vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 6.5.3 aligned with test-template

Browse Source
This commit is contained in:
DrIOS
2024-05-28 14:20:06 -05:00
parent 2d93422027
commit 532cb942e8
1 changed files with 36 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
source/tests/Test-RestrictStorageProvidersOutlook.ps1
View File

@@ -1,48 +1,63 @@
function Test-RestrictStorageProvidersOutlook {
[CmdletBinding()]
param (
# Aligned
# Parameters can be added here if needed
)
begin {
# Dot source the class script
$auditResult = [CISAuditResult]::new()
# Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed
}
process {
# 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web
$owaPolicies = Get-OwaMailboxPolicy
$allPoliciesRestricted = $owaPolicies | ForEach-Object { $_.AdditionalStorageProvidersAvailable } | ForEach-Object { -not $_ }
# Create an instance of CISAuditResult and populate it
# Retrieve all OwaMailbox policies
$owaPolicies = Get-OwaMailboxPolicy
$nonCompliantPolicies = $owaPolicies | Where-Object { $_.AdditionalStorageProvidersAvailable }
# Determine compliance
$allPoliciesRestricted = $nonCompliantPolicies.Count -eq 0
# Prepare failure reasons and details based on compliance
$failureReasons = if ($allPoliciesRestricted) {
"N/A"
}
else {
"One or more OwaMailbox policies allow AdditionalStorageProvidersAvailable."
}
$details = if ($allPoliciesRestricted) {
"All OwaMailbox policies restrict AdditionalStorageProvidersAvailable"
}
else {
"Non-compliant OwaMailbox policies: $($nonCompliantPolicies.Name -join ', ')"
}
# Create and populate the CISAuditResult object
$auditResult = [CISAuditResult]::new()
$auditResult.Status = if ($allPoliciesRestricted) { "Pass" } else { "Fail" }
$auditResult.ELevel = "E3" # Based on your environment
$auditResult.ProfileLevel = "L2"
$auditResult.Rec = "6.5.3"
$auditResult.RecDescription = "Ensure additional storage providers are restricted in Outlook on the web"
$auditResult.CISControlVer = "v8"
$auditResult.CISControl = "3.3"
$auditResult.CISDescription = "Configure Data Access Control Lists"
$auditResult.Rec = "6.5.3"
$auditResult.ELevel = "E3" # Based on your environment
$auditResult.ProfileLevel = "L2"
$auditResult.IG1 = $true
$auditResult.IG2 = $true
$auditResult.IG3 = $true
$auditResult.RecDescription = "Ensure additional storage providers are restricted in Outlook on the web"
$auditResult.Result = $allPoliciesRestricted
$auditResult.Details = if($allPoliciesRestricted) {
"All OwaMailbox policies restrict AdditionalStorageProvidersAvailable"
} else {
$nonCompliantPolicies = $owaPolicies | Where-Object { $_.AdditionalStorageProvidersAvailable } | Select-Object -ExpandProperty Name
"Non-compliant OwaMailbox policies: $($nonCompliantPolicies -join ', ')"
}
$auditResult.FailureReason = if(-not $allPoliciesRestricted) { "One or more OwaMailbox policies allow AdditionalStorageProvidersAvailable." } else { "N/A" }
$auditResult.Status = if($allPoliciesRestricted) { "Pass" } else { "Fail" }
$auditResult.Details = $details
$auditResult.FailureReason = $failureReasons
}
end {
# Return auditResult
# Return the audit result
return $auditResult
}
}
# Additional helper functions (if any)