Merge pull request #11 from CriticalSolutionsNetwork/Add-additional-p…

…roperties-to-merged-doc

Add additional properties to merged doc / refactor connections and filtering of tests.

CHANGELOG.md

@@ -4,6 +4,17 @@ The format is based on and uses the types of changes according to [Keep a Change
 
 ## [Unreleased]
 
+### Added
+
+- Test definitions filter function.
+- Logging function for future use.
+- Test grade written to console.
+
+### Changed
+
+- Updated sync function to include connection info.
+- Refactored connect/disconnect functions to evaluate needed connections.
+
 ## [0.1.3] - 2024-05-28
 
 ### Added

helpers/Build-Help.ps1

@@ -4,10 +4,10 @@ Import-Module .\output\module\M365FoundationsCISReport\*\*.psd1
 
 
 <#
-    $ver = "v0.1.2"
+    $ver = "v0.1.3"
     git checkout main
     git pull origin main
-    git tag -a $ver -m "Release version $ver Bugfix Update"
+    git tag -a $ver -m "Release version $ver refactor Update"
     git push origin $ver
     "Fix: PR #37"
     git push origin $ver

source/Private/Connect-M365Suite.ps1

@@ -1,56 +1,58 @@
 function Connect-M365Suite {
     [CmdletBinding()]
     param (
-        # Parameter to specify the SharePoint Online Tenant Admin URL
         [Parameter(Mandatory)]
-        [string]$TenantAdminUrl
+        [string]$TenantAdminUrl,
+
+        [Parameter(Mandatory)]
+        [string[]]$RequiredConnections
     )
-$VerbosePreference = "SilentlyContinue"
+
+    $VerbosePreference = "SilentlyContinue"
+
     try {
+        if ($RequiredConnections -contains "AzureAD" -or $RequiredConnections -contains "AzureAD | EXO") {
+            Write-Host "Connecting to Azure Active Directory..." -ForegroundColor Cyan
+            Connect-AzureAD | Out-Null
+            Write-Host "Successfully connected to Azure Active Directory." -ForegroundColor Green
+        }
 
-        # Attempt to connect to Azure Active Directory
-        Write-Host "Connecting to Azure Active Directory..." -ForegroundColor Cyan
-        Connect-AzureAD | Out-Null
-        Write-Host "Successfully connected to Azure Active Directory." -ForegroundColor Green
-
-        # Attempt to connect to Exchange Online
-        Write-Host "Connecting to Exchange Online..." -ForegroundColor Cyan
-        Connect-ExchangeOnline | Out-Null
-        Write-Host "Successfully connected to Exchange Online." -ForegroundColor Green
-        try {
-            # Attempt to connect to Microsoft Graph with specified scopes
+        if ($RequiredConnections -contains "Microsoft Graph") {
             Write-Host "Connecting to Microsoft Graph with scopes: Directory.Read.All, Domain.Read.All, Policy.Read.All, Organization.Read.All" -ForegroundColor Cyan
-            Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -NoWelcome | Out-Null
-            Write-Host "Successfully connected to Microsoft Graph with specified scopes." -ForegroundColor Green
-        }
-        catch {
-            Write-Host "Failed to connect o MgGraph, attempting device auth." -ForegroundColor Yellow
-            # Attempt to connect to Microsoft Graph with specified scopes
-            Write-Host "Connecting to Microsoft Graph using device auth with scopes: Directory.Read.All, Domain.Read.All, Policy.Read.All, Organization.Read.All" -ForegroundColor Cyan
-            Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -UseDeviceCode -NoWelcome | Out-Null
-            Write-Host "Successfully connected to Microsoft Graph with specified scopes." -ForegroundColor Green
+            try {
+                Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -NoWelcome | Out-Null
+                Write-Host "Successfully connected to Microsoft Graph with specified scopes." -ForegroundColor Green
+            }
+            catch {
+                Write-Host "Failed to connect to MgGraph, attempting device auth." -ForegroundColor Yellow
+                Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -UseDeviceCode -NoWelcome | Out-Null
+                Write-Host "Successfully connected to Microsoft Graph with specified scopes." -ForegroundColor Green
+            }
         }
 
-        # Validate SharePoint Online Tenant Admin URL
-        if (-not $TenantAdminUrl) {
-            throw "SharePoint Online Tenant Admin URL is required."
+        if ($RequiredConnections -contains "EXO" -or $RequiredConnections -contains "AzureAD | EXO" -or $RequiredConnections -contains "Microsoft Teams | EXO") {
+            Write-Host "Connecting to Exchange Online..." -ForegroundColor Cyan
+            Connect-ExchangeOnline | Out-Null
+            Write-Host "Successfully connected to Exchange Online." -ForegroundColor Green
         }
 
