@pnp/cli-microsoft365 7.4.0 → 7.5.0-beta.0ae7da4

package/dist/m365/app/commands/app-get.js

@@ -1,5 +1,5 @@
 import { cli } from '../../../cli/cli.js';
-import aadAppGetCommand from '../../entra/commands/app/app-get.js';
+import entraAppGetCommand from '../../entra/commands/app/app-get.js';
 import AppCommand from '../../base/AppCommand.js';
 import commands from '../commands.js';
 class AppGetCommand extends AppCommand {
@@ -17,7 +17,7 @@ class AppGetCommand extends AppCommand {
             verbose: args.options.verbose
         };
         try {
-            const appGetOutput = await cli.executeCommandWithOutput(aadAppGetCommand, { options: { ...options, _: [] } });
+            const appGetOutput = await cli.executeCommandWithOutput(entraAppGetCommand, { options: { ...options, _: [] } });
             if (this.verbose) {
                 await logger.logToStderr(appGetOutput.stderr);
             }

package/dist/m365/entra/aadCommands.js

@@ -20,6 +20,7 @@ export default {
     APPROLEASSIGNMENT_ADD: `${prefix} approleassignment add`,
     APPROLEASSIGNMENT_LIST: `${prefix} approleassignment list`,
     APPROLEASSIGNMENT_REMOVE: `${prefix} approleassignment remove`,
+    GROUP_ADD: `${prefix} group add`,
     GROUP_GET: `${prefix} group get`,
     GROUP_LIST: `${prefix} group list`,
     GROUP_REMOVE: `${prefix} group remove`,

package/dist/m365/entra/commands/administrativeunit/administrativeunit-get.js

@@ -8,7 +8,7 @@ import { validation } from "../../../../utils/validation.js";
 import request from "../../../../request.js";
 import GraphCommand from "../../../base/GraphCommand.js";
 import commands from "../../commands.js";
-import { aadAdministrativeUnit } from "../../../../utils/aadAdministrativeUnit.js";
+import { entraAdministrativeUnit } from "../../../../utils/entraAdministrativeUnit.js";
 import aadCommands from "../../aadCommands.js";
 class EntraAdministrativeUnitGetCommand extends GraphCommand {
     get name() {
@@ -36,7 +36,7 @@ class EntraAdministrativeUnitGetCommand extends GraphCommand {
                 administrativeUnit = await this.getAdministrativeUnitById(args.options.id);
             }
             else {
-                administrativeUnit = await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.displayName);
+                administrativeUnit = await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.displayName);
             }
             await logger.log(administrativeUnit);
         }

package/dist/m365/entra/commands/administrativeunit/administrativeunit-member-add.js

