fix: 5.1.8.1 aligned with test-template

2024-05-28 13:14:34 -05:00
parent 776b0bf2ec
commit 398ce397f5
1 changed files with 23 additions and 12 deletions
--- a/source/tests/Test-PasswordHashSync.ps1
+++ b/source/tests/Test-PasswordHashSync.ps1
@@ -1,22 +1,35 @@
 function Test-PasswordHashSync {
    [CmdletBinding()]
    param (
+        # Aligned
        # Parameters can be added if needed
    )

    begin {
-        # Dot source the class script
-
-        $auditResults = @()
+        # Dot source the class script if necessary
+        #. .\source\Classes\CISAuditResult.ps1
+        # Initialization code, if needed
    }

    process {
        # 5.1.8.1 (L1) Ensure password hash sync is enabled for hybrid deployments
        # Pass if OnPremisesSyncEnabled is True. Fail otherwise.
-        $passwordHashSync = Get-MgOrganization | Select-Object OnPremisesSyncEnabled
-        $hashSyncResult = $passwordHashSync.OnPremisesSyncEnabled

-        # Create an instance of CISAuditResult and populate it
+        # Retrieve password hash sync status
+        $passwordHashSync = Get-MgOrganization | Select-Object -ExpandProperty OnPremisesSyncEnabled
+        $hashSyncResult = $passwordHashSync
+
+        # Prepare failure reasons and details based on compliance
+        $failureReasons = if (-not $hashSyncResult) {
+            "Password hash sync for hybrid deployments is not enabled"
+        }
+        else {
+            "N/A"
+        }
+
+        $details = "OnPremisesSyncEnabled: $($passwordHashSync)"
+
+        # Create and populate the CISAuditResult object
        $auditResult = [CISAuditResult]::new()
        $auditResult.Status = if ($hashSyncResult) { "Pass" } else { "Fail" }
        $auditResult.ELevel = "E3"
@@ -30,14 +43,12 @@ function Test-PasswordHashSync {
        $auditResult.IG2 = $true
        $auditResult.IG3 = $true
        $auditResult.Result = $hashSyncResult
-        $auditResult.Details = "OnPremisesSyncEnabled: $($passwordHashSync.OnPremisesSyncEnabled)"
-        $auditResult.FailureReason = if (-not $hashSyncResult) { "Password hash sync for hybrid deployments is not enabled" } else { "N/A" }
-
-        $auditResults += $auditResult
+        $auditResult.Details = $details
+        $auditResult.FailureReason = $failureReasons
    }

    end {
-        # Return auditResults
-        return $auditResults
+        # Return the audit result
+        return $auditResult
    }
 }