Skip to content

Commit

Permalink
Update templates
Browse files Browse the repository at this point in the history
  • Loading branch information
Borgquite committed Dec 17, 2024
1 parent c366771 commit 1652fa3
Show file tree
Hide file tree
Showing 4 changed files with 233 additions and 13 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -223,7 +223,7 @@ function Get-TargetResource
foreach ($auScopedRoleMember in $auScopedRoleMembers)
{
Write-Verbose -Message "AU {$DisplayName} verify RoleId {$($auScopedRoleMember.RoleId)}"
$roleObject = Get-MgBetaDirectoryRole -DirectoryRoleId $auScopedRoleMember.RoleId -ErrorAction Stop
$roleObject = Get-MgDirectoryRole -DirectoryRoleId $auScopedRoleMember.RoleId -ErrorAction Stop
Write-Verbose -Message "Found DirectoryRole '$($roleObject.DisplayName)' with id $($roleObject.Id)"
$scopedRoleMember = [ordered]@{
RoleName = $roleObject.DisplayName
Expand Down Expand Up @@ -484,17 +484,17 @@ function Set-TargetResource
Write-Verbose -Message "AU {$DisplayName} member: role '$($roleMember.RoleName)' type '$($roleMember.RoleMemberInfo.Type)' identity $($roleMember.RoleMemberInfo.Identity)"
try
{
$roleObject = Get-MgBetaDirectoryRole -Filter "DisplayName eq '$($roleMember.RoleName)'" -ErrorAction stop
$roleObject = Get-MgDirectoryRole -Filter "DisplayName eq '$($roleMember.RoleName)'" -ErrorAction stop
Write-Verbose -Message "AU {$DisplayName} role is enabled"
}
catch
{
Write-Verbose -Message "Azure AD role {$($rolemember.RoleName)} is not enabled"
$roleTemplate = Get-MgBetaDirectoryRoleTemplate -All -ErrorAction Stop | Where-Object { $_.DisplayName -eq $rolemember.RoleName }
$roleTemplate = Get-MgDirectoryRoleTemplate -All -ErrorAction Stop | Where-Object { $_.DisplayName -eq $rolemember.RoleName }
if ($null -ne $roleTemplate)
{
Write-Verbose -Message "Enable Azure AD role {$($rolemember.RoleName)} with id {$($roleTemplate.Id)}"
$roleObject = New-MgBetaDirectoryRole -RoleTemplateId $roleTemplate.Id -ErrorAction Stop
$roleObject = New-MgDirectoryRole -RoleTemplateId $roleTemplate.Id -ErrorAction Stop
}
}
if ($null -eq $roleObject)
Expand Down Expand Up @@ -753,7 +753,7 @@ function Set-TargetResource
}
if ($diff.SideIndicator -ne '==')
{
$roleObject = Get-MgBetaDirectoryRole -Filter "DisplayName eq '$($diff.RoleName)'"
$roleObject = Get-MgDirectoryRole -Filter "DisplayName eq '$($diff.RoleName)'"
if ($null -eq $roleObject)
{
throw "AU {$DisplayName} Scoped Role {$($diff.RoleName)} does not exist as an Azure AD role"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ Get-MgDevice,Device.Read.All,Device.Read.All
Get-MgDirectoryAdministrativeUnitExtension,AdministrativeUnit.Read.All,AdministrativeUnit.Read.All
Get-MgDirectoryAdministrativeUnitMember,AdministrativeUnit.Read.All,AdministrativeUnit.Read.All
Get-MgDirectoryAdministrativeUnitScopedRoleMember,AdministrativeUnit.Read.All,AdministrativeUnit.Read.All
Get-MgDirectoryRole,RoleManagement.Read.Directory,RoleManagement.Read.Directory
Get-MgDirectoryRoleTemplate,RoleManagement.Read.Directory,RoleManagement.Read.Directory
Get-MgBetaDirectoryRole,RoleManagement.Read.Directory,RoleManagement.Read.Directory
Get-MgBetaDirectoryRoleTemplate,RoleManagement.Read.Directory,RoleManagement.Read.Directory
Get-MgDirectorySetting,Directory.Read.All,Directory.Read.All
Expand Down Expand Up @@ -47,6 +49,7 @@ New-MgApplicationOwnerByRef,Application.ReadWrite.All,Application.ReadWrite.All
New-MgDirectoryAdministrativeUnitExtension,AdministrativeUnit.ReadWrite.All,AdministrativeUnit.ReadWrite.All
New-MgDirectoryAdministrativeUnitMemberByRef,AdministrativeUnit.ReadWrite.All,AdministrativeUnit.ReadWrite.All
New-MgDirectoryAdministrativeUnitScopedRoleMember,AdministrativeUnit.ReadWrite.All,AdministrativeUnit.ReadWrite.All
New-MgDirectoryRole,RoleManagement.ReadWrite.Directory,RoleManagement.ReadWrite.Directory
New-MgBetaDirectoryRoleMemberByRef,RoleManagement.ReadWrite.Directory,RoleManagement.ReadWrite.Directory
New-MgDirectorySetting,Directory.ReadWrite.All,Directory.ReadWrite.All
New-MgEntitlementManagementAccessPackage,EntitlementManagement.ReadWrite.All,EntitlementManagement.ReadWrite.All
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
})
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return @{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -341,7 +341,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return @{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -552,7 +552,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return [pscustomobject]@{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -609,7 +609,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return [pscustomobject]@{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -664,7 +664,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return [pscustomobject]@{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -727,7 +727,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -MockWith {
Mock -CommandName Get-MgDirectoryRole -MockWith {
return [pscustomobject]@{
Id = '12345-67890'
DisplayName = 'User Administrator'
Expand Down Expand Up @@ -812,14 +812,14 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
}
}

