From 826d8802663900754cb90fba9f1c47fcf9b842bc Mon Sep 17 00:00:00 2001
From: Roel van der Wegen <github@aeternus.tech>
Date: Fri, 17 Jan 2025 12:38:45 +0100
Subject: [PATCH 1/8] Add app reg certificate expiry alert

---
 .../Get-CIPPAlertAppCertificateExpiry.ps1     | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1

diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1
new file mode 100644
index 000000000000..6e9b3bbf387f
--- /dev/null
+++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1
@@ -0,0 +1,33 @@
+function Get-CIPPAlertAppCertificateExpiry {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    #>
+    [CmdletBinding()]
+    Param (
+        [Parameter(Mandatory = $false)]
+        [Alias('input')]
+        $InputValue,
+        $TenantFilter
+    )
+
+    try {
+        Write-Host "Checking app expire for $($TenantFilter)"
+        $appList = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/applications?`$select=appId,displayName,keyCredentials" -tenantid $TenantFilter
+    } catch {
+        return
+    }
+
+    $AlertData = foreach ($App in $applist) {
+        Write-Host "checking $($App.displayName)"
+        if ($App.keyCredentials) {
+            foreach ($Credential in $App.keyCredentials) {
+                if ($Credential.endDateTime -lt (Get-Date).AddDays(30) -and $Credential.endDateTime -gt (Get-Date).AddDays(-7)) {
+                    Write-Host ("Application '{0}' has certificates expiring on {1}" -f $App.displayName, $Credential.endDateTime)
+                    @{ DisplayName = $App.displayName; Expires = $Credential.endDateTime }
+                }
+            }
+        }
+    }
+    Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData
+}

From 44d0ffe9eb6cad4e1bf2652a91b82821694669ee Mon Sep 17 00:00:00 2001
From: Roel van der Wegen <github@aeternus.tech>
Date: Fri, 17 Jan 2025 13:33:26 +0100
Subject: [PATCH 2/8] Add Apple Business Manager terms alert

---
 .../Public/Alerts/Get-CIPPAlertAppleTerms.ps1 | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1

diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1
new file mode 100644
index 000000000000..3a1d0d6160c4
--- /dev/null
+++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1
@@ -0,0 +1,30 @@
+function Get-CIPPAlertAppleTerms {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    #>
+    [CmdletBinding()]
+    Param (
+        [Parameter(Mandatory = $false)]
+        [Alias('input')]
+        $InputValue,
+        $TenantFilter
+    )
+
+    # 0 = Expired
+    # 1 = expired?
+    # 2 = unknown
+    # 3 = Terms & Conditions
+    # 4 = Warning
+
+    try {
+        $appleterms = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings" -tenantid $TenantFilter
+    } catch {
+        return
+    }
+
+    if ($appleterms.lastSyncErrorCode -eq 3) {
+        $AlertData = "New Apple Business Manager terms are ready to accept."
+        Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData
+    }
+}

From 4798cda0d080d7f275ea35d5fc9b10af17375b2a Mon Sep 17 00:00:00 2001
From: Roel van der Wegen <github@aeternus.tech>
Date: Fri, 17 Jan 2025 16:37:15 +0100
Subject: [PATCH 3/8] Fix ActionUrl / CIPPURL being populated incorrectly

---
 .../Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1
index b5cb9286edc5..4276b516c810 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1	
@@ -26,7 +26,15 @@ function Push-AuditLogTenant {
             }
             $CIPPURL = $LegacyUrl
         } else {
-            $CIPPURL = 'https://{0}' -f $CippConfig.Value
+            if (!$CippConfig) {
+                    $CippConfig = @{
+                        PartitionKey = 'InstanceProperties'
+                        RowKey       = 'CIPPURL'
+                        Value        = [string]([System.Uri]$Request.Headers.'x-ms-original-url').Host
+                    }
+                    Add-AzDataTableEntity @ConfigTable -Entity $CippConfig -Force
+                    $CIPPURL = 'https://{0}' -f $CippConfig.Value
+            } else { $CIPPURL = 'https://{0}' -f $CippConfig.Value }
         }
 
         # Get webhook rules

From 317d4897c1af9110497a020dfdf81b133f78aa0d Mon Sep 17 00:00:00 2001
From: John Duprey <jwd@johnwduprey.com>
Date: Fri, 17 Jan 2025 11:38:27 -0500
Subject: [PATCH 4/8] Update Invoke-AddGroupTemplate.ps1

