npm - @pnp/cli-microsoft365 - Versions diffs - 10.3.0-beta.d1b978f → 10.3.0-beta.f5e6f85 - Mend

@pnp/cli-microsoft365 10.3.0-beta.d1b978f → 10.3.0-beta.f5e6f85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/.eslintrc.cjs +1 -0
package/allCommands.json +1 -1
package/allCommandsFull.json +1 -1
package/dist/config.js +1 -0
package/dist/m365/entra/commands/pim/pim-role-assignment-remove.js +186 -0
package/dist/m365/entra/commands/roledefinition/roledefinition-add.js +58 -0
package/dist/m365/entra/commands/roledefinition/roledefinition-set.js +84 -0
package/dist/m365/entra/commands.js +3 -0
package/dist/m365/exo/commands/approleassignment/approleassignment-add.js +235 -0
package/dist/m365/exo/commands.js +5 -0
package/dist/m365/outlook/commands/mailbox/mailbox-settings-set.js +163 -0
package/dist/m365/outlook/commands.js +1 -0
package/dist/m365/pp/commands/website/website-get.js +60 -0
package/dist/m365/pp/commands.js +2 -1
package/dist/m365/spo/commands/folder/folder-roleassignment-add.js +0 -13
package/dist/m365/tenant/commands/people/people-pronouns-set.js +46 -0
package/dist/m365/tenant/commands.js +1 -0
package/dist/utils/customAppScope.js +29 -0
package/dist/utils/entraServicePrincipal.js +46 -0
package/dist/utils/powerPlatform.js +38 -0
package/dist/utils/roleDefinition.js +23 -0
package/dist/utils/validation.js +4 -0
package/docs/docs/cmd/entra/pim/pim-role-assignment-remove.mdx +197 -0
package/docs/docs/cmd/entra/roledefinition/roledefinition-add.mdx +127 -0
package/docs/docs/cmd/entra/roledefinition/roledefinition-set.mdx +60 -0
package/docs/docs/cmd/exo/approleassignment/approleassignment-add.mdx +170 -0
package/docs/docs/cmd/outlook/mailbox/mailbox-settings-set.mdx +166 -0
package/docs/docs/cmd/pp/website/website-get.mdx +153 -0
package/docs/docs/cmd/tenant/people/people-pronouns-set.mdx +82 -0
package/npm-shrinkwrap.json +54 -74
package/package.json +9 -9

package/docs/docs/cmd/entra/pim/pim-role-assignment-remove.mdx ADDED Viewed

@@ -0,0 +1,197 @@
+import Global from '/docs/cmd/_global.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+# entra pim role assignment remove
+Request deactivation of an Entra role assignment for a user or group.
+## Usage
+```sh
+m365 entra pim role assignment remove [options]
+```
+## Options
+```md definition-list
+`-n, --roleDefinitionName [roleDefinitionName]`
+: Name of the role definition that should be assigned. Specify either `roleDefinitionName` or `roleDefinitionId` but not both.
+`-i, --roleDefinitionId [roleDefinitionId]`
+: Id of the role definition that is being assigned. Specify either `roleDefinitionName` or `roleDefinitionId` but not both.
+`--userId [userId]`
+: Id of the user that will be granted the assignment. Specify either `userId`, `userName`, `groupId` or `groupName`. If not specified, the current user will be used.
+`--userName [userName]`
+: UPN of the user that will be granted the assignment. Specify either `userId`, `userName`, `groupId` or `groupName`. If not specified, the current user will be used.
+`--groupId [groupId]`
+: Id of the group that will be granted the assignment. Specify either `userId`, `userName`, `groupId` or `groupName`. If not specified, the current user will be used.
+`--groupName [groupName]`
+: Display name of the group that will be granted the assignment. Specify either `userId`, `userName`, `groupId` or `groupName`. If not specified, the current user will be used.
+`--administrativeUnitId [administrativeUnitId]`
+: Id of the administrative unit representing the scope of the assignment. Specify either `administrativeUnitId` or `applicationId`. If not specified, default scope will be tenant-wide.
