diff --git a/providers/ms365/resources/conditional-access.go b/providers/ms365/resources/conditional-access.go index 838b34040b..a6c5c9c3d8 100644 --- a/providers/ms365/resources/conditional-access.go +++ b/providers/ms365/resources/conditional-access.go @@ -11,7 +11,7 @@ import ( "go.mondoo.com/cnquery/v11/providers/ms365/connection" ) -func (a *mqlMicrosoftConditionalAccess) namedLocations() ([]interface{}, error) { +func (a *mqlMicrosoftConditionalAccessNamedLocations) ipLocations() ([]interface{}, error) { conn := a.MqlRuntime.Connection.(*connection.Ms365Connection) graphClient, err := conn.GraphClient() if err != nil { @@ -20,9 +20,6 @@ func (a *mqlMicrosoftConditionalAccess) namedLocations() ([]interface{}, error) ctx := context.Background() namedLocations, err := graphClient.Identity().ConditionalAccess().NamedLocations().Get(ctx, nil) - if err != nil { - return nil, transformError(err) - } var locationDetails []interface{} for _, location := range namedLocations.GetValue() { @@ -60,7 +57,7 @@ func (m *mqlMicrosoftConditionalAccessCountryNamedLocation) id() (string, error) return m.Name.Data, nil } -func (a *mqlMicrosoftConditionalAccess) countryLocations() ([]interface{}, error) { +func (a *mqlMicrosoftConditionalAccessNamedLocations) countryLocations() ([]interface{}, error) { conn := a.MqlRuntime.Connection.(*connection.Ms365Connection) graphClient, err := conn.GraphClient() if err != nil { @@ -69,9 +66,6 @@ func (a *mqlMicrosoftConditionalAccess) countryLocations() ([]interface{}, error ctx := context.Background() namedLocations, err := graphClient.Identity().ConditionalAccess().NamedLocations().Get(ctx, nil) - if err != nil { - return nil, transformError(err) - } var locationDetails []interface{} for _, location := range namedLocations.GetValue() { diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr index e2152f5c11..63b2a468a7 100644 --- a/providers/ms365/resources/ms365.lr +++ b/providers/ms365/resources/ms365.lr @@ -58,9 +58,15 @@ microsoft.tenant @defaults("name") { // Microsoft Conditional Access Policies microsoft.conditionalAccess { - // IP named location - namedLocations() []microsoft.conditionalAccess.ipNamedLocation - // Country-based named location + // Named locations container + namedLocations microsoft.conditionalAccess.namedLocations +} + +// Container for Microsoft Conditional Access Named Locations +microsoft.conditionalAccess.namedLocations { + // IP-based named locations + ipLocations() []microsoft.conditionalAccess.ipNamedLocation + // Country-based named locations countryLocations() []microsoft.conditionalAccess.countryNamedLocation } diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go index 1c0c6b8494..396084c9f3 100644 --- a/providers/ms365/resources/ms365.lr.go +++ b/providers/ms365/resources/ms365.lr.go @@ -30,6 +30,10 @@ func init() { // to override args, implement: initMicrosoftConditionalAccess(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) Create: createMicrosoftConditionalAccess, }, + "microsoft.conditionalAccess.namedLocations": { + // to override args, implement: initMicrosoftConditionalAccessNamedLocations(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) + Create: createMicrosoftConditionalAccessNamedLocations, + }, "microsoft.conditionalAccess.ipNamedLocation": { // to override args, implement: initMicrosoftConditionalAccessIpNamedLocation(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) Create: createMicrosoftConditionalAccessIpNamedLocation, @@ -302,10 +306,13 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ return (r.(*mqlMicrosoftTenant).GetSubscriptions()).ToDataRes(types.Array(types.Dict)) }, "microsoft.conditionalAccess.namedLocations": func(r plugin.Resource) *plugin.DataRes { - return (r.(*mqlMicrosoftConditionalAccess).GetNamedLocations()).ToDataRes(types.Array(types.Resource("microsoft.conditionalAccess.ipNamedLocation"))) + return (r.(*mqlMicrosoftConditionalAccess).GetNamedLocations()).ToDataRes(types.Resource("microsoft.conditionalAccess.namedLocations")) + }, + "microsoft.conditionalAccess.namedLocations.ipLocations": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlMicrosoftConditionalAccessNamedLocations).GetIpLocations()).ToDataRes(types.Array(types.Resource("microsoft.conditionalAccess.ipNamedLocation"))) }, - "microsoft.conditionalAccess.countryLocations": func(r plugin.Resource) *plugin.DataRes { - return (r.(*mqlMicrosoftConditionalAccess).GetCountryLocations()).ToDataRes(types.Array(types.Resource("microsoft.conditionalAccess.countryNamedLocation"))) + "microsoft.conditionalAccess.namedLocations.countryLocations": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlMicrosoftConditionalAccessNamedLocations).GetCountryLocations()).ToDataRes(types.Array(types.Resource("microsoft.conditionalAccess.countryNamedLocation"))) }, "microsoft.conditionalAccess.ipNamedLocation.name": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftConditionalAccessIpNamedLocation).GetName()).ToDataRes(types.String) @@ -1274,11 +1281,19 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { return }, "microsoft.conditionalAccess.namedLocations": func(r plugin.Resource, v *llx.RawData) (ok bool) { - r.(*mqlMicrosoftConditionalAccess).NamedLocations, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) + r.