Add: error handling to tests

2024-06-04 17:04:18 -05:00
parent 5c60f39dad
commit 2027e8b21b
54 changed files with 1545 additions and 1039 deletions
--- a/source/tests/Test-TeamsExternalAccess.ps1
+++ b/source/tests/Test-TeamsExternalAccess.ps1
@@ -11,32 +11,41 @@ function Test-TeamsExternalAccess {
        # Initialization code, if needed

        $auditResult = [CISAuditResult]::new()
+        $recnum = "8.2.1"
    }

    process {
-        # 8.2.1 (L1) Ensure 'external access' is restricted in the Teams admin center
+        try {
+            # 8.2.1 (L1) Ensure 'external access' is restricted in the Teams admin center

-        # Connect to Teams PowerShell using Connect-MicrosoftTeams
+            # Connect to Teams PowerShell using Connect-MicrosoftTeams

-        $externalAccessConfig = Get-CsTenantFederationConfiguration
+            $externalAccessConfig = Get-CsTenantFederationConfiguration

-        $allowedDomainsLimited = $false
-        if ($externalAccessConfig.AllowFederatedUsers -and $externalAccessConfig.AllowedDomains -and $externalAccessConfig.AllowedDomains.AllowedDomain.Count -gt 0) {
-            $allowedDomainsLimited = $true
+            $allowedDomainsLimited = $false
+            if ($externalAccessConfig.AllowFederatedUsers -and $externalAccessConfig.AllowedDomains -and $externalAccessConfig.AllowedDomains.AllowedDomain.Count -gt 0) {
+                $allowedDomainsLimited = $true
+            }
+
+            # Check if the configurations are as recommended
+            $isCompliant = -not $externalAccessConfig.AllowTeamsConsumer -and -not $externalAccessConfig.AllowPublicUsers -and (-not $externalAccessConfig.AllowFederatedUsers -or $allowedDomainsLimited)
+
+            # Create an instance of CISAuditResult and populate it
+            $params = @{
+                Rec           = $recnum
+                Result        = $isCompliant
+                Status        = if ($isCompliant) { "Pass" } else { "Fail" }
+                Details       = "AllowTeamsConsumer: $($externalAccessConfig.AllowTeamsConsumer); AllowPublicUsers: $($externalAccessConfig.AllowPublicUsers); AllowFederatedUsers: $($externalAccessConfig.AllowFederatedUsers); AllowedDomains limited: $allowedDomainsLimited"
+                FailureReason = if (-not $isCompliant) { "One or more external access configurations are not compliant." } else { "N/A" }
+            }
+            $auditResult = Initialize-CISAuditResult @params
        }
+        catch {
+            Write-Error "An error occurred during the test: $_"

-        # Check if the configurations are as recommended
-        $isCompliant = -not $externalAccessConfig.AllowTeamsConsumer -and -not $externalAccessConfig.AllowPublicUsers -and (-not $externalAccessConfig.AllowFederatedUsers -or $allowedDomainsLimited)
-
-        # Create an instance of CISAuditResult and populate it
-        $params = @{
-            Rec            = "8.2.1"
-            Result         = $isCompliant
-            Status         = if ($isCompliant) { "Pass" } else { "Fail" }
-            Details        = "AllowTeamsConsumer: $($externalAccessConfig.AllowTeamsConsumer); AllowPublicUsers: $($externalAccessConfig.AllowPublicUsers); AllowFederatedUsers: $($externalAccessConfig.AllowFederatedUsers); AllowedDomains limited: $allowedDomainsLimited"
-            FailureReason  = if (-not $isCompliant) { "One or more external access configurations are not compliant." } else { "N/A" }
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
        }
-        $auditResult = Initialize-CISAuditResult @params
    }

    end {