+`--applicationId [applicationId]`
+: Object Id of the application representing the scope of the assignment. Specify either `administrativeUnitId` or `applicationId`. If not specified, default scope will be tenant-wide.
+`-j, --justification [justification]`
+: An optional justification message.
+`--ticketNumber [ticketNumber]`
+: Optional ticket number value to communicate with the request.
+`--ticketSystem [ticketSystem]`
+: Optional ticket system to communicate with the request.
+```
+<Global />
+## Remarks
+:::info
+When deactivating a role for other users, you must be **Privileged Role Administrator**.
+:::
+## Examples
+Request deactivation of the SharePoint Administrator Entra role assignment for the current user.
+```sh
+m365 entra pim role assignment remove --roleDefinitionName 'SharePoint Administrator'
+```
+Request deactivation of an Entra role assignment for the current user.
+```sh
+m365 entra pim role assignment remove --roleDefinitionId 'f1417aa3-bf0b-4cc5-a845-a0b2cf11f690'
+```
+Request deactivation of an Entra role assignment for the current user with a justification
+```sh
+m365 entra pim role assignment remove --roleDefinitionId 'f1417aa3-bf0b-4cc5-a845-a0b2cf11f690' --justification 'Need Global Admin to release application xyz to production'
+```
+Request deactivation of an Entra role assignment for a specified user with tenant scope.
+```sh
+m365 entra pim role assignment remove --roleDefinitionId 'f1417aa3-bf0b-4cc5-a845-a0b2cf11f690' --userId '3488d6b8-6b2e-41c3-9583-1991205323c2'
+```
+Request deactivation of the User Administrator Entra role assignment for a specified group with administrative unit scope.
+```sh
+m365 entra pim role assignment remove --roleDefinitionName 'User Administrator' --groupId '3488d6b8-6b2e-41c3-9583-1991205323c2' --administrativeUnitId '03c4c9dc-6f0c-4c4f-a4e6-0c9ed80f54c7'
+```
+Request deactivation of the Application Administrator Entra role assignment for a specified group with scope to a specific application.
+```sh
+m365 entra pim role assignment remove --roleDefinitionName 'Application Administrator' --groupName 'Applications admins' --applicationId '03c4c9dc-6f0c-4c4f-a4e6-0c9ed80f54c7'
+```
+## Response
+<Tabs>
+  <TabItem value="JSON">
+  ```json
+  {
+    "id": "3f7d1bd6-a9a5-45bc-b831-00cfa3e3c649",
+    "status": "Revoked",
+    "createdDateTime": "2024-07-30T12:08:29.7734603Z",
+    "completedDateTime": null,
+    "approvalId": null,
+    "customData": null,
+    "action": "adminRemove",
+    "principalId": "61b0c52f-a902-4769-9a09-c6628335b00a",
+    "roleDefinitionId": "f28a1f50-f6e7-4571-818b-6a12f2af6b6c",
+    "directoryScopeId": "/",
+    "appScopeId": null,
+    "isValidationOnly": false,
+    "targetScheduleId": null,
+    "justification": "Removing SharePoint Administrator role",
+    "createdBy": {
+      "application": null,
+      "device": null,
+      "user": {
+        "displayName": null,
+        "id": "893f9116-e024-4bc6-8e98-54c245129485"
+      }
+    },
+    "scheduleInfo": null,
+    "ticketInfo": {
+      "ticketNumber": null,
