Added Docs

Author: Jr7468

Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1

@@ -1,10 +1,64 @@
 function Invoke-ListCippQueue {
     <#
+    .SYNOPSIS
+    List CIPP queue entries and their task status
+    
+    .DESCRIPTION
+    Retrieves a list of CIPP queue entries with detailed task status, progress information, and completion statistics
+    
     .FUNCTIONALITY
         Entrypoint
     .ROLE
         CIPP.Core.Read
+        
+    .NOTES
+    Group: CIPP Queue
+    Summary: List CIPP Queue
+    Description: Retrieves a list of CIPP queue entries from the last 3 hours with detailed task status, progress tracking, and completion statistics
+    Tags: Queue,Monitoring,Progress
+    Response: Returns an array of queue objects with the following properties:
+    Response: - PartitionKey (string): Queue partition key
+    Response: - RowKey (string): Queue unique identifier
+    Response: - Name (string): Queue name or description
+    Response: - Link (string): Reference link for the queue
+    Response: - Reference (string): Additional reference information
+    Response: - TotalTasks (number): Total number of tasks in the queue
+    Response: - CompletedTasks (number): Number of completed tasks (including failed)
+    Response: - RunningTasks (number): Number of currently running tasks
+    Response: - FailedTasks (number): Number of failed tasks
+    Response: - PercentComplete (number): Percentage of tasks completed
+    Response: - PercentFailed (number): Percentage of tasks that failed
+    Response: - PercentRunning (number): Percentage of tasks currently running
+    Response: - Tasks (array): Array of individual task objects with timestamp, name, and status
+    Response: - Status (string): Overall queue status: Running, Completed, or Completed (with errors)
+    Response: - Timestamp (string): Queue creation timestamp
+    Example: [
+      {
+        "PartitionKey": "CippQueue",
+        "RowKey": "12345678-1234-1234-1234-123456789012",
+        "Name": "Tenant License Update",
+        "Link": "https://example.com/reference",
+        "Reference": "License audit 2024",
+        "TotalTasks": 10,
+        "CompletedTasks": 8,
+        "RunningTasks": 1,
+        "FailedTasks": 1,
+        "PercentComplete": 80.0,
+        "PercentFailed": 10.0,
+        "PercentRunning": 10.0,
+        "Tasks": [
+          {
+            "Timestamp": "2024-01-15T10:30:00Z",
+            "Name": "Update tenant A",
+            "Status": "Completed"
+          }
+        ],
+        "Status": "Running",
+        "Timestamp": "2024-01-15T10:00:00Z"
+      }
+    ]
     #>
+    [CmdletBinding()]
     param($Request = $null, $TriggerMetadata = $null)
 
     if ($Request) {
@@ -28,10 +82,12 @@ function Invoke-ListCippQueue {
             if ($Tasks.Status -notcontains 'Running' -and ($TaskStatus.Completed + $TaskStatus.Failed) -ge $Queue.TotalTasks) {
                 if ($Tasks.Status -notcontains 'Failed') {
                     $Queue.Status = 'Completed'
-                } else {
+                }
+                else {
                     $Queue.Status = 'Completed (with errors)'
                 }
-            } else {
+            }
+            else {
                 $Queue.Status = 'Running'
             }
         }
@@ -66,7 +122,8 @@ function Invoke-ListCippQueue {
                 StatusCode = [HttpStatusCode]::OK
                 Body       = @($QueueData)
             })
-    } else {
+    }
+    else {
         return $QueueData
     }
 }

Modules/CIPPCore/Public/CippQueue/Invoke-RemoveCippQueue.ps1

@@ -1,3 +1,45 @@
+function Invoke-RemoveCippQueue {
+    <#
+    .SYNOPSIS
+    Remove all entries from the CIPP queue and task history
+    
+    .DESCRIPTION
+    Clears all entries from the CIPP queue and associated task history tables for a full reset of queue data.
+    
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        CIPP.Core.ReadWrite
+        
+    .NOTES
+    Group: CIPP Queue
+    Summary: Remove CIPP Queue
+    Description: Clears all entries from the CIPP queue and associated task history tables for a full reset of queue data. This is typically used for maintenance or troubleshooting.
+    Tags: Queue,Maintenance,Reset
+    Response: Returns an object with the following properties:
+    Response: - Results (array): Array with a single string indicating the history was cleared
+    Response: On success: { "Results": ["History cleared"] } with HTTP 200 status
+    Example: {
+      "Results": ["History cleared"]
+    }
+    #>
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    $CippQueue = Get-CippTable -TableName 'CippQueue'
+    Clear-AzDataTable @CippQueue
+    $CippQueueTasks = Get-CippTable -TableName 'CippQueueTasks'
+    Clear-AzDataTable @CippQueueTasks
+
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = @{Results = @('History cleared') }
+        })
+}
+
 function Invoke-RemoveCippQueue {
     <#
     .FUNCTIONALITY

