Merge pull request #51 from kayasax/reporting

V1.6.2
kayasax · Jun 5, 2024 · bd59776 · bd59776
2 parents fdd2744 + 185cc5e
commit bd59776
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 4 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
 LOGS
 TEST
+TESTS
 EXPORTS
 *.csv
 TestResults
diff --git a/EasyPIM/EasyPIM.psd1 b/EasyPIM/EasyPIM.psd1
@@ -4,7 +4,7 @@
 RootModule = 'EasyPIM.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.6.1'
+ModuleVersion = '1.6.2'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/EasyPIM/functions/Set-PIMEntraRolePolicy.ps1 b/EasyPIM/functions/Set-PIMEntraRolePolicy.ps1
@@ -140,7 +140,7 @@ function Set-PIMEntraRolePolicy {
         }
         $p = $p -join ', '
 
-        log "Function Set-PIMEntraRolePolicy is starting with parameters: $p" -noEcho
+        write-verbose "Function Set-PIMEntraRolePolicy is starting with parameters: $p"
 
         $script:tenantID=$tenantID
 

diff --git a/EasyPIM/functions/Show-PIMReport.ps1 b/EasyPIM/functions/Show-PIMReport.ps1
@@ -22,7 +22,12 @@ function Show-PIMReport {
         [Parameter(Position = 0, Mandatory = $true)]
         [System.String]
         # Tenant ID
-        $tenantID
+        $tenantID,
+        [Parameter(Position = 1, Mandatory = $false)]
+        [System.String]
+        # upn of the user
+        $upn
+
     )
     try {
         $Script:tenantID = $tenantID
@@ -32,7 +37,6 @@ function Show-PIMReport {
         #$top = 100
         $endpoint = "auditlogs/directoryAudits?`$filter=loggedByService eq 'PIM'" #&`$top=$top"
         $result = invoke-graph -Endpoint $endpoint -Method "GET"
-
         $allresults += $result.value
 
         if ($result."@odata.nextLink") {
@@ -48,6 +52,17 @@ function Show-PIMReport {
 
         #filter activities from the PIM service and completed activities
         $allresults = $allresults | Where-Object { $null -ne $_.initiatedby.values.userprincipalname } | Where-Object { $_.activityDisplayName -notmatch "completed" }
+
+        #check if upn parameter is set using psboundparameters
+        if ($PSBoundParameters.ContainsKey('upn')) {
+            Write-Verbose "Filtering activities for $upn"
+            $allresults = $allresults | Where-Object {$_.initiatedby.values.userprincipalname -eq $upn}
+            if ($allresults.count -eq 0) {
+                Write-Warning "No activity found for $upn"
+                return
+            }
+        }
+
         $Myoutput = @()
 
         $allresults | ForEach-Object {

diff --git a/EasyPIM/internal/functions/get-EntraRoleConfig.ps1 b/EasyPIM/internal/functions/get-EntraRoleConfig.ps1
@@ -22,6 +22,10 @@ function Get-EntraRoleConfig ($rolename) {
         $response = invoke-graph -Endpoint $endpoint
         $roleID = $response.value.Id
         Write-Verbose "roleID = $roleID"
+        if($null -eq $roleID){
+            Throw "ERROR: Role $rolename not found"
+            return
+        }
 
         # 2 Get PIM policyID for that role
         $endpoint = "policies/roleManagementPolicyAssignments?`$filter=scopeId eq '/' and scopeType eq 'DirectoryRole' and roleDefinitionId eq '$roleID'"