From ad5ce2db7f5485d811949647a259eda0a932194e Mon Sep 17 00:00:00 2001
From: DrIOS <58635327+DrIOSX@users.noreply.github.com>
Date: Sun, 30 Jun 2024 11:36:11 -0500
Subject: [PATCH] add: remediation info and mock object to 8.5.1

---
 source/Private/Get-CISMSTeamsOutput.ps1      | 31 ++++++++++++++++++--
 source/tests/Test-NoAnonymousMeetingJoin.ps1 | 16 +++++-----
 2 files changed, 35 insertions(+), 12 deletions(-)

diff --git a/source/Private/Get-CISMSTeamsOutput.ps1 b/source/Private/Get-CISMSTeamsOutput.ps1
index 58a69e2..81f055d 100644
--- a/source/Private/Get-CISMSTeamsOutput.ps1
+++ b/source/Private/Get-CISMSTeamsOutput.ps1
@@ -92,9 +92,29 @@ function Get-CISMSTeamsOutput {
                 #   - Condition A: The `AllowTeamsConsumer` setting is not `False`.
                 #   - Condition B: The `AllowPublicUsers` setting is not `False`.
                 #   - Condition C: The `AllowFederatedUsers` setting is `True` and the `AllowedDomains` contains unauthorized domain names or is not configured correctly.
-
                 # Connect to Teams PowerShell using Connect-MicrosoftTeams
-
+                # $externalAccessConfig Mock Object
+                <#
+                    $externalAccessConfig = [PSCustomObject]@{
+                        Identity                                    = 'Global'
+                        AllowedDomains                              = 'AllowAllKnownDomains'
+                        BlockedDomains                              = @()
+                        AllowFederatedUsers                         = $true
+                        AllowPublicUsers                            = $true
+                        AllowTeamsConsumer                          = $true
+                        AllowTeamsConsumerInbound                   = $true
+                    }
+                    $ApprovedFederatedDomains = @('msn.com', 'google.com')
+                    $externalAccessConfig = [PSCustomObject]@{
+                        Identity                                    = 'Global'
+                        AllowedDomains                              = @('msn.com', 'google.com')
+                        BlockedDomains                              = @()
+                        AllowFederatedUsers                         = $true
+                        AllowPublicUsers                            = $false
+                        AllowTeamsConsumer                          = $false
+                        AllowTeamsConsumerInbound                   = $true
+                    }
+                #>
                 $externalAccessConfig = Get-CsTenantFederationConfiguration
                 return $externalAccessConfig
             }
@@ -117,7 +137,12 @@ function Get-CISMSTeamsOutput {
                 #   - Condition C: PowerShell command output indicates that anonymous users are allowed to join meetings.
 
                 # Connect to Teams PowerShell using Connect-MicrosoftTeams
-
+                # $teamsMeetingPolicy Mock Object
+                <#
+                    $teamsMeetingPolicy = [PSCustomObject]@{
+                        AllowAnonymousUsersToJoinMeeting            = $true
+                    }
+                #>
                 $teamsMeetingPolicy = Get-CsTeamsMeetingPolicy -Identity Global
                 return $teamsMeetingPolicy
             }
diff --git a/source/tests/Test-NoAnonymousMeetingJoin.ps1 b/source/tests/Test-NoAnonymousMeetingJoin.ps1
index a0ae10f..4dc3cfc 100644
--- a/source/tests/Test-NoAnonymousMeetingJoin.ps1
+++ b/source/tests/Test-NoAnonymousMeetingJoin.ps1
@@ -5,14 +5,12 @@ function Test-NoAnonymousMeetingJoin {
         # Aligned
         # Parameters can be defined here if needed
     )
-
     begin {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
         $recnum = "8.5.1"
     }
-
     process {
         try {
             # 8.5.1 (L2) Ensure anonymous users can't join a meeting
@@ -30,22 +28,23 @@ function Test-NoAnonymousMeetingJoin {
             #   - Condition A: `AllowAnonymousUsersToJoinMeeting` is not set to `False`.
             #   - Condition B: Verification using the UI shows that `Anonymous users can join a meeting` is not set to `Off` in the Global meeting policy.
             #   - Condition C: PowerShell command output indicates that anonymous users are allowed to join meetings.
-
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
-
+            # $teamsMeetingPolicy Mock Object
+            <#
+                $teamsMeetingPolicy = [PSCustomObject]@{
+                    AllowAnonymousUsersToJoinMeeting            = $true
+                }
+            #>
             $teamsMeetingPolicy = Get-CISMSTeamsOutput -Rec $recnum
             $allowAnonymousUsersToJoinMeeting = $teamsMeetingPolicy.AllowAnonymousUsersToJoinMeeting
-
             # Prepare failure reasons and details based on compliance
             $failureReasons = if ($allowAnonymousUsersToJoinMeeting) {
-                "Anonymous users are allowed to join meetings"
+                "Anonymous users are allowed to join meetings, remediate with the following command if needed:`nSet-CsTeamsMeetingPolicy -Identity Global -AllowAnonymousUsersToJoinMeeting `$false"
             }
             else {
                 "N/A"
             }
-
             $details = "AllowAnonymousUsersToJoinMeeting is set to $allowAnonymousUsersToJoinMeeting"
-
             # Create and populate the CISAuditResult object
             $params = @{
                 Rec           = $recnum
@@ -61,7 +60,6 @@ function Test-NoAnonymousMeetingJoin {
             $auditResult = Get-TestError -LastError $LastError -recnum $recnum
         }
     }
-
     end {
         # Return the audit result
         return $auditResult