From 78d3b0cbda5703b46ee89a70f0740cd126252819 Mon Sep 17 00:00:00 2001 From: Hossein Rouhani Date: Wed, 15 May 2024 15:49:05 +0200 Subject: [PATCH 1/4] adding a resouces to the Microsoft Graph under group Signed-off-by: Hossein Rouhani --- providers/ms365/resources/groups.go | 4 ++++ providers/ms365/resources/ms365.lr | 2 ++ providers/ms365/resources/ms365.lr.go | 12 ++++++++++++ providers/ms365/resources/ms365.lr.manifest.yaml | 2 ++ 4 files changed, 20 insertions(+) diff --git a/providers/ms365/resources/groups.go b/providers/ms365/resources/groups.go index 2a16bbc25b..7d8d7df9d9 100644 --- a/providers/ms365/resources/groups.go +++ b/providers/ms365/resources/groups.go @@ -6,6 +6,7 @@ package resources import ( "context" "errors" + "strings" "github.com/microsoftgraph/msgraph-sdk-go/groups" "github.com/microsoftgraph/msgraph-sdk-go/models" @@ -46,6 +47,7 @@ func (a *mqlMicrosoft) groups() ([]interface{}, error) { } res := []interface{}{} for _, grp := range grps { + joinedGroupTypes := strings.Join(grp.GetGroupTypes(), ", ") graphGrp, err := CreateResource(a.MqlRuntime, "microsoft.group", map[string]*llx.RawData{ "id": llx.StringDataPtr(grp.GetId()), @@ -55,6 +57,8 @@ func (a *mqlMicrosoft) groups() ([]interface{}, error) { "mailNickname": llx.StringDataPtr(grp.GetMailNickname()), "securityEnabled": llx.BoolDataPtr(grp.GetSecurityEnabled()), "visibility": llx.StringDataPtr(grp.GetVisibility()), + // "groupTypes": llx.ArrayData(groupTypes, types.String), This cannot be used + "groupTypes": llx.StringDataPtr(&joinedGroupTypes), }) if err != nil { return nil, err diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr index b8667e980a..57bc9bc3eb 100644 --- a/providers/ms365/resources/ms365.lr +++ b/providers/ms365/resources/ms365.lr @@ -108,6 +108,8 @@ private microsoft.group @defaults("id displayName") { visibility string // List of group members members() []microsoft.user + // Group types indicating the membership and classification of the group + groupTypes string } // Microsoft domain diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go index a3aa60b726..d686e4b1cd 100644 --- a/providers/ms365/resources/ms365.lr.go +++ b/providers/ms365/resources/ms365.lr.go @@ -325,6 +325,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "microsoft.group.members": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftGroup).GetMembers()).ToDataRes(types.Array(types.Resource("microsoft.user"))) }, + "microsoft.group.groupTypes": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlMicrosoftGroup).GetGroupTypes()).ToDataRes(types.String) + }, "microsoft.domain.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftDomain).GetId()).ToDataRes(types.String) }, @@ -950,6 +953,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlMicrosoftGroup).Members, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, + "microsoft.group.groupTypes": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftGroup).GroupTypes, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "microsoft.domain.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlMicrosoftDomain).__id, ok = v.Value.