+      "ticketSystem": null
+    }
+  }
+  ```
+  </TabItem>
+  <TabItem value="Text">
+  ```text
+  action           : adminRemove
+  appScopeId       : null
+  approvalId       : null
+  completedDateTime: null
+  createdBy        : null
+  createdDateTime  : 2024-07-30T12:08:29.7734603Z
+  customData       : null
+  directoryScopeId : /
+  id               : c221e106-0711-470a-83cf-f8d7cbc51ecd
+  isValidationOnly : false
+  justification    : Removing SharePoint Administrator role
+  principalId      : 61b0c52f-a902-4769-9a09-c6628335b00a
+  roleDefinitionId : f28a1f50-f6e7-4571-818b-6a12f2af6b6c
+  scheduleInfo     : null
+  status           : Revoked
+  targetScheduleId : c221e106-0711-470a-83cf-f8d7cbc51ecd
+  ticketInfo       : {"ticketNumber":null,"ticketSystem":null}
+  ```
+  </TabItem>
+  <TabItem value="CSV">
+  ```csv
+  id,status,createdDateTime,completedDateTime,approvalId,customData,action,principalId,roleDefinitionId,directoryScopeId,appScopeId,isValidationOnly,targetScheduleId,justification
+  7d727f44-c2dd-459e-8665-99ce003d12a9,Revoked,2024-07-30T12:08:29.7734603Z,,,,adminRemove,61b0c52f-a902-4769-9a09-c6628335b00a,f28a1f50-f6e7-4571-818b-6a12f2af6b6c,/,,,7d727f44-c2dd-459e-8665-99ce003d12a9,Removing SharePoint Administrator role
+  ```
+  </TabItem>
+  <TabItem value="Markdown">
+  ```md
+  # entra pim roleassignment remove --roleDefinitionId "f28a1f50-f6e7-4571-818b-6a12f2af6b6c" --userId "61b0c52f-a902-4769-9a09-c6628335b00a" --justification "Removing SharePoint Administrator role"
+  Date: 7/30/2024
+  ## 7622802f-648b-4dd9-820f-dccaf8bbbab5
+  Property | Value
+  ---------|-------
+  id | 7622802f-648b-4dd9-820f-dccaf8bbbab5
+  status | Revoked
+  createdDateTime | 2024-07-30T12:08:29.7734603Z
+  action | adminRemove
+  principalId | 61b0c52f-a902-4769-9a09-c6628335b00a
+  roleDefinitionId | f28a1f50-f6e7-4571-818b-6a12f2af6b6c
+  directoryScopeId | /
+  isValidationOnly | false
+  targetScheduleId | 7622802f-648b-4dd9-820f-dccaf8bbbab5
+  justification | Removing SharePoint Administrator role
+  ```
+  </TabItem>
+</Tabs>
+## More information
+- Role assignment request: https://learn.microsoft.com/graph/api/rbacapplication-post-roleassignmentschedulerequests

package/docs/docs/cmd/entra/roledefinition/roledefinition-add.mdx ADDED Viewed

@@ -0,0 +1,127 @@
+import Global from '/docs/cmd/_global.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+# entra roledefinition add
+Creates a custom Microsoft Entra ID role definition
+## Usage
+```sh
+m365 entra roledefinition add [options]
+```
+## Options
+```md definition-list
+`-n, --displayName <displayName>`
+: The display name for the role definition.
+`-a, --allowedResourceActions <allowedResourceActions>`
+: Comma-separated list of resource actions allowed for the role.
+`-d, --description [description]`
+: The description for the role definition.
+`-e, --enabled [enabled]`
+: Indicates if the role is enabled for the assignment. If not specified, the role is enabled by default.
+`-v, --version [version]`
+: The version of the role definition.
