System query options removed from paths inside a request body.

[timayabi2020]

For paths with query options like $filter, $expand etc. that form part of the request body to Microsoft Graph APIs, the Microsoft Graph PowerShell SDK treats them as empty variables and ends up removing them from the path.

For example, for such a request body which has an Odata path as part of the request body, the $filter and $expand query options will be removed. { "descriptionForAdmins": "Review for some pim roles", "descriptionForReviewers": "Review for some pim roles", "displayName": "PIM review", "scope": { "query": "/roleManagement/directory/roleEligibilityScheduleInstances?$expand=principal&$filter=(isof(principal,'microsoft.graph.user') and roleDefinitionId eq '8424c6f0-XXXX-499e-XXXX-26c1753c96d4')", "queryType": "MicrosoftGraph", "@odata.type": "#microsoft.graph.accessReviewQueryScope" }, "settings": { "defaultDecision": "Deny", "defaultDecisionEnabled": false, "instanceDurationInDays": 25, "justificationRequiredOnApproval": true, "mailNotificationsEnabled": true, "recommendationsEnabled": true, "reminderNotificationsEnabled": true, "recurrence": { "pattern": { "type": "absoluteMonthly", "interval": 3 }, "range": { "type": "noEnd", "startDate": "2023-06-01" } } } }

This is the request being sent to the API resulting to an "Internal server error response"

The same request executes successfully when done via Graph Explorer.

See related issue

[dolauli]

@timayabi2020 Would you share more details to reproduce the issue? e.g. swagger, how you guys generate the module with autorest.powershell

[timayabi2020]

@dolauli below are the steps on how to reproduce this issue

1. Install Microsoft.Graph PowerShell SDK from here.
2. Connect to Microsoft Graph Connect-MgGraph -Scope "AccessReview.ReadWrite.All".
3. Switch to Microsoft Graph's beta endpoint Select-MgProfile "beta"
4. Construct the request payload like the one below. $requestBody = @{ "descriptionForAdmins" = "Review for some pim roles" "descriptionForReviewers" = "Review for some pim roles" "displayName" = "PIM review" "scope" = @{ "query" = "/roleManagement/directory/roleEligibilityScheduleInstances?$expand=principal&$filter=(isof(principal,'microsoft.graph.user') and roleDefinitionId eq '9c6df0f2-1e7c-4dc3-b195-66dfbd24aa8f')" "queryType" = "MicrosoftGraph" "@odata.type" = "#microsoft.graph.accessReviewQueryScope" } "settings" = @{ "defaultDecision" = "Deny" "defaultDecisionEnabled" = $false "instanceDurationInDays" = 25 "justificationRequiredOnApproval" = $true "mailNotificationsEnabled" = $true "recommendationsEnabled" = $true "reminderNotificationsEnabled" = $true "recurrence" = @{ "pattern" = @{ "type" = "absoluteMonthly" "interval" = 3 } "range" = @{ "type" = "noEnd" "startDate" = "2023-06-01" } } } }
5. Run the following command with debug New-MgIdentityGovernanceAccessReviewDefinition -BodyParameter $requestBody -debug

We use pipelines defined on this repository to generate powershell cmdlets from open API files. In this particular case, the open API file responsible is here

[dolauli]

@dolauli Xiaogang Ding FTE below are the steps on how to reproduce this issue

1. Install Microsoft.Graph PowerShell SDK from here.
2. Connect to Microsoft Graph Connect-MgGraph -Scope "AccessReview.ReadWrite.All".
3. Switch to Microsoft Graph's beta endpoint Select-MgProfile "beta"
4. Construct the request payload like the one below. $requestBody = @{ "descriptionForAdmins" = "Review for some pim roles" "descriptionForReviewers" = "Review for some pim roles" "displayName" = "PIM review" "scope" = @{ "query" = "/roleManagement/directory/roleEligibilityScheduleInstances?$expand=principal&$filter=(isof(principal,'microsoft.graph.user') and roleDefinitionId eq '9c6df0f2-1e7c-4dc3-b195-66dfbd24aa8f')" "queryType" = "MicrosoftGraph" "@odata.type" = "#microsoft.graph.accessReviewQueryScope" } "settings" = @{ "defaultDecision" = "Deny" "defaultDecisionEnabled" = $false "instanceDurationInDays" = 25 "justificationRequiredOnApproval" = $true "mailNotificationsEnabled" = $true "recommendationsEnabled" = $true "reminderNotificationsEnabled" = $true "recurrence" = @{ "pattern" = @{ "type" = "absoluteMonthly" "interval" = 3 } "range" = @{ "type" = "noEnd" "startDate" = "2023-06-01" } } } }
5. Run the following command with debug New-MgIdentityGovernanceAccessReviewDefinition -BodyParameter $requestBody -debug

We use pipelines defined on this repository to generate powershell cmdlets from open API files. In this particular case, the open API file responsible is here

@timayabi2020 This is not something I really need. I do not have much time to dive into your project. Would you provide two things for me to reproduce your issue.