(string) return @@ -2033,6 +2040,7 @@ type mqlMicrosoftGroup struct { Mail plugin.TValue[string] Visibility plugin.TValue[string] Members plugin.TValue[[]interface{}] + GroupTypes plugin.TValue[string] } // createMicrosoftGroup creates a new instance of this resource @@ -2116,6 +2124,10 @@ func (c *mqlMicrosoftGroup) GetMembers() *plugin.TValue[[]interface{}] { }) } +func (c *mqlMicrosoftGroup) GetGroupTypes() *plugin.TValue[string] { + return &c.GroupTypes +} + // mqlMicrosoftDomain for the microsoft.domain resource type mqlMicrosoftDomain struct { MqlRuntime *plugin.Runtime diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml index 75b6819bb0..f1fba4326f 100755 --- a/providers/ms365/resources/ms365.lr.manifest.yaml +++ b/providers/ms365/resources/ms365.lr.manifest.yaml @@ -92,6 +92,8 @@ resources: microsoft.group: fields: displayName: {} + groupTypes: + min_mondoo_version: latest id: {} mail: {} mailEnabled: {} From 1b38ea70a729fbe56955ff641a230ccf6bfcbabf Mon Sep 17 00:00:00 2001 From: Preslav Date: Wed, 15 May 2024 16:59:10 +0300 Subject: [PATCH 2/4] Change groupTypes to an array. Signed-off-by: Preslav --- providers/ms365/resources/groups.go | 6 ++---- providers/ms365/resources/ms365.lr | 2 +- providers/ms365/resources/ms365.lr.go | 8 ++++---- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/providers/ms365/resources/groups.go b/providers/ms365/resources/groups.go index 7d8d7df9d9..a55c47b1f4 100644 --- a/providers/ms365/resources/groups.go +++ b/providers/ms365/resources/groups.go @@ -6,13 +6,13 @@ package resources import ( "context" "errors" - "strings" "github.com/microsoftgraph/msgraph-sdk-go/groups" "github.com/microsoftgraph/msgraph-sdk-go/models" "go.mondoo.com/cnquery/v11/llx" "go.mondoo.com/cnquery/v11/providers/ms365/connection" + "go.mondoo.com/cnquery/v11/types" ) func (m *mqlMicrosoftGroup) id() (string, error) { @@ -47,7 +47,6 @@ func (a *mqlMicrosoft) groups() ([]interface{}, error) { } res := []interface{}{} for _, grp := range grps { - joinedGroupTypes := strings.Join(grp.GetGroupTypes(), ", ") graphGrp, err := CreateResource(a.MqlRuntime, "microsoft.group", map[string]*llx.RawData{ "id": llx.StringDataPtr(grp.GetId()), @@ -57,8 +56,7 @@ func (a *mqlMicrosoft) groups() ([]interface{}, error) { "mailNickname": llx.StringDataPtr(grp.GetMailNickname()), "securityEnabled": llx.BoolDataPtr(grp.GetSecurityEnabled()), "visibility": llx.StringDataPtr(grp.GetVisibility()), - // "groupTypes": llx.ArrayData(groupTypes, types.String), This cannot be used - "groupTypes": llx.StringDataPtr(&joinedGroupTypes), + "groupTypes": llx.ArrayData(llx.TArr2Raw(grp.GetGroupTypes()), types.String), }) if err != nil { return nil, err diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr index 57bc9bc3eb..e09119fbab 100644 --- a/providers/ms365/resources/ms365.lr +++ b/providers/ms365/resources/ms365.lr @@ -109,7 +109,7 @@ private microsoft.group @defaults("id displayName") { // List of group members members() []microsoft.user // Group types indicating the membership and classification of the group - groupTypes string + groupTypes []string } // Microsoft domain diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go index d686e4b1cd..892f19da8c 100644 --- a/providers/ms365/resources/ms365.lr.go +++ b/providers/ms365/resources/ms365.lr.go @@ -326,7 +326,7 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ return (r.(*mqlMicrosoftGroup).GetMembers()).ToDataRes(types.Array(types.Resource("microsoft.user"))) }, "microsoft.group.groupTypes": func(r plugin.Resource) *plugin.DataRes { - return (r.(*mqlMicrosoftGroup).GetGroupTypes()).ToDataRes(types.String) + return (r.(*mqlMicrosoftGroup).GetGroupTypes()).ToDataRes(types.Array(types.String)) }, "microsoft.domain.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftDomain).GetId()).ToDataRes(types.String) @@ -954,7 +954,7 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { return }, "microsoft.group.groupTypes": func(r plugin.Resource, v *llx.RawData) (ok bool) { - r.