⭐️ Adding consent settings - ms365 (#4633)

* ⭐️ Adding consent settings Signed-off-by: Hossein Rouhani <[email protected]> * rebase and add missing files Signed-off-by: Hossein Rouhani <[email protected]> --------- Signed-off-by: Hossein Rouhani <[email protected]>
mondoohq · Sep 26, 2024 · 045aa0e · 045aa0e
1 parent 870c8c9
commit 045aa0e
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 0 deletions.
diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr
@@ -501,8 +501,11 @@ microsoft.policies {
   adminConsentRequestPolicy() dict
   // Permission grant policies
   permissionGrantPolicies() []dict
+  // Consent policy settings
+  consentPolicySettings() dict
 }
 
+
 // Deprecated: use `microsoft.roles` instead
 microsoft.rolemanagement {
   // Deprecated: use `microsoft.roles` instead

diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go
diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml
@@ -252,8 +252,12 @@ resources:
     min_mondoo_version: 9.0.0
   microsoft.policies:
     fields:
+      ConsentPolicySettings:
+        min_mondoo_version: 9.0.0
       adminConsentRequestPolicy: {}
       authorizationPolicy: {}
+      consentPolicySettings:
+        min_mondoo_version: 9.0.0
       identitySecurityDefaultsEnforcementPolicy: {}
       permissionGrantPolicies: {}
     min_mondoo_version: 5.15.0

diff --git a/providers/ms365/resources/policies.go b/providers/ms365/resources/policies.go
@@ -73,3 +73,40 @@ func (a *mqlMicrosoftPolicies) permissionGrantPolicies() ([]interface{}, error)
 	}
 	return convert.JsonToDictSlice(newPermissionGrantPolicies(resp.GetValue()))
 }
+
+// https://learn.microsoft.com/en-us/graph/api/groupsetting-get?view=graph-rest-1.0&tabs=http
+
+func (a *mqlMicrosoftPolicies) consentPolicySettings() (interface{}, error) {
+	conn := a.MqlRuntime.Connection.(*connection.Ms365Connection)
+	graphClient, err := conn.GraphClient()
+	if err != nil {
+		return nil, err
+	}
+
+	ctx := context.Background()
+
+	groupSettings, err := graphClient.GroupSettings().Get(ctx, nil)
+	if err != nil {
+		return nil, transformError(err)
+	}
+
+	actualSettingsMap := make(map[string]map[string]interface{})
+	for _, setting := range groupSettings.GetValue() {
+		displayName := setting.GetDisplayName()
+		if displayName != nil {
+			if _, exists := actualSettingsMap[*displayName]; !exists {
+				actualSettingsMap[*displayName] = make(map[string]interface{})
+			}
+
+			for _, settingValue := range setting.GetValues() {
+				name := settingValue.GetName()
+				value := settingValue.GetValue()
+				if name != nil && value != nil {
+					actualSettingsMap[*displayName][*name] = *value
+				}
+			}
+		}
+	}
+
+	return convert.JsonToDict(actualSettingsMap)
+}