fix script not replacing group ids

Author: derisen

5-AccessControl/2-call-api-groups/AppCreationScripts/Cleanup.ps1

@@ -13,45 +13,6 @@ if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Groups")) {
 
 Import-Module Microsoft.Graph.Groups
 
-<#.Description
- This function creates a new Azure AD Security Group with provided values
-#> 
-Function CreateSecurityGroup([string] $name, [string] $description)
-{
- Write-Host "Creating a security group by the name '$name'."
- $newGroup = New-MgGroup -Description $description -DisplayName $name -MailEnabled:$false -SecurityEnabled:$true -MailNickName $name
- return Get-MgGroup -Filter "DisplayName eq '$name'" 
-}
-
-<#.Description
- This function first checks and then creates a new Azure AD Security Group with provided values, if required
-#> 
-Function CreateIfNotExistsSecurityGroup([string] $name, [string] $description, [switch] $promptBeforeCreate)
-{
-
- # check if Group exists
- $group = Get-MgGroup -Filter "DisplayName eq '$name'" 
- 
- if( $group -eq $null)
- {
- if ($promptBeforeCreate) 
- {
- $confirmation = Read-Host "Proceed to create a new security group named '$name' in the tenant ? (Y/N)"
-
- if($confirmation -eq 'y')
- {
- $group = CreateSecurityGroup -name $name -description $description
- }
- }
- else
- {
- Write-Host "No Security Group created!"
- } 
- }
- 
- return $group 
-}
-
 <#.Description
  This function first checks and then deletes an existing Azure AD Security Group, if required
 #> 

5-AccessControl/2-call-api-groups/AppCreationScripts/Configure.ps1

@@ -381,10 +381,9 @@ Function ConfigureApplications
 
  # rename the user_impersonation scope if it exists to match the readme steps or add a new scope
 
- # delete default scope i.e. User_impersonation
- # Alex: the scope deletion doesn't work - see open issue - https://github.com/microsoftgraph/msgraph-sdk-powershell/issues/1054
+ # delete default scope i.e. user_impersonation
  $scopes = New-Object System.Collections.Generic.List[Microsoft.Graph.PowerShell.Models.MicrosoftGraphPermissionScope]
- $scope = $clientAadApplication.Api.Oauth2PermissionScopes | Where-Object { $_.Value -eq "User_impersonation" }
+ $scope = $clientAadApplication.Api.Oauth2PermissionScopes | Where-Object { $_.Value -eq "user_impersonation" }
 
  if($scope -ne $null)
  { 
@@ -447,12 +446,11 @@ Function ConfigureApplications
 
  # Create any security groups that this app requires.
 
- $newGroup = CreateIfNotExistsSecurityGroup -name 'GroupAdmin' -description 'Admin Security Group' -promptBeforeCreate 'Y'
+ $GroupAdmin = CreateIfNotExistsSecurityGroup -name 'GroupAdmin' -description 'Admin Security Group' -promptBeforeCreate 'Y'
  Write-Host "group id of 'GroupAdmin'" -> $newGroup.Id -ForegroundColor Green 
 
- $newGroup = CreateIfNotExistsSecurityGroup -name 'GroupMember' -description 'User Security Group' -promptBeforeCreate 'Y'
- Write-Host "group id of 'GroupMember'" -> $newGroup.Id -ForegroundColor Green 
- Write-Host "Don't forget to assign the users you wish to work with to the newly created security groups !" -ForegroundColor Red 
+ $GroupMember = CreateIfNotExistsSecurityGroup -name 'GroupMember' -description 'User Security Group' -promptBeforeCreate 'Y'
+ Write-Host "group id of 'GroupMember'" -> $newGroup.Id -ForegroundColor Green
 
  # print the registered app portal URL for any further navigation
  Write-Host "Successfully registered and configured that app registration for 'msal-angular-app' at `n $clientPortalUrl" -ForegroundColor Red 
@@ -473,7 +471,7 @@ Function ConfigureApplications
  # $configFile = $pwd.Path + "\..\SPA\src\app\auth-config.ts"
  $configFile = $(Resolve-Path ($pwd.Path + "\..\SPA\src\app\auth-config.ts"))
 
- $dictionary = @{ "Enter_the_Application_Id_Here" = $clientAadApplication.AppId;"Enter_the_Tenant_Info_Here" = $tenantId;"Enter_the_Web_Api_Application_Id_Here" = $clientAadApplication.AppId;"Enter the object ID for GroupAdmin group copied from Azure Portal" = $GroupAdmin.objectId;"Enter the object ID for GroupMember group copied from Azure Portal" = $GroupMember.objectId };
+ $dictionary = @{ "Enter_the_Application_Id_Here" = $clientAadApplication.AppId;"Enter_the_Tenant_Info_Here" = $tenantId;"Enter_the_Web_Api_Application_Id_Here" = $clientAadApplication.AppId;"Enter the object ID for GroupAdmin group copied from Azure Portal" = $GroupAdmin.Id;"Enter the object ID for GroupMember group copied from Azure Portal" = $GroupMember.Id };
 
  Write-Host "Updating the sample config '$configFile' with the following config values:" -ForegroundColor Green 
  $dictionary

5-AccessControl/2-call-api-groups/AppCreationScripts/sample.json

@@ -94,11 +94,11 @@
  },
  {
  "key": "Enter the object ID for GroupAdmin group copied from Azure Portal",
- "value": "$GroupAdmin.objectId"
+ "value": "$GroupAdmin.Id"
  },
  {
  "key": "Enter the object ID for GroupMember group copied from Azure Portal",
- "value": "$GroupMember.objectId"
+ "value": "$GroupMember.Id"
  }
  ]
  },
@@ -121,11 +121,11 @@
  },
  {
  "key": "Enter the object ID for GroupAdmin group copied from Azure Portal",
- "value": "$GroupAdmin.objectId"
+ "value": "$GroupAdmin.Id"
  },
  {
  "key": "Enter the object ID for GroupMember group copied from Azure Portal",
- "value": "$GroupMember.objectId"
+ "value": "$GroupMember.Id"
  }
  ]
  }