(*mqlMicrosoftConditionalAccess).NamedLocations, ok = plugin.RawToTValue[*mqlMicrosoftConditionalAccessNamedLocations](v.Value, v.Error) + return + }, + "microsoft.conditionalAccess.namedLocations.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftConditionalAccessNamedLocations).__id, ok = v.Value.(string) + return + }, + "microsoft.conditionalAccess.namedLocations.ipLocations": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftConditionalAccessNamedLocations).IpLocations, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, - "microsoft.conditionalAccess.countryLocations": func(r plugin.Resource, v *llx.RawData) (ok bool) { - r.(*mqlMicrosoftConditionalAccess).CountryLocations, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) + "microsoft.conditionalAccess.namedLocations.countryLocations": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftConditionalAccessNamedLocations).CountryLocations, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, "microsoft.conditionalAccess.ipNamedLocation.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { @@ -2884,8 +2899,7 @@ type mqlMicrosoftConditionalAccess struct { MqlRuntime *plugin.Runtime __id string // optional: if you define mqlMicrosoftConditionalAccessInternal it will be used here - NamedLocations plugin.TValue[[]interface{}] - CountryLocations plugin.TValue[[]interface{}] + NamedLocations plugin.TValue[*mqlMicrosoftConditionalAccessNamedLocations] } // createMicrosoftConditionalAccess creates a new instance of this resource @@ -2920,10 +2934,55 @@ func (c *mqlMicrosoftConditionalAccess) MqlID() string { return c.__id } -func (c *mqlMicrosoftConditionalAccess) GetNamedLocations() *plugin.TValue[[]interface{}] { - return plugin.GetOrCompute[[]interface{}](&c.NamedLocations, func() ([]interface{}, error) { +func (c *mqlMicrosoftConditionalAccess) GetNamedLocations() *plugin.TValue[*mqlMicrosoftConditionalAccessNamedLocations] { + return &c.NamedLocations +} + +// mqlMicrosoftConditionalAccessNamedLocations for the microsoft.conditionalAccess.namedLocations resource +type mqlMicrosoftConditionalAccessNamedLocations struct { + MqlRuntime *plugin.Runtime + __id string + // optional: if you define mqlMicrosoftConditionalAccessNamedLocationsInternal it will be used here + IpLocations plugin.TValue[[]interface{}] + CountryLocations plugin.TValue[[]interface{}] +} + +// createMicrosoftConditionalAccessNamedLocations creates a new instance of this resource +func createMicrosoftConditionalAccessNamedLocations(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) { + res := &mqlMicrosoftConditionalAccessNamedLocations{ + MqlRuntime: runtime, + } + + err := SetAllData(res, args) + if err != nil { + return res, err + } + + // to override __id implement: id() (string, error) + + if runtime.HasRecording { + args, err = runtime.ResourceFromRecording("microsoft.conditionalAccess.namedLocations", res.__id) + if err != nil || args == nil { + return res, err + } + return res, SetAllData(res, args) + } + + return res, nil +} + +func (c *mqlMicrosoftConditionalAccessNamedLocations) MqlName() string { + return "microsoft.conditionalAccess.namedLocations" +} + +func (c *mqlMicrosoftConditionalAccessNamedLocations) MqlID() string { + return c.__id +} + +func (c *mqlMicrosoftConditionalAccessNamedLocations) GetIpLocations() *plugin.TValue[[]interface{}] { + return plugin.GetOrCompute[[]interface{}](&c.IpLocations, func() ([]interface{}, error) { if c.MqlRuntime.HasRecording { - d, err := c.MqlRuntime.FieldResourceFromRecording("microsoft.conditionalAccess", c.__id, "namedLocations") + d, err := c.MqlRuntime.FieldResourceFromRecording("microsoft.conditionalAccess.namedLocations", c.__id, "ipLocations") if err != nil { return nil, err } @@ -2932,14 +2991,14 @@ func (c *mqlMicrosoftConditionalAccess) GetNamedLocations() *plugin.TValue[[]int } } - return c.namedLocations() + return c.ipLocations() }) } -func (c *mqlMicrosoftConditionalAccess) GetCountryLocations() *plugin.TValue[[]interface{}] { +func (c *mqlMicrosoftConditionalAccessNamedLocations) GetCountryLocations() *plugin.TValue[[]interface{}] { return plugin.GetOrCompute[[]interface{}](&c.CountryLocations, func() ([]interface{}, error) { if c.MqlRuntime.HasRecording { - d, err := c.MqlRuntime.FieldResourceFromRecording("microsoft.conditionalAccess", c.__id, "countryLocations") + d, err := c.MqlRuntime.FieldResourceFromRecording("microsoft.conditionalAccess.namedLocations", c.__id, "countryLocations") if err != nil { return nil, err } diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml index 833fc2a0c8..e88149de7d 100755 --- a/providers/ms365/resources/ms365.lr.manifest.yaml +++ b/providers/ms365/resources/ms365.lr.manifest.yaml @@ -122,10 +122,7 @@ resources: min_mondoo_version: 9.0.0 microsoft.conditionalAccess: fields: - countryLocations: {} - name: {} namedLocations: {} - trusted: {} min_mondoo_version: 9.0.0 microsoft.conditionalAccess.countryNamedLocation: fields: @@ -137,10 +134,10 @@ resources: name: {} trusted: {} min_mondoo_version: 9.0.0 - microsoft.conditionalAccess.namedLocation: + microsoft.conditionalAccess.namedLocations: fields: - name: {} - trusted: {} + countryLocations: {} + ipLocations: {} min_mondoo_version: 9.0.0 microsoft.devicemanagement: fields: