Merge pull request #580 from nickjisc/main

Fix for Group Policy enforced include/exclude lists not being imported corrected
pull/615/head
Romain 2024-04-15 23:22:18 +02:00 committed by GitHub
commit eb52fe4e7c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 58 additions and 20 deletions

View File

@ -245,7 +245,7 @@ if (Test-Network) {
New-Item "$WorkingDir\logs\error.txt" -Value "Whitelist doesn't exist in GPO" -Force New-Item "$WorkingDir\logs\error.txt" -Value "Whitelist doesn't exist in GPO" -Force
Exit 1 Exit 1
} }
$toUpdate = $toUpdate.Data foreach ($app in $toUpdate) { Write-ToLog "Include app ${app}" }
} }
else { else {
$BlackList = $toSkip.GetUpperBound(0) $BlackList = $toSkip.GetUpperBound(0)
@ -254,7 +254,7 @@ if (Test-Network) {
New-Item "$WorkingDir\logs\error.txt" -Value "Blacklist doesn't exist in GPO" -Force New-Item "$WorkingDir\logs\error.txt" -Value "Blacklist doesn't exist in GPO" -Force
Exit 1 Exit 1
} }
$toSkip = $toSkip.Data foreach ($app in $toSkip) { Write-ToLog "Exclude app ${app}" }
} }
} }

View File

@ -2,30 +2,49 @@
function Get-ExcludedApps { function Get-ExcludedApps {
$AppIDs = @()
#region blacklist in registry
if ($GPOList) { if ($GPOList) {
if (Test-Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList") { if (Test-Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList") {
$Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList\'
$ValueNames = (Get-Item -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList").Property $ValueNames = (Get-Item -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList").Property
foreach ($ValueName in $ValueNames) { foreach ($ValueName in $ValueNames) {
$AppIDs = [Microsoft.Win32.Registry]::GetValue($Key, $ValueName, $false) $AppIDs += (Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\BlackList" -Name $ValueName).Trim()
[PSCustomObject]@{ }
Value = $ValueName
Data = $AppIDs.Trim() }
}
#endregion blacklist in registry
#region blacklist pulled from URI
elseif ($URIList) {
$RegPath = "$WAU_GPORoot";
$RegValueName = 'WAU_URIList';
if (Test-Path -Path $RegPath) {
$RegKey = Get-Item -Path $RegPath;
$WAUURI = $RegKey.GetValue($RegValueName);
if ($null -ne $WAUURI) {
$resp = Invoke-WebRequest -Uri $WAUURI -UseDefaultCredentials;
if ($resp.BaseResponse.StatusCode -eq [System.Net.HttpStatusCode]::OK) {
$resp.Content.Split([System.Environment]::NewLine, [System.StringSplitOptions]::RemoveEmptyEntries) |
ForEach-Object {
$AppIds += $_
}
}
} }
} }
} }
return $AppIDs #endregion blacklist pulled from URI
}
elseif (Test-Path "$WorkingDir\excluded_apps.txt") { elseif (Test-Path "$WorkingDir\excluded_apps.txt") {
return (Get-Content -Path "$WorkingDir\excluded_apps.txt").Trim() | Where-Object { $_.length -gt 0 } return (Get-Content -Path "$WorkingDir\excluded_apps.txt").Trim() | Where-Object { $_.length -gt 0 }
} }
return $AppIDs | Where-Object { $_.length -gt 0 }
} }

View File

@ -1,31 +1,50 @@
#Function to get the allow List apps #Function to get the allow List apps
function Get-IncludedApps { function Get-IncludedApps {
$AppIDs = @()
#region whitelist in registry
if ($GPOList) { if ($GPOList) {
if (Test-Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList") { if (Test-Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList") {
$Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList\'
$ValueNames = (Get-Item -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList").Property $ValueNames = (Get-Item -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList").Property
foreach ($ValueName in $ValueNames) { foreach ($ValueName in $ValueNames) {
$AppIDs = [Microsoft.Win32.Registry]::GetValue($Key, $ValueName, $false) $AppIDs += (Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Policies\Romanitho\Winget-AutoUpdate\WhiteList" -Name $ValueName).Trim()
[PSCustomObject]@{ }
Value = $ValueName
Data = $AppIDs.Trim() }
}
#endregion whitelist in registry
#region whitelist pulled from URI
elseif ($URIList) {
$RegPath = "$WAU_GPORoot";
$RegValueName = 'WAU_URIList';
if (Test-Path -Path $RegPath) {
$RegKey = Get-Item -Path $RegPath;
$WAUURI = $RegKey.GetValue($RegValueName);
if ($null -ne $WAUURI) {
$resp = Invoke-WebRequest -Uri $WAUURI -UseDefaultCredentials;
if ($resp.BaseResponse.StatusCode -eq [System.Net.HttpStatusCode]::OK) {
$resp.Content.Split([System.Environment]::NewLine, [System.StringSplitOptions]::RemoveEmptyEntries) |
ForEach-Object {
$AppIds += $_
}
}
} }
} }
} }
return $AppIDs #endregion whitelist pulled from URI
}
elseif (Test-Path "$WorkingDir\included_apps.txt") { elseif (Test-Path "$WorkingDir\included_apps.txt") {
return (Get-Content -Path "$WorkingDir\included_apps.txt").Trim() | Where-Object { $_.length -gt 0 } return (Get-Content -Path "$WorkingDir\included_apps.txt").Trim() | Where-Object { $_.length -gt 0 }
} }
return $AppIDs | Where-Object { $_.length -gt 0 }
} }