@@ -4,14 +4,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
 var _EntraAdministrativeUnitMemberAddCommand_instances, _EntraAdministrativeUnitMemberAddCommand_initTelemetry, _EntraAdministrativeUnitMemberAddCommand_initOptions, _EntraAdministrativeUnitMemberAddCommand_initValidators, _EntraAdministrativeUnitMemberAddCommand_initOptionSets;
-import { aadAdministrativeUnit } from "../../../../utils/aadAdministrativeUnit.js";
-import { aadGroup } from "../../../../utils/aadGroup.js";
-import { aadUser } from "../../../../utils/aadUser.js";
+import { entraAdministrativeUnit } from "../../../../utils/entraAdministrativeUnit.js";
+import { entraGroup } from "../../../../utils/entraGroup.js";
+import { entraUser } from "../../../../utils/entraUser.js";
 import { validation } from "../../../../utils/validation.js";
 import GraphCommand from "../../../base/GraphCommand.js";
 import commands from "../../commands.js";
 import request from "../../../../request.js";
-import { aadDevice } from "../../../../utils/aadDevice.js";
+import { entraDevice } from "../../../../utils/entraDevice.js";
 import aadCommands from "../../aadCommands.js";
 class EntraAdministrativeUnitMemberAddCommand extends GraphCommand {
     get name() {
@@ -40,7 +40,7 @@ class EntraAdministrativeUnitMemberAddCommand extends GraphCommand {
                 if (this.verbose) {
                     await logger.logToStderr(`Retrieving Administrative Unit Id...`);
                 }
-                administrativeUnitId = (await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
+                administrativeUnitId = (await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
             }
             if (args.options.userId || args.options.userName) {
                 memberType = 'users';
@@ -49,7 +49,7 @@ class EntraAdministrativeUnitMemberAddCommand extends GraphCommand {
                     if (this.verbose) {
                         await logger.logToStderr(`Retrieving User Id...`);
                     }
-                    memberId = await aadUser.getUserIdByUpn(args.options.userName);
+                    memberId = await entraUser.getUserIdByUpn(args.options.userName);
                 }
             }
             else if (args.options.groupId || args.options.groupName) {
@@ -59,7 +59,7 @@ class EntraAdministrativeUnitMemberAddCommand extends GraphCommand {
                     if (this.verbose) {
                         await logger.logToStderr(`Retrieving Group Id...`);
                     }
-                    memberId = await aadGroup.getGroupIdByDisplayName(args.options.groupName);
+                    memberId = await entraGroup.getGroupIdByDisplayName(args.options.groupName);
                 }
             }
             else if (args.options.deviceId || args.options.deviceName) {
@@ -69,7 +69,7 @@ class EntraAdministrativeUnitMemberAddCommand extends GraphCommand {
                     if (this.verbose) {
                         await logger.logToStderr(`Device with name ${args.options.deviceName} retrieved, returned id: ${memberId}`);
                     }
-                    memberId = (await aadDevice.getDeviceByDisplayName(args.options.deviceName)).id;
+                    memberId = (await entraDevice.getDeviceByDisplayName(args.options.deviceName)).id;
                 }
             }
             const requestOptions = {

package/dist/m365/entra/commands/administrativeunit/administrativeunit-member-get.js

@@ -7,7 +7,7 @@ var _EntraAdministrativeUnitMemberGetCommand_instances, _EntraAdministrativeUnit
 import GraphCommand from '../../../base/GraphCommand.js';
 import commands from '../../commands.js';
 import { validation } from '../../../../utils/validation.js';
-import { aadAdministrativeUnit } from '../../../../utils/aadAdministrativeUnit.js';
+import { entraAdministrativeUnit } from '../../../../utils/entraAdministrativeUnit.js';
 import request from '../../../../request.js';
 import aadCommands from '../../aadCommands.js';
 class EntraAdministrativeUnitMemberGetCommand extends GraphCommand {
@@ -35,7 +35,7 @@ class EntraAdministrativeUnitMemberGetCommand extends GraphCommand {
                 if (this.verbose) {
                     await logger.logToStderr(`Retrieving Administrative Unit Id...`);
                 }
-                administrativeUnitId = (await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
+                administrativeUnitId = (await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
             }
             const url = this.getRequestUrl(administrativeUnitId, args.options.id, args.options);
             const requestOptions = {

package/dist/m365/entra/commands/administrativeunit/administrativeunit-member-list.js

@@ -7,7 +7,7 @@ var _EntraAdministrativeUnitMemberListCommand_instances, _EntraAdministrativeUni
 import { odata } from '../../../../utils/odata.js';
 import GraphCommand from '../../../base/GraphCommand.js';
 import commands from '../../commands.js';
-import { aadAdministrativeUnit } from '../../../../utils/aadAdministrativeUnit.js';
+import { entraAdministrativeUnit } from '../../../../utils/entraAdministrativeUnit.js';
 import { validation } from '../../../../utils/validation.js';
 import aadCommands from '../../aadCommands.js';
 class EntraAdministrativeUnitMemberListCommand extends GraphCommand {
@@ -35,7 +35,7 @@ class EntraAdministrativeUnitMemberListCommand extends GraphCommand {
         let administrativeUnitId = args.options.administrativeUnitId;
         try {
             if (args.options.administrativeUnitName) {
-                administrativeUnitId = (await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
+                administrativeUnitId = (await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
             }
             let results;
             const endpoint = this.getRequestUrl(administrativeUnitId, args.options);

