Skip to content

Commit

Permalink
Merge pull request #56 from maester365/directoryRecommendations
Browse files Browse the repository at this point in the history
Microsoft Entra Recommendations
  • Loading branch information
f-bader authored Apr 1, 2024
2 parents b9dfda8 + 9a7e9ae commit ad8d798
Show file tree
Hide file tree
Showing 6 changed files with 37 additions and 10 deletions.
4 changes: 2 additions & 2 deletions powershell/internal/ConvertTo-MtMaesterResults.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ function ConvertTo-MtMaesterResult {

foreach ($test in $sortedTests) {

$name = $test.Name
$name = $test.ExpandedName
$helpUrl = ''

$start = $name.IndexOf("See https")
Expand All @@ -63,7 +63,7 @@ function ConvertTo-MtMaesterResult {
ScriptBlockFile = $test.ScriptBlock.File
ErrorRecord = $test.ErrorRecord
Block = $test.Block.Name
ResultDetail = $MtTestResultDetail[$test.Name]
ResultDetail = $MtTestResultDetail[$test.ExpandedName]
}
$mtTests += $mtTestInfo
}
Expand Down
9 changes: 6 additions & 3 deletions powershell/public/Add-MtTestResultDetail.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -53,10 +53,13 @@ Function Add-MtTestResultDetail {

# The type of graph object, this will be used to show the right deeplink to the test results report.
[ValidateSet('ConditionalAccess', 'Users', 'Groups')]
[string] $GraphObjectType
)
[string] $GraphObjectType,

$testName = $____Pester.CurrentTest.Name # Get the test name from the Pester context.
# Pester test name
# Use the test name from the Pester context by default
[Parameter(Mandatory = $false)]
[string] $TestName = $____Pester.CurrentTest.ExpandedName
)

$hasGraphResults = $GraphObjects -and $GraphObjectType

Expand Down
1 change: 1 addition & 0 deletions powershell/public/Get-MtGraphScope.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ Function Get-MtGraphScope {
'Directory.Read.All'
'Policy.Read.All'
'Reports.Read.All'
'DirectoryRecommendations.Read.All'
)

if ($SendMail) {
Expand Down
12 changes: 8 additions & 4 deletions powershell/public/Invoke-MtGraphRequest.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,11 @@ Function Invoke-MtGraphRequest {
[uri] $GraphBaseUri,
# Specify if this request should skip cache and go directly to Graph.
[Parameter(Mandatory = $false)]
[switch] $DisableCache
[switch] $DisableCache,
# Specify the output type
[Parameter(Mandatory = $false)]
[ValidateSet('PSObject', 'PSCustomObject', 'Hashtable')]
[string] $OutputType = 'PSObject'
)

begin {
Expand Down Expand Up @@ -96,7 +100,7 @@ Function Invoke-MtGraphRequest {
function Complete-Result ($results, $DisablePaging) {
if (!$DisablePaging -and $results) {
while (Get-ObjectProperty $results '@odata.nextLink') {
$results = Invoke-MtGraphRequestCache -Method GET -Uri $results.'@odata.nextLink' -Headers @{ ConsistencyLevel = $ConsistencyLevel } -OutputType PSObject -DisableCache:$DisableCache
$results = Invoke-MtGraphRequestCache -Method GET -Uri $results.'@odata.nextLink' -Headers @{ ConsistencyLevel = $ConsistencyLevel } -OutputType $OutputType -DisableCache:$DisableCache
Format-Result $results $DisablePaging
}
}
Expand Down Expand Up @@ -146,7 +150,7 @@ Function Invoke-MtGraphRequest {
$listRequests.Add($request)
} else {

$results = Invoke-MtGraphRequestCache -Method GET -Uri $uriQueryEndpointFinal.Uri.AbsoluteUri -Headers @{ ConsistencyLevel = $ConsistencyLevel } -OutputType PSObject -DisableCache:$DisableCache
$results = Invoke-MtGraphRequestCache -Method GET -Uri $uriQueryEndpointFinal.Uri.AbsoluteUri -Headers @{ ConsistencyLevel = $ConsistencyLevel } -OutputType $OutputType -DisableCache:$DisableCache

Format-Result $results $DisablePaging
Complete-Result $results $DisablePaging
Expand All @@ -163,7 +167,7 @@ Function Invoke-MtGraphRequest {
$jsonRequests = New-Object psobject -Property @{ requests = $listRequests[$iRequest..$indexEnd] } | ConvertTo-Json -Depth 5
Write-Debug $jsonRequests

$resultsBatch = Invoke-MtGraphRequestCache -Method POST -Uri $uriQueryEndpoint.Uri.AbsoluteUri -Body $jsonRequests -OutputType PSObject -DisableCache:$DisableCache
$resultsBatch = Invoke-MtGraphRequestCache -Method POST -Uri $uriQueryEndpoint.Uri.AbsoluteUri -Body $jsonRequests -OutputType $OutputType -DisableCache:$DisableCache
$resultsBatch = $resultsBatch.responses | Sort-Object -Property id

foreach ($results in ($resultsBatch.body)) {
Expand Down
18 changes: 18 additions & 0 deletions tests/Maester/Entra/Test-EntraRecommendations.Tests.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
BeforeDiscovery {
$EntraIDPlan = Get-MtLicenseInformation -Product "EntraID"
$EntraRecommendations = Invoke-MtGraphRequest -DisableCache -ApiVersion beta -RelativeUri 'directory/recommendations' -OutputType Hashtable
Write-Verbose "Found $($EntraRecommendations.Count) Entra recommendations"
}

Describe "Entra Recommendations" -Tag "Entra", "Security", "All" -ForEach $EntraRecommendations {
It "Entra Recommendation: <displayName>" {
#region Add detailed test description
$ActionSteps = $actionSteps | Sort-Object -Property 'stepNumber' | Select-Object -ExpandProperty text -EA SilentlyContinue
$ActionSteps = $ActionSteps -join "`n`n"
$ResultMarkdown = $insights + "`n`nRemediation actions:`n`n" + $ActionSteps
Add-MtTestResultDetail -Description $benefits -Result $ResultMarkdown
#endregion
# Actual test
$status | Should -Be "completedBySystem" -Because $benefits
}
}
3 changes: 2 additions & 1 deletion website/docs/sections/permissions.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
- **Directory.Read.All**
- **Policy.Read.All**
- **Reports.Read.All**
- **Reports.Read.All**
- **DirectoryRecommendations.Read.All**

0 comments on commit ad8d798

Please sign in to comment.