add: Arraylist tests and helper Template

helpers/CIS 365 v3.0.0 Controls/Test-Template.ps1

@@ -0,0 +1,98 @@
+function Test-Template {
+    [CmdletBinding()]
+    param (
+        # Parameters can be added if needed
+    )
+
+    begin {
+        # Initialization code, if needed
+        # Load necessary scripts, define variables, etc.
+    }
+
+    process {
+        # Fetch relevant data
+        # Example: $data = Get-SomeData
+
+        # Process the data to evaluate compliance
+        # Example: $compliantItems = $data | Where-Object { $_.Property -eq 'ExpectedValue' }
+        # Example: $nonCompliantItems = $data | Where-Object { $_.Property -ne 'ExpectedValue' }
+
+        # Prepare failure reasons and details for non-compliant items
+        $failureReasons = $nonCompliantItems | ForEach-Object {
+            # Example: "Item: $($_.Name) - Reason: Missing expected value"
+        }
+        $failureReasons = $failureReasons -join "`n"
+
+        # Prepare details for compliant items
+        $compliantDetails = $compliantItems | ForEach-Object {
+            # Example: "Item: $($_.Name) - Value: $($_.Property)"
+        }
+        $compliantDetails = $compliantDetails -join "`n"
+
+        # Create and populate the CISAuditResult object
+        $auditResult = [CISAuditResult]::new()
+        $auditResult.Status = if ($nonCompliantItems) { 'Fail' } else { 'Pass' }
+        $auditResult.ELevel = 'E3'  # Modify as needed
+        $auditResult.ProfileLevel = 'L1'  # Modify as needed
+        $auditResult.Rec = '1.1.1'  # Modify as needed
+        $auditResult.RecDescription = "Description of the recommendation"  # Modify as needed
+        $auditResult.CISControlVer = 'v8'  # Modify as needed
+        $auditResult.CISControl = "5.4"  # Modify as needed
+        $auditResult.CISDescription = "Description of the CIS control"  # Modify as needed
+        $auditResult.IG1 = $true  # Modify as needed
+        $auditResult.IG2 = $true  # Modify as needed
+        $auditResult.IG3 = $true  # Modify as needed
+        $auditResult.Result = $nonCompliantItems.Count -eq 0
+        $auditResult.Details = if ($nonCompliantItems) {
+            "Non-Compliant Items: $($nonCompliantItems.Count)`nDetails:`n" + ($nonCompliantItems | ForEach-Object { $_.Details } -join "`n")
+        } else {
+            "Compliant Items: $($compliantItems.Count)`nDetails:`n$compliantDetails"
+        }
+        $auditResult.FailureReason = if ($nonCompliantItems) {
+            "Non-compliant items:`n$failureReasons"
+        } else {
+            "N/A"
+        }
+
+        # Example output object for a pass result
+        # Status         : Pass
+        # ELevel         : E3
+        # ProfileLevel   : L2
+        # Rec            : 8.1.1
+        # RecDescription : Ensure external file sharing in Teams is enabled for only approved cloud storage services
+        # CISControlVer  : v8
+        # CISControl     : 3.3
+        # CISDescription : Configure Data Access Control Lists
+        # IG1            : True
+        # IG2            : True
+        # IG3            : True
+        # Result         : True
+        # Details        : Compliant Items: 5
+        #                  Item: Team1 - Storage: OneDrive
+        #                  Item: Team2 - Storage: SharePoint
+        # FailureReason  : N/A
+
+        # Example output object for a fail result
+        # Status         : Fail
+        # ELevel         : E3
+        # ProfileLevel   : L2
+        # Rec            : 8.1.1
+        # RecDescription : Ensure external file sharing in Teams is enabled for only approved cloud storage services
+        # CISControlVer  : v8
+        # CISControl     : 3.3
+        # CISDescription : Configure Data Access Control Lists
+        # IG1            : True
+        # IG2            : True
+        # IG3            : True
+        # Result         : False
+        # Details        : Non-Compliant Items: 2
+        #                  Item: Team3 - Storage: Dropbox (Unapproved)
+        #                  Item: Team4 - Storage: Google Drive (Unapproved)
+        # FailureReason  : Non-compliant items:`nUsername | Roles | HybridStatus | Missing Licence
+    }
+
+    end {
+        # Return the audit result
+        return $auditResult
+    }
+}

source/Public/Get-AdminRoleUserLicense.ps1

@@ -36,8 +36,8 @@ function Get-AdminRoleUserLicense {
             Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -NoWelcome
         }
 
-        $adminRoleUsers = @()
+        $adminRoleUsers = [System.Collections.ArrayList]::new()
-        $userIds = @()
+        $userIds = [System.Collections.ArrayList]::new()
     }
 
     Process {
@@ -50,24 +50,28 @@ function Get-AdminRoleUserLicense {
                 $userDetails = Get-MgUser -UserId $user.PrincipalId -Property "DisplayName, UserPrincipalName, Id, onPremisesSyncEnabled" -ErrorAction SilentlyContinue
 
                 if ($userDetails) {
-                    $userIds += $user.PrincipalId
+                    [void]($userIds.Add($user.PrincipalId))
-                    $adminRoleUsers += [PSCustomObject]@{
+                    [void](
-                        RoleName = $role.DisplayName
+                        $adminRoleUsers.Add(
-                        UserName = $userDetails.DisplayName
+                            [PSCustomObject]@{
-                        UserPrincipalName = $userDetails.UserPrincipalName
+                                RoleName          = $role.DisplayName
-                        UserId = $userDetails.Id
+                                UserName          = $userDetails.DisplayName
-                        HybridUser = $userDetails.onPremisesSyncEnabled
+                                UserPrincipalName = $userDetails.UserPrincipalName
-                        Licenses = $null  # Initialize as $null
+                                UserId            = $userDetails.Id
-                    }
+                                HybridUser        = $userDetails.onPremisesSyncEnabled
+                                Licenses          = $null  # Initialize as $null
+                            }
+                        )
+                    )
                 }
             }
         }
 
-        foreach ($userId in $userIds | Select-Object -Unique) {
+        foreach ($userId in $userIds.ToArray() | Select-Object -Unique) {
             $licenses = Get-MgUserLicenseDetail -UserId $userId -ErrorAction SilentlyContinue
             if ($licenses) {
                 $licenseList = ($licenses.SkuPartNumber -join '|')
-                $adminRoleUsers | Where-Object { $_.UserId -eq $userId } | ForEach-Object {
+                $adminRoleUsers.ToArray() | Where-Object { $_.UserId -eq $userId } | ForEach-Object {
                     $_.Licenses = $licenseList
                 }
             }