vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
37e2b70ba449a8703b042f49cf3a1498efef29a0
M365FoundationsCISReport/source/Private/Get-CISSpoOutput.ps1
DrIOS 5d11b46d96 fix: SPO formatting and output
2024-07-02 09:47:06 -05:00

200 lines
8.6 KiB
PowerShell
Raw Blame History

<#
.SYNOPSIS
This is a sample Private function only visible within the module.
.DESCRIPTION
This sample function is not exported to the module and only return the data passed as parameter.
.EXAMPLE
$null = Get-CISSpoOutput -PrivateData 'NOTHING TO SEE HERE'
.PARAMETER PrivateData
The PrivateData parameter is what will be returned without transformation.
#>
function Get-CISSpoOutput {
[cmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[String]$Rec
)
begin {
# Begin Block #
<#
# Tests
7.2.1
7.2.2
7.2.3
7.2.4
7.2.5
7.2.6
7.2.7
7.2.9
7.2.10
7.3.1
7.3.2
7.3.4
# Test number array
$testNumbers = @('7.2.1', '7.2.2', '7.2.3', '7.2.4', '7.2.5', '7.2.6', '7.2.7', '7.2.9', '7.2.10', '7.3.1', '7.3.2', '7.3.4')
#>
}
process {
Write-Verbose "Retuning data for Rec: $Rec"
switch ($Rec) {
'7.2.1' {
# Test-ModernAuthSharePoint.ps1
# $SPOTenant Mock Object
<#
$SPOTenant = [PSCustomObject]@{
LegacyAuthProtocolsEnabled = $true
}
#>
$SPOTenant = Get-SPOTenant | Select-Object -Property LegacyAuthProtocolsEnabled
return $SPOTenant
}
'7.2.2' {
# Test-SharePointAADB2B.ps1
# 7.2.2 (L1) Ensure SharePoint and OneDrive integration with Azure AD B2B is enabled
# $SPOTenantAzureADB2B Mock Object
<#
$SPOTenantAzureADB2B = [PSCustomObject]@{
EnableAzureADB2BIntegration = $false
}
#>
$SPOTenantAzureADB2B = Get-SPOTenant | Select-Object EnableAzureADB2BIntegration
return $SPOTenantAzureADB2B
}
'7.2.3' {
# Test-RestrictExternalSharing.ps1
# 7.2.3 (L1) Ensure external content sharing is restricted
# Retrieve the SharingCapability setting for the SharePoint tenant
# $SPOTenantSharingCapability Mock Object
<#
$SPOTenantSharingCapability = [PSCustomObject]@{
SharingCapability = "ExternalUserAndGuestSharing"
}
#>
$SPOTenantSharingCapability = Get-SPOTenant | Select-Object SharingCapability
return $SPOTenantSharingCapability
}
'7.2.4' {
# Test-OneDriveContentRestrictions.ps1
# 7.2.4 (L2) Ensure OneDrive content sharing is restricted
# $SPOTenant Mock Object
<#
$SPOTenant = [PSCustomObject]@{
OneDriveSharingCapability = "ExternalUserAndGuestSharing"