package/dist/m365/entra/commands/administrativeunit/administrativeunit-remove.js

@@ -4,7 +4,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
 var _EntraAdministrativeUnitRemoveCommand_instances, _EntraAdministrativeUnitRemoveCommand_initTelemetry, _EntraAdministrativeUnitRemoveCommand_initOptions, _EntraAdministrativeUnitRemoveCommand_initOptionSets, _EntraAdministrativeUnitRemoveCommand_initValidators, _EntraAdministrativeUnitRemoveCommand_initTypes;
-import { aadAdministrativeUnit } from '../../../../utils/aadAdministrativeUnit.js';
+import { entraAdministrativeUnit } from '../../../../utils/entraAdministrativeUnit.js';
 import { validation } from "../../../../utils/validation.js";
 import request from "../../../../request.js";
 import GraphCommand from "../../../base/GraphCommand.js";
@@ -35,7 +35,7 @@ class EntraAdministrativeUnitRemoveCommand extends GraphCommand {
             try {
                 let administrativeUnitId = args.options.id;
                 if (args.options.displayName) {
-                    const administrativeUnit = await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.displayName);
+                    const administrativeUnit = await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.displayName);
                     administrativeUnitId = administrativeUnit.id;
                 }
                 const requestOptions = {

package/dist/m365/entra/commands/administrativeunit/administrativeunit-roleassignment-add.js

@@ -4,8 +4,8 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
 var _EntraAdministrativeUnitRoleAssignmentAddCommand_instances, _EntraAdministrativeUnitRoleAssignmentAddCommand_initTelemetry, _EntraAdministrativeUnitRoleAssignmentAddCommand_initOptions, _EntraAdministrativeUnitRoleAssignmentAddCommand_initValidators, _EntraAdministrativeUnitRoleAssignmentAddCommand_initOptionSets;
-import { aadAdministrativeUnit } from '../../../../utils/aadAdministrativeUnit.js';
-import { aadUser } from '../../../../utils/aadUser.js';
+import { entraAdministrativeUnit } from '../../../../utils/entraAdministrativeUnit.js';
+import { entraUser } from '../../../../utils/entraUser.js';
 import { roleAssignment } from '../../../../utils/roleAssignment.js';
 import { roleDefinition } from '../../../../utils/roleDefinition.js';
 import { validation } from '../../../../utils/validation.js';
@@ -33,7 +33,7 @@ class EntraAdministrativeUnitRoleAssignmentAddCommand extends GraphCommand {
                 if (this.verbose) {
                     await logger.logToStderr(`Retrieving administrative unit by its name '${args.options.administrativeUnitName}'`);
                 }
-                administrativeUnitId = (await aadAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
+                administrativeUnitId = (await entraAdministrativeUnit.getAdministrativeUnitByDisplayName(args.options.administrativeUnitName)).id;
             }
             if (args.options.roleDefinitionName) {
                 if (this.verbose) {
@@ -45,7 +45,7 @@ class EntraAdministrativeUnitRoleAssignmentAddCommand extends GraphCommand {
                 if (this.verbose) {
                     await logger.logToStderr(`Retrieving user by UPN '${args.options.userName}'`);
                 }
-                userId = await aadUser.getUserIdByUpn(args.options.userName);
+                userId = await entraUser.getUserIdByUpn(args.options.userName);
             }
             const unifiedRoleAssignment = await roleAssignment.createRoleAssignmentWithAdministrativeUnitScope(roleDefinitionId, userId, administrativeUnitId);
             await logger.log(unifiedRoleAssignment);

