Skip to content

Commit

Permalink
Merge pull request microsoft#4200 from NikCharlebois/Integration
Browse files Browse the repository at this point in the history
Fixes AADGroup Logic for Integration
  • Loading branch information
NikCharlebois authored Jan 19, 2024
2 parents 136e492 + 88326f9 commit e0aa47e
Show file tree
Hide file tree
Showing 3 changed files with 70 additions and 45 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -511,7 +511,49 @@ function Set-TargetResource

$currentParameters.Remove('AssignedLicenses') | Out-Null

if ($Ensure -eq 'Present' -and $currentGroup.Ensure -eq 'Present')
if ($Ensure -eq 'Present' -and $currentGroup.Ensure -eq 'Absent')
{
Write-Verbose -Message "Checking to see if an existing deleted group exists with DisplayName {$DisplayName}"
$restorinExisting = $false
[Array]$groups = Get-MgBetaDirectoryDeletedItemAsGroup -Filter "DisplayName eq '$DisplayName'"
if ($groups.Length -gt 1)
{
throw "Multiple deleted groups with the name {$DisplayName} were found. Cannot restore the existig group. Please ensure that you either have no instance of the group in the deleted list or that you have a single one."
}

if ($groups.Length -eq 1)
{
Write-Verbose -Message "Found an instance of a deleted group {$DisplayName}. Restoring it."
Restore-MgBetaDirectoryDeletedItem -DirectoryObjectId $groups[0].Id
$restoringExisting = $true
$currentGroup = Get-MgGroup -Filter "DisplayName eq '$DisplayName'" -ErrorAction Stop
}

if (-not $restoringExisting)
{
Write-Verbose -Message "Creating new group {$DisplayName}"
$currentParameters.Remove('Id') | Out-Null

try
{
Write-Verbose -Message "Creating Group with Values: $(Convert-M365DscHashtableToString -Hashtable $currentParameters)"
$currentGroup = New-MgGroup @currentParameters
Write-Verbose -Message "Created Group $($currentGroup.id)"
}
catch
{
Write-Verbose -Message $_
New-M365DSCLogEntry -Message "Couldn't create group $DisplayName" `
-Exception $_ `
-Source $MyInvocation.MyCommand.ModuleName
}
}
if ($assignedLicensesGUIDs.Length -gt 0)
{
Set-MgGroupLicense -GroupId $currentGroup.Id -AddLicenses $licensesToAdd -RemoveLicenses @()
}
}
if ($Ensure -eq 'Present')
{
Write-Verbose -Message "Group {$DisplayName} exists and it should."
try
Expand Down Expand Up @@ -557,48 +599,6 @@ function Set-TargetResource
-Source $MyInvocation.MyCommand.ModuleName
}
}
elseif ($Ensure -eq 'Present' -and $currentGroup.Ensure -eq 'Absent')
{
Write-Verbose -Message "Checking to see if an existing deleted group exists with DisplayName {$DisplayName}"
$restorinExisting = $false
[Array]$groups = Get-MgBetaDirectoryDeletedItemAsGroup -Filter "DisplayName eq '$DisplayName'"
if ($groups.Length -gt 1)
{
throw "Multiple deleted groups with the name {$DisplayName} were found. Cannot restore the existig group. Please ensure that you either have no instance of the group in the deleted list or that you have a single one."
}

if ($groups.Length -eq 1)
{
Write-Verbose -Message "Found an instance of a deleted group {$DisplayName}. Restoring it."
Restore-MgBetaDirectoryDeletedItem -DirectoryObjectId $groups[0].Id
$restoringExisting = $true
$currentGroup = Get-MgGroup -Filter "DisplayName eq '$DisplayName'" -ErrorAction Stop
}

if (-not $restoringExisting)
{
Write-Verbose -Message "Creating new group {$DisplayName}"
$currentParameters.Remove('Id') | Out-Null

try
{
Write-Verbose -Message "Creating Group with Values: $(Convert-M365DscHashtableToString -Hashtable $currentParameters)"
$currentGroup = New-MgGroup @currentParameters
Write-Verbose -Message "Created Group $($currentGroup.id)"
}
catch
{
Write-Verbose -Message $_
New-M365DSCLogEntry -Message "Couldn't create group $DisplayName" `
-Exception $_ `
-Source $MyInvocation.MyCommand.ModuleName
}
}
if ($assignedLicensesGUIDs.Length -gt 0)
{
Set-MgGroupLicense -GroupId $currentGroup.Id -AddLicenses $licensesToAdd -RemoveLicenses @()
}
}
elseif ($Ensure -eq 'Absent' -and $currentGroup.Ensure -eq 'Present')
{
try
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,11 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
Mock -CommandName Get-MgGroupMember -MockWith {
}

Mock -CommandName Restore-MgBetaDirectoryDeletedItem -MockWith {
}
Mock -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -MockWith {
}

Mock -CommandName Get-MgGroupMemberOf -MockWith {
}

Expand Down Expand Up @@ -395,7 +400,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture {
MailNickname = 'M365DSC'
GroupTypes = @()
}

# Set-TargetResource expects object-type of answer to contain 'group'
$returnData.psobject.TypeNames.insert(0, 'Group')
return $returnData
Expand Down
22 changes: 21 additions & 1 deletion Tests/Unit/Stubs/Microsoft365.psm1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#region ExchangeOnlineManagement
# region ExchangeOnlineManagement
function Get-DefaultTenantBriefingConfig
{
[CmdletBinding()]
Expand Down Expand Up @@ -51825,6 +51825,26 @@ function Remove-MgBetaDirectoryAdministrativeUnitMemberByRef
$Break
)
}
function Restore-MgBetaDirectoryDeletedItem
{
[CmdletBinding()]
param(
[Parameter()]
[String]
$DirectoryObjectId
)
}

function Get-MgBetaDirectoryDeletedItemAsGroup
{
[CmdletBinding()]
param(
[Parameter()]
[String]
$Filter
)
}

function Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember
{
[CmdletBinding()]
Expand Down

0 comments on commit e0aa47e

Please sign in to comment.