}
#>
$SPOTenant = Get-SPOTenant | Select-Object OneDriveSharingCapability
return $SPOTenant
}
'7.2.5' {
# Test-SharePointGuestsItemSharing.ps1
# 7.2.5 (L2) Ensure that SharePoint guest users cannot share items they don't own
# $SPOTenant Mock Object
<#
$SPOTenant = [PSCustomObject]@{
PreventExternalUsersFromResharing = $false
}
#>
$SPOTenant = Get-SPOTenant | Select-Object PreventExternalUsersFromResharing
return $SPOTenant
}
'7.2.6' {
# Test-SharePointExternalSharingDomains.ps1
# 7.2.6 (L2) Ensure SharePoint external sharing is managed through domain whitelist/blacklists
# Add Authorized Domains?
# $SPOTenant Mock Object
<#
$SPOTenant = [PSCustomObject]@{
SharingDomainRestrictionMode = "AllowList"
SharingAllowedDomainList = "domain1.com", "domain2.com"
}
#>
$SPOTenant = Get-SPOTenant | Select-Object SharingDomainRestrictionMode, SharingAllowedDomainList
return $SPOTenant
}
'7.2.7' {
# Test-LinkSharingRestrictions.ps1
# Retrieve link sharing configuration for SharePoint and OneDrive
# $SPOTenantLinkSharing Mock Object
<#
$$SPOTenantLinkSharing = [PSCustomObject]@{
DefaultSharingLinkType = "Direct"
}
#>
$SPOTenantLinkSharing = Get-SPOTenant | Select-Object DefaultSharingLinkType
return $SPOTenantLinkSharing
}
'7.2.9' {
# Test-GuestAccessExpiration.ps1
# Retrieve SharePoint tenant settings related to guest access expiration
# $SPOTenantGuestAccess Mock Object
<#
$SPOTenantGuestAccess = [PSCustomObject]@{
ExternalUserExpirationRequired = "$false"
ExternalUserExpireInDays = "60"
}
#>
$SPOTenantGuestAccess = Get-SPOTenant | Select-Object ExternalUserExpirationRequired, ExternalUserExpireInDays
return $SPOTenantGuestAccess
}
'7.2.10' {
# Test-ReauthWithCode.ps1
# 7.2.10 (L1) Ensure reauthentication with verification code is restricted
# Retrieve reauthentication settings for SharePoint Online
# $SPOTenantReauthentication Mock Object
<#
$SPOTenantReauthentication = [PSCustomObject]@{
EmailAttestationRequired = "$false"
EmailAttestationReAuthDays = "30"
}
#>
$SPOTenantReauthentication = Get-SPOTenant | Select-Object EmailAttestationRequired, EmailAttestationReAuthDays
return $SPOTenantReauthentication
}
'7.3.1' {
# Test-DisallowInfectedFilesDownload.ps1
# Retrieve the SharePoint tenant configuration
# $SPOTenantDisallowInfectedFileDownload Mock Object
<#
$SPOTenantDisallowInfectedFileDownload = [PSCustomObject]@{
DisallowInfectedFileDownload = $false
}
#>
$SPOTenantDisallowInfectedFileDownload = Get-SPOTenant | Select-Object DisallowInfectedFileDownload
return $SPOTenantDisallowInfectedFileDownload
}
'7.3.2' {
# Test-OneDriveSyncRestrictions.ps1
# Retrieve OneDrive sync client restriction settings
# Add isHybrid paramter?
# $SPOTenantSyncClientRestriction Mock Object
<#
$SPOTenantSyncClientRestriction = [PSCustomObject]@{
TenantRestrictionEnabled = $true
AllowedDomainList = "786548DD-877B-4760-A749-6B1EFBC1190A", "877564FF-877B-4760-A749-6B1EFBC1190A"
}
#>
$SPOTenantSyncClientRestriction = Get-SPOTenantSyncClientRestriction | Select-Object TenantRestrictionEnabled, AllowedDomainList
return $SPOTenantSyncClientRestriction
}
'7.3.4' {
# Test-RestrictCustomScripts.ps1
# Retrieve all site collections and select necessary properties
# $SPOSitesCustomScript Mock Object
<#
$SPOSitesCustomScript = [PSCustomObject]@{
Title = "Site Collection 1"
Url = "https://contoso.sharepoint.com/sites/site1"
DenyAddAndCustomizePages = "Enabled"
}
#>
$SPOSitesCustomScript = Get-SPOSite -Limit All | Select-Object Title, Url, DenyAddAndCustomizePages
return $SPOSitesCustomScript
}
default { throw "No match found for test: $Rec" }
}
}
end {
Write-Verbose "Retuning data for Rec: $Rec"
}
} # end function Get-CISMSTeamsOutput
Reference in New Issue View Git Blame Copy Permalink