Skip to content

Commit 37c20b5

Browse files
emmanuel-karanjaemmanuel-karanja
committed
added beta cmdlet port
1 parent 7e4e46e commit 37c20b5

File tree

6 files changed

+482
-292
lines changed

6 files changed

+482
-292
lines changed

module/Entra/Microsoft.Entra/Users/Test-EntraBetaCommandPrerequisites.ps1

Lines changed: 145 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,145 @@
1+
function Test-EntraCommandPrerequisites {
2+
[CmdletBinding()]
3+
[OutputType([bool])]
4+
param (
5+
# The name of a command.
6+
[Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Position = 1)]
7+
[Alias('Command')]
8+
[string[]] $Name,
9+
# The service API version.
10+
[Parameter(Mandatory = $false, Position = 2)]
11+
[ValidateSet('v1.0')]
12+
[string] $ApiVersion = 'v1.0',
13+
# Specifies a minimum version.
14+
[Parameter(Mandatory = $false)]
15+
[version] $MinimumVersion,
16+
# Require "list" permissions rather than "get" permissions when Get-Mg* commands are specified.
17+
[Parameter(Mandatory = $false, ValueFromPipelineByPropertyName = $true)]
18+
[switch] $RequireListPermissions
19+
)
20+
21+
begin {
22+
[version] $MgAuthenticationModuleVersion = $null
23+
$Assembly = [System.AppDomain]::CurrentDomain.GetAssemblies() | Where-Object FullName -Like "Microsoft.Graph.Authentication,*"
24+
if ($Assembly.FullName -match "Version=(([0-9]+.[0-9]+.[0-9]+).[0-9]+),") {
25+
$MgAuthenticationModuleVersion = $Matches[2]
26+
}
27+
else {
28+
$MgAuthenticationModuleVersion = Get-Command 'Connect-MgGraph' -Module 'Microsoft.Graph.Authentication' | Select-Object -ExpandProperty Version
29+
}
30+
Write-Debug "Microsoft.Graph.Authentication module version loaded: $MgAuthenticationModuleVersion"
31+
}
32+
33+
process {
34+
## Initialize
35+
$result = $true
36+
37+
## Get Graph Command Details
38+
[hashtable] $MgCommandLookup = @{}
39+
foreach ($CommandName in $Name) {
40+
41+
[array] $MgCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $ApiVersion
42+
43+
if ($MgCommands.Count -eq 1) {
44+
$MgCommand = $MgCommands[0]
45+
}
46+
elseif ($MgCommands.Count -gt 1) {
47+
$MgCommand = $MgCommands[0]
48+
## Resolve from multiple results
49+
[array] $MgCommandsWithPermissions = $MgCommands | Where-Object Permissions -NE $null
50+
[array] $MgCommandsWithListPermissions = $MgCommandsWithPermissions | Where-Object URI -NotLike "*}"
51+
[array] $MgCommandsWithGetPermissions = $MgCommandsWithPermissions | Where-Object URI -Like "*}"
52+
if ($MgCommandsWithListPermissions -and $RequireListPermissions) {
53+
$MgCommand = $MgCommandsWithListPermissions[0]
54+
}
55+
elseif ($MgCommandsWithGetPermissions) {
56+
$MgCommand = $MgCommandsWithGetPermissions[0]
57+
}
58+
else {
59+
$MgCommand = $MgCommands[0]
60+
}
61+
}
62+
63+
if ($MgCommand) {
64+
$MgCommandLookup[$MgCommand.Command] = $MgCommand
65+
}
66+
else {
67+
Write-Error "Unable to resolve a specific command for '$CommandName'."
68+
}
69+
}
70+
71+
## Import Required Modules
72+
[string[]] $MgModules = @()
73+
foreach ($MgCommand in $MgCommandLookup.Values) {
74+
if (!$MgModules.Contains($MgCommand.Module)) {
75+
$MgModules += $MgCommand.Module
76+
[string] $ModuleName = "Microsoft.Graph.$($MgCommand.Module)"
77+
try {
78+
if ($MgAuthenticationModuleVersion -lt $MinimumVersion) {
79+
## Check for newer module but load will likely fail due to old Microsoft.Graph.Authentication module
80+
try {
81+
Import-Module $ModuleName -MinimumVersion $MinimumVersion -Scope Global -ErrorAction Stop -Verbose:$false
82+
}
83+
catch [System.IO.FileLoadException] {
84+
$result = $false
85+
Write-Error -Exception $_.Exception -Category ResourceUnavailable -ErrorId 'MgModuleOutOfDate' -Message ("The module '{0}' with minimum version '{1}' was found but currently loaded 'Microsoft.Graph.Authentication' module is version '{2}'. To resolve, try opening a new PowerShell session and running the command again." -f $ModuleName, $MinimumVersion, $MgAuthenticationModuleVersion) -TargetObject $ModuleName -RecommendedAction ("Import-Module {0} -MinimumVersion '{1}'" -f $ModuleName, $MinimumVersion)
