From 9a778be0423175e88962b609b9e26d00a8af998f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 21 Aug 2024 22:21:35 +0200
Subject: [PATCH 1/3] Fix Bobby and his damn custom error messages!

---
 .../CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
index 35eb01b0cbf5..593035bbf4a0 100644
--- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
+++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
@@ -45,7 +45,7 @@ function Invoke-CIPPStandardNudgeMFA {
         Return
     }
     # Input validation
-    if (($Settings.snoozeDurationInDays -lt 0 -or $Settings.snoozeDurationInDays -gt 15) -and ($Settings.remediate -eq $true -or $Settings.alert -eq $true)) {
+    if (([Int32]$Settings.snoozeDurationInDays -lt 0 -or [Int32]$Settings.snoozeDurationInDays -gt 15) -and ($Settings.remediate -eq $true -or $Settings.alert -eq $true)) {
         Write-LogMessage -API 'Standards' -tenant $tenant -message 'NudgeMFA: Invalid snoozeDurationInDays parameter set' -sev Error
         Return
     }

From d2f73542181da70c9d40475b6f2240aa8e656e73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 24 Aug 2024 15:45:57 +0200
Subject: [PATCH 2/3] Add ExecRemoveMailboxRule entrypoint and refactor
 Remove-CIPPRules to work with current and new code

---
 .../Invoke-ExecRemoveMailboxRule.ps1          | 41 ++++++++++++++++
 .../Public/Invoke-CIPPOffboardingJob.ps1      |  2 +-
 .../Public/Remove-CIPPMailboxRule.ps1         | 48 +++++++++++++++++++
 Modules/CIPPCore/Public/Remove-CIPPRules.ps1  | 30 ------------
 4 files changed, 90 insertions(+), 31 deletions(-)
 create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1
 create mode 100644 Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
 delete mode 100644 Modules/CIPPCore/Public/Remove-CIPPRules.ps1

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1
new file mode 100644
index 000000000000..0bbc95cf9af8
--- /dev/null
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
@@ -0,0 +1,41 @@
+using namespace System.Net
+
+Function Invoke-ExecRemoveMailboxRule {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Exchange.Mailbox.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = 'Remove mailbox rule'
+    $TenantFilter = $Request.Query.TenantFilter
+    $RuleName = $Request.Query.ruleName
+    $RuleId = $Request.Query.ruleId
+    $Username = $Request.Query.userPrincipalName
+
+    $User = $request.headers.'x-ms-client-principal'
+    Write-LogMessage -user $User -API $APINAME -tenant $TenantFilter -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Remove the rule
+    # Write-LogMessage -user $User -API $APINAME -tenant $TenantFilter -message "Tried to remove rule from user $Username from tenant $TenantFilter with name $RuleName" -Sev 'Info'
+    $Results = Remove-CIPPMailboxRule -userid $User -username $Username -TenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $User -RuleId $RuleId -RuleName $RuleName
+
+    if ($Results -like '*Could not delete*') {
+        $StatusCode = [HttpStatusCode]::Forbidden
+    } else {
+        $StatusCode = [HttpStatusCode]::OK
+    }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @{ Results = $Results }
+        })
+
+}
diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
index d711e4fe42b5..f404764897db 100644
--- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
+++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
@@ -66,7 +66,7 @@ function Invoke-CIPPOffboardingJob {
 
         { $_.'removeRules' -eq 'true' } {
             Write-Host "Removing rules for $username"
-            Remove-CIPPRules -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName
+            Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -RemoveAllRules
         }
 
