language mode validation for new AuditMode

yididiel7 · Jul 5, 2024 · 7be4fd3 · 7be4fd3
1 parent ff5f64e
commit 7be4fd3
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 2 deletions.
diff --git a/PSFramework/bin/PSFramework.dll b/PSFramework/bin/PSFramework.dll
diff --git a/PSFramework/bin/PSFramework.pdb b/PSFramework/bin/PSFramework.pdb
diff --git a/PSFramework/bin/PSFramework.xml b/PSFramework/bin/PSFramework.xml
diff --git a/PSFramework/changelog.md b/PSFramework/changelog.md
@@ -2,18 +2,21 @@
 
 ## Unreleased
 
+- New: Command New-PSFHashtable - returns a PsfHashtable object, a hashtable with default value option.
 - New: Configuration Validation: guid - ensures only legal guids can be added
 - New: Type PsfHashtable - a hashtable that can have a default value
 - New: Type Object.ObjectHost - added methods to modify members of a PSObject
 - Upd: New-PSFSupportPackage - Added a parameter to create the debug dump in a managed folder specific to the provided task name.
 - Upd: New-PSFSupportPackage - Added parameter to force-create parent folder of output path.
+- Upd: ConvertTo-PSFHashtable - Added parameter `-AsPsfHashtable` to return a PsfHashtable instead of a default Hashtable.
 - Upd: Runspace Workflows - Worker runspaces are now named "PSF-<Workflow>-<Worker>-<Index>"
 - Upd: Runspace Workflows - Errors that happened during a worker's processing now include the object being processed
 - Upd: Wait-PSFRunspaceWorkflow - Added option to wait based on how long ago an item was added to a specified queue.
 - Upd: Type Utility.UtilityHost - added SetPrivateField method, using reflection to update a non-public field.
 - Fix: Read-PSFRunspaceQueue - Queue is not cleared when piping result to Select-Object -First X (#621)
 - Fix: Import during JEA session establishment fails - "Cannot bind empty value to Path"
 - Fix: Import-PSFpowerShellDataFile - Safe mode incorrectly reports "File is not safe to execute" on ArrayLiteralAsts inside of a psd1 file.
+- Fix: New-PSFMessageLevelModifier - Is case sensitive when comparing function names.
 
 ## 1.10.318 (2023-11-10)
 

diff --git a/library/PSFramework/Validation/PsfValidateLanguageMode.cs b/library/PSFramework/Validation/PsfValidateLanguageMode.cs
@@ -31,8 +31,14 @@ protected override void ValidateElement(object element)
             ScriptBlock script = element as ScriptBlock;
 
             PSLanguageMode modeDetected = (PSLanguageMode)Utility.UtilityHost.GetPrivateProperty("LanguageMode", script);
-            if (!Modes.Contains(modeDetected))
-                throw new ArgumentException(Localization.LocalizationHost.Read("PSFramework.Assembly.Validation.LanguageMode.BadMode", new object[] { String.Join(",", Modes), modeDetected }));
+            if (Modes.Contains(modeDetected))
+                return;
+
+            // FL requirement will not be met in AuditMode
+            if (Modes.Contains(PSLanguageMode.FullLanguage) && modeDetected == PSLanguageMode.ConstrainedLanguage && IsAuditMode())
+                return;
+
+            throw new ArgumentException(Localization.LocalizationHost.Read("PSFramework.Assembly.Validation.LanguageMode.BadMode", new object[] { String.Join(",", Modes), modeDetected }));
         }
 
         /// <summary>
@@ -48,5 +54,20 @@ public PsfValidateLanguageMode(PSLanguageMode[] Modes)
         {
             this.Modes = Modes;
         }
+
+
+        private bool IsAuditMode()
+        {
+            // This wrapping is required to support older PS versions that do not yet contain the security namespace.
+            // This might include older PS5.1 versions.
+            // Methods using unknown classes / namespaces fail on invoke.
+            try { return _IsAuditModeInternal(); }
+            catch {  return false; }
+        }
+
+        private bool _IsAuditModeInternal()
+        {
+            return System.Management.Automation.Security.SystemPolicy.GetSystemLockdownPolicy() == System.Management.Automation.Security.SystemEnforcementMode.Audit;
+        }
     }
 }