diff --git a/CHANGELOG.md b/CHANGELOG.md index fdb97a9431..8c5b0d42a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ * EXOAuthenticationPolicy * Fix typo in AllowBasicAuthOfflineAddressBook (FIXES #1876) +* EXOQuarantinePolicy + * New resource * O365Groups * Fixed issue on export of O365Groups resource. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 new file mode 100644 index 0000000000..8ba62e42ee --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 @@ -0,0 +1,568 @@ +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Int32] + $EndUserQuarantinePermissionsValue, + + [Parameter()] + [System.Boolean] + $ESNEnabled, + + [Parameter()] + [System.String[]] + $MultiLanguageCustomDisclaimer, + + [Parameter()] + [System.String[]] + $MultiLanguageSenderName, + + [Parameter()] + [System.String[]] + $MultiLanguageSetting, + + [Parameter()] + [System.Boolean] + $OrganizationBrandingEnabled, + + [Parameter()] + [ValidateSet("Present", "Absent")] + [System.String] + $Ensure = "Present", + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword + ) + + Write-Verbose -Message "Getting configuration of QuarantinePolicy for $($Identity)" + if ($Global:CurrentModeIsExport) + { + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters ` + -SkipModuleReload $true + } + else + { + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters + } + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace "MSFT_", "" + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $nullReturn = $PSBoundParameters + $nullReturn.Ensure = 'Absent' + + try + { + $QuarantinePolicys = Get-QuarantinePolicy -ErrorAction Stop + + $QuarantinePolicy = $QuarantinePolicys | Where-Object -FilterScript { $_.Identity -eq $Identity } + if ($null -eq $QuarantinePolicy) + { + Write-Verbose -Message "QuarantinePolicy $($Identity) does not exist." + return $nullReturn + } + else + { + $EndUserQuarantinePermissionsValueDecimal = 0 + if ($QuarantinePolicy.EndUserQuarantinePermissions) { + # Convert string output of EndUserQuarantinePermissions to binary value and then to decimal value + # needed for EndUserQuarantinePermissionsValue attribute of New-/Set-QuarantinePolicy cmdlet. + # This parameter uses a decimal value that's converted from a binary value. + # The binary value corresponds to the list of available permissions in a specific order. + # For each permission, the value 1 equals True and the value 0 equals False. + + $EndUserQuarantinePermissionsBinary = "" + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToViewHeader: True")) + { + $PermissionToViewHeader = "1" + } + else + { + $PermissionToViewHeader = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToDownload: True")) + { + $PermissionToDownload = "1" + } + else + { + $PermissionToDownload = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToAllowSender: True")) + { + $PermissionToAllowSender = "1" + } + else + { + $PermissionToAllowSender = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToBlockSender: True")) + { + $PermissionToBlockSender = "1" + } + else + { + $PermissionToBlockSender = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToRequestRelease: True")) + { + $PermissionToRequestRelease = "1" + } + else + { + $PermissionToRequestRelease = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToRelease: True")) + { + $PermissionToRelease = "1" + } + else + { + $PermissionToRelease = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToPreview: True")) + { + $PermissionToPreview = "1" + } + else + { + PermissionToPreview = "0" + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains("PermissionToDelete: True")) + { + $PermissionToDelete = "1" + } + else + { + $PermissionToDelete = "0" + } + # Concat values to binary value + $EndUserQuarantinePermissionsBinary = [System.String]::Concat($PermissionToViewHeader, $PermissionToDownload, $PermissionToAllowSender, $PermissionToBlockSender, $PermissionToRequestRelease, $PermissionToRelease, $PermissionToPreview, $PermissionToDelete) + + # Convert to Decimal value + [int]$EndUserQuarantinePermissionsValueDecimal = [System.Convert]::ToByte($EndUserQuarantinePermissionsBinary, 2) + } + $result = @{ + Identity = $Identity + EndUserQuarantinePermissionsValue = $EndUserQuarantinePermissionsValueDecimal + ESNEnabled = $QuarantinePolicy.ESNEnabled + MultiLanguageCustomDisclaimer = $QuarantinePolicy.MultiLanguageCustomDisclaimer + MultiLanguageSenderName = $QuarantinePolicy.MultiLanguageSenderName + MultiLanguageSetting = $QuarantinePolicy.MultiLanguageSetting + OrganizationBrandingEnabled = $QuarantinePolicy.OrganizationBrandingEnabled + Credential = $Credential + Ensure = 'Present' + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + TenantId = $TenantId + } + + Write-Verbose -Message "Found QuarantinePolicy $($Identity)" + Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" + return $result + } + } + catch + { + try + { + Write-Verbose -Message $_ + $tenantIdValue = "" + if (-not [System.String]::IsNullOrEmpty($TenantId)) + { + $tenantIdValue = $TenantId + } + elseif ($null -ne $Credential) + { + $tenantIdValue = $Credential.UserName.Split('@')[1] + } + Add-M365DSCEvent -Message $_ -EntryType 'Error' ` + -EventID 1 -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $tenantIdValue + } + catch + { + Write-Verbose -Message $_ + } + return $nullReturn + } +} +function Set-TargetResource +{ + [CmdletBinding()] + + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Int32] + $EndUserQuarantinePermissionsValue, + + [Parameter()] + [System.Boolean] + $ESNEnabled, + + [Parameter()] + [System.String[]] + $MultiLanguageCustomDisclaimer, + + [Parameter()] + [System.String[]] + $MultiLanguageSenderName, + + [Parameter()] + [System.String[]] + $MultiLanguageSetting, + + [Parameter()] + [System.Boolean] + $OrganizationBrandingEnabled, + + [Parameter()] + [ValidateSet("Present", "Absent")] + [System.String] + $Ensure = "Present", + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword + ) + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace "MSFT_", "" + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + Write-Verbose -Message "Setting configuration of QuarantinePolicy for $($Identity)" + + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters + + $QuarantinePolicys = Get-QuarantinePolicy + $QuarantinePolicy = $QuarantinePolicys | Where-Object -FilterScript { $_.Identity -eq $Identity } + $QuarantinePolicyParams = [System.Collections.Hashtable]($PSBoundParameters) + $QuarantinePolicyParams.Remove('Ensure') | Out-Null + $QuarantinePolicyParams.Remove('Credential') | Out-Null + $QuarantinePolicyParams.Remove('ApplicationId') | Out-Null + $QuarantinePolicyParams.Remove('TenantId') | Out-Null + $QuarantinePolicyParams.Remove('CertificateThumbprint') | Out-Null + $QuarantinePolicyParams.Remove('CertificatePath') | Out-Null + $QuarantinePolicyParams.Remove('CertificatePassword') | Out-Null + + if (('Present' -eq $Ensure ) -and ($null -eq $QuarantinePolicy)) + { + Write-Verbose -Message "Creating QuarantinePolicy $($Identity)." + $QuarantinePolicyParams.Add("Name", $Identity) + $QuarantinePolicyParams.Remove('Identity') | Out-Null + New-QuarantinePolicy @QuarantinePolicyParams + } + elseif (('Present' -eq $Ensure ) -and ($Null -ne $QuarantinePolicy)) + { + Write-Verbose -Message "Setting QuarantinePolicy $($Identity) with values: $(Convert-M365DscHashtableToString -Hashtable $QuarantinePolicyParams)" + Set-QuarantinePolicy @QuarantinePolicyParams -Confirm:$false + } + elseif (('Absent' -eq $Ensure ) -and ($null -ne $QuarantinePolicy)) + { + Write-Verbose -Message "Removing QuarantinePolicy $($Identity)" + Remove-QuarantinePolicy -Identity $Identity -Confirm:$false + } +} + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Int32] + $EndUserQuarantinePermissionsValue, + + [Parameter()] + [System.Boolean] + $ESNEnabled, + + [Parameter()] + [System.String[]] + $MultiLanguageCustomDisclaimer, + + [Parameter()] + [System.String[]] + $MultiLanguageSenderName, + + [Parameter()] + [System.String[]] + $MultiLanguageSetting, + + [Parameter()] + [System.Boolean] + $OrganizationBrandingEnabled, + + [Parameter()] + [ValidateSet("Present", "Absent")] + [System.String] + $Ensure = "Present", + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword + ) + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace "MSFT_", "" + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + Write-Verbose -Message "Testing configuration of QuarantinePolicy for $($Identity)" + + $CurrentValues = Get-TargetResource @PSBoundParameters + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + + $ValuesToCheck = $PSBoundParameters + $ValuesToCheck.Remove('Credential') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null + $ValuesToCheck.Remove('CertificatePath') | Out-Null + $ValuesToCheck.Remove('CertificatePassword') | Out-Null + + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + + Write-Verbose -Message "Test-TargetResource returned $($TestResult)" + + return $TestResult +} + +function Export-TargetResource +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword + ) + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters ` + -SkipModuleReload $true + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace "MSFT_", "" + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + [array]$QuarantinePolicys = Get-QuarantinePolicy -ErrorAction Stop + if ($QuarantinePolicys.Length -eq 0) + { + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + else + { + Write-Host "`r`n" -NoNewline + } + $dscContent = "" + $i = 1 + foreach ($QuarantinePolicy in $QuarantinePolicys) + { + Write-Host " |---[$i/$($QuarantinePolicys.length)] $($QuarantinePolicy.Identity)" -NoNewline + + $Params = @{ + Identity = $QuarantinePolicy.Identity + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePassword = $CertificatePassword + CertificatePath = $CertificatePath + } + + $Results = Get-TargetResource @Params + + $keysToRemove = @() + foreach ($key in $Results.Keys) + { + if ([System.String]::IsNullOrEmpty($Results.$key)) + { + $keysToRemove += $key + } + } + foreach ($key in $keysToRemove) + { + $Results.Remove($key) | Out-Null + } + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential + $dscContent += $currentDSCBlock + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + Write-Host $Global:M365DSCEmojiGreenCheckMark + $i++ + } + return $dscContent + } + catch + { + try + { + Write-Verbose -Message $_ + $tenantIdValue = "" + if (-not [System.String]::IsNullOrEmpty($TenantId)) + { + $tenantIdValue = $TenantId + } + elseif ($null -ne $Credential) + { + $tenantIdValue = $Credential.UserName.Split('@')[1] + } + Add-M365DSCEvent -Message $_ -EntryType 'Error' ` + -EventID 1 -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $tenantIdValue + } + catch + { + Write-Verbose -Message $_ + } + return "" + } +} +Export-ModuleMember -Function *-TargetResource + diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.schema.mof new file mode 100644 index 0000000000..70d045b132 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.schema.mof @@ -0,0 +1,19 @@ + +[ClassVersion("1.0.0.0"), FriendlyName("EXOQuarantinePolicy")] +class MSFT_EXOQuarantinePolicy : OMI_BaseResource +{ + [Key, Description("The Identity parameter specifies the QuarantinePolicy you want to modify.")] String Identity; + [Write, Description("The EndUserQuarantinePermissionsValue parameter specifies the end-user permissions for the quarantine policy.")] Int32 EndUserQuarantinePermissionsValue; + [Write, Description("The ESNEnabled parameter specifies whether to enable quarantine notifications (formerly known as end-user spam notifications) for the policy.")] Boolean ESNEnabled; + [Write, Description("The MultiLanguageCustomDisclaimer parameter specifies the custom disclaimer text to use near the bottom of quarantine notifications.")] String MultiLanguageCustomDisclaimer[]; + [Write, Description("The MultiLanguageSenderName parameter specifies the email sender's display name to use in quarantine notifications.")] String MultiLanguageSenderName[]; + [Write, Description("The MultiLanguageSetting parameter specifies the language of quarantine notifications.")] String MultiLanguageSetting[]; + [Write, Description("The OrganizationBrandingEnabled parameter enables or disables organization branding in the end-user quarantine notification messages.")] Boolean OrganizationBrandingEnabled; + [Write, Description("Specifies if this QuarantinePolicy should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; + [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; + [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; + [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; + [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; + [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/readme.md new file mode 100644 index 0000000000..e328e3cda6 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/readme.md @@ -0,0 +1,5 @@ +# EXOQuarantinePolicy + +## Description + +Create or modify a EXOQuarantinePolicy in your cloud-based organization. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/settings.json new file mode 100644 index 0000000000..c8ed23a9a6 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/settings.json @@ -0,0 +1,10 @@ +{ + "resourceName": "EXOQuarantinePolicy", + "description": "", + "permissions": [ + { + "read": [], + "update": [] + } + ] +} diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOQuarantinePolicy/1-ConfigureQuarantinePolicy.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOQuarantinePolicy/1-ConfigureQuarantinePolicy.ps1 new file mode 100644 index 0000000000..8ebda06451 --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOQuarantinePolicy/1-ConfigureQuarantinePolicy.ps1 @@ -0,0 +1,27 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $credsGlobalAdmin + ) + $OrganizationName = $credsGlobalAdmin.UserName.Split('@')[1] + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + EXOQuarantinePolicy 'ConfigureQuarantinePolicy' + { + EndUserQuarantinePermissionsValue = 87; + ESNEnabled = $False; + Identity = "$OrganizationName\DefaultFullAccessPolicy"; + Ensure = "Present" + Credential = $credsGlobalAdmin + } + } +} diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOQuarantinePolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOQuarantinePolicy.Tests.ps1 new file mode 100644 index 0000000000..53dadfe580 --- /dev/null +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOQuarantinePolicy.Tests.ps1 @@ -0,0 +1,203 @@ +[CmdletBinding()] +param( +) +$M365DSCTestFolder = Join-Path -Path $PSScriptRoot ` + -ChildPath "..\..\Unit" ` + -Resolve +$CmdletModule = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath "\Stubs\Microsoft365.psm1" ` + -Resolve) +$GenericStubPath = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath "\Stubs\Generic.psm1" ` + -Resolve) +Import-Module -Name (Join-Path -Path $M365DSCTestFolder ` + -ChildPath "\UnitTestHelper.psm1" ` + -Resolve) + +$Global:DscHelper = New-M365DscUnitTestHelper -StubModule $CmdletModule ` + -DscResource "EXOQuarantinePolicy" -GenericStubModule $GenericStubPath +Describe -Name $Global:DscHelper.DescribeHeader -Fixture { + InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { + Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope + + BeforeAll { + $secpasswd = ConvertTo-SecureString "test@password1" -AsPlainText -Force + $Credential = New-Object System.Management.Automation.PSCredential ("tenantadmin", $secpasswd) + + Mock -CommandName Update-M365DSCExportAuthenticationResults -MockWith { + return @{} + } + + Mock -CommandName Get-M365DSCExportContentForResource -MockWith { + + } + + Mock -CommandName Confirm-M365DSCDependencies -MockWith { + + } + + Mock -CommandName New-M365DSCConnection -MockWith { + return "Credentials" + } + + Mock -CommandName Get-PSSession -MockWith { + + } + + Mock -CommandName Remove-PSSession -MockWith { + + } + + Mock -CommandName New-MalwareFilterPolicy -MockWith { + + } + + Mock -CommandName Set-MalwareFilterPolicy -MockWith { + + } + + Mock -CommandName Remove-MalwareFilterPolicy -MockWith { + + } + } + + # Test contexts + Context -Name "QuarantinePolicy creation." -Fixture { + BeforeAll { + $testParams = @{ + Ensure = 'Present' + Credential = $Credential + Identity = "DefaultFullAccessPolicy"; + OrganizationBrandingEnabled = $False; + ESNEnabled = $False; + } + + + Mock -CommandName Get-QuarantinePolicy -MockWith { + return @{ + Identity = 'SomeOtherQuarantinePolicy' + } + } + } + + It 'Should return Absent from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be "Absent" + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It "Should call the Set method" { + Set-TargetResource @testParams + } + + } + + Context -Name "QuarantinePolicy update not required." -Fixture { + BeforeAll { + $testParams = @{ + Ensure = 'Present' + Credential = $Credential + Identity = "DefaultFullAccessPolicy"; + OrganizationBrandingEnabled = $True; + ESNEnabled = $False; + } + + Mock -CommandName Get-QuarantinePolicy -MockWith { + return @{ + Ensure = 'Present' + Credential = $Credential + Identity = "DefaultFullAccessPolicy"; + OrganizationBrandingEnabled = $True; + ESNEnabled = $False; + } + } + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + + Context -Name "QuarantinePolicy update needed." -Fixture { + BeforeAll { + $testParams = @{ + Ensure = 'Present' + Credential = $Credential + Identity = "DefaultFullAccessPolicy"; + OrganizationBrandingEnabled = $True; + ESNEnabled = $True; + } + + Mock -CommandName Get-QuarantinePolicy -MockWith { + return @{ + Ensure = 'Present' + Credential = $Credential + Identity = "DefaultFullAccessPolicy"; + OrganizationBrandingEnabled = $False; + ESNEnabled = $False; + } + } + + Mock -CommandName Set-QuarantinePolicy -MockWith { + return @{ + + } + } + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It "Should Successfully call the Set method" { + Set-TargetResource @testParams + } + } + + Context -Name "QuarantinePolicy removal." -Fixture { + BeforeAll { + $testParams = @{ + Ensure = 'Absent' + Credential = $Credential + Identity = 'TestQuarantinePolicy' + } + + Mock -CommandName Get-QuarantinePolicy -MockWith { + return @{ + Identity = 'TestQuarantinePolicy' + } + } + + Mock -CommandName Remove-QuarantinePolicy -MockWith { + return @{ + + } + } + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It "Should Remove the Policy in the Set method" { + Set-TargetResource @testParams + } + } + + Context -Name "ReverseDSC Tests" -Fixture { + BeforeAll { + $testParams = @{ + Credential = $Credential + } + } + + It "Should Reverse Engineer resource from the Export method" { + Export-TargetResource @testParams + } + } + } +} + +Invoke-Command -ScriptBlock $Global:DscHelper.CleanupScript -NoNewScope diff --git a/Tests/Unit/Stubs/Microsoft365.psm1 b/Tests/Unit/Stubs/Microsoft365.psm1 index bb8b312688..a2a5e15333 100644 --- a/Tests/Unit/Stubs/Microsoft365.psm1 +++ b/Tests/Unit/Stubs/Microsoft365.psm1 @@ -1231,6 +1231,19 @@ function Get-PolicyTipConfig $AsJob ) } +function Get-QuarantinePolicy +{ + [CmdletBinding()] + param( + [Parameter()] + [System.Object] + $Identity, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $AsJob + ) +} function Get-RemoteDomain { [CmdletBinding()] @@ -3375,6 +3388,43 @@ function New-PolicyTipConfig $AsJob ) } +function New-QuarantinePolicy +{ + [CmdletBinding()] + param( + [Parameter()] + [System.Object] + $EndUserQuarantinePermissionsValue, + + [Parameter()] + [System.Object] + $ESNEnabled, + + [Parameter()] + [System.Object] + $Name, + + [Parameter()] + [System.Object] + $MultiLanguageCustomDisclaimer, + + [Parameter()] + [System.Object] + $MultiLanguageSenderName, + + [Parameter()] + [System.Object] + $MultiLanguageSetting, + + [Parameter()] + [System.Object] + $OrganizationBrandingEnabled, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $AsJob + ) +} function New-RemoteDomain { [CmdletBinding()] @@ -5082,6 +5132,23 @@ function Remove-PolicyTipConfig $AsJob ) } +function Remove-QuarantinePolicy +{ + [CmdletBinding()] + param( + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Confirm, + + [Parameter()] + [System.Object] + $Identity, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $AsJob + ) +} function Remove-RemoteDomain { [CmdletBinding()] @@ -8732,6 +8799,47 @@ function Set-PolicyTipConfig $AsJob ) } +function Set-QuarantinePolicy +{ + [CmdletBinding()] + param( + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Confirm, + + [Parameter()] + [System.Object] + $EndUserQuarantinePermissionsValue, + + [Parameter()] + [System.Object] + $ESNEnabled, + + [Parameter()] + [System.Object] + $Identity, + + [Parameter()] + [System.Object] + $MultiLanguageCustomDisclaimer, + + [Parameter()] + [System.Object] + $MultiLanguageSenderName, + + [Parameter()] + [System.Object] + $MultiLanguageSetting, + + [Parameter()] + [System.Object] + $OrganizationBrandingEnabled, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $AsJob + ) +} function Set-RemoteDomain { [CmdletBinding()]