Skip to content

Commit d440b7a

Browse files
KelvinTegelaarKelvinTegelaar
committed
Set user photo
1 parent ab86520 commit d440b7a

File tree

1 file changed

+91
-0
lines changed

1 file changed

+91
-0
lines changed

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSetUserPhoto.ps1

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
Function Invoke-ExecSetUserPhoto {
2+
<#
3+
.FUNCTIONALITY
4+
Entrypoint
5+
.ROLE
6+
Identity.User.ReadWrite
7+
#>
8+
[CmdletBinding()]
9+
param($Request, $TriggerMetadata)
10+
11+
$APIName = $Request.Params.CIPPEndpoint
12+
$Headers = $Request.Headers
13+
$tenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
14+
$userId = $Request.Query.userId ?? $Request.Body.userId
15+
$action = $Request.Query.action ?? $Request.Body.action
16+
$photoData = $Request.Body.photoData
17+
18+
$Results = [System.Collections.Generic.List[object]]::new()
19+
20+
try {
21+
if ([string]::IsNullOrWhiteSpace($userId)) {
22+
throw 'User ID is required'
23+
}
24+
25+
if ($action -eq 'remove') {
26+
# Remove the user's profile picture
27+
try {
28+
$null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$userId/photo/`$value" -tenantid $tenantFilter -type DELETE -NoAuthCheck $true
29+
$Results.Add('Successfully removed user profile picture.')
30+
Write-LogMessage -API $APIName -tenant $tenantFilter -headers $Headers -message "Removed profile picture for user $userId" -Sev Info
31+
} catch {
32+
# Check if the error is because there's no photo
33+
if ($_.Exception.Message -like '*does not exist*' -or $_.Exception.Message -like '*ResourceNotFound*') {
34+
$Results.Add('User does not have a profile picture to remove.')
35+
Write-LogMessage -API $APIName -tenant $tenantFilter -headers $Headers -message "No profile picture found for user $userId" -Sev Info
36+
} else {
37+
throw $_
38+
}
39+
}
40+
} elseif ($action -eq 'set') {
41+
# Set the user's profile picture
42+
if ([string]::IsNullOrWhiteSpace($photoData)) {
43+
throw 'Photo data is required when setting a profile picture'
44+
}
45+
46+
# Convert base64 string to byte array
47+
# The photoData should be in format: data:image/jpeg;base64,/9j/4AAQSkZJRg...
48+
# We need to strip the data URL prefix if present
49+
$base64Data = $photoData
50+
if ($photoData -match '^data:image/[^;]+;base64,(.+)$') {
51+
$base64Data = $Matches[1]
52+
}
53+
54+
try {
55+
$photoBytes = [Convert]::FromBase64String($base64Data)
56+
} catch {
57+
throw "Invalid base64 photo data: $($_.Exception.Message)"
58+
}
59+
60+
# Validate image size (Microsoft Graph has a 4MB limit)
61+
$maxSizeBytes = 4 * 1024 * 1024 # 4MB
62+
if ($photoBytes.Length -gt $maxSizeBytes) {
63+
throw "Photo size exceeds 4MB limit. Current size: $([math]::Round($photoBytes.Length / 1MB, 2))MB"
64+
}
65+
66+
# Upload the photo using Graph API
67+
$null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$userId/photo/`$value" -tenantid $tenantFilter -type PATCH -body $photoBytes -ContentType 'image/jpeg' -NoAuthCheck $true
68+
69+
$Results.Add('Successfully set user profile picture.')
70+
Write-LogMessage -API $APIName -tenant $tenantFilter -headers $Headers -message "Set profile picture for user $userId" -Sev Info
71+
} else {
72+
throw "Invalid action. Must be 'set' or 'remove'"
73+
}
74+
75+
return ([HttpResponseContext]@{
76+
StatusCode = [HttpStatusCode]::OK
77+
Body = @{
78+
'Results' = @($Results)
79+
}
80+
})
81+
} catch {
82+
$ErrorMessage = Get-CippException -Exception $_
83+
Write-LogMessage -API $APIName -tenant $tenantFilter -headers $Headers -message "Failed to $action user profile picture. Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage
84+
return ([HttpResponseContext]@{
85+
StatusCode = [HttpStatusCode]::BadRequest
86+
Body = @{
87+
'Results' = @("Failed to $action user profile picture: $($ErrorMessage.NormalizedError)")
88+
}
89+
})
90+
}
91+
}

0 commit comments

Comments
 (0)