-        # Attempt to connect to SharePoint Online
-        Write-Host "Connecting to SharePoint Online..." -ForegroundColor Cyan
-        Connect-SPOService -Url $TenantAdminUrl | Out-Null
-        Write-Host "Successfully connected to SharePoint Online." -ForegroundColor Green
+        if ($RequiredConnections -contains "SPO") {
+            Write-Host "Connecting to SharePoint Online..." -ForegroundColor Cyan
+            Connect-SPOService -Url $TenantAdminUrl | Out-Null
+            Write-Host "Successfully connected to SharePoint Online." -ForegroundColor Green
+        }
 
-        # Attempt to connect to Microsoft Teams
-        Write-Host "Connecting to Microsoft Teams..." -ForegroundColor Cyan
-        Connect-MicrosoftTeams | Out-Null
-        Write-Host "Successfully connected to Microsoft Teams." -ForegroundColor Green
+        if ($RequiredConnections -contains "Microsoft Teams" -or $RequiredConnections -contains "Microsoft Teams | EXO") {
+            Write-Host "Connecting to Microsoft Teams..." -ForegroundColor Cyan
+            Connect-MicrosoftTeams | Out-Null
+            Write-Host "Successfully connected to Microsoft Teams." -ForegroundColor Green
+        }
     }
     catch {
         $VerbosePreference = "Continue"
         Write-Host "There was an error establishing one or more connections: $_" -ForegroundColor Red
         throw $_
     }
+
     $VerbosePreference = "Continue"
 }
-

source/Private/Disconnect-M365Suite.ps1

@@ -1,39 +1,59 @@
 function Disconnect-M365Suite {
+    param (
+        [Parameter(Mandatory)]
+        [string[]]$RequiredConnections
+    )
+
     # Clean up sessions
     try {
-        Write-Host "Disconnecting from Exchange Online..." -ForegroundColor Green
-        Disconnect-ExchangeOnline -Confirm:$false | Out-Null
+        if ($RequiredConnections -contains "EXO" -or $RequiredConnections -contains "AzureAD | EXO" -or $RequiredConnections -contains "Microsoft Teams | EXO") {
+            Write-Host "Disconnecting from Exchange Online..." -ForegroundColor Green
+            Disconnect-ExchangeOnline -Confirm:$false | Out-Null
+        }
     }
     catch {
         Write-Warning "Failed to disconnect from Exchange Online: $_"
     }
+
     try {
-        Write-Host "Disconnecting from Azure AD..." -ForegroundColor Green
-        Disconnect-AzureAD | Out-Null
+        if ($RequiredConnections -contains "AzureAD" -or $RequiredConnections -contains "AzureAD | EXO") {
+            Write-Host "Disconnecting from Azure AD..." -ForegroundColor Green
+            Disconnect-AzureAD | Out-Null
+        }
     }
     catch {
         Write-Warning "Failed to disconnect from Azure AD: $_"
     }
+
     try {
-        Write-Host "Disconnecting from Microsoft Graph..." -ForegroundColor Green
-        Disconnect-MgGraph | Out-Null
+        if ($RequiredConnections -contains "Microsoft Graph") {
+            Write-Host "Disconnecting from Microsoft Graph..." -ForegroundColor Green
+            Disconnect-MgGraph | Out-Null
+        }
     }
     catch {
         Write-Warning "Failed to disconnect from Microsoft Graph: $_"
     }
+
     try {
-        Write-Host "Disconnecting from SharePoint Online..." -ForegroundColor Green
-        Disconnect-SPOService | Out-Null
+        if ($RequiredConnections -contains "SPO") {
+            Write-Host "Disconnecting from SharePoint Online..." -ForegroundColor Green
+            Disconnect-SPOService | Out-Null
+        }
     }
     catch {
         Write-Warning "Failed to disconnect from SharePoint Online: $_"
     }
+
     try {
-        Write-Host "Disconnecting from Microsoft Teams..." -ForegroundColor Green
-        Disconnect-MicrosoftTeams | Out-Null
+        if ($RequiredConnections -contains "Microsoft Teams" -or $RequiredConnections -contains "Microsoft Teams | EXO") {
+            Write-Host "Disconnecting from Microsoft Teams..." -ForegroundColor Green
+            Disconnect-MicrosoftTeams | Out-Null
+        }
     }
     catch {
         Write-Warning "Failed to disconnect from Microsoft Teams: $_"
     }
-    Write-Host "All sessions have been disconnected." -ForegroundColor Green
+
+    Write-Host "All necessary sessions have been disconnected." -ForegroundColor Green
 }