         { $_.'removeMobile' -eq 'true' } {
diff --git a/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1 b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
new file mode 100644
index 000000000000..f4e04b436119
--- /dev/null
+++ b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
@@ -0,0 +1,48 @@
+function Remove-CIPPMailboxRule {
+    [CmdletBinding()]
+    param (
+        $userid,
+        $username,
+        $TenantFilter,
+        $APIName = 'Mailbox Rules Removal',
+        $ExecutingUser,
+        $RuleId,
+        [string]$RuleName,
+        [switch]$RemoveAllRules
+    )
+
+    if ($RemoveAllRules.IsPresent -eq $true) {
+        # Delete all rules
+        try {
+            Write-Host "Checking rules for $username"
+            $rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-InboxRule' -cmdParams @{Mailbox = $username; IncludeHidden = $true } | Where-Object { $_.Name -ne 'Junk E-Mail Rule' }
+            Write-Host "$($rules.count) rules found"
+            if ($null -eq $rules) {
+                Write-LogMessage -user $ExecutingUser -API $APIName -message "No Rules for $($username) to delete" -Sev 'Info' -tenant $TenantFilter
+                return "No rules for $($username) to delete"
+            } else {
+                ForEach ($rule in $rules) {
+                    New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $rule.Identity }
+                }
+                Write-LogMessage -user $ExecutingUser -API $APIName -message "Deleted Rules for $($username)" -Sev 'Info' -tenant $TenantFilter
+                return "Deleted Rules for $($username)"
+            }
+        } catch {
+            $ErrorMessage = Get-CippException -Exception $_
+            Write-LogMessage -user $ExecutingUser -API $APIName -message "Could not delete rules for $($username): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+            return "Could not delete rules for $($username). Error: $($ErrorMessage.NormalizedError)"
+        }
+    } else {
+        # Only delete 1 rule
+        try {
+            $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $RuleId }
+            Write-LogMessage -user $ExecutingUser -API $APIName -message "Deleted mailbox rule for $($username)" -Sev 'Info' -tenant $TenantFilter
+            return "Deleted mailbox rule $RuleName for $username"
+        } catch {
+            $ErrorMessage = Get-CippException -Exception $_
+            Write-LogMessage -user $ExecutingUser -API $APIName -message "Could not delete rule for $($username): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+            return "Could not delete rule for $($username). Error: $($ErrorMessage.NormalizedError)"
+        }
+    }
+}
+
diff --git a/Modules/CIPPCore/Public/Remove-CIPPRules.ps1 b/Modules/CIPPCore/Public/Remove-CIPPRules.ps1
deleted file mode 100644
index 874a425ccd0f..000000000000
--- a/Modules/CIPPCore/Public/Remove-CIPPRules.ps1
+++ /dev/null
@@ -1,30 +0,0 @@
-function Remove-CIPPRules {
-    [CmdletBinding()]
-    param (
-        $userid,
-        $username,
-        $TenantFilter,
-        $APIName = 'Rules Removal',
-        $ExecutingUser
-    )
-
-    try {
-        Write-Host "Checking rules for $username"
-        $rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-InboxRule' -cmdParams @{Mailbox = $username; IncludeHidden = $true } | Where-Object { $_.Name -ne 'Junk E-Mail Rule' }
-        Write-Host "$($rules.count) rules found"
-        if ($null -eq $rules) {
-            Write-LogMessage -user $ExecutingUser -API $APIName -message "No Rules for $($username) to delete" -Sev 'Info' -tenant $TenantFilter
-            return "No rules for $($username) to delete"
-        } else {
-            ForEach ($rule in $rules) {
-                New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $rule.Identity }
-            }
-            Write-LogMessage -user $ExecutingUser -API $APIName -message "Deleted Rules for $($username)" -Sev 'Info' -tenant $TenantFilter
-            return "Deleted Rules for $($username)"
-        }
-    } catch {
-        $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -user $ExecutingUser -API $APIName -message "Could not delete rules for $($username): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return "Could not delete rules for $($username). Error: $($ErrorMessage.NormalizedError)"
-    }
-}

From 97997fc42d14fdd8152aa5f95ecfa9d7908cece8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 24 Aug 2024 16:15:22 +0200
Subject: [PATCH 3/3] chore: Remove commented out code and improve logging in
 Remove-CIPPMailboxRule

---
 .../Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1         | 1 -
 Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1          | 6 +++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1
index 0bbc95cf9af8..a747ac432e33 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
@@ -23,7 +23,6 @@ Function Invoke-ExecRemoveMailboxRule {
     Write-Host 'PowerShell HTTP trigger function processed a request.'
 
     # Remove the rule
-    # Write-LogMessage -user $User -API $APINAME -tenant $TenantFilter -message "Tried to remove rule from user $Username from tenant $TenantFilter with name $RuleName" -Sev 'Info'
     $Results = Remove-CIPPMailboxRule -userid $User -username $Username -TenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $User -RuleId $RuleId -RuleName $RuleName
 
     if ($Results -like '*Could not delete*') {
diff --git a/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1 b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
index f4e04b436119..95695c388ac3 100644
--- a/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
+++ b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
@@ -7,7 +7,7 @@ function Remove-CIPPMailboxRule {
         $APIName = 'Mailbox Rules Removal',
         $ExecutingUser,
         $RuleId,
-        [string]$RuleName,
+        $RuleName,
         [switch]$RemoveAllRules
     )
 
@@ -36,8 +36,8 @@ function Remove-CIPPMailboxRule {
         # Only delete 1 rule
         try {
             $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $RuleId }
-            Write-LogMessage -user $ExecutingUser -API $APIName -message "Deleted mailbox rule for $($username)" -Sev 'Info' -tenant $TenantFilter
-            return "Deleted mailbox rule $RuleName for $username"
+            Write-LogMessage -user $ExecutingUser -API $APIName -message "Deleted mailbox rule $($RuleName) for $($username)" -Sev 'Info' -tenant $TenantFilter
+            return "Deleted mailbox rule $($RuleName) for $($username)"
         } catch {
             $ErrorMessage = Get-CippException -Exception $_
             Write-LogMessage -user $ExecutingUser -API $APIName -message "Could not delete rule for $($username): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage