Merge branch 'Dev' into fix/microsoft#3885-AADConditionalAccessPolicy

swisscom · Jan 8, 2024 · 0b3b719 · 0b3b719
2 parents ca44648 + d936cbc
commit 0b3b719
Show file tree

Hide file tree

Showing 42 changed files with 465 additions and 463 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,7 @@
 # Change log for Microsoft365DSC
 
+# Unreleased
+
 # UNRELEASED
 * AADConditionalAccessPolicy
   * FIXES [[#3885](https://github.com/microsoft/Microsoft365DSC/issues/3885)]

diff --git a/...SFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1 b/...SFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1
@@ -104,10 +104,12 @@ function Get-TargetResource
     {
         $getValue = $null
 
-        #region resource generator code
-        $getValue = Get-MgBetaEntitlementManagementAccessPackage -AccessPackageId $id `
-            -ExpandProperty "accessPackageResourceRoleScopes(`$expand=accessPackageResourceRole,accessPackageResourceScope)" `
-            -ErrorAction SilentlyContinue
+        if (-not [System.String]::IsNullOrEmpty($id))
+        {
+            $getValue = Get-MgBetaEntitlementManagementAccessPackage -AccessPackageId $id `
+                -ExpandProperty "accessPackageResourceRoleScopes(`$expand=accessPackageResourceRole,accessPackageResourceScope)" `
+                -ErrorAction SilentlyContinue
+        }
 
         if ($null -eq $getValue)
         {
@@ -121,7 +123,6 @@ function Get-TargetResource
                     -ErrorAction SilentlyContinue
             }
         }
-        #endregion
 
         if ($null -eq $getValue)
         {

diff --git a/...ssPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 b/...ssPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1
@@ -103,10 +103,13 @@ function Get-TargetResource
         $nullResult.Ensure = 'Absent'
 
         $getValue = $null
-        $getValue = Get-MgBetaEntitlementManagementAccessPackageAssignmentPolicy `
-            -AccessPackageAssignmentPolicyId $id `
-            -ExpandProperty "customExtensionHandlers(`$expand=customExtension)" `
-            -ErrorAction SilentlyContinue
+        if (-not [System.String]::IsNullOrEmpty($id))
+        {
+            $getValue = Get-MgBetaEntitlementManagementAccessPackageAssignmentPolicy `
+                -AccessPackageAssignmentPolicyId $id `
+                -ExpandProperty "customExtensionHandlers(`$expand=customExtension)" `
+                -ErrorAction SilentlyContinue
+        }
 
         if ($null -eq $getValue)
         {
@@ -528,6 +531,30 @@ function Set-TargetResource
             }
             $CreateParameters.CustomExtensionHandlers = $formattedCustomExtensionHandlers
         }
+
+        # Check to see if the AccessPackageId is in GUID form. If not, resolve it by name.
+        if (-not [System.String]::IsNullOrEmpty($AccessPackageId))
+        {
+            $ObjectGuid = [System.Guid]::empty
+            $isGUID = [System.Guid]::TryParse($AccessPackageId, [System.Management.Automation.PSReference]$ObjectGuid)
+            if (-not $isGUID)
+            {
+                # Retrieve by name
+                Write-Verbose -Message "Retrieving Entitlement Management Access Package by Name {$AccessPackageId}"
+                $package = Get-MgBetaEntitlementManagementAccessPackage -Filter "displayName eq '$AccessPackageId'"
+                if ($null -ne $package)
+                {
+                    $AccessPackageId = $package.Id
+                }
+                else
+                {
+                    throw "Could not retrieve the Access Package using identifier {$AccessPackageId}"
+                }
+            }
+            $CreateParameters.AccessPackageId = $AccessPackageId
+        }
+
+        Write-Verbose -Message "Creating with Values: $(Convert-M365DscHashtableToString -Hashtable $CreateParameters)"
         New-MgBetaEntitlementManagementAccessPackageAssignmentPolicy `
             -BodyParameter $CreateParameters
     }

diff --git a/...mentManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1 b/...mentManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1
@@ -88,8 +88,10 @@ function Get-TargetResource
     {
         $getValue = $null
 
-        #region resource generator code
-        $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalog -AccessPackageCatalogId $id -ErrorAction SilentlyContinue
+        if (-not [System.String]::IsNullOrEmpty($id))
+        {
+            $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalog -AccessPackageCatalogId $id -ErrorAction SilentlyContinue
+        }
 
         if ($null -eq $getValue)
         {
@@ -104,7 +106,6 @@ function Get-TargetResource
                 }
             }
         }
-        #endregion
 
         if ($null -eq $getValue)
         {

diff --git a/...cessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 b/...cessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1
@@ -112,17 +112,34 @@ function Get-TargetResource
     {
         $getValue = $null
 
-        #region resource generator code
-        $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource `
-            -AccessPackageCatalogId  $CatalogId `
-            -Filter "Id eq '$Id'" -ErrorAction SilentlyContinue
+        if (-not [System.String]::IsNullOrEmpty($CatalogId))
+        {
+            $resource = ([Hashtable]$PSBoundParameters).clone()
+            $ObjectGuid = [System.Guid]::empty
+            if (-not [System.Guid]::TryParse($CatalogId, [System.Management.Automation.PSReference]$ObjectGuid))
+            {
+                $catalogInstance = Get-MgBetaEntitlementManagementAccessPackageCatalog -Filter "DisplayName eq '$catalogId'"
+                $CatalogId = $catalogInstance.Id
+            }
+
+            $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource `
+                -AccessPackageCatalogId  $CatalogId `
+                -Filter "Id eq '$Id'" -ErrorAction SilentlyContinue
+
+            if ($null -eq $getValue)
+            {
+                Write-Verbose -Message "Retrieving Resource by Display Name {$DisplayName}"
+                $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource `
+                    -AccessPackageCatalogId  $CatalogId `
+                    -Filter "DisplayName eq '$DisplayName'" -ErrorAction SilentlyContinue
+            }
+        }
 
         if ($null -eq $getValue)
         {
             Write-Verbose -Message "The access package resource with id {$id} was NOT found in catalog {$CatalogId}."
             return $nullResult
         }
-        #endregion
 
         Write-Verbose -Message "The access package resource {$DisplayName} was found in catalog {$CatalogId}."
         $hashAttributes = @()
@@ -310,9 +327,18 @@ function Set-TargetResource
 
     if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent')
     {
-        Write-Verbose -Message "Assigning resource {$DisplayName} to catalog {$CatalogId}"
-
         $resource = ([Hashtable]$PSBoundParameters).clone()
+        $ObjectGuid = [System.Guid]::empty
+        if (-not [System.Guid]::TryParse($CatalogId, [System.Management.Automation.PSReference]$ObjectGuid))
+        {
+            Write-Verbose -Message "Retrieving Catalog by Display Name"
+            $catalogInstance = Get-MgBetaEntitlementManagementAccessPackageCatalog -Filter "DisplayName eq '$($CatalogId)'"
+            if ($catalogInstance)
+            {
+                $CatalogId = $catalogInstance.Id
+            }
+        }
+        Write-Verbose -Message "Assigning resource {$DisplayName} to catalog {$CatalogId}"
 
         $resource.Remove('Id') | Out-Null
         $resource.Remove('CatalogId') | Out-Null
@@ -329,7 +355,6 @@ function Set-TargetResource
                 $keyValue = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $resource.$key
                 $resource.$key = $keyValue
             }
-
         }
 
         $mapping = @{
@@ -346,6 +371,7 @@ function Set-TargetResource
             AccessPackageresource = $resource
         }
         #region resource generator code
+        Write-Verbose -Message "Creating with Values: $(Convert-M365DscHashtableToString -Hashtable $resourceRequest)"
         New-MgBetaEntitlementManagementAccessPackageResourceRequest @resourceRequest
 
         #endregion
@@ -355,7 +381,16 @@ function Set-TargetResource
         Write-Verbose -Message "Updating resource {$DisplayName} in catalog {$CatalogId}"
 
         $resource = ([Hashtable]$PSBoundParameters).clone()
-
+        $ObjectGuid = [System.Guid]::empty
+        if (-not [System.Guid]::TryParse($CatalogId, [System.Management.Automation.PSReference]$ObjectGuid))
+        {
+            Write-Verbose -Message "Retrieving Catalog by Display Name"
+            $catalogInstance = Get-MgBetaEntitlementManagementAccessPackageCatalog -Filter "DisplayName eq '$($CatalogId)'"
+            if ($catalogInstance)
+            {
+                $CatalogId = $catalogInstance.Id
+            }
+        }
         #$resource.Remove('Id') | Out-Null
         $resource.Remove('CatalogId') | Out-Null
         $resource.Remove('Verbose') | Out-Null
@@ -422,16 +457,13 @@ function Set-TargetResource
         $resource = Rename-M365DSCCimInstanceParameter -Properties $resource `
             -KeyMapping $mapping
 
-        #region resource generator code
         $resourceRequest = @{
             CatalogId             = $CatalogId
             RequestType           = 'AdminRemove'
             AccessPackageresource = $resource
         }
-        #region resource generator code
         New-MgBetaEntitlementManagementAccessPackageResourceRequest @resourceRequest
 
-        #endregion
     }
 }