source/Private/Get-TestDefinitionsObject.ps1

@@ -0,0 +1,63 @@
+function Get-TestDefinitionsObject {
+    param (
+        [Parameter(Mandatory = $true)]
+        [object[]]$TestDefinitions,
+
+        [Parameter(Mandatory = $true)]
+        [string]$ParameterSetName,
+
+        [string]$ELevel,
+        [string]$ProfileLevel,
+        [string[]]$IncludeRecommendation,
+        [string[]]$SkipRecommendation
+    )
+
+    Write-Verbose "Initial test definitions count: $($TestDefinitions.Count)"
+
+    switch ($ParameterSetName) {
+        'ELevelFilter' {
+            Write-Verbose "Applying ELevelFilter"
+            if ($null -ne $ELevel -and $null -ne $ProfileLevel) {
+                Write-Verbose "Filtering on ELevel = $ELevel and ProfileLevel = $ProfileLevel"
+                $TestDefinitions = $TestDefinitions | Where-Object {
+                    $_.ELevel -eq $ELevel -and $_.ProfileLevel -eq $ProfileLevel
+                }
+            }
+            elseif ($null -ne $ELevel) {
+                Write-Verbose "Filtering on ELevel = $ELevel"
+                $TestDefinitions = $TestDefinitions | Where-Object {
+                    $_.ELevel -eq $ELevel
+                }
+            }
+            elseif ($null -ne $ProfileLevel) {
+                Write-Verbose "Filtering on ProfileLevel = $ProfileLevel"
+                $TestDefinitions = $TestDefinitions | Where-Object {
+                    $_.ProfileLevel -eq $ProfileLevel
+                }
+            }
+        }
+        'IG1Filter' {
+            Write-Verbose "Applying IG1Filter"
+            $TestDefinitions = $TestDefinitions | Where-Object { $_.IG1 -eq 'TRUE' }
+        }
+        'IG2Filter' {
+            Write-Verbose "Applying IG2Filter"
+            $TestDefinitions = $TestDefinitions | Where-Object { $_.IG2 -eq 'TRUE' }
+        }
+        'IG3Filter' {
+            Write-Verbose "Applying IG3Filter"
+            $TestDefinitions = $TestDefinitions | Where-Object { $_.IG3 -eq 'TRUE' }
+        }
+        'RecFilter' {
+            Write-Verbose "Applying RecFilter"
+            $TestDefinitions = $TestDefinitions | Where-Object { $IncludeRecommendation -contains $_.Rec }
+        }
+        'SkipRecFilter' {
+            Write-Verbose "Applying SkipRecFilter"
+            $TestDefinitions = $TestDefinitions | Where-Object { $SkipRecommendation -notcontains $_.Rec }
+        }
+    }
+
+    Write-Verbose "Filtered test definitions count: $($TestDefinitions.Count)"
+    return $TestDefinitions
+}

source/Private/Merge-CISExcelAndCsvData.ps1

@@ -23,11 +23,10 @@ function Merge-CISExcelAndCsvData {
             foreach ($property in $excelItem.PSObject.Properties) {
                 $newObject | Add-Member -MemberType NoteProperty -Name $property.Name -Value $property.Value
             }
-
+            $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Connection' -Value $csvRow.Connection
             $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Status' -Value $csvRow.Status
             $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Details' -Value $csvRow.Details
             $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_FailureReason' -Value $csvRow.FailureReason
-
             return $newObject
         }
 
@@ -37,7 +36,7 @@ function Merge-CISExcelAndCsvData {
             if ($csvRow) {
                 CreateMergedObject -excelItem $item -csvRow $csvRow
             } else {
-                CreateMergedObject -excelItem $item -csvRow ([PSCustomObject]@{Status=$null; Details=$null; FailureReason=$null})
+                CreateMergedObject -excelItem $item -csvRow ([PSCustomObject]@{Connection=$null;Status=$null; Details=$null; FailureReason=$null })
             }
         }
 

source/Private/Test-IsAdmin.ps1

@@ -0,0 +1,22 @@
+function Test-IsAdmin {
+    <#
+    .SYNOPSIS
+    Checks if the current user is an administrator on the machine.
+    .DESCRIPTION
+    This private function returns a Boolean value indicating whether
+    the current user has administrator privileges on the machine.
+    It does this by creating a new WindowsPrincipal object, passing
+    in a WindowsIdentity object representing the current user, and
+    then checking if that principal is in the Administrator role.
+    .INPUTS
+    None.
+    .OUTPUTS
+    Boolean. Returns True if the current user is an administrator, and False otherwise.
+    .EXAMPLE
+    PS C:\> Test-IsAdmin
+    True
+    #>
+
+    # Create a new WindowsPrincipal object for the current user and check if it is in the Administrator role
+    (New-Object Security.Principal.WindowsPrincipal ([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
+}