Skip to content

New command: m365 entra organization set. Closes #6581 #6732

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 63 additions & 0 deletions docs/docs/cmd/entra/organization/organization-set.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
import Global from '/docs/cmd/_global.mdx';

# entra organization set

Updates info about the organization

## Usage

```sh
m365 entra organization set [options]
```

## Options

```md definition-list
`-i, --id [id]`
: The id of the organization. Specify either `id` or `displayName`, but not both.

`-d, --displayName [displayName]`
: The name of the organization. Specify either `id` or `displayName`, but not both.

`--marketingNotificationEmails [marketingNotificationEmails]`
: The comma separated list of marketing notification emails.

`--securityComplianceNotificationMails [securityComplianceNotificationMails]`
: The comma separated list of security compliance notification emails.

`--securityComplianceNotificationPhones [securityComplianceNotificationPhones]`
: The comma separated list of security compliance notification phones.

`--technicalNotificationMails [technicalNotificationMails]`
: The comma separated list of technical notification emails.

`--contactEmail [contactEmail]`
: A valid smtp email address for the privacy statement contact

`--statementUrl [statementUrl]`
: The URL that directs to the company's privacy statement
```

<Global />

## Examples
Comment on lines +41 to +43
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should include a new Permissions section similar to the one you may already find for example in this command https://pnp.github.io/cli-microsoft365/cmd/planner/task/task-add/#permissions
Since in this case we are using MS Graph it should be quite easy to add this section without much investigation as we may just base on the docs from MS https://learn.microsoft.com/en-us/graph/api/organization-update?view=graph-rest-1.0&tabs=http#permissions


Updates properties of an organization specified by id

```sh
m365 entra organization set --id 84841066-274d-4ec0-a5c1-276be684bdd3 --marketingNotificationEmails 'marketing@contoso.com'
```

Updates properties of an organization specified by displayName

```sh
m365 entra organization set --displayName Contoso --marketingNotificationEmails 'marketing@contoso.com'
```

## Response

The command won't return a response on success

## More information

- Organization: https://learn.microsoft.com/graph/api/organization-update
5 changes: 5 additions & 0 deletions docs/src/config/sidebars.ts
Original file line number Diff line number Diff line change
Expand Up @@ -614,6 +614,11 @@ const sidebars: SidebarsConfig = {
type: 'doc',
label: 'organization list',
id: 'cmd/entra/organization/organization-list'
},
{
type: 'doc',
label: 'organization set',
id: 'cmd/entra/organization/organization-set'
}
]
},
Expand Down
1 change: 1 addition & 0 deletions src/m365/entra/commands.ts
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ export default {
OAUTH2GRANT_REMOVE: `${prefix} oauth2grant remove`,
OAUTH2GRANT_SET: `${prefix} oauth2grant set`,
ORGANIZATION_LIST: `${prefix} organization list`,
ORGANIZATION_SET: `${prefix} organization set`,
PIM_ROLE_ASSIGNMENT_ADD: `${prefix} pim role assignment add`,
PIM_ROLE_ASSIGNMENT_LIST: `${prefix} pim role assignment list`,
PIM_ROLE_ASSIGNMENT_REMOVE: `${prefix} pim role assignment remove`,
Expand Down
238 changes: 238 additions & 0 deletions src/m365/entra/commands/organization/organization-set.spec.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,238 @@
import assert from 'assert';
import sinon from 'sinon';
import auth from '../../../../Auth.js';
import commands from '../../commands.js';
import request from '../../../../request.js';
import { Logger } from '../../../../cli/Logger.js';
import { telemetry } from '../../../../telemetry.js';
import { pid } from '../../../../utils/pid.js';
import { session } from '../../../../utils/session.js';
import command from './organization-set.js';
import { sinonUtil } from '../../../../utils/sinonUtil.js';
import { CommandError } from '../../../../Command.js';
import { z } from 'zod';
import { CommandInfo } from '../../../../cli/CommandInfo.js';
import { cli } from '../../../../cli/cli.js';

describe(commands.ORGANIZATION_SET, () => {
const organizationId = '84841066-274d-4ec0-a5c1-276be684bdd3';
const organizationName = 'Contoso';

let log: string[];
let logger: Logger;
let commandInfo: CommandInfo;
let commandOptionsSchema: z.ZodTypeAny;

before(() => {
sinon.stub(auth, 'restoreAuth').resolves();
sinon.stub(telemetry, 'trackEvent').resolves();
sinon.stub(pid, 'getProcessName').returns('');
sinon.stub(session, 'getId').returns('');
auth.connection.active = true;
commandInfo = cli.getCommandInfo(command);
commandOptionsSchema = commandInfo.command.getSchemaToParse()!;
});

beforeEach(() => {
log = [];
logger = {
log: async (msg: string) => {
log.push(msg);
},
logRaw: async (msg: string) => {
log.push(msg);
},
logToStderr: async (msg: string) => {
log.push(msg);
}
};
});

afterEach(() => {
sinonUtil.restore([
request.patch,
request.get
]);
});

after(() => {
sinon.restore();
auth.connection.active = false;
});

it('has correct name', () => {
assert.strictEqual(command.name, commands.ORGANIZATION_SET);
});

it('has a description', () => {
assert.notStrictEqual(command.description, null);
});