+```
+<Global />
+## Examples
+Create a custom Microsoft Entra ID role
+```sh
+m365 entra roledefinition add --displayName 'Application Remover' --description 'Allows to remove any Entra ID application' --allowedResourceActions 'microsoft.directory/applications/delete'
+```
+Create a custom Microsoft Entra ID role, but disable it for the assignment
+```sh
+m365 entra roledefinition add --displayName 'Application Remover' --version '1.0' --enabled false --allowedResourceActions 'microsoft.directory/applications/delete,microsoft.directory/applications/owners/update'
+```
+## Response
+<Tabs>
+  <TabItem value="JSON">
+  ```json
+  {
+    "id": "3844129d-f748-4c03-8165-4412ee9b4ceb",
+    "description": null,
+    "displayName": "Custom Role",
+    "isBuiltIn": false,
+    "isEnabled": true,
+    "resourceScopes": [
+      "/"
+    ],
+    "templateId": "3844129d-f748-4c03-8165-4412ee9b4ceb",
+    "version": "1",
+    "rolePermissions": [
+      {
+        "allowedResourceActions": [
+          "microsoft.directory/groups.unified/create",
+          "microsoft.directory/groups.unified/delete"
+        ],
+        "condition": null
+      }
+    ]
+  }
+  ```
+  </TabItem>
+  <TabItem value="Text">
+  ```text
+  description    : null
+  displayName    : Custom Role
+  id             : 3844129d-f748-4c03-8165-4412ee9b4ceb
+  isBuiltIn      : false
+  isEnabled      : true
+  resourceScopes : ["/"]
+  rolePermissions: [{"allowedResourceActions":["microsoft.directory/groups.unified/create","microsoft.directory/groups.unified/delete"],"condition":null}]
+  templateId     : 3844129d-f748-4c03-8165-4412ee9b4ceb
+  version        : 1
+  ```
+  </TabItem>
+  <TabItem value="CSV">
+  ```csv
+  id,description,displayName,isBuiltIn,isEnabled,templateId,version
+  3844129d-f748-4c03-8165-4412ee9b4ceb,,Custom Role,0,1,3844129d-f748-4c03-8165-4412ee9b4ceb,1
+  ```
+  </TabItem>
+  <TabItem value="Markdown">
+  ```md
+  # entra roledefinition add --displayName "Custom Role" --allowedResourceActions "microsoft.directory/groups.unified/create,microsoft.directory/groups.unified/delete" --version 1
+  Date: 12/15/2024
+  ## Custom Role (3844129d-f748-4c03-8165-4412ee9b4ceb)
+  Property | Value
+  ---------|-------
+  id | 3844129d-f748-4c03-8165-4412ee9b4ceb
+  displayName | Custom Role
+  isBuiltIn | false
+  isEnabled | true
+  templateId | 3844129d-f748-4c03-8165-4412ee9b4ceb
+  version | 1
+  ```
+  </TabItem>
+</Tabs>
+## More information
+- https://learn.microsoft.com/graph/api/rbacapplication-post-roledefinitions

package/docs/docs/cmd/entra/roledefinition/roledefinition-set.mdx ADDED Viewed

@@ -0,0 +1,60 @@
+import Global from '/docs/cmd/_global.mdx';
+# entra roledefinition set
+Updates a custom Microsoft Entra ID role definition
+## Usage
+```sh
+m365 entra roledefinition set [options]
+```
+## Options
+```md definition-list
+`-i, --id [id]`
+: The id of the role definition to be updated. Specify either `id` or `displayName`, but not both.
+`-n, --displayName [displayName]`
+: The display name of the role definition to be updated. Specify either `id` or `displayName`, but not both.
+`--newDisplayName [newDisplayName]`
+: Updated display name for the role definition.
+`-d, --description [description]`
+: Updated description for the role definition.
+`-e, --enabled [enabled]`
+: Indicates if the role is enabled for the assignment.
+`a-, --allowedResourceActions [allowedResourceActions]`
+: Updated comma-separated list of resource actions allowed for the role.
+`-v, --version [version]`
+: Updated version of the role definition.
+```
+<Global />
+## Examples
+Update a custom Microsoft Entra ID role specified by the id
+```sh
+m365 entra roledefinition set --id fadbc488-151d-4431-9143-6abbffae759f --newDisplayName 'Application Remover' --description 'Allows to remove any Entra ID application' --allowedResourceActions 'microsoft.directory/applications/delete'
+```
+Update a custom Microsoft Entra ID role specified by the display name
+```sh
+m365 entra roledefinition set --displayName 'Application Remover' --version '1.0' --enabled true --allowedResourceActions 'microsoft.directory/applications/delete,microsoft.directory/applications/owners/update'
+```
+## Response
+The command won't return a response on success
+## More information
+- https://learn.microsoft.com/graph/api/rbacapplication-post-roledefinitions

package/docs/docs/cmd/exo/approleassignment/approleassignment-add.mdx ADDED Viewed

@@ -0,0 +1,170 @@
+import Global from '/docs/cmd/_global.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+# exo approleassignment add
+Grants permissions to an application that's accessing data in Exchange Online and specify which mailboxes an app can access.