---
 .../Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1
index 6574633a16c7..ba41d2e6ed0d 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1	
@@ -20,7 +20,7 @@ Function Invoke-AddGroupTemplate {
             Displayname     = $request.body.displayname
             Description     = $request.body.description
             groupType       = $request.body.groupType
-            MembershipRules = $request.body.membershipRule
+            MembershipRules = $request.body.membershipRules
             allowExternal   = $request.body.allowExternal
             username        = $request.body.username
             GUID            = $GUID

From 386c332a503d5a19156be0f223c36085f5e610f8 Mon Sep 17 00:00:00 2001
From: John Duprey <jwd@johnwduprey.com>
Date: Fri, 17 Jan 2025 12:07:42 -0500
Subject: [PATCH 5/8] Update Invoke-ExecNamedLocation.ps1

---
 .../Tenant/Conditional/Invoke-ExecNamedLocation.ps1       | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1
index e1961e25313e..833586fb2298 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1	
@@ -17,10 +17,10 @@ Function Invoke-ExecNamedLocation {
     # Write to the Azure Functions log stream.
     Write-Host 'PowerShell HTTP trigger function processed a request.'
 
-    $TenantFilter = $Request.Body.TenantFilter
-    $NamedLocationId = $Request.Body.NamedLocationId
-    $change = $Request.Body.change
-    $content = $Request.Body.input
+    $TenantFilter = $Request.Body.TenantFilter ?? $Request.Query.TenantFilter
+    $NamedLocationId = $Request.Body.NamedLocationId ?? $Request.Query.NamedLocationId
+    $change = $Request.Body.change ?? $Request.Query.change
+    $content = $Request.Body.input ?? $Request.Query.input
 
     try {
         $results = Set-CIPPNamedLocation -NamedLocationId $NamedLocationId -TenantFilter $TenantFilter -change $change -content $content -ExecutingUser $request.headers.'x-ms-client-principal'

From 57d5b5d0c4bb4ede921ad9d3b1d097eb45cd3eeb Mon Sep 17 00:00:00 2001
From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com>
Date: Fri, 17 Jan 2025 22:21:31 +0100
Subject: [PATCH 6/8] fixes caldefaults

---
 .../CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1
index a67b9132dedb..dd859ddc4738 100644
--- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1
+++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1
@@ -33,6 +33,7 @@ function Invoke-CIPPStandardcalDefault {
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'calDefault'
 
     # Input validation
+    $Settings.permissionlevel = $Settings.permissionlevel.value ? $Settings.permissionlevel.value : $Settings.permissionlevel
     if ([string]::IsNullOrWhiteSpace($Settings.permissionlevel) -or $Settings.permissionlevel -eq 'Select a value') {
         Write-LogMessage -API 'Standards' -tenant $tenant -message 'calDefault: Invalid permissionlevel parameter set' -sev Error
         Return

From b49ad60b0d96180b7facd60139de131959134c9c Mon Sep 17 00:00:00 2001
From: John Duprey <jwd@johnwduprey.com>
Date: Fri, 17 Jan 2025 16:22:43 -0500
Subject: [PATCH 7/8] adjust offboarding job settings

---
 Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
index d12385260fb4..961df76c6ac6 100644
--- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
+++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
@@ -35,21 +35,21 @@ function Invoke-CIPPOffboardingJob {
             Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -ExecutingUser $ExecutingUser -APIName $APIName
         }
 
-        { $_.'OnedriveAccess' -ne '' } {
+        { $_.'OnedriveAccess' } {
             $Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $tenantFilter -userid $username -OnedriveAccessUser $_.value -ExecutingUser $ExecutingUser -APIName $APIName }
         }
 
-        { $_.'AccessNoAutomap' -ne '' } {
+        { $_.'AccessNoAutomap' } {
             $Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName }
         }
-        { $_.'AccessAutomap' -ne '' } {
+        { $_.'AccessAutomap' } {
             $Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName }
         }
 
-        { $_.'OOO' -ne '' } {
+        { $_.'OOO' } {
             Set-CIPPOutOfOffice -tenantFilter $tenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -ExecutingUser $ExecutingUser -APIName $APIName -state 'Enabled'
         }
-        { $_.'forward' -ne '' } {
+        { $_.'forward' } {
             if (!$Options.keepCopy) {
                 Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -ExecutingUser $ExecutingUser -APIName $APIName
             } else {

From 62044da177218cdb0a7d6c83eab75f807d78e665 Mon Sep 17 00:00:00 2001
From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com>
Date: Fri, 17 Jan 2025 22:44:57 +0100
Subject: [PATCH 8/8] up version

---
 version_latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version_latest.txt b/version_latest.txt
index 4489f5a6df8f..2be8aeb6b143 100644
--- a/version_latest.txt
+++ b/version_latest.txt
@@ -1 +1 @@
-7.0.4
+7.0.5