(*mqlMicrosoftGroup).GroupTypes, ok = plugin.RawToTValue[string](v.Value, v.Error) + r.(*mqlMicrosoftGroup).GroupTypes, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, "microsoft.domain.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { @@ -2040,7 +2040,7 @@ type mqlMicrosoftGroup struct { Mail plugin.TValue[string] Visibility plugin.TValue[string] Members plugin.TValue[[]interface{}] - GroupTypes plugin.TValue[string] + GroupTypes plugin.TValue[[]interface{}] } // createMicrosoftGroup creates a new instance of this resource @@ -2124,7 +2124,7 @@ func (c *mqlMicrosoftGroup) GetMembers() *plugin.TValue[[]interface{}] { }) } -func (c *mqlMicrosoftGroup) GetGroupTypes() *plugin.TValue[string] { +func (c *mqlMicrosoftGroup) GetGroupTypes() *plugin.TValue[[]interface{}] { return &c.GroupTypes } From 43f90b5570e83ab825a67b9cd0f9e260f8a76012 Mon Sep 17 00:00:00 2001 From: Hossein Rouhani Date: Wed, 15 May 2024 16:12:50 +0200 Subject: [PATCH 3/4] adding a membershipRule and membershipRuleProcessingState to the Microsoft Graph under group Signed-off-by: Hossein Rouhani --- providers/ms365/resources/groups.go | 18 +++++++------- providers/ms365/resources/ms365.lr | 4 ++++ providers/ms365/resources/ms365.lr.go | 24 +++++++++++++++++++ .../ms365/resources/ms365.lr.manifest.yaml | 4 ++++ 4 files changed, 42 insertions(+), 8 deletions(-) diff --git a/providers/ms365/resources/groups.go b/providers/ms365/resources/groups.go index a55c47b1f4..b218b5d348 100644 --- a/providers/ms365/resources/groups.go +++ b/providers/ms365/resources/groups.go @@ -49,14 +49,16 @@ func (a *mqlMicrosoft) groups() ([]interface{}, error) { for _, grp := range grps { graphGrp, err := CreateResource(a.MqlRuntime, "microsoft.group", map[string]*llx.RawData{ - "id": llx.StringDataPtr(grp.GetId()), - "displayName": llx.StringDataPtr(grp.GetDisplayName()), - "mail": llx.StringDataPtr(grp.GetMail()), - "mailEnabled": llx.BoolDataPtr(grp.GetMailEnabled()), - "mailNickname": llx.StringDataPtr(grp.GetMailNickname()), - "securityEnabled": llx.BoolDataPtr(grp.GetSecurityEnabled()), - "visibility": llx.StringDataPtr(grp.GetVisibility()), - "groupTypes": llx.ArrayData(llx.TArr2Raw(grp.GetGroupTypes()), types.String), + "id": llx.StringDataPtr(grp.GetId()), + "displayName": llx.StringDataPtr(grp.GetDisplayName()), + "mail": llx.StringDataPtr(grp.GetMail()), + "mailEnabled": llx.BoolDataPtr(grp.GetMailEnabled()), + "mailNickname": llx.StringDataPtr(grp.GetMailNickname()), + "securityEnabled": llx.BoolDataPtr(grp.GetSecurityEnabled()), + "visibility": llx.StringDataPtr(grp.GetVisibility()), + "groupTypes": llx.ArrayData(llx.TArr2Raw(grp.GetGroupTypes()), types.String), + "membershipRule": llx.StringDataPtr(grp.GetMembershipRule()), + "membershipRuleProcessingState": llx.StringDataPtr(grp.GetMembershipRuleProcessingState()), }) if err != nil { return nil, err diff --git a/providers/ms365/resources/ms365.lr b/providers/ms365/resources/ms365.lr index e09119fbab..6fbed71bd2 100644 --- a/providers/ms365/resources/ms365.lr +++ b/providers/ms365/resources/ms365.lr @@ -110,6 +110,10 @@ private microsoft.group @defaults("id displayName") { members() []microsoft.user // Group types indicating the membership and classification of the group groupTypes []string + // Membership rule used for dynamic group membership + membershipRule string + // State of the processing for the dynamic membership rule + membershipRuleProcessingState string } // Microsoft domain diff --git a/providers/ms365/resources/ms365.lr.go b/providers/ms365/resources/ms365.lr.go