+## Usage
+```sh
+m365 exo approleassignment add [options]
+```
+## Options
+```md definition-list
+`--roleDefinitionId [roleDefinitionId]`
+: Id of a role to be assigned. Specify either `roleDefinitionId` or `roleDefinitionName`, but not both.
+`--roleDefinitionName [roleDefinitionName]`
+: Name of a role to be assigned. Specify either `roleDefinitionId` or `roleDefinitionName`, but not both.
+`--principalId [principalId]`
+: Id of a service principal to which the assignment is granted. Specify either `principalId` or `principalName`, but not both.
+`--principalName [principalName]`
+: Name of a service principal to which the assignment is granted. Specify either `principalId` or `principalName`, but not both.
+`-s, --scope <scope>`
+: Scope of the roleassignment. Allowed values are: `tenant`, `administrativeUnit`, `group`, `user`, `custom`.
+`--userId [userId]`
+: Id of a user to which the assignment is scoped. Specify either `userId` or `userName` when scope is set to `user`.
+`--userName [userName]`
+: UPN of a user to which the assignment is scoped. Specify either `userId` or `userName` when scope is set to `user`.
+`--groupId [groupId]`
+: Id of a group to which the assignment is scoped. Specify either `groupId` or `groupName` when scope is set to `group`.
+`--groupName [groupName]`
+: Name of a group to which the assignment is scoped. Specify either `groupId` or `groupName` when scope is set to `group`.
+`--administrativeUnitId [administrativeUnitId]`
+: Id of an administrative unit to which the assignment is scoped. Specify either `administrativeUnitId` or `administrativeUnitName` when scope is set to `administrativeUnit`.
+`--administrativeUnitName [administrativeUnitName]`
+: Name of an administrative unit to which the assignment is scoped. Specify either `administrativeUnitId` or `administrativeUnitName` when scope is set to `administrativeUnit`.
+`--customAppScopeId [customAppScopeId]`
+: Id of a custom application scope to which the assignment is scoped. Specify either `customAppScopeId` or `customAppScopeName` when scope is set to `custom`.
+`--customAppScopeName [customAppScopeName]`
+: Name of a custom application scope to which the assignment is scoped. Specify either `customAppScopeId` or `customAppScopeName` when scope is set to `custom`.
+```
+<Global />
+## Remarks
+:::info
+To use this command you must be at least **Privileged Role Administrator**.
+:::
+## Examples
+Assign a role specified by id to a service principal specified by id and scope the assignment to the whole tenant
+```sh
+m365 exo approleassignment add --roleDefinitionId 777b752-f9b7-4205-a2b1-5db0d6a0ccfc --principalId 7a2ca997-9461-402e-9882-58088a370889 --scope tenant
+```
+Assign a role specified by id to a service principal specified by id and scope the assignment to a user specified by id
+```sh
+m365 exo approleassignment add --roleDefinitionId 777b752-f9b7-4205-a2b1-5db0d6a0ccfc --principalId 7a2ca997-9461-402e-9882-58088a370889 --scope user --userId a4738dd8-fc0f-4646-87fb-47539f5c651b
+```
+Assign a role specified by name to a service principal specified by name and scope the assignment to a group specified by name
+```sh