package/dist/m365/entra/commands/app/app-permission-add.js

@@ -67,13 +67,9 @@ class EntraAppPermissionAddCommand extends GraphCommand {
         }
     }
     async getAppObject(options) {
-        let apps;
-        if (options.appObjectId) {
-            apps = await odata.getAllItems(`${this.resource}/v1.0/applications/${options.appObjectId}?$select=id,appId,requiredResourceAccess`);
-        }
-        else {
-            apps = await odata.getAllItems(`${this.resource}/v1.0/applications(appId='${options.appId}')?$select=id,appId,requiredResourceAccess`);
-        }
+        const apps = options.appObjectId
+            ? await odata.getAllItems(`${this.resource}/v1.0/applications?$filter=id eq '${options.appObjectId}'&$select=id,appId,requiredResourceAccess`)
+            : await odata.getAllItems(`${this.resource}/v1.0/applications?$filter=appId eq '${options.appId}'&$select=id,appId,requiredResourceAccess`);
         if (apps.length === 0) {
             throw `App with ${options.appObjectId ? 'object id' : 'client id'} ${options.appObjectId ? options.appObjectId : options.appId} not found in Entra ID (Azure AD)`;
         }

package/dist/m365/entra/commands/app/app-permission-list.js

@@ -0,0 +1,182 @@
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _EntraAppPermissionListCommand_instances, _EntraAppPermissionListCommand_initTelemetry, _EntraAppPermissionListCommand_initOptions, _EntraAppPermissionListCommand_initValidators, _EntraAppPermissionListCommand_initOptionSets;
+import GraphCommand from "../../../base/GraphCommand.js";
+import commands from "../../commands.js";
+import request from "../../../../request.js";
+import { validation } from "../../../../utils/validation.js";
+import { formatting } from "../../../../utils/formatting.js";
+class EntraAppPermissionListCommand extends GraphCommand {
+    get name() {
+        return commands.APP_PERMISSION_LIST;
+    }
+    get description() {
+        return 'Lists the application and delegated permissions for a specified Entra Application Registration';
+    }
+    constructor() {
+        super();
+        _EntraAppPermissionListCommand_instances.add(this);
+        this.allowedTypes = ['delegated', 'application', 'all'];
+        __classPrivateFieldGet(this, _EntraAppPermissionListCommand_instances, "m", _EntraAppPermissionListCommand_initTelemetry).call(this);
+        __classPrivateFieldGet(this, _EntraAppPermissionListCommand_instances, "m", _EntraAppPermissionListCommand_initOptions).call(this);
+        __classPrivateFieldGet(this, _EntraAppPermissionListCommand_instances, "m", _EntraAppPermissionListCommand_initValidators).call(this);
+        __classPrivateFieldGet(this, _EntraAppPermissionListCommand_instances, "m", _EntraAppPermissionListCommand_initOptionSets).call(this);
+    }
+    async commandAction(logger, args) {
+        try {
+            const appObjectId = await this.getAppObjectId(args.options);
+            const type = args.options.type ?? 'all';
+            const permissions = await this.getAppRegPermissions(appObjectId, type, logger);
+            await logger.log(permissions);
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+    async getAppObjectId(options) {
+        if (options.appObjectId) {
+            return options.appObjectId;
+        }
+        const requestOptions = {
+            url: `${this.resource}/v1.0/myorganization/applications?$filter=appId eq '${formatting.encodeQueryParameter(options.appId)}'&$select=id`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        const res = await request.get(requestOptions);
+        if (res.value.length === 0) {
+            throw `No Azure AD application registration with ID ${options.appId} found`;
+        }
+        return res.value[0].id;
+    }
+    async getAppRegPermissions(appObjectId, permissionType, logger) {
+        const requestOptions = {
+            url: `${this.resource}/v1.0/myorganization/applications/${appObjectId}`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        const application = await request.get(requestOptions);
+        const requiredResourceAccess = application.requiredResourceAccess;
+        if (requiredResourceAccess.length === 0) {
+            return [];
+        }
+        const servicePrincipalsToResolve = requiredResourceAccess.map(resourceAccess => {
+            return {
+                appId: resourceAccess.resourceAppId
+            };
+        });
+        const servicePrincipals = await Promise
+            .all(servicePrincipalsToResolve.map(servicePrincipalInfo => this.getServicePrincipal(servicePrincipalInfo, permissionType, logger)));
+        const apiPermissions = [];
+        requiredResourceAccess.forEach(requiredResourceAccess => {
+            const servicePrincipal = servicePrincipals
+                .find(servicePrincipal => servicePrincipal?.appId === requiredResourceAccess.resourceAppId);
