Rego changes for 1.6

Testing/RegoTests/drive/drive06_test.rego

@@ -252,7 +252,7 @@ test_DriveFs_Setting_InCorrect_V1 if {
     not RuleOutput[0].RequirementMet
     not RuleOutput[0].NoSuchEvent
     RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
-    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled, but can be used on any device.</li></ul>"])
+    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled and can be used on any device.</li></ul>"])
 }
 
 test_DriveFs_Setting_InCorrect_V2 if {
@@ -311,7 +311,7 @@ test_DriveFs_Setting_InCorrect_V2 if {
     not RuleOutput[0].RequirementMet
     not RuleOutput[0].NoSuchEvent
     RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
-    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled, but can be used on any device.</li></ul>"])
+    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled and can be used on any device.</li></ul>"])
 }
 
 test_DriveFs_Setting_InCorrect_V3 if {
@@ -390,5 +390,5 @@ test_DriveFs_Setting_InCorrect_V3 if {
     not RuleOutput[0].RequirementMet
     not RuleOutput[0].NoSuchEvent
     RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
-    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled, but can be used on any device.</li></ul>"])
+    "<ul><li>Test Top-Level OU: Drive for Desktop is enabled and can be used on any device.</li></ul>"])
 }

rego/Drive.rego

@@ -1035,76 +1035,77 @@ if {
 #
 # Baseline GWS.DRIVEDOCS.6.1v0.2
 #--
+
+GetFriendlyValue6_1(CompanyOnly, DesktopEnabled) :=
+    "Drive for Desktop is enabled and can be used on any device." if {
+        CompanyOnly == "false"
+        DesktopEnabled == "true"
+    }
+    else := "Drive for Desktop is disabled" if {
+        DesktopEnabled == "false"
+    }
+    else := "Drive for Desktop is enabled but only on approved devices." if {
+        CompanyOnly == "true"
+        DesktopEnabled == "true"
+    }
+
 default NoSuchEvent6_1(_) := true
 
-GetFriendlyValue6_1(Value_B, Value_A) :=
-"Drive for Desktop is enabled, but can be used on any device." if {
-    Value_B == "false"
-}
-else := "Drive for Desktop is disabled" if {
-    Value_A == "false"
-}
-else := "Drive for Desktop is enabled, and only on approved devices." if {
-    Value_A == "true"
-}
 NoSuchEvent6_1(TopLevelOU) := false if {
     Events := utils.FilterEventsOU(LogEvents,
         "DriveFsSettingsProto drive_fs_enabled", TopLevelOU)
     count(Events) != 0
 }
 
 NoSuchEvent6_1(TopLevelOU) := false if {
-    # No such event...
     Events := utils.FilterEventsOU(LogEvents,
         "DriveFsSettingsProto company_owned_only_enabled", TopLevelOU)
     count(Events) != 0
 }
 
 NonCompliantOUs6_1 contains {
     "Name": OU,
-    "Value": GetFriendlyValue6_1(LastEvent_B.NewValue, LastEvent_A.NewValue)
+    "Value": GetFriendlyValue6_1(LastCompanyOnlyEvent.NewValue, LastDriveEnabledEvent.NewValue)
     } if {
-    some OU in utils.OUsWithEvents
-    Events_A := utils.FilterEventsOU(LogEvents,
-        "DriveFsSettingsProto drive_fs_enabled", OU)
-    count(Events_A) > 0
-    LastEvent_A := utils.GetLastEvent(Events_A)
-    LastEvent_A.NewValue != "DELETE_APPLICATION_SETTING"
-
-    Events_B := utils.FilterEventsOU(LogEvents,
-        "DriveFsSettingsProto company_owned_only_enabled", OU)
-    count(Events_B) > 0
-    LastEvent_B := utils.GetLastEvent(Events_B)
-    LastEvent_B.NewValue != "DELETE_APPLICATION_SETTING"
-
-
-    LastEvent_A.NewValue == "true"
-    LastEvent_B.NewValue != "true"
-
-}
+        some OU in utils.OUsWithEvents
+
+        DriveEnabledEvents := utils.FilterEventsOU(LogEvents,
+            "DriveFsSettingsProto drive_fs_enabled", OU)
+        count(DriveEnabledEvents) > 0
+        LastDriveEnabledEvent := utils.GetLastEvent(DriveEnabledEvents)
+        LastDriveEnabledEvent.NewValue != "DELETE_APPLICATION_SETTING"
+
+        CompanyOnlyEvents := utils.FilterEventsOU(LogEvents,
+            "DriveFsSettingsProto company_owned_only_enabled", OU)
+        count(CompanyOnlyEvents) > 0
+        LastCompanyOnlyEvent := utils.GetLastEvent(CompanyOnlyEvents)
+        LastCompanyOnlyEvent.NewValue != "DELETE_APPLICATION_SETTING"
+
+        LastDriveEnabledEvent.NewValue == "true"
+        LastCompanyOnlyEvent.NewValue != "true"
+    }
 
 NonCompliantGroups6_1 contains {
     "Name": Group,
-    "Value": GetFriendlyValue6_1(LastEvent_B.NewValue, LastEvent_A.NewValue)
+    "Value": GetFriendlyValue6_1(LastCompanyOnlyEvent.NewValue, LastDriveEnabledEvent.NewValue)
     } if {
-    some Group in utils.GroupsWithEvents
-    Events_A := utils.FilterEventsGroup(LogEvents,
-        "DriveFsSettingsProto drive_fs_enabled", Group)
-    count(Events_A) > 0
-    LastEvent_A := utils.GetLastEvent(Events_A)
-    LastEvent_A.NewValue != "DELETE_APPLICATION_SETTING"
-
-    Events_B := utils.FilterEventsGroup(LogEvents,
-        "DriveFsSettingsProto company_owned_only_enabled", Group)
-    count(Events_B) > 0
-    LastEvent_B := utils.GetLastEvent(Events_B)
-    LastEvent_B.NewValue != "DELETE_APPLICATION_SETTING"
-
-    LastEvent_A.NewValue == "true"
-    LastEvent_B.NewValue != "true"
-
-
-}
+        some Group in utils.GroupsWithEvents
+
+        DriveEnabledEvents := utils.FilterEventsGroup(LogEvents,
+            "DriveFsSettingsProto drive_fs_enabled", Group)
+        count(DriveEnabledEvents) > 0
+        LastDriveEnabledEvent := utils.GetLastEvent(DriveEnabledEvents)
+        LastDriveEnabledEvent.NewValue != "DELETE_APPLICATION_SETTING"
+
+        CompanyOnlyEvents := utils.FilterEventsGroup(LogEvents,
+            "DriveFsSettingsProto company_owned_only_enabled", Group)
+        count(CompanyOnlyEvents) > 0
+        LastCompanyOnlyEvent := utils.GetLastEvent(CompanyOnlyEvents)
+        LastCompanyOnlyEvent.NewValue != "DELETE_APPLICATION_SETTING"
+
+        LastDriveEnabledEvent.NewValue == "true"
+        LastCompanyOnlyEvent.NewValue != "true"
+    }
 
 tests contains {
     "PolicyId": "GWS.DRIVEDOCS.6.1v0.2",