Module/Rule.WebAppPool/Convert/WebAppPoolRule.Convert.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License.
using module .\..\..\Common\Common.psm1
using module .\..\WebAppPoolRule.psm1

$exclude = @($MyInvocation.MyCommand.Name,'Template.*.txt')
$supportFileList = Get-ChildItem -Path $PSScriptRoot -Exclude $exclude
foreach ($supportFile in $supportFileList)
{
    Write-Verbose "Loading $($supportFile.FullName)"
    . $supportFile.FullName
}
# Header

<#
    .SYNOPSIS
        Convert the contents of an xccdf check-content element into a WebAppPoolRule object
    .DESCRIPTION
        The WebAppPoolRule class is used to extract the webapp pool settings
        from the check-content of the xccdf. Once a STIG rule is identified as a
        webapp rule, it is passed to the WebAppPoolRule class for parsing
        and validation.
#>

class WebAppPoolRuleConvert : WebAppPoolRule
{
    <#
        .SYNOPSIS
            Empty constructor for SplitFactory
    #>

    WebAppPoolRuleConvert ()
    {
    }

    <#
        .SYNOPSIS
            Converts a xccdf STIG rule element into a Web App Pool Rule
        .PARAMETER XccdfRule
            The STIG rule to convert
    #>

    WebAppPoolRuleConvert ([xml.xmlelement] $XccdfRule) : base ($XccdfRule, $true)
    {
        $this.SetKeyValuePair()
        if ($this.IsOrganizationalSetting())
        {
            $this.SetOrganizationValueTestString()
        }

        if ($this.conversionstatus -eq 'pass')
        {
            $this.SetDuplicateRule()
        }
        $this.SetDscResource()
    }

    #region Methods

    <#
        .SYNOPSIS
            Extracts the key value pair from the check-content and sets the value
        .DESCRIPTION
            Gets the key value pair from the xccdf content and sets the value.
            If the value that is returned is not valid, the parser status is
            set to fail.
    #>

    [void] SetKeyValuePair ()
    {
        $thisKeyValuePair = Get-KeyValuePair -CheckContent $this.SplitCheckContent

        if (-not $this.SetStatus($thisKeyValuePair))
        {
            $this.set_Key($thisKeyValuePair.Key)
            $this.set_Value($thisKeyValuePair.Value)
        }
    }

    <#
        .SYNOPSIS
            Tests if and organizational value is required
        .DESCRIPTION
            Tests if and organizational value is required
    #>

    [Boolean] IsOrganizationalSetting ()
    {
        if (-not [String]::IsNullOrEmpty($this.key) -and [String]::IsNullOrEmpty($this.value))
        {
            return $true
        }
        else
        {
            return $false
        }
    }

    <#
        .SYNOPSIS
            Set the organizational value
        .DESCRIPTION
            Extracts the organizational value from the key and then sets the value
    #>

    [void] SetOrganizationValueTestString ()
    {
        $thisOrganizationValueTestString = Get-WebAppPoolOrganizationValueTestString -Key $this.key

        if (-not $this.SetStatus($thisOrganizationValueTestString))
        {
            $this.set_OrganizationValueTestString($thisOrganizationValueTestString)
            $this.set_OrganizationValueRequired($true)
        }
    }

    hidden [void] SetDscResource ()
    {
        if ($null -eq $this.DuplicateOf)
        {
            $this.DscResource = 'xWebAppPool'
        }
        else
        {
            $this.DscResource = 'None'
        }
    }

    static [bool] Match ([string] $CheckContent)
    {
        if
        (
            $CheckContent -cMatch 'IIS' -and
            $CheckContent -Match 'Application Pools' -and
            $CheckContent -NotMatch 'review the "Applications"'
        )
        {
            return $true
        }
        return $false
    }
    #endregion
}