+m365 exo approleassignment add --roleDefinitionName 'Application Contacts.ReadWrite' --principalName 'ContactsSyncApp' --scope group --groupName 'Marketing'
+```
+Assign a role specified by name to a service principal specified by id and scope the assignment to an administrative unit specified by name
+```sh
+m365 exo approleassignment add --roleDefinitionName 'Application Calendars.Read' --principalId fa631c4d-ac9f-4884-a7f5-13c659d177e3 --scope administrativeUnit --administrativeUnitName 'Equipment - EMEA'
+```
+## Response
+<Tabs>
+  <TabItem value="JSON">
+  ```json
+  {
+    "id": "6615d221-3834-4f8f-bbc9-7d0d23620a8e",
+    "principalId": "/ServicePrincipals/e483a0d9-8440-455e-8f9a-b9cac6b8b0ef",
+    "roleDefinitionId": "1f704712-7d46-481f-b2cd-dbcc978c4f2a",
+    "directoryScopeId": "/",
+    "appScopeId": null
+  }
+  ```
+  </TabItem>
+  <TabItem value="Text">
+  ```text
+  appScopeId      : null
+  directoryScopeId: /
+  id              : 6615d221-3834-4f8f-bbc9-7d0d23620a8e
+  principalId     : /ServicePrincipals/e483a0d9-8440-455e-8f9a-b9cac6b8b0ef
+  roleDefinitionId: 1f704712-7d46-481f-b2cd-dbcc978c4f2a
+  ```
+  </TabItem>
+  <TabItem value="CSV">
+  ```csv
+  id,principalId,roleDefinitionId,directoryScopeId,appScopeId
+  6615d221-3834-4f8f-bbc9-7d0d23620a8e,/ServicePrincipals/e483a0d9-8440-455e-8f9a-b9cac6b8b0ef,1f704712-7d46-481f-b2cd-dbcc978c4f2a,/,
+  ```
+  </TabItem>
+  <TabItem value="Markdown">
+  ```md
+  # exo approleassignment add --debug "false" --verbose "false" --roleDefinitionId "1f704712-7d46-481f-b2cd-dbcc978c4f2a" --principalId "e483a0d9-8440-455e-8f9a-b9cac6b8b0ef" --scope tenant
+  Date: 10/3/2024
+  ## 6615d221-3834-4f8f-bbc9-7d0d23620a8e
+  Property | Value
+  ---------|-------
+  id | 6615d221-3834-4f8f-bbc9-7d0d23620a8e
+  principalId | /ServicePrincipals/e483a0d9-8440-455e-8f9a-b9cac6b8b0ef
+  roleDefinitionId | 1f704712-7d46-481f-b2cd-dbcc978c4f2a
+  directoryScopeId | /
+  ```
+  </TabItem>
+</Tabs>
+## More information
+- Role assignment: https://learn.microsoft.com/graph/api/rbacapplication-post-roleassignments?view=graph-rest-beta
+The table below lists the available roles and their corresponding ids that are accepted by the `roleDefinitionId` and `roleDefinitionName` parameters.
+|Role Definition Id | Role Definition Name |
+| --- | --- |
+|1f704712-7d46-481f-b2cd-dbcc978c4f2a|Application Mail.Read|
+|3eca55c8-0e73-4c12-81bf-526549f2e5a3|Application Mail.ReadBasic|
+|82fd214e-61ca-4dc7-98f6-090700bdb205|Application Mail.ReadWrite|
+|8679f4ff-c91d-40d0-809c-c86d114821a5|Application Mail.Send|
+|c40299e0-2107-455f-85dd-6e8862c3a0cc|Application MailboxSettings.Read|
+|459cb245-07c5-44f1-8133-3da40b4b6197|Application MailboxSettings.ReadWrite|
+|a3123d4e-4256-4ad0-bef0-205a00807fae|Application Calendars.Read|
+|b92761c0-5311-4908-92ca-2c1f8c71aa1c|Application Calendars.ReadWrite|
+|9b87c446-d3c1-4146-9d39-45ae63b4eeb7|Application Contacts.Read|
+|265cabb3-13d9-4e05-b2cd-460cfa7ad3cc|Application Contacts.ReadWrite|
+|b49ae303-7a8f-4ba1-aa37-27b40461aabb|Application Mail Full Access|
+|48d6a78c-0681-4d73-acec-9f9ffad56ddb|Application Exchange Full Access|
+More info about supported application roles: https://learn.microsoft.com/exchange/permissions-exo/application-rbac#supported-application-roles