Modules/CIPPCore/Public/CustomData/Invoke-CustomDataSync.ps1

@@ -1,4 +1,25 @@
 function Invoke-CustomDataSync {
+    <#
+    .SYNOPSIS
+    Synchronize custom data mappings to directory objects
+    
+    .DESCRIPTION
+    Synchronizes custom data from CIPP extension cache to directory objects (e.g., users) in Microsoft Graph, based on mapping configuration.
+    
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        CIPP.Extension.ReadWrite
+        
+    .NOTES
+    Group: Custom Data
+    Summary: Custom Data Sync
+    Description: Synchronizes custom data from CIPP extension cache to directory objects (e.g., users) in Microsoft Graph, based on mapping configuration. Supports bulk PATCH operations and flexible mapping logic.
+    Tags: Custom Data,Directory,Graph API,Sync
+    Parameter: TenantFilter (string) [parameter] - Target tenant identifier for synchronization
+    Response: No direct response. Writes progress and error information to logs. Performs PATCH requests to Microsoft Graph for each mapped object.
+    Example: Synchronizes extension attributes for users in a tenant based on custom mapping configuration.
+    #>
     param(
         $TenantFilter
     )
@@ -45,7 +66,8 @@ function Invoke-CustomDataSync {
         $SyncConfig
         if ($DirectoryObjectQueries | Where-Object { $_.id -eq $Query.id }) {
             continue
-        } else {
+        }
+        else {
             $DirectoryObjectQueries.Add($Query)
         }
     }
@@ -91,7 +113,8 @@ function Invoke-CustomDataSync {
                         break
                     }
                 }
-            } else {
+            }
+            else {
                 $DirectoryObject = $DirectoryObjects | Where-Object { $_.$DestinationMatchProperty -eq $Row.$SourceMatchProperty }
             }
 
@@ -118,10 +141,12 @@ function Invoke-CustomDataSync {
                             Write-Host "Creating new object for $($Props[1])"
                             $PatchObjects[$ObjectUrl][$Props[0]][$Props[1]] = $Row.$ExtensionSyncProperty
                         }
-                    } else {
+                    }
+                    else {
                         $PatchObjects[$ObjectUrl][$CustomDataAttribute] = $Row.$ExtensionSyncProperty
                     }
-                } elseif ($DatasetConfig.type -eq 'array') {
+                }
+                elseif ($DatasetConfig.type -eq 'array') {
                     Write-Warning "Processing array data for $($CustomDataAttribute) on $($DirectoryObject.id) - found $($Row.Count) entries"
                     #Write-Information ($Row | ConvertTo-Json -Depth 10)
                     if ($DatasetConfig.select) {
@@ -134,7 +159,8 @@ function Invoke-CustomDataSync {
 
                     $Data = if ($DatasetConfig.storeAs -eq 'json') {
                         $Row | ConvertTo-Json -Depth 5 -Compress
-                    } else {
+                    }
+                    else {
                         $Row
                     }
 

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecCombinedSetup.ps1

@@ -87,7 +87,8 @@ function Invoke-ExecCombinedSetup {
                 if ($Request.Body.ApplicationSecret) { $Secret.ApplicationSecret = $Request.Body.ApplicationSecret }
                 Add-CIPPAzDataTableEntity @DevSecretsTable -Entity $Secret -Force
                 $Results.add('Manual credentials have been set in the DevSecrets table.')
-            } else {
+            }
+            else {
                 if ($Request.Body.tenantId) {
                     Set-AzKeyVaultSecret -VaultName $kv -Name 'tenantid' -SecretValue (ConvertTo-SecureString -String $Request.Body.tenantId -AsPlainText -Force)
                     $Results.add('Set tenant ID in Key Vault.')
@@ -108,7 +109,8 @@ function Invoke-ExecCombinedSetup {
         $Results.add('Setup is now complete. You may navigate away from this page and start using CIPP.')
         #one more force of reauth so env vars update.
         $auth = Get-CIPPAuthentication
-    } catch {
+    }
+    catch {
         $Results = [pscustomobject]@{'Results' = "Failed. $($_.InvocationInfo.ScriptLineNumber):  $($_.Exception.message)"; severity = 'failed' }
     }
 

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecCreateSAMApp.ps1

@@ -2,10 +2,31 @@ using namespace System.Net
 
 function Invoke-ExecCreateSAMApp {
     <#
+    .SYNOPSIS
+    Create or update SAM (Service Account Management) application registration
+    
+    .DESCRIPTION
+    Creates or updates a SAM application registration in Microsoft Graph for CIPP setup, including required service principals and secrets
+    
     .FUNCTIONALITY
         Entrypoint,AnyTenant
     .ROLE
         CIPP.AppSettings.ReadWrite
+        
+    .NOTES
+    Group: CIPP Setup
+    Summary: Create SAM App Registration
+    Description: Creates or updates a SAM application registration in Microsoft Graph for CIPP setup, including required service principals (Defender, Teams, O365 Management, Partner Center) and stores secrets in Azure Key Vault or development storage
+    Tags: CIPP,SAM,App Registration,Setup,Graph API
+    Parameter: Request.body (object) - Contains access token for Microsoft Graph authentication
+    Response: Returns an object with the following properties:
+    Response: - message (string): Success message with application ID and status
+    Response: - severity (string): Success or failed status
+    Example: {
+      "message": "Successfully created the application registration. The application ID is 12345678-1234-1234-1234-123456789012. You may continue to the next step.",
+      "severity": "success"
+    }
+    Error: Returns error details if the operation fails
     #>
     [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '')]
     [CmdletBinding()]
@@ -31,7 +52,8 @@ function Invoke-ExecCreateSAMApp {
                 $app.web.redirectUris = @("$($url)/authredirect")
                 $app = ConvertTo-Json -Depth 15 -Compress -InputObject $app
                 Invoke-RestMethod "https://graph.microsoft.com/v1.0/applications/$($AppId.id)" -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method PATCH -Body $app -ContentType 'application/json'
-            } else {
+            }
+            else {
                 $state = 'created'
                 $ModuleBase = Get-Module -Name CIPPCore | Select-Object -ExpandProperty ModuleBase
                 $SamManifestFile = Get-Item (Join-Path $ModuleBase 'Public\SAMManifest.json')
@@ -44,28 +66,33 @@ function Invoke-ExecCreateSAMApp {
                     try {
                         try {
                             $SPNDefender = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"fc780465-2017-40d4-a0c5-307022471b92`" }" -ContentType 'application/json')
-                        } catch {
+                        }
+                        catch {
                             Write-Information "didn't deploy spn for defender, probably already there."
                         }
                         try {
                             $SPNTeams = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"48ac35b8-9aa8-4d74-927d-1f4a14a0b239`" }" -ContentType 'application/json')
-                        } catch {
+                        }
+                        catch {
                             Write-Information "didn't deploy spn for Teams, probably already there."
                         }
                         try {
                             $SPNO365Manage = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"c5393580-f805-4401-95e8-94b7a6ef2fc2`" }" -ContentType 'application/json')
-                        } catch {
+                        }
+                        catch {
                             Write-Information "didn't deploy spn for O365 Management, probably already there."
                         }
                         try {
                             $SPNPartnerCenter = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd`" }" -ContentType 'application/json')
-                        } catch {
+                        }
+                        catch {
                             Write-Information "didn't deploy spn for PartnerCenter, probably already there."
                         }
                         $SPN = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"$($AppId.appId)`" }" -ContentType 'application/json')
                         Start-Sleep 2
                         $attempt ++
-                    } catch {
+                    }
+                    catch {
                         $attempt ++
                     }
                 } until ($attempt -gt 3)
@@ -83,7 +110,8 @@ function Invoke-ExecCreateSAMApp {
                 $Secret | Add-Member -MemberType NoteProperty -Name 'applicationsecret' -Value $AppPassword -Force
                 Write-Information ($Secret | ConvertTo-Json -Depth 5)
                 Add-CIPPAzDataTableEntity @DevSecretsTable -Entity $Secret -Force
-            } else {
+            }
+            else {
 
                 Set-AzKeyVaultSecret -VaultName $kv -Name 'tenantid' -SecretValue (ConvertTo-SecureString -String $TenantId -AsPlainText -Force)
                 Set-AzKeyVaultSecret -VaultName $kv -Name 'applicationid' -SecretValue (ConvertTo-SecureString -String $Appid.appId -AsPlainText -Force)
@@ -100,7 +128,8 @@ function Invoke-ExecCreateSAMApp {
             $Results = @{'message' = "Succesfully $state the application registration. The application ID is $($AppId.appid). You may continue to the next step."; severity = 'success' }
         }
 
-    } catch {
+    }
+    catch {
         $Results = [pscustomobject]@{'Results' = "Failed. $($_.InvocationInfo.ScriptLineNumber):  $($_.Exception.message)"; severity = 'failed' }
     }