ]
     }

Config/CyberEssentials.BPATemplate.json

@@ -0,0 +1,98 @@
+{
+  "name": "CIPP Cyber Essentials Helper - Tenant view",
+  "style": "Tenant",
+  "Fields": [
+    {
+      "name": "deviceregister",
+      "UseExistingInfo": false,
+      "FrontendFields": [
+        {
+          "name": "Device Register",
+          "value": "deviceregister",
+          "desc": "These are all devices found in M365 to add to your CE Device Register.",
+          "formatter": "table"
+        }
+      ],
+      "StoreAs": "JSON",
+      "API": "Graph",
+      "ExtractFields": [
+        "deviceName",
+        "lastSyncDateTime",
+        "osVersion",
+        "userPrincipalName",
+        "complianceState"
+      ],
+      "URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices"
+    },
+    {
+      "name": "adminsTable",
+      "UseExistingInfo": false,
+      "FrontendFields": [
+        {
+          "name": "Admins Table",
+          "value": "adminsTable",
+          "desc": "The list of admin accounts in your M365 environment. These must all be named and attached to actual users.",
+          "formatter": "table"
+        }
+      ],
+      "StoreAs": "JSON",
+      "API": "Graph",
+      "ExtractFields": ["displayName", "userPrincipalName"],
+      "URL": "https://graph.microsoft.com/beta/directoryRoles/roleTemplateId=62e90394-69f5-4237-9190-012177145e10/members"
+    },
+    {
+      "name": "windowsProtectionState",
+      "UseExistingInfo": false,
+      "FrontendFields": [
+        {
+          "name": "Defender List",
+          "value": "windowsProtectionState",
+          "formatter": "table",
+          "desc": "List of Defender protected workstations. Add this to your Malware Protection Audit List"
+        }
+      ],
+      "StoreAs": "JSON",
+      "API": "Graph",
+      "ExtractFields": ["windowsProtectionState"],
+      "parameters": {},
+      "URL": "https://graph.microsoft.com/beta/deviceManagement/managedDevices?$expand=windowsProtectionState"
+    },
+    {
+      "name": "detectedApps",
+      "UseExistingInfo": false,
+      "FrontendFields": [
+        {
+          "name": "Detected Apps",
+          "value": "detectedApps",
+          "desc": "All Detected Software and their version. Add this to your software audit list",
+          "formatter": "table"
+        }
+      ],
+      "StoreAs": "JSON",
+      "API": "Graph",
+      "ExtractFields": ["displayName", "version", "platform", "publisher"],
+      "URL": "https://graph.microsoft.com/beta/deviceManagement/detectedApps"
+    },
+    {
+      "name": "userRegistrationDetails",
+      "UseExistingInfo": false,
+      "FrontendFields": [
+        {
+          "name": "User Registration Details",
+          "desc": "All MFA settings (Requires a P1 Subscription)",
+          "value": "userRegistrationDetails",
+          "formatter": "table"
+        }
+      ],
+      "StoreAs": "JSON",
+      "API": "Graph",
+      "ExtractFields": [
+        "userDisplayName",
+        "isAdmin",
+        "isMFARegistered",
+        "defaultMFAMethod"
+      ],
+      "URL": "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails"
+    }
+  ]
+}

Modules/CIPPCore/Public/Entrypoints/Invoke-ExecAddTrustedIP.ps1

@@ -0,0 +1,22 @@
+using namespace System.Net
+
+Function Invoke-ExecAddTrustedIP {
+    <#
+    .FUNCTIONALITY
+    Entrypoint
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $Table = Get-CippTable -tablename 'trustedIps'
+    Add-CIPPAzDataTableEntity @Table -Entity @{
+        PartitionKey = $request.query.tenantfilter
+        RowKey       = $Request.query.ip
+        state        = $request.query.State
+    } -Force
+
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = @{ results = "Added $($Request.query.ip) to database with state $($Request.query.state) for $($Request.query.tenantfilter)" }
+        })
+}

Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCAExclusion.ps1

@@ -0,0 +1,51 @@
+using namespace System.Net
+
+Function Invoke-ExecCAExclusion {
+    <#
+    .FUNCTIONALITY
+    Entrypoint
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $TriggerMetadata.FunctionName
+    Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    #If UserId is a guid, get the user's UPN
+    if ($Request.body.UserId -match '^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$') {
+        $Username = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.body.UserId)" -tenantid $Request.body.TenantFilter).userPrincipalName
+    }
+    if ($Request.body.vacation -eq 'true') {
+        $StartDate = $Request.body.StartDate
+        $TaskBody = @{
+            TenantFilter  = $Request.body.TenantFilter
+            Name          = "Add CA Exclusion Vacation Mode: $Username - $($Request.body.TenantFilter)"
+            Command       = @{
+                value = 'Set-CIPPCAExclusion'
+                label = 'Set-CIPPCAExclusion'
+            }
+            Parameters    = @{
+                ExclusionType = 'Add'
+                UserID        = $Request.body.UserID
+                PolicyId      = $Request.body.PolicyId
+                UserName      = $Username
+            }
+            ScheduledTime = $StartDate
+        }
+        Add-CIPPScheduledTask -Task $TaskBody -hidden $false
+        #Removal of the exclusion
+        $TaskBody.Parameters.ExclusionType = 'Remove'
+        $TaskBody.Name = "Remove CA Exclusion Vacation Mode: $username - $($Request.body.TenantFilter)"
+        $TaskBody.ScheduledTime = $Request.body.EndDate
+        Add-CIPPScheduledTask -Task $TaskBody -hidden $false
+        $body = @{ Results = "Successfully added vacation mode schedule for $Username." }
+    } else {
+        Set-CIPPCAExclusion -TenantFilter $Request.body.TenantFilter -ExclusionType $Request.body.ExclusionType -UserID $Request.body.UserID -PolicyId $Request.body.PolicyId -executingUser $request.headers.'x-ms-client-principal' -UserName $Username
+    }
+
+
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Body
+        }) 
+
+}

Modules/CIPPCore/Public/Entrypoints/Invoke-ExecGeoIPLookup.ps1

@@ -1,31 +1,23 @@
-    using namespace System.Net
+using namespace System.Net
 
-    Function Invoke-ExecGeoIPLookup {
+Function Invoke-ExecGeoIPLookup {
     <#
     .FUNCTIONALITY
     Entrypoint
     #>
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-        $APIName = $TriggerMetadata.FunctionName
-Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-Write-Host $Request.Query.IP
-$location = Get-CIPPGeoIPLocation -IP $Request.query.IP
-$ARINInfo = Invoke-RestMethod -Uri "https://whois.arin.net/rest/ip/$($Request.Query.IP)" -Method Get -ContentType "application/json" -Headers @{Accept = "application/json" }
-$LocationInfo = [pscustomobject]@{
-    location     = $location
-    arin         = $ARINInfo
-    startaddress = $arininfo.net.startaddress.'$'  
-    endAddress   = $arininfo.net.endAddress.'$'
-    OrgRef       = $arininfo.net.orgRef.'@NAME'
-    SubnetName   = $arininfo.net.name.'$'
-}
+    $APIName = $TriggerMetadata.FunctionName
+    Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    Write-Host $Request.Query.IP
+    $locationInfo = Get-CIPPGeoIPLocation -IP $Request.query.IP
+
 
-# Associate values to output bindings by calling 'Push-OutputBinding'.
-Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-        StatusCode = [HttpStatusCode]::OK
-        Body       = $LocationInfo
-    })
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $LocationInfo
+        })
 
-    }
+}

Modules/CIPPCore/Public/Entrypoints/Invoke-ExecOffboardUser.ps1

@@ -8,6 +8,7 @@ Function Invoke-ExecOffboardUser {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
     try {
+        $APIName = 'ExecOffboardUser'
         Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
         $Username = $request.body.user
         $Tenantfilter = $request.body.tenantfilter