Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SPOSharingSettings: Remove properties from being tested in certain conditions #4650

Merged
merged 2 commits into from
May 14, 2024
Merged

SPOSharingSettings: Remove properties from being tested in certain conditions #4650

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b410ca0
Remove properties from being tested in certain conditions
ricmestre May 8, 2024
8c208c6
Merge branch 'Dev' into fix4649
NikCharlebois May 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@
* Fixed a creation and update issue when the exported policy contains a
onboarding blob and the tenant is connected to Defender for Endpoint Service.
* SPOSharingSettings
* Remove properties from being tested in certain conditions
FIXES [#4649](https://github.com/microsoft/Microsoft365DSC/issues/4649)
* Changed logic to retrieve my site for sovereign clouds.
* TeamsGroupPolicyAssignment
* Add missing policy type TeamsVerticalPackagePolicy
Expand Down
53 changes: 53 additions & 0 deletions Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -723,6 +723,59 @@ function Test-TargetResource
$ValuesToCheck['DefaultLinkPermission'] = 'Edit'
}

if ($null -eq $SharingAllowedDomainList -and $null -eq $SharingBlockedDomainList -and
($null -ne $RequireAcceptingAccountMatchInvitedAccount -and $RequireAcceptingAccountMatchInvitedAccount -eq $false))
{
Write-Warning -Message 'If SharingAllowedDomainList / SharingBlockedDomainList are set to null RequireAcceptingAccountMatchInvitedAccount must be set to True '
$ValuesToCheck.Remove('RequireAcceptingAccountMatchInvitedAccount') | Out-Null
}

if ($null -eq $SignInAccelerationDomain)
{
$ValuesToCheck.Remove('SignInAccelerationDomain') | Out-Null
$ValuesToCheck.Remove('EnableGuestSignInAcceleration') | Out-Null #removing EnableGuestSignInAcceleration since it can only be configured with a configured SignINAccerlation domain
}
if ($SharingCapability -ne 'ExternalUserAndGuestSharing')
{
Write-Warning -Message 'The sharing capabilities for the tenant are not configured to be ExternalUserAndGuestSharing for that the RequireAnonymousLinksExpireInDays property cannot be configured'
$ValuesToCheck.Remove('RequireAnonymousLinksExpireInDays') | Out-Null
}
if ($ExternalUserExpireInDays -and $ExternalUserExpirationRequired -eq $false)
{
Write-Warning -Message 'ExternalUserExpirationRequired is set to be false. For that the ExternalUserExpireInDays property cannot be configured'
$ValuesToCheck.Remove('ExternalUserExpireInDays') | Out-Null
}
if ($RequireAcceptingAccountMatchInvitedAccount -eq $false)
{
Write-Warning -Message 'RequireAcceptingAccountMatchInvitedAccount is set to be false. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured'
$ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null
$ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null
}

if ($SharingCapability -ne 'ExternalUserAndGuestSharing' -and ($null -ne $FileAnonymousLinkType -or $null -ne $FolderAnonymousLinkType))
{
Write-Warning -Message 'If anonymous file or folder links are set, SharingCapability must be set to ExternalUserAndGuestSharing '
$ValuesToCheck.Remove('FolderAnonymousLinkType') | Out-Null
$ValuesToCheck.Remove('FileAnonymousLinkType') | Out-Null
}

if ($SharingDomainRestrictionMode -eq 'None')
{
Write-Warning -Message 'SharingDomainRestrictionMode is set to None. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured'
$ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null
$ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null
}
elseif ($SharingDomainRestrictionMode -eq 'AllowList')
{
Write-Verbose -Message 'SharingDomainRestrictionMode is set to AllowList. For that SharingBlockedDomainList cannot be configured'
$ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null
}
elseif ($SharingDomainRestrictionMode -eq 'BlockList')
{
Write-Warning -Message 'SharingDomainRestrictionMode is set to BlockList. For that SharingAllowedDomainList cannot be configured'
$ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null
}

$TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues `
-Source $($MyInvocation.MyCommand.Source) `
-DesiredValues $PSBoundParameters `
Expand Down
Loading