+            const resourceName = servicePrincipal?.displayName ?? requiredResourceAccess.resourceAppId;
+            requiredResourceAccess.resourceAccess.forEach(permission => {
+                if (permissionType === 'application' && permission.type === 'Scope') {
+                    return;
+                }
+                if (permissionType === 'delegated' && permission.type === 'Role') {
+                    return;
+                }
+                apiPermissions.push({
+                    resource: resourceName,
+                    resourceId: requiredResourceAccess.resourceAppId,
+                    permission: this.getPermissionName(permission.id, permission.type, servicePrincipal),
+                    type: permission.type === 'Role' ? 'Application' : 'Delegated'
+                });
+            });
+        });
+        return apiPermissions;
+    }
+    getPermissionName(permissionId, permissionType, servicePrincipal) {
+        if (!servicePrincipal) {
+            return permissionId;
+        }
+        if (permissionType === 'Role') {
+            return servicePrincipal.appRoles
+                .find(appRole => appRole.id === permissionId)?.value ?? permissionId;
+        }
+        // permissionType === 'Scope'
+        return servicePrincipal.oauth2PermissionScopes
+            .find(permissionScope => permissionScope.id === permissionId)?.value ?? permissionId;
+    }
+    async getServicePrincipal(servicePrincipalInfo, permissionType, logger) {
+        if (this.verbose) {
+            await logger.logToStderr(`Retrieving service principal ${servicePrincipalInfo.appId}`);
+        }
+        const requestOptions = {
+            url: `${this.resource}/v1.0/servicePrincipals?$filter=appId eq '${servicePrincipalInfo.appId}'&$select=appId,id,displayName`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        const response = await request.get(requestOptions);
+        if (servicePrincipalInfo.appId && response.value.length === 0) {
+            return null;
+        }
+        const servicePrincipal = response.value[0];
+        if (this.verbose) {
+            await logger.logToStderr(`Retrieving permissions for service principal ${servicePrincipal.id}...`);
+        }
+        const oauth2PermissionScopesRequestOptions = {
+            url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/oauth2PermissionScopes`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        const appRolesRequestOptions = {
+            url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/appRoles`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        let permissions;
+        if (permissionType === 'all' || permissionType === 'delegated') {
+            permissions = await request.get(oauth2PermissionScopesRequestOptions);
+            servicePrincipal.oauth2PermissionScopes = permissions.value;
+        }
+        if (permissionType === 'all' || permissionType === 'application') {
+            permissions = await request.get(appRolesRequestOptions);
+            servicePrincipal.appRoles = permissions.value;
+        }
+        return servicePrincipal;
+    }
+}
+_EntraAppPermissionListCommand_instances = new WeakSet(), _EntraAppPermissionListCommand_initTelemetry = function _EntraAppPermissionListCommand_initTelemetry() {
+    this.telemetry.push((args) => {
+        Object.assign(this.telemetryProperties, {
+            appId: typeof args.options.appId !== 'undefined',
+            appObjectId: typeof args.options.appObjectId !== 'undefined',
+            type: typeof args.options.type !== 'undefined'
+        });
+    });
+}, _EntraAppPermissionListCommand_initOptions = function _EntraAppPermissionListCommand_initOptions() {
+    this.options.unshift({ option: '-i, --appId [appId]' }, { option: '--appObjectId [appObjectId]' }, { option: '--type [type]', autocomplete: this.allowedTypes });
+}, _EntraAppPermissionListCommand_initValidators = function _EntraAppPermissionListCommand_initValidators() {
+    this.validators.push(async (args) => {
+        if (args.options.appId && !validation.isValidGuid(args.options.appId)) {
+            return `${args.options.appId} is not a valid GUID`;
+        }
+        if (args.options.appObjectId && !validation.isValidGuid(args.options.appObjectId)) {
+            return `${args.options.appObjectId} is not a valid GUID`;
+        }
+        if (args.options.type && this.allowedTypes.indexOf(args.options.type.toLowerCase()) === -1) {
+            return `${args.options.type} is not a valid type. Allowed types are ${this.allowedTypes.join(', ')}`;
+        }
+        return true;
+    });
+}, _EntraAppPermissionListCommand_initOptionSets = function _EntraAppPermissionListCommand_initOptionSets() {
+    this.optionSets.push({ options: ['appId', 'appObjectId'] });
+};
+export default new EntraAppPermissionListCommand();
+//# sourceMappingURL=app-permission-list.js.map

