From eca06ae9d8644da6c1a729ee00e2d868d751eb01 Mon Sep 17 00:00:00 2001
From: Hossein Rouhani <h_rouhani@hotmail.com>
Date: Tue, 10 Sep 2024 17:13:08 +0200
Subject: [PATCH] Improved to include the trusted

Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com>
---
 .../ms365/resources/conditional-access.go     | 27 ++++--
 providers/ms365/resources/ms365.lr            | 10 ++-
 providers/ms365/resources/ms365.lr.go         | 83 ++++++++++++++++++-
 .../ms365/resources/ms365.lr.manifest.yaml    | 12 +++
 4 files changed, 123 insertions(+), 9 deletions(-)

diff --git a/providers/ms365/resources/conditional-access.go b/providers/ms365/resources/conditional-access.go
index c62362803..b355d25ce 100644
--- a/providers/ms365/resources/conditional-access.go
+++ b/providers/ms365/resources/conditional-access.go
@@ -8,6 +8,7 @@ import (
 	"log"
 
 	"github.com/microsoftgraph/msgraph-sdk-go/models"
+	"go.mondoo.com/cnquery/v11/llx"
 	"go.mondoo.com/cnquery/v11/providers/ms365/connection"
 )
 
@@ -18,29 +19,41 @@ func (a *mqlMicrosoftConditionalAccess) namedLocations() ([]interface{}, error)
 		return nil, err
 	}
 
-	// Make a request to get named locations
 	ctx := context.Background()
 	namedLocations, err := graphClient.Identity().ConditionalAccess().NamedLocations().Get(ctx, nil)
 	if err != nil {
 		return nil, transformError(err)
 	}
 
-	// Collect all named location names
-	var locationNames []interface{} // Changed to interface{} to match the expected return type
+	var locationDetails []interface{}
 	for _, location := range namedLocations.GetValue() {
-		// Use type assertion to check for IP named locations
 		if ipLocation, ok := location.(*models.IpNamedLocation); ok {
 			displayName := ipLocation.GetDisplayName()
+			isTrusted := ipLocation.GetIsTrusted()
+
 			if displayName != nil {
-				locationNames = append(locationNames, *displayName)
+				trusted := false
+				if isTrusted != nil {
+					trusted = *isTrusted
+				}
+
+				locationInfo, err := CreateResource(a.MqlRuntime, "microsoft.conditionalAccess.ipNamedLocation",
+					map[string]*llx.RawData{
+						"name":    llx.StringDataPtr(displayName),
+						"trusted": llx.BoolData(trusted),
+					})
+				if err != nil {
+					return nil, err
+				}
+				locationDetails = append(locationDetails, locationInfo)
 			}
 		}
 	}
 
-	if len(locationNames) == 0 {
+	if len(locationDetails) == 0 {
 		log.Println("No named locations are defined.")
 		return nil, nil
 	}
 
-	return locationNames, nil
+	return locationDetails, nil
 }
diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr
index de7fb82b7..39b7f2946 100644
--- a/providers/ms365/resources/ms365.lr
+++ b/providers/ms365/resources/ms365.lr
@@ -59,7 +59,15 @@ microsoft.tenant @defaults("name") {
 // Microsoft Conditional Access Policies
 microsoft.conditionalAccess {
   // IP named location
-  namedLocations() []string
+  namedLocations() []microsoft.conditionalAccess.ipNamedLocation
+}
+
+// Microsoft Conditional Access IP named location
+microsoft.conditionalAccess.ipNamedLocation @defaults("name trusted") {
+  // Named location name
+  name string
+  // Whether the location is marked as trusted
+  trusted bool
 }
 