it('fails validation if id is not a valid GUID', () => {
const actual = commandOptionsSchema.safeParse({
id: 'foo',
marketingNotificationEmails: 'marketing@contoso.com'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if both id and displayName are provided', () => {
const actual = commandOptionsSchema.safeParse({
id: organizationId,
displayName: organizationName,
marketingNotificationEmails: 'marketing@contoso.com'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if neither id nor displayName is provided', () => {
const actual = commandOptionsSchema.safeParse({
marketingNotificationEmails: 'marketing@contoso.com'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if contactEmail is not a valid email', () => {
const actual = commandOptionsSchema.safeParse({
id: organizationId,
contactEmail: 'contactcontosocom'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if marketingNotificationEmails contains invalid email', () => {
const actual = commandOptionsSchema.safeParse({
id: organizationId,
marketingNotificationEmails: 'marketing@contoso.com,foocontoso.com'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if securityComplianceNotificationMails contains invalid email', () => {
const actual = commandOptionsSchema.safeParse({
id: organizationId,
securityComplianceNotificationMails: 'security@contoso.com,foo'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if technicalNotificationMails contains invalid email', () => {
const actual = commandOptionsSchema.safeParse({
id: organizationId,
technicalNotificationMails: 'support@contoso.com,@contoso.com'
});
assert.notStrictEqual(actual.success, true);
});

it('fails validation if neither contactEmail, marketingNotificationEmails, securityComplianceNotificationMails, securityComplianceNotificationPhones, statementUrl, nor technicalNotificationMails is provided', () => {
const actual = commandOptionsSchema.safeParse({ id: organizationId });
assert.notStrictEqual(actual.success, true);
});

it('updates an organization specified by id', async () => {
const patchRequestStub = sinon.stub(request, 'patch').callsFake(async (opts) => {
if (opts.url === `https://graph.microsoft.com/v1.0/organization/${organizationId}`) {
return;
}

throw 'Invalid request';
});

const parsedSchema = commandOptionsSchema.safeParse({
id: organizationId,
marketingNotificationEmails: 'marketing@contoso.com',
securityComplianceNotificationMails: 'security@contoso.com',
securityComplianceNotificationPhones: '(123) 456-7890, (987) 654-3210',
technicalNotificationMails: 'it@contoso.com,support@contoso.com',
contactEmail: 'contact@contoso.com',
statementUrl: 'https://contoso.com/privacyStatement',
verbose: true
});
await command.action(logger, { options: parsedSchema.data });
assert(patchRequestStub.called);
});

it('updates an organization specified by name', async () => {
sinon.stub(request, 'get').callsFake(async (opts) => {
if (opts.url === `https://graph.microsoft.com/v1.0/organization?$select=id,displayName`) {
return {
value: [{
id: organizationId,
displayName: organizationName
}]
};
}

throw 'Invalid request';
});

const patchRequestStub = sinon.stub(request, 'patch').callsFake(async (opts) => {
if (opts.url === `https://graph.microsoft.com/v1.0/organization/${organizationId}`) {
return;
}

throw 'Invalid request';
});

const parsedSchema = commandOptionsSchema.safeParse({
displayName: organizationName,
marketingNotificationEmails: 'marketing@contoso.com',
securityComplianceNotificationMails: 'security@contoso.com',
securityComplianceNotificationPhones: '(123) 456-7890, (987) 654-3210',
technicalNotificationMails: 'it@contoso.com,support@contoso.com',
contactEmail: 'contact@contoso.com',
statementUrl: 'https://contoso.com/privacyStatement'
});
await command.action(logger, { options: parsedSchema.data });
assert(patchRequestStub.called);
});

it('throws error when no organization specified by name was found', async () => {
sinon.stub(request, 'get').callsFake(async (opts) => {
if (opts.url === `https://graph.microsoft.com/v1.0/organization?$select=id,displayName`) {
return {
value: [{
id: organizationId,
displayName: 'foo'
}]
};
}

throw 'Invalid request';
});

const parsedSchema = commandOptionsSchema.safeParse({
displayName: organizationName,
marketingNotificationEmails: 'marketing@contoso.com',
securityComplianceNotificationMails: 'security@contoso.com',
securityComplianceNotificationPhones: '(123) 456-7890, (987) 654-3210',
technicalNotificationMails: 'it@contoso.com,support@contoso.com',
contactEmail: 'contact@contoso.com',
statementUrl: 'https://contoso.com/privacyStatement'
});

await assert.rejects(command.action(logger, { options: parsedSchema.data }), new CommandError(`The specified organization '${organizationName}' does not exist.`));
});

it('correctly handles API OData error', async () => {
sinon.stub(request, 'patch').rejects({
error: {
code: "Request_BadRequest",
message: "Invalid tenant identifier; it must match that of the requested tenant.",
innerError: {
date: "2025-05-23T11:36:44",
'request-id': "fa792713-8c17-48ae-aaeb-2d9653954815",
'client-request-id': "101755c1-8c5a-140c-97b6-975938bc6b5d"
}
}
});

const parsedSchema = commandOptionsSchema.safeParse({
id: organizationId,
marketingNotificationEmails: 'marketing@contoso.com'
});
await assert.rejects(command.action(logger, {
options: parsedSchema.data
}), new CommandError('Invalid tenant identifier; it must match that of the requested tenant.'));
});
});
Loading