index 892f19da8c..ba0fac0a65 100644 --- a/providers/ms365/resources/ms365.lr.go +++ b/providers/ms365/resources/ms365.lr.go @@ -328,6 +328,12 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "microsoft.group.groupTypes": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftGroup).GetGroupTypes()).ToDataRes(types.Array(types.String)) }, + "microsoft.group.membershipRule": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlMicrosoftGroup).GetMembershipRule()).ToDataRes(types.String) + }, + "microsoft.group.membershipRuleProcessingState": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlMicrosoftGroup).GetMembershipRuleProcessingState()).ToDataRes(types.String) + }, "microsoft.domain.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlMicrosoftDomain).GetId()).ToDataRes(types.String) }, @@ -957,6 +963,14 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlMicrosoftGroup).GroupTypes, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, + "microsoft.group.membershipRule": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftGroup).MembershipRule, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, + "microsoft.group.membershipRuleProcessingState": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlMicrosoftGroup).MembershipRuleProcessingState, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "microsoft.domain.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlMicrosoftDomain).__id, ok = v.Value.(string) return @@ -2041,6 +2055,8 @@ type mqlMicrosoftGroup struct { Visibility plugin.TValue[string] Members plugin.TValue[[]interface{}] GroupTypes plugin.TValue[[]interface{}] + MembershipRule plugin.TValue[string] + MembershipRuleProcessingState plugin.TValue[string] } // createMicrosoftGroup creates a new instance of this resource @@ -2128,6 +2144,14 @@ func (c *mqlMicrosoftGroup) GetGroupTypes() *plugin.TValue[[]interface{}] { return &c.GroupTypes } +func (c *mqlMicrosoftGroup) GetMembershipRule() *plugin.TValue[string] { + return &c.MembershipRule +} + +func (c *mqlMicrosoftGroup) GetMembershipRuleProcessingState() *plugin.TValue[string] { + return &c.MembershipRuleProcessingState +} + // mqlMicrosoftDomain for the microsoft.domain resource type mqlMicrosoftDomain struct { MqlRuntime *plugin.Runtime diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml index f1fba4326f..27470363e8 100755 --- a/providers/ms365/resources/ms365.lr.manifest.yaml +++ b/providers/ms365/resources/ms365.lr.manifest.yaml @@ -99,6 +99,10 @@ resources: mailEnabled: {} mailNickname: {} members: {} + membershipRule: + min_mondoo_version: latest + membershipRuleProcessingState: + min_mondoo_version: latest securityEnabled: {} visibility: min_mondoo_version: 9.0.0 From b483a30a9a002a024a549d6f78718372b1ba3638 Mon Sep 17 00:00:00 2001 From: Preslav Gerchev Date: Wed, 15 May 2024 22:34:28 +0300 Subject: [PATCH 4/4] Apply suggestions from code review --- providers/ms365/resources/ms365.lr.manifest.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml index 27470363e8..b099bcdfab 100755 --- a/providers/ms365/resources/ms365.lr.manifest.yaml +++ b/providers/ms365/resources/ms365.lr.manifest.yaml @@ -93,16 +93,16 @@ resources: fields: displayName: {} groupTypes: - min_mondoo_version: latest + min_mondoo_version: 9.0.0 id: {} mail: {} mailEnabled: {} mailNickname: {} members: {} membershipRule: - min_mondoo_version: latest + min_mondoo_version: 9.0.0 membershipRuleProcessingState: - min_mondoo_version: latest + min_mondoo_version: 9.0.0 securityEnabled: {} visibility: min_mondoo_version: 9.0.0