Merge pull request #1 from swisscom/MSFT_SPOSharingSettings

SPOSharingSettings: add SharingCapability for onedrive
microsoft · May 18, 2022 · cd7170a · cd7170a
2 parents 70c663f + bc0a1a3
commit cd7170a
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 21 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 # UNRELEASED
 
+* SPOSharingSettings
+  * decoupeling from SPOSharingSettings: add SharingCapability for "-my sites" aka: OneDrive
 * AADConditionalAccessPolicy
   * Fixed export to remove the DeviceFilterMode property
     when empty.

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1
@@ -14,6 +14,11 @@ function Get-TargetResource
         [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
         $SharingCapability,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
+        $MySiteSharingCapability,
+
         [Parameter()]
         [System.boolean]
         $ShowEveryoneClaim,
@@ -151,6 +156,8 @@ function Get-TargetResource
     try
     {
         $SPOSharingSettings = Get-PnPTenant -ErrorAction Stop
+        $MySite = Get-PnPTenantSite | Where-Object{$_.Url -match "-my.sharepoint.com/"}
+        $MySiteSharingCapability = (Get-PnPTenantSite -Identity $MySite.Url).SharingCapability
 
         if ($null -ne $SPOSharingSettings.SharingAllowedDomainList)
         {
@@ -165,6 +172,7 @@ function Get-TargetResource
         return @{
             IsSingleInstance                           = 'Yes'
             SharingCapability                          = $SPOSharingSettings.SharingCapability
+            MySiteSharingCapability                    = $MySiteSharingCapability
             ShowEveryoneClaim                          = $SPOSharingSettings.ShowEveryoneClaim
             ShowAllUsersClaim                          = $SPOSharingSettings.ShowAllUsersClaim
             ShowEveryoneExceptExternalUsersClaim       = $SPOSharingSettings.ShowEveryoneExceptExternalUsersClaim
@@ -238,6 +246,11 @@ function Set-TargetResource
         [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
         $SharingCapability,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
+        $MySiteSharingCapability,
+
         [Parameter()]
         [System.boolean]
         $ShowEveryoneClaim,
@@ -381,6 +394,11 @@ function Set-TargetResource
     $CurrentParameters.Remove("CertificatePassword") | Out-Null
     $CurrentParameters.Remove("CertificateThumbprint") | Out-Null
     $CurrentParameters.Remove("ApplicationSecret") | Out-Null
+    [bool]$SetMySharingCapability = $false
+    if ($null -ne $CurrentParameters["MySiteSharingCapability"]){
+        $SetMySharingCapability = $true
+    }
+    $CurrentParameters.Remove("MySiteSharingCapability") | Out-Null
 
     if ($null -eq $SharingAllowedDomainList -and $null -eq $SharingBlockedDomainList -and
         ($null -ne $RequireAcceptingAccountMatchInvitedAccount -and $RequireAcceptingAccountMatchInvitedAccount -eq $false))
@@ -453,7 +471,12 @@ function Set-TargetResource
         }
         $CurrentParameters["SharingBlockedDomainList"] = $blocked.Trim()
     }
+
     Set-PnPTenant @CurrentParameters | Out-Null
+    if ($SetMySharingCapability){
+        $mysite = Get-PnPTenantSite | Where-Object{$_.Url -match "-my.sharepoint.com/"}
+        Set-PnPTenantSite -Identity $mysite.Url -SharingCapability $MySiteSharingCapability
+    }
 }
 function Test-TargetResource
 {
@@ -471,6 +494,11 @@ function Test-TargetResource
         [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
         $SharingCapability,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet("ExistingExternalUserSharingOnly", "ExternalUserAndGuestSharing", "Disabled", "ExternalUserSharingOnly")]
+        $MySiteSharingCapability,
+
         [Parameter()]
         [System.boolean]
         $ShowEveryoneClaim,
@@ -605,30 +633,18 @@ function Test-TargetResource
     Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)"
     Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)"
 
+    $ValuesToCheck = $PSBoundParameters
+    $ValuesToCheck.Remove('ApplicationId') | Out-Null
+    $ValuesToCheck.Remove('TenantId') | Out-Null
+    $ValuesToCheck.Remove('ApplicationSecret') | Out-Null
+    $ValuesToCheck.Remove('CertificatePath') | Out-Null
+    $ValuesToCheck.Remove('CertificatePassword') | Out-Null
+    $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null
+
     $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues `
         -Source $($MyInvocation.MyCommand.Source) `
         -DesiredValues $PSBoundParameters `
-        -ValuesToCheck @("IsSingleInstance", `
-            "SharingCapability", `
-            "ShowEveryoneClaim", `
-            "ShowAllUsersClaim", `
-            "ShowEveryoneExceptExternalUsersClaim", `
-            "ProvisionSharedWithEveryoneFolder", `
-            "EnableGuestSignInAcceleration", `
-            "BccExternalSharingInvitations", `
-            "BccExternalSharingInvitationsList", `
-            "RequireAnonymousLinksExpireInDays", `
-            "SharingAllowedDomainList", `
-            "SharingBlockedDomainList", `
-            "SharingDomainRestrictionMode", `
-            "DefaultSharingLinkType", `
-            "PreventExternalUsersFromResharing", `
-            "ShowPeoplePickerSuggestionsForGuestUsers", `
-            "FileAnonymousLinkType", `
-            "FolderAnonymousLinkType", `
-            "NotifyOwnersWhenItemsReshared", `
-            "RequireAcceptingAccountMatchInvitedAccount", `
-            "DefaultLinkPermission")
+        -ValuesToCheck $ValuesToCheck.Keys
 
     Write-Verbose -Message "Test-TargetResource returned $TestResult"
 

diff --git a/...s/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof b/...s/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof
@@ -3,6 +3,7 @@ class MSFT_SPOSharingSettings : OMI_BaseResource
 {
     [Key, Description("Specifies the resource is a single instance, the value must be 'Yes'"),ValueMap{"Yes"},Values{"Yes"}] String IsSingleInstance;
     [Write, Description("Configures anonymous link types for folders"),ValueMap{"ExistingExternalUserSharingOnly","ExternalUserAndGuestSharing","Disabled","ExternalUserSharingOnly"},Values{"ExistingExternalUserSharingOnly","ExternalUserAndGuestSharing","Disabled","ExternalUserSharingOnly"}] string SharingCapability;
+    [Write, Description("Configures sharing capability for mysite (onedrive)"),ValueMap{"ExistingExternalUserSharingOnly","ExternalUserAndGuestSharing","Disabled","ExternalUserSharingOnly"},Values{"ExistingExternalUserSharingOnly","ExternalUserAndGuestSharing","Disabled","ExternalUserSharingOnly"}] string MySiteSharingCapability;
     [Write, Description("Enables the administrator to hide the Everyone claim in the People Picker.")] boolean ShowEveryoneClaim;
     [Write, Description("Enables the administrator to hide the All Users claim groups in People Picker.")] boolean ShowAllUsersClaim;
     [Write, Description("Enables the administrator to hide the Everyone except external users claim in the People Picker.")] boolean ShowEveryoneExceptExternalUsersClaim;