address feedback on unit test settings; set PnP flag to true in servi…

…ce principal tests
cisagov · Sep 16, 2024 · b459215 · b459215
1 parent e3fba31
commit b459215
Showing 1 changed file with 52 additions and 30 deletions.
diff --git a/PowerShell/ScubaGear/Testing/Unit/Rego/Sharepoint/SharepointConfig_03_test.rego b/PowerShell/ScubaGear/Testing/Unit/Rego/Sharepoint/SharepointConfig_03_test.rego
@@ -153,18 +153,23 @@ test_SharingCapability_NewExistingGuests_NotApplicable_V2 if {
 # Policy MS.SHAREPOINT.3.2v1
 #--
 test_File_Folder_AnonymousLinkType_Correct if {
-    Tenant := json.patch(SPOTenant, [{"op": "add", "path": "SharingCapability", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}
+    ])
 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
 
     TestResult("MS.SHAREPOINT.3.2v1", Output, PASS, true) == true
 }
 
 test_File_Folder_AnonymousLinkType_Incorrect if {
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}
+    ])
 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
 
@@ -173,9 +178,11 @@ test_File_Folder_AnonymousLinkType_Incorrect if {
 }
 
 test_Folder_AnonymousLinkType_Incorrect if {
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}
+    ])
 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
 
@@ -184,9 +191,11 @@ test_Folder_AnonymousLinkType_Incorrect if {
 }
 
 test_File_AnonymousLinkType_Incorrect if {
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}
+    ])
 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
 
@@ -198,25 +207,31 @@ test_File_Folder_AnonymousLinkType_UsingServicePrincipal_Correct if {
     # SharingCapability value of 2 equals "Anyone"
     # FileAnonymousLinkType value of 1 equals "View"
     # FolderAnonymousLinkType value of 1 equals "View"
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}
+    ])
 
+    # Set PnP flag to true denoting use of service principal
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
+        with input.OneDrive_PnP_Flag as true
     TestResult("MS.SHAREPOINT.3.2v1", Output, PASS, true) == true
 }
 
 test_File_Folder_AnonymousLinkType_UsingServicePrincipal_Incorrect if {
     # SharingCapability value of 2 equals "Anyone"
     # FileAnonymousLinkType value of 2 equals "Edit"
     # FolderAnonymousLinkType value of 2 equals "Edit"
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}
+    ])
 
+    # Set PnP flag to true denoting use of service principal 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
+        with input.OneDrive_PnP_Flag as true
 
     ReportDetailsString := concat(": ", [
         FAIL,
@@ -229,12 +244,15 @@ test_File_AnonymousLinkType_UsingServicePrincipal_Incorrect if {
     # SharingCapability value of 2 equals "Anyone"
     # FileAnonymousLinkType value of 2 equals "Edit"
     # FolderAnonymousLinkType value of 1 equals "View"
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 1}
+    ])
 
+    # Set PnP flag to true denoting use of service principal
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
+        with input.OneDrive_PnP_Flag as true
 
     # FAIL = Requirement not met
     # ReportDetailsString = "Requirement not met: both files and folders are not limited to view for Anyone"
@@ -249,12 +267,15 @@ test_Folder_AnonymousLinkType_UsingServicePrincipal_Incorrect if {
     # SharingCapability value of 2 equals "Anyone"
     # FileAnonymousLinkType value of 1 equals "View"
     # FolderAnonymousLinkType value of 2 equals "Edit"
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "SharingCapability", "value": 2},
-                {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "SharingCapability", "value": 2},
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 1},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}
+    ])
 
+    # Set PnP flag to true denoting use of service principal
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]
+        with input.OneDrive_PnP_Flag as true
 
     ReportDetailsString := concat(": ", [
         FAIL,
@@ -266,9 +287,10 @@ test_Folder_AnonymousLinkType_UsingServicePrincipal_Incorrect if {
 test_File_Folder_AnonymousLinkType_SharingCapability_OnlyPeopleInOrg_NotApplicable if {
     PolicyId := "MS.SHAREPOINT.3.2v1"
 
-    Tenant := json.patch(SPOTenant,
-                [{"op": "add", "path": "FileAnonymousLinkType", "value": 2},
-                {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}])
+    Tenant := json.patch(SPOTenant, [
+        {"op": "add", "path": "FileAnonymousLinkType", "value": 2},
+        {"op": "add", "path": "FolderAnonymousLinkType", "value": 2}
+    ])
 
     Output := sharepoint.tests with input.SPO_tenant as [Tenant]