package/dist/m365/entra/commands/group/group-add.js

@@ -0,0 +1,224 @@
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _EntraGroupAddCommand_instances, _EntraGroupAddCommand_initOptions, _EntraGroupAddCommand_initValidators, _EntraGroupAddCommand_initTelemetry;
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import aadCommands from '../../aadCommands.js';
+import { validation } from '../../../../utils/validation.js';
+import request from '../../../../request.js';
+import { entraUser } from '../../../../utils/entraUser.js';
+class EntraGroupAddCommand extends GraphCommand {
+    get name() {
+        return commands.GROUP_ADD;
+    }
+    get description() {
+        return 'Creates a Microsoft Entra group';
+    }
+    alias() {
+        return [aadCommands.GROUP_ADD];
+    }
+    allowUnknownOptions() {
+        return true;
+    }
+    constructor() {
+        super();
+        _EntraGroupAddCommand_instances.add(this);
+        __classPrivateFieldGet(this, _EntraGroupAddCommand_instances, "m", _EntraGroupAddCommand_initTelemetry).call(this);
+        __classPrivateFieldGet(this, _EntraGroupAddCommand_instances, "m", _EntraGroupAddCommand_initOptions).call(this);
+        __classPrivateFieldGet(this, _EntraGroupAddCommand_instances, "m", _EntraGroupAddCommand_initValidators).call(this);
+    }
+    async commandAction(logger, args) {
+        let group;
+        let ownerIds = [];
+        let memberIds = [];
+        try {
+            const manifest = this.createRequestBody(args.options);
+            const requestOptions = {
+                url: `${this.resource}/v1.0/groups`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                },
+                responseType: 'json',
+                data: manifest
+            };
+            ownerIds = await this.getUserIds(logger, args.options.ownerIds, args.options.ownerUserNames);
+            memberIds = await this.getUserIds(logger, args.options.memberIds, args.options.memberUserNames);
+            group = await request.post(requestOptions);
+            if (ownerIds.length !== 0) {
+                await this.addUsers(group.id, 'owners', ownerIds);
+            }
+            if (memberIds.length !== 0) {
+                await this.addUsers(group.id, 'members', memberIds);
+            }
+            await logger.log(group);
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+    ;
+    createRequestBody(options) {
+        const requestBody = {
+            displayName: options.displayName,
+            description: options.description,
+            mailNickName: options.mailNickname ?? this.generateMailNickname(),
+            visibility: options.visibility ?? 'Public',
+            groupTypes: options.type === 'microsoft365' ? ['Unified'] : [],
+            mailEnabled: options.type === 'security' ? false : true,
+            securityEnabled: true
+        };
+        this.addUnknownOptionsToPayload(requestBody, options);
+        return requestBody;
+    }
+    generateMailNickname() {
+        return `Group${Math.floor(Math.random() * 1000000)}`;
+    }
+    async getUserIds(logger, userIds, userNames) {
+        if (userIds) {
+            return userIds.split(',').map(o => o.trim());
+        }
+        if (!userNames) {
+            if (this.verbose) {
+                await logger.logToStderr('No users to validate, skipping.');
+            }
+            return [];
+        }
+        if (this.verbose) {
+            await logger.logToStderr('Retrieving user information.');
+        }
+        const userArr = userNames.split(',').map(o => o.trim());
+        if (this.verbose) {
+            await logger.logToStderr('Retrieving ID(s) of user(s)...');
+        }
+        return entraUser.getUserIdsByUpns(userArr);
+    }
+    async addUsers(groupId, role, userIds) {
+        for (let i = 0; i < userIds.length; i += 400) {
+            const userIdsBatch = userIds.slice(i, i + 400);
+            const requestOptions = {
+                url: `${this.resource}/v1.0/$batch`,
+                headers: {
+                    'content-type': 'application/json;odata.metadata=none'
+                },
+                responseType: 'json',
+                data: {
+                    requests: []
+                }
+            };
+            // only 20 requests per one batch are allowed
+            for (let j = 0; j < userIdsBatch.length; j += 20) {
+                // only 20 users can be added in one request
+                const userIdsChunk = userIdsBatch.slice(j, j + 20);
+                requestOptions.data.requests.push({
+                    id: j + 1,
+                    method: 'PATCH',
+                    url: `/groups/${groupId}`,
+                    headers: {
+                        'content-type': 'application/json;odata.metadata=none'
+                    },
+                    body: {
+                        [`${role}@odata.bind`]: userIdsChunk.map(u => `${this.resource}/v1.0/directoryObjects/${u}`)
+                    }