1. An example swagger (Even no need of a msgraph swagger, just a swagger that could reproduce the issue you mentioned)
2. How you guys generate the module based on the swagger.

Here is an example you may follow.

[timayabi2020]

@dolauli thanks for the clarification and the shared example. Below are the repro steps Using sample at: https://gist.github.com/timayabi2020/ce733256dab5002ee304d87d4b15642f

autorest --title:"Identity.Governance" autorestConfig.yml --verbose autorestConfig.yml

powershell: true
version: latest
use: '@autorest/powershell@3.x' #Replace with '@autorest/powershell@2.x' for autorest v2
export-properties-for-dict: false
subject-prefix: '-Mg'
azure: false
input-file: "https://gist.githubusercontent.com/timayabi2020/ce733256dab5002ee304d87d4b15642f/raw/d1cc2aae8a47646f32ad9c0ac4448425f9e8a88d/SampleIdentityGovernance.yml"
output-folder: IdentityGovernance\src\$(title)
clear-output-folder: true
use-internal-constructors: true
use-datetimeoffset : true
metadata:
    authors: Microsoft Corporation
    owners: Microsoft Corporation
    companyName: Microsoft Corporation
    description: 'Microsoft Graph PowerShell Cmdlets'
    copyright: © Microsoft Corporation. All rights reserved.
    tags: Microsoft Office365 Graph PowerShell PSModule PSIncludes_Cmdlet
    requireLicenseAcceptance: true
    licenseUri: https://aka.ms/devservicesagreement
    projectUri: https://github.com/microsoftgraph/msgraph-sdk-powershell
    iconUri: https://raw.githubusercontent.com/microsoftgraph/g-raph/master/g-raph.png
directive:
  - no-inline:
    - MicrosoftGraphSharepointIds
    - MicrosoftGraphIdentitySet
    - MicrosoftGraphItemReference
    - MicrosoftGraphDirectoryObject
    - MicrosoftGraphUser
    - MicrosoftGraphDrive
    - MicrosoftGraphListItem
    - MicrosoftGraphPost
    - MicrosoftGraphSectionGroup
    - MicrosoftGraphTeam
    - MicrosoftGraphRecipient
    - MicrosoftGraphGroupPolicyCategory
    - MicrosoftGraphPrinter
    - MicrosoftGraphPrinterShare
    - MicrosoftGraphGovernanceResource
    - MicrosoftGraphGovernanceRoleAssignment
    - MicrosoftGraphGovernanceRoleDefinition
    - MicrosoftGraphWorkbookOperationError
    - MicrosoftGraphParentLabelDetails
    - MicrosoftGraphEdiscoveryTag
    - MicrosoftGraphEdiscoverySourceCollection
    - MicrosoftGraphContentType
    - MicrosoftGraphColumnDefinition
    - MicrosoftGraphGroupPolicyDefinition
    - MicrosoftGraphGroupPolicyDefinitionValue
    - MicrosoftGraphSynchronizationLinkedObjects
    - MicrosoftGraphSecuritySecurity
    - MicrosoftGraphTeamSummary
    - MicrosoftGraphSecurityInformationProtection
    - MicrosoftGraphSecurityInformationProtectionPolicySetting
    - MicrosoftGraphSecuritySensitivityLabel
    - MicrosoftGraphTaskViewpoint
    - MicrosoftGraphSecurityEdiscoveryReviewTag
    - MicrosoftGraphSecurityEdiscoverySearch
    - MicrosoftGraphManagedTenantsManagementTemplateStep
    - MicrosoftGraphPlannerTaskCreation
    - MicrosoftGraphPlannerTeamsPublicationInfo

The below versions (V3 and V2) of autorest have been used.

• @autorest/powershell 3.0.504
• @autorest/powershell 2.1.401

[dolauli]

@timayabi2020 This is not an autorest issue. The root cause if you did not construct the $requestBody correctly. In PowerShell, if you use $xx, it will parse it as a variable whose name is xx. You will need to use something like "`$xx" instead of "$xx".

[timayabi2020]

@dolauli . Thanks alot.