custom apps

KelvinTegelaar · KelvinTegelaar · commit ac2d462d2eb8 · 2026-02-20T16:44:51.000+01:00
diff --git a/Modules/CIPPCore/Public/Add-CIPPW32ScriptApplication.ps1 b/Modules/CIPPCore/Public/Add-CIPPW32ScriptApplication.ps1
@@ -54,7 +54,7 @@ function Add-CIPPW32ScriptApplication {
         throw "Choco.App.xml not found at: $ChocoXmlFile (Current directory: $PWD)"
     }
 
-    # Parse the Choco XML to get encryption info
+    # Parse the Choco XML to get encryption info. We need a wrapper around the application and this is a tiny intune file, perfect for our purpose.
     [xml]$ChocoXml = Get-Content $ChocoXmlFile
     $EncryptionInfo = @{
         EncryptionKey        = $ChocoXml.ApplicationInfo.EncryptionInfo.EncryptionKey
diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1
@@ -81,12 +81,12 @@ function Push-UploadApplication {
 
                         # Build parameters dynamically
                         $Params = @{
-                            AppBody = $intuneBody
-                            TenantFilter = $tenant
-                            FilePath = $Infile
-                            FileName = $Intunexml.ApplicationInfo.FileName
+                            AppBody         = $intuneBody
+                            TenantFilter    = $tenant
+                            FilePath        = $Infile
+                            FileName        = $Intunexml.ApplicationInfo.FileName
                             UnencryptedSize = [int64]$Intunexml.ApplicationInfo.UnencryptedContentSize
-                            EncryptionInfo = $EncryptionInfo
+                            EncryptionInfo  = $EncryptionInfo
                         }
                         if ($AppConfig.Applicationname) { $Params.DisplayName = $AppConfig.Applicationname }
 
@@ -106,12 +106,12 @@ function Push-UploadApplication {
 
                         # Build parameters dynamically
                         $Params = @{
-                            AppBody = $intuneBody
-                            TenantFilter = $tenant
-                            FilePath = $Infile
-                            FileName = $Intunexml.ApplicationInfo.FileName
+                            AppBody         = $intuneBody
+                            TenantFilter    = $tenant
+                            FilePath        = $Infile
+                            FileName        = $Intunexml.ApplicationInfo.FileName
                             UnencryptedSize = [int64]$Intunexml.ApplicationInfo.UnencryptedContentSize
-                            EncryptionInfo = $EncryptionInfo
+                            EncryptionInfo  = $EncryptionInfo
                         }
                         if ($AppConfig.Applicationname) { $Params.DisplayName = $AppConfig.Applicationname }
 
@@ -139,13 +139,14 @@ function Push-UploadApplication {
                         if ($AppConfig.description) { $Properties['description'] = $AppConfig.description }
                         if ($AppConfig.publisher) { $Properties['publisher'] = $AppConfig.publisher }
                         if ($AppConfig.uninstallScript) { $Properties['uninstallScript'] = $AppConfig.uninstallScript }
-                        if ($AppConfig.detectionScript) { $Properties['detectionScript'] = $AppConfig.detectionScript }
+                        if ($AppConfig.detectionPath) { $Properties['detectionPath'] = $AppConfig.detectionPath }
+                        if ($AppConfig.detectionFile) { $Properties['detectionFile'] = $AppConfig.detectionFile }
                         if ($AppConfig.runAsAccount) { $Properties['runAsAccount'] = $AppConfig.runAsAccount }
                         if ($AppConfig.deviceRestartBehavior) { $Properties['deviceRestartBehavior'] = $AppConfig.deviceRestartBehavior }
                         if ($null -ne $AppConfig.runAs32Bit) { $Properties['runAs32Bit'] = $AppConfig.runAs32Bit }
                         if ($null -ne $AppConfig.enforceSignatureCheck) { $Properties['enforceSignatureCheck'] = $AppConfig.enforceSignatureCheck }
 
-                        $NewApp = Add-CIPPW32ScriptApplication -TenantFilter $tenant -Properties ([PSCustomObject]$Properties) -FilePath $Infile -FileName $Intunexml.ApplicationInfo.FileName -UnencryptedSize ([int64]$Intunexml.ApplicationInfo.UnencryptedContentSize) -EncryptionInfo $EncryptionInfo
+                        $NewApp = Add-CIPPW32ScriptApplication -TenantFilter $tenant -Properties ([PSCustomObject]$Properties)
                     }
                     'WinGetNew' {
                         # I think we don't need a separate WinGetNew type, just use WinGet?
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddWin32ScriptApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddWin32ScriptApp.ps1
@@ -0,0 +1,80 @@
+function Invoke-AddWin32ScriptApp {
+    <#
+    .FUNCTIONALITY
+        Entrypoint,AnyTenant
+    .ROLE
+        Endpoint.Application.ReadWrite
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+
+    $Win32ScriptApp = $Request.Body
+    $AssignTo = $Win32ScriptApp.AssignTo -eq 'customGroup' ? $Win32ScriptApp.CustomGroup : $Win32ScriptApp.AssignTo
+
+    # Validate required fields
+    if ([string]::IsNullOrEmpty($Win32ScriptApp.ApplicationName) -and [string]::IsNullOrEmpty($Win32ScriptApp.applicationName)) {
+        return ([HttpResponseContext]@{
+                StatusCode = [HttpStatusCode]::BadRequest
+                Body       = @{ Results = @('Application name is required') }
+            })
+    }
+
+    if ([string]::IsNullOrEmpty($Win32ScriptApp.installScript)) {
+        return ([HttpResponseContext]@{
+                StatusCode = [HttpStatusCode]::BadRequest
+                Body       = @{ Results = @('Install script is required') }
+            })
+    }
+
+    # Use whichever case was provided
+    $AppName = if ($Win32ScriptApp.ApplicationName) { $Win32ScriptApp.ApplicationName } else { $Win32ScriptApp.applicationName }
+
+    $AllowedTenants = Test-CIPPAccess -Request $Request -TenantList
+    $Tenants = ($Request.Body.selectedTenants | Where-Object { $AllowedTenants -contains $_.customerId -or $AllowedTenants -contains 'AllTenants' }).defaultDomainName
+
+    $Results = foreach ($Tenant in $Tenants) {
+        try {
+            $CompleteObject = [PSCustomObject]@{
+                tenant                = $Tenant
+                Applicationname       = $AppName
+                assignTo              = $AssignTo
+                InstallationIntent    = $Win32ScriptApp.InstallationIntent
+                type                  = 'Win32ScriptApp'
+                description           = $Win32ScriptApp.description
+                publisher             = $Win32ScriptApp.publisher
+                installScript         = $Win32ScriptApp.installScript
+                uninstallScript       = $Win32ScriptApp.uninstallScript
+                detectionPath         = $Win32ScriptApp.detectionPath
+                detectionFile         = $Win32ScriptApp.detectionFile
+                runAsAccount          = if ($Win32ScriptApp.InstallAsSystem) { 'system' } else { 'user' }
+                deviceRestartBehavior = if ($Win32ScriptApp.DisableRestart) { 'suppress' } else { 'allow' }
+                runAs32Bit            = [bool]$Win32ScriptApp.runAs32Bit
+                enforceSignatureCheck = [bool]$Win32ScriptApp.enforceSignatureCheck
+            } | ConvertTo-Json -Depth 15
+
+            $Table = Get-CippTable -tablename 'apps'
+            $Table.Force = $true
+            Add-CIPPAzDataTableEntity @Table -Entity @{
+                JSON         = "$CompleteObject"
+                RowKey       = "$((New-Guid).GUID)"
+                PartitionKey = 'apps'
+                status       = 'Not Deployed yet'
+            }
+            "Successfully added Win32 Script App for $($Tenant) to queue."
+            Write-LogMessage -headers $Headers -API $APIName -tenant $Tenant -message "Successfully added Win32 Script App $AppName to queue" -Sev 'Info'
+        } catch {
+            Write-LogMessage -headers $Headers -API $APIName -tenant $Tenant -message "Failed to add Win32 Script App $AppName to queue. Error: $($_.Exception.Message)" -Sev 'Error'
+            "Failed to add Win32 Script App for $($Tenant) to queue: $($_.Exception.Message)"
+        }
+    }
+
+    $body = [PSCustomObject]@{ 'Results' = $Results }
+
+    return ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $body
+        })
+}
diff --git a/openapi.json b/openapi.json

Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ function Add-CIPPW32ScriptApplication {`
`54`	`54`	`throw "Choco.App.xml not found at: $ChocoXmlFile (Current directory: $PWD)"`
`55`	`55`	`}`
`56`	`56`
`57`		`- # Parse the Choco XML to get encryption info`
	`57`	`+ # Parse the Choco XML to get encryption info. We need a wrapper around the application and this is a tiny intune file, perfect for our purpose.`
`58`	`58`	`[xml]$ChocoXml = Get-Content $ChocoXmlFile`
`59`	`59`	`$EncryptionInfo = @{`
`60`	`60`	`EncryptionKey = $ChocoXml.ApplicationInfo.EncryptionInfo.EncryptionKey`