+                });
+            }
+            const res = await request.post(requestOptions);
+            for (const response of res.responses) {
+                if (response.status !== 204) {
+                    throw response.body;
+                }
+            }
+        }
+    }
+}
+_EntraGroupAddCommand_instances = new WeakSet(), _EntraGroupAddCommand_initOptions = function _EntraGroupAddCommand_initOptions() {
+    this.options.unshift({
+        option: '-n, --displayName <displayName>'
+    }, {
+        option: '-d, --description [description]'
+    }, {
+        option: '-t, --type <type>',
+        autocomplete: ['microsoft365', 'security']
+    }, {
+        option: '-m, --mailNickname [mailNickname]'
+    }, {
+        option: '--ownerIds [ownerIds]'
+    }, {
+        option: '--ownerUserNames [ownerUserNames]'
+    }, {
+        option: '--memberIds [memberIds]'
+    }, {
+        option: '--memberUserNames [memberUserNames]'
+    }, {
+        option: '--visibility [visibility]',
+        autocomplete: ['Public', 'Private', 'HiddenMembership']
+    });
+}, _EntraGroupAddCommand_initValidators = function _EntraGroupAddCommand_initValidators() {
+    this.validators.push(async (args) => {
+        if (args.options.displayName.length > 256) {
+            return `The maximum amount of characters for 'displayName' is 256.`;
+        }
+        if (args.options.mailNickname) {
+            if (!validation.isValidMailNickname(args.options.mailNickname)) {
+                return `Value for option 'mailNickname' must contain only characters in the ASCII character set 0-127 except the following: @ () \ [] " ; : <> , SPACE.`;
+            }
+            if (args.options.mailNickname.length > 64) {
+                return `The maximum amount of characters for 'mailNickname' is 64.`;
+            }
+        }
+        if (args.options.ownerIds) {
+            const ids = args.options.ownerIds.split(',').map(i => i.trim());
+            if (!validation.isValidGuidArray(ids)) {
+                const invalidGuid = ids.find(id => !validation.isValidGuid(id));
+                return `'${invalidGuid}' is not a valid GUID for option 'ownerIds'.`;
+            }
+        }
+        if (args.options.ownerUserNames) {
+            const isValidUserPrincipalNameArray = validation.isValidUserPrincipalNameArray(args.options.ownerUserNames.split(',').map(u => u.trim()));
+            if (isValidUserPrincipalNameArray !== true) {
+                return `User principal name '${isValidUserPrincipalNameArray}' is invalid for option 'ownerUserNames'.`;
+            }
+        }
+        if (args.options.memberIds) {
+            const ids = args.options.memberIds.split(',').map(i => i.trim());
+            if (!validation.isValidGuidArray(ids)) {
+                const invalidGuid = ids.find(id => !validation.isValidGuid(id));
+                return `'${invalidGuid}' is not a valid GUID for option 'memberIds'.`;
+            }
+        }
+        if (args.options.memberUserNames) {
+            const isValidUserPrincipalNameArray = validation.isValidUserPrincipalNameArray(args.options.memberUserNames.split(',').map(u => u.trim()));
+            if (isValidUserPrincipalNameArray !== true) {
+                return `User principal name '${isValidUserPrincipalNameArray}' is invalid for option 'memberUserNames'.`;
+            }
+        }
+        if (['microsoft365', 'security'].indexOf(args.options.type) === -1) {
+            return `Option 'type' must be one of the following values: microsoft365, security.`;
+        }
+        if (args.options.type === 'microsoft365' && !args.options.visibility) {
+            return `Option 'visibility' must be specified if the option 'type' is set to microsoft365`;
+        }
+        if (args.options.visibility && ['Public', 'Private', 'HiddenMembership'].indexOf(args.options.visibility) === -1) {
+            return `Option 'visibility' must be one of the following values: Public, Private, HiddenMembership.`;
+        }
+        return true;
+    });
+}, _EntraGroupAddCommand_initTelemetry = function _EntraGroupAddCommand_initTelemetry() {
+    this.telemetry.push((args) => {
+        Object.assign(this.telemetryProperties, {
+            displayName: typeof args.options.displayName !== 'undefined',
+            description: typeof args.options.description !== 'undefined',
+            type: typeof args.options.type !== 'undefined',
+            mailNickname: typeof args.options.mailNickname !== 'undefined',
+            ownerIds: typeof args.options.ownerIds !== 'undefined',
+            ownerUserNames: typeof args.options.ownerUserNames !== 'undefined',
+            memberIds: typeof args.options.memberIds !== 'undefined',
+            memberUserNames: typeof args.options.memberUserNames !== 'undefined',
+            visibility: typeof args.options.visibility !== 'undefined'
+        });
+    });
+};
+export default new EntraGroupAddCommand();
+//# sourceMappingURL=group-add.js.map

package/dist/m365/entra/commands/group/group-get.js

@@ -4,7 +4,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
 var _EntraGroupGetCommand_instances, _EntraGroupGetCommand_initOptions, _EntraGroupGetCommand_initValidators, _EntraGroupGetCommand_initOptionSets, _EntraGroupGetCommand_initTelemetry;
-import { aadGroup } from '../../../../utils/aadGroup.js';
+import { entraGroup } from '../../../../utils/entraGroup.js';
 import { validation } from '../../../../utils/validation.js';
 import GraphCommand from '../../../base/GraphCommand.js';
 import commands from '../../commands.js';
@@ -31,10 +31,10 @@ class EntraGroupGetCommand extends GraphCommand {
         let group;
         try {
             if (args.options.id) {
-                group = await aadGroup.getGroupById(args.options.id);
+                group = await entraGroup.getGroupById(args.options.id);
             }
             else {
-                group = await aadGroup.getGroupByDisplayName(args.options.displayName);
+                group = await entraGroup.getGroupByDisplayName(args.options.displayName);
             }
             await logger.log(group);
         }

package/dist/m365/entra/commands/group/group-remove.js

@@ -8,7 +8,7 @@ import { cli } from '../../../../cli/cli.js';
 import GraphCommand from '../../../base/GraphCommand.js';
 import commands from '../../commands.js';
 import request from '../../../../request.js';
-import { aadGroup } from '../../../../utils/aadGroup.js';
+import { entraGroup } from '../../../../utils/entraGroup.js';
 import { validation } from '../../../../utils/validation.js';
 import aadCommands from '../../aadCommands.js';
 class EntraGroupRemoveCommand extends GraphCommand {
@@ -38,7 +38,7 @@ class EntraGroupRemoveCommand extends GraphCommand {
             try {
                 let groupId = args.options.id;
                 if (args.options.displayName) {
-                    groupId = await aadGroup.getGroupIdByDisplayName(args.options.displayName);
+                    groupId = await entraGroup.getGroupIdByDisplayName(args.options.displayName);
                 }
                 const requestOptions = {
                     url: `${this.resource}/v1.0/groups/${groupId}`,