From 283b27852421629426615f98591985399186a8b3 Mon Sep 17 00:00:00 2001
From: DrIOS <58635327+DrIOSX@users.noreply.github.com>
Date: Tue, 28 May 2024 09:58:49 -0500
Subject: [PATCH] fix: 2.1.2 aligned with test-template

---
 source/tests/Test-CommonAttachmentFilter.ps1 | 36 +++++++++++++-------
 1 file changed, 24 insertions(+), 12 deletions(-)

diff --git a/source/tests/Test-CommonAttachmentFilter.ps1 b/source/tests/Test-CommonAttachmentFilter.ps1
index 7f4ff33..962311a 100644
--- a/source/tests/Test-CommonAttachmentFilter.ps1
+++ b/source/tests/Test-CommonAttachmentFilter.ps1
@@ -1,27 +1,41 @@
 function Test-CommonAttachmentFilter {
     [CmdletBinding()]
     param (
+        # Aligned
         # Parameters can be added if needed
     )
 
     begin {
+        # Dot source the class script if necessary
 
-        $auditResults = @()
+        # Initialization code, if needed
     }
 
     process {
         # 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled
-        # Pass if EnableFileFilter is set to True. Fail otherwise.
 
+        # Retrieve the attachment filter policy
         $attachmentFilter = Get-MalwareFilterPolicy -Identity Default | Select-Object EnableFileFilter
         $result = $attachmentFilter.EnableFileFilter
-        $details = "File Filter Enabled: $($attachmentFilter.EnableFileFilter)"
-        $failureReason = if ($result) { "N/A" } else { "Common Attachment Types Filter is disabled" }
-        $status = if ($result) { "Pass" } else { "Fail" }
 
-        # Create an instance of CISAuditResult and populate it
+        # Prepare failure reasons and details based on compliance
+        $failureReasons = if (-not $result) {
+            "Common Attachment Types Filter is disabled"
+        }
+        else {
+            "N/A"
+        }
+
+        $details = if ($result) {
+            "File Filter Enabled: True"
+        }
+        else {
+            "File Filter Enabled: False"
+        }
+
+        # Create and populate the CISAuditResult object
         $auditResult = [CISAuditResult]::new()
-        $auditResult.Status = $status
+        $auditResult.Status = if ($result) { "Pass" } else { "Fail" }
         $auditResult.ELevel = "E3"
         $auditResult.ProfileLevel = "L1"
         $auditResult.Rec = "2.1.2"
@@ -34,13 +48,11 @@ function Test-CommonAttachmentFilter {
         $auditResult.IG3 = $true
         $auditResult.Result = $result
         $auditResult.Details = $details
-        $auditResult.FailureReason = $failureReason
-
-        $auditResults += $auditResult
+        $auditResult.FailureReason = $failureReasons
     }
 
     end {
-        # Return auditResults
-        return $auditResults
+        # Return the audit result
+        return $auditResult
     }
 }