Mock -CommandName Get-MgBetaDirectoryRole -ParameterFilter { $DirectoryRoleId -eq '12345-67890' } -MockWith {
Mock -CommandName Get-MgDirectoryRole -ParameterFilter { $DirectoryRoleId -eq '12345-67890' } -MockWith {
return [pscustomobject]@{
Id = '12345-67890'
DisplayName = 'DSC User Administrator'
}
}

Mock -CommandName Get-MgBetaDirectoryRole -ParameterFilter { $DirectoryRoleId -eq '09876-54321' } -MockWith {
Mock -CommandName Get-MgDirectoryRole -ParameterFilter { $DirectoryRoleId -eq '09876-54321' } -MockWith {
return [pscustomobject]@{
Id = '09876-54321'
DisplayName = 'DSC Groups Administrator'
Expand Down
217 changes: 217 additions & 0 deletions Tests/Unit/Stubs/Microsoft365.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -29097,6 +29097,153 @@ function Get-MgDirectoryAdministrativeUnitedRoleMember
$HttpPipelineAppend
)
}

function Get-MgDirectoryRole
{
[CmdletBinding()]
param(
[Parameter()]
[System.String[]]
$Property,

[Parameter()]
[PSObject]
$InputObject,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$ProxyUseDefaultCredentials,

[Parameter()]
[System.Int32]
$PageSize,

[Parameter()]
[PSObject]
$HttpPipelinePrepend,

[Parameter()]
[System.Int32]
$Skip,

[Parameter()]
[System.String]
$CountVariable,

[Parameter()]
[System.Uri]
$Proxy,

[Parameter()]
[System.String[]]
$Sort,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$All,

[Parameter()]
[System.String]
$Filter,

[Parameter()]
[System.Management.Automation.PSCredential]
$ProxyCredential,

[Parameter()]
[System.String]
$Search,

[Parameter()]
[System.String]
$DirectoryRoleId,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$Break,

[Parameter()]
[System.String[]]
$ExpandProperty,

[Parameter()]
[PSObject]
$HttpPipelineAppend
)
}
function Get-MgDirectoryRoleTemplate
{
[CmdletBinding()]
param(
[Parameter()]
[System.String[]]
$Property,

[Parameter()]
[PSObject]
$InputObject,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$ProxyUseDefaultCredentials,

[Parameter()]
[System.Int32]
$PageSize,

[Parameter()]
[PSObject]
$HttpPipelinePrepend,

[Parameter()]
[System.String]
$CountVariable,

[Parameter()]
[System.Int32]
$Skip,

[Parameter()]
[System.String]
$DirectoryRoleTemplateId,

[Parameter()]
[System.Uri]
$Proxy,

[Parameter()]
[System.String[]]
$Sort,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$All,

[Parameter()]
[System.String]
$Filter,

[Parameter()]
[System.Management.Automation.PSCredential]
$ProxyCredential,

[Parameter()]
[System.String]
$Search,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$Break,

[Parameter()]
[System.String[]]
$ExpandProperty,

[Parameter()]
[PSObject]
$HttpPipelineAppend
)
}
function Get-MgBetaDirectoryRole
{
[CmdletBinding()]
Expand Down Expand Up @@ -30070,6 +30217,76 @@ function New-MgDirectoryAdministrativeUnitScopedRoleMember
$HttpPipelineAppend
)
}

function New-MgDirectoryRole
{
[CmdletBinding()]
param(
[Parameter()]
[System.String]
$Description,

[Parameter()]
[System.String]
$RoleTemplateId,

[Parameter()]
[System.String]
$DisplayName,

[Parameter()]
[System.Collections.Hashtable]
$AdditionalProperties,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$ProxyUseDefaultCredentials,

[Parameter()]
[PSObject]
$HttpPipelinePrepend,

[Parameter()]
[PSObject]
$ScopedMembers,

[Parameter()]
[PSObject]
$Members,

[Parameter()]
[System.Uri]
$Proxy,

[Parameter()]
[PSObject]
$BodyParameter,

[Parameter()]
[System.String]
$Id,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$Confirm,

[Parameter()]
[System.Management.Automation.PSCredential]
$ProxyCredential,

[Parameter()]
[System.DateTime]
$DeletedDateTime,

[Parameter()]
[System.Management.Automation.SwitchParameter]
$Break,

[Parameter()]
[PSObject]
$HttpPipelineAppend
)
}
function New-MgBetaDirectoryRole
{
[CmdletBinding()]
Expand Down

0 comments on commit 1652fa3

Please sign in to comment.