vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Comment conditions on each test

Browse Source
This commit is contained in:
DrIOS
2024-06-12 12:24:25 -05:00
parent cf7fbadbe7
commit 10471b4683
21 changed files with 370 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
source/tests/Test-ModernAuthSharePoint.ps1
View File

@@ -9,8 +9,25 @@ function Test-ModernAuthSharePoint {
begin {
# Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed
$recnum = "7.2.1"
<#
# Conditions for 7.2.1 (L1) Ensure modern authentication for SharePoint applications is required
## Validate test for a pass:
# - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark.
# - Specific conditions to check:
# - Condition A: The setting "Apps that don't use modern authentication" is set to "Block access" in the SharePoint admin center.
# - Condition B: The PowerShell command `Get-SPOTenant | ft LegacyAuthProtocolsEnabled` returns `False`.
## Validate test for a fail:
# - Confirm that the failure conditions in the automated test are consistent with the manual audit results.
# - Specific conditions to check:
# - Condition A: The setting "Apps that don't use modern authentication" is not set to "Block access" in the SharePoint admin center.
# - Condition B: The PowerShell command `Get-SPOTenant | ft LegacyAuthProtocolsEnabled` returns `True`.
#>
}
process {
@@ -21,13 +38,13 @@ function Test-ModernAuthSharePoint {
# Prepare failure reasons and details based on compliance
$failureReasons = if (-not $modernAuthForSPRequired) {
"Legacy authentication protocols are enabled"
"Legacy authentication protocols are enabled" # Fail Condition B
}
else {
"N/A"
}
$details = "LegacyAuthProtocolsEnabled: $($SPOTenant.LegacyAuthProtocolsEnabled)"
$details = "LegacyAuthProtocolsEnabled: $($SPOTenant.LegacyAuthProtocolsEnabled)" # Details for Condition B
# Create and populate the CISAuditResult object
$params = @{