86+
}
87+
catch [System.IO.FileNotFoundException] {
88+
$result = $false
89+
Write-Error -Exception $_.Exception -Category ResourceUnavailable -ErrorId 'MgModuleWithVersionNotFound' -Message ("The module '{0}' with minimum version '{1}' not found. To resolve, try installing module '{0}' with the latest version. For example: Install-Module {0} -MinimumVersion '{1}'" -f $ModuleName, $MinimumVersion) -TargetObject $ModuleName -RecommendedAction ("Install-Module {0} -MinimumVersion '{1}'" -f $ModuleName, $MinimumVersion)
90+
}
91+
}
92+
else {
93+
## Load module to match currently loaded Microsoft.Graph.Authentication module
94+
try {
95+
Import-Module $ModuleName -RequiredVersion $MgAuthenticationModuleVersion -Scope Global -ErrorAction Stop -Verbose:$false
96+
}
97+
catch [System.IO.FileLoadException] {
98+
$result = $false
99+
Write-Error -Exception $_.Exception -Category ResourceUnavailable -ErrorId 'MgModuleOutOfDate' -Message ("The module '{0}' was found but is not a compatible version. To resolve, try updating module '{0}' to version '{1}' to match currently loaded modules. For example: Update-Module {0} -RequiredVersion '{1}'" -f $ModuleName, $MgAuthenticationModuleVersion) -TargetObject $ModuleName -RecommendedAction ("Update-Module {0} -RequiredVersion '{1}'" -f $ModuleName, $MgAuthenticationModuleVersion)
100+
}
101+
catch [System.IO.FileNotFoundException] {
102+
$result = $false
103+
Write-Error -Exception $_.Exception -Category ResourceUnavailable -ErrorId 'MgModuleWithVersionNotFound' -Message ("The module '{0}' with version '{1}' not found. To resolve, try installing module '{0}' with version '{1}' to match currently loaded modules. For example: Install-Module {0} -RequiredVersion '{1}'" -f $ModuleName, $MgAuthenticationModuleVersion) -TargetObject $ModuleName -RecommendedAction ("Install-Module {0} -RequiredVersion '{1}'" -f $ModuleName, $MgAuthenticationModuleVersion)
104+
}
105+
}
106+
}
107+
catch {
108+
$result = $false
109+
Write-Error -ErrorRecord $_
110+
}
111+
}
112+
}
113+
Write-Verbose ('Required Microsoft Graph Modules: {0}' -f (($MgModules | ForEach-Object { "Microsoft.Graph.$_" }) -join ', '))
114+
115+
## Check MgModule Connection
116+
$MgContext = Get-MgContext
117+
if ($MgContext) {
118+
if ($MgContext.AuthType -eq 'Delegated') {
119+
## Check MgModule Consented Scopes
120+
foreach ($MgCommand in $MgCommandLookup.Values) {
121+
if ($MgCommand.Permissions -and (!$MgContext.Scopes -or !(Compare-Object $MgCommand.Permissions.Name -DifferenceObject $MgContext.Scopes -ExcludeDifferent -IncludeEqual))) {
122+
$Exception = New-Object System.Security.SecurityException -ArgumentList "Additional scope required for command '$($MgCommand.Command)', call Connect-MgGraph with one of the following scopes: $($MgCommand.Permissions.Name -join ', ')"
123+
Write-Error -Exception $Exception -Category ([System.Management.Automation.ErrorCategory]::PermissionDenied) -ErrorId 'MgScopePermissionRequired'
124+
$result = $false
125+
}
126+
}
127+
}
128+
else {
129+
## Check MgModule Consented Scopes
130+
foreach ($MgCommand in $MgCommandLookup.Values) {
131+
if ($MgCommand.Permissions -and (!$MgContext.Scopes -or !(Compare-Object $MgCommand.Permissions.Name -DifferenceObject $MgContext.Scopes -ExcludeDifferent -IncludeEqual))) {
132+
Write-Warning "Additional scope may be required for command '$($MgCommand.Command), add and consent ClientId '$($MgContext.ClientId)' to one of the following app scopes: $($MgCommand.Permissions.Name -join ', ')"
133+
}
134+
}
135+
}
136+
}
137+
else {
138+
$Exception = New-Object System.Security.Authentication.AuthenticationException -ArgumentList "Authentication needed, call Connect-MgGraph."
139+
Write-Error -Exception $Exception -Category ([System.Management.Automation.ErrorCategory]::AuthenticationError) -CategoryReason 'AuthenticationException' -ErrorId 'MgAuthenticationRequired'
140+
$result = $false
141+
}
142+
143+
return $result
144+
}
145+
}

0 commit comments

Comments
 (0)