 // Microsoft Entra ID user
diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go
index 4fdfe0872..65b7b69ab 100644
--- a/providers/ms365/resources/ms365.lr.go
+++ b/providers/ms365/resources/ms365.lr.go
@@ -30,6 +30,10 @@ func init() {
 			// to override args, implement: initMicrosoftConditionalAccess(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
 			Create: createMicrosoftConditionalAccess,
 		},
+		"microsoft.conditionalAccess.ipNamedLocation": {
+			// to override args, implement: initMicrosoftConditionalAccessIpNamedLocation(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createMicrosoftConditionalAccessIpNamedLocation,
+		},
 		"microsoft.user": {
 			Init: initMicrosoftUser,
 			Create: createMicrosoftUser,
@@ -294,7 +298,13 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{
 		return (r.(*mqlMicrosoftTenant).GetSubscriptions()).ToDataRes(types.Array(types.Dict))
 	},
 	"microsoft.conditionalAccess.namedLocations": func(r plugin.Resource) *plugin.DataRes {
-		return (r.(*mqlMicrosoftConditionalAccess).GetNamedLocations()).ToDataRes(types.Array(types.String))
+		return (r.(*mqlMicrosoftConditionalAccess).GetNamedLocations()).ToDataRes(types.Array(types.Resource("microsoft.conditionalAccess.ipNamedLocation")))
+	},
+	"microsoft.conditionalAccess.ipNamedLocation.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlMicrosoftConditionalAccessIpNamedLocation).GetName()).ToDataRes(types.String)
+	},
+	"microsoft.conditionalAccess.ipNamedLocation.trusted": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlMicrosoftConditionalAccessIpNamedLocation).GetTrusted()).ToDataRes(types.Bool)
 	},
 	"microsoft.user.id": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlMicrosoftUser).GetId()).ToDataRes(types.String)
@@ -1248,6 +1258,18 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool {
 		r.(*mqlMicrosoftConditionalAccess).NamedLocations, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
 		return
 	},
+	"microsoft.conditionalAccess.ipNamedLocation.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlMicrosoftConditionalAccessIpNamedLocation).__id, ok = v.Value.(string)
+			return
+		},
+	"microsoft.conditionalAccess.ipNamedLocation.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlMicrosoftConditionalAccessIpNamedLocation).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"microsoft.conditionalAccess.ipNamedLocation.trusted": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlMicrosoftConditionalAccessIpNamedLocation).Trusted, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
 	"microsoft.user.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
 			r.(*mqlMicrosoftUser).__id, ok = v.Value.(string)
 			return
@@ -2856,10 +2878,69 @@ func (c *mqlMicrosoftConditionalAccess) MqlID() string {
 
 func (c *mqlMicrosoftConditionalAccess) GetNamedLocations() *plugin.TValue[[]interface{}] {
 	return plugin.GetOrCompute[[]interface{}](&c.NamedLocations, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("microsoft.conditionalAccess", c.__id, "namedLocations")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
 		return c.namedLocations()
 	})
 }
 
+// mqlMicrosoftConditionalAccessIpNamedLocation for the microsoft.conditionalAccess.ipNamedLocation resource
+type mqlMicrosoftConditionalAccessIpNamedLocation struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlMicrosoftConditionalAccessIpNamedLocationInternal it will be used here
+	Name plugin.TValue[string]
+	Trusted plugin.TValue[bool]
+}
+
+// createMicrosoftConditionalAccessIpNamedLocation creates a new instance of this resource
+func createMicrosoftConditionalAccessIpNamedLocation(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlMicrosoftConditionalAccessIpNamedLocation{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("microsoft.conditionalAccess.ipNamedLocation", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlMicrosoftConditionalAccessIpNamedLocation) MqlName() string {
+	return "microsoft.conditionalAccess.ipNamedLocation"
+}
+
+func (c *mqlMicrosoftConditionalAccessIpNamedLocation) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlMicrosoftConditionalAccessIpNamedLocation) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlMicrosoftConditionalAccessIpNamedLocation) GetTrusted() *plugin.TValue[bool] {
+	return &c.Trusted
+}
+
 // mqlMicrosoftUser for the microsoft.user resource
 type mqlMicrosoftUser struct {
 	MqlRuntime *plugin.Runtime
diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml
index 92dd7f823..e5a6242e7 100755
--- a/providers/ms365/resources/ms365.lr.manifest.yaml
+++ b/providers/ms365/resources/ms365.lr.manifest.yaml
@@ -122,7 +122,19 @@ resources:
     min_mondoo_version: 9.0.0
   microsoft.conditionalAccess:
     fields:
+      name: {}
       namedLocations: {}
+      trusted: {}
+    min_mondoo_version: 9.0.0
+  microsoft.conditionalAccess.ipNamedLocation:
+    fields:
+      name: {}
+      trusted: {}
+    min_mondoo_version: 9.0.0
+  microsoft.conditionalAccess.namedLocation:
+    fields:
+      name: {}
+      trusted: {}
     min_mondoo_version: 9.0.0
   microsoft.devicemanagement:
     fields: