Add GP checks for all operations

Author: adityapatwardhan

src/code/FindHelper.cs

@@ -184,21 +184,16 @@ public IEnumerable<PSResourceInfo> FindByResourceName(
 
             List<string> repositoryNamesToSearch = new List<string>();
 
-            Uri[] allowedRepostories = null;
-
-            if(GroupPolicyRepositoryEnforcement.IsGroupPolicyEnabled())
-            {
-                allowedRepostories = GroupPolicyRepositoryEnforcement.GetAllowedRepositoryURIs();
-            }
-
             for (int i = 0; i < repositoriesToSearch.Count; i++)
             {
                 PSRepositoryInfo currentRepository = repositoriesToSearch[i];
 
-                if (allowedRepostories != null && !allowedRepostories.Contains(currentRepository.Uri))
+                bool isAllowed = GroupPolicyRepositoryEnforcement.IsRepositoryAllowed(currentRepository.Uri);
+
+                if (!isAllowed)
                 {
                     _cmdletPassedIn.WriteError(new ErrorRecord(
-                        new PSInvalidOperationException($"Repository '{currentRepository.Name}' is not allowed by group policy."),
+                        new PSInvalidOperationException($"Repository '{currentRepository.Name}' is not allowed by Group Policy."),
                         "RepositoryNotAllowedByGroupPolicy",
                         ErrorCategory.PermissionDenied,
                         this));
@@ -376,6 +371,20 @@ public IEnumerable<PSCommandResourceInfo> FindByCommandOrDscResource(
             for (int i = 0; i < repositoriesToSearch.Count; i++)
             {
                 PSRepositoryInfo currentRepository = repositoriesToSearch[i];
+
+                bool isAllowed = GroupPolicyRepositoryEnforcement.IsRepositoryAllowed(currentRepository.Uri);
+
+                if (!isAllowed)
+                {
+                    _cmdletPassedIn.WriteError(new ErrorRecord(
+                        new PSInvalidOperationException($"Repository '{currentRepository.Name}' is not allowed by Group Policy."),
+                        "RepositoryNotAllowedByGroupPolicy",
+                        ErrorCategory.PermissionDenied,
+                        this));
+
+                    continue;
+                }
+
                 repositoryNamesToSearch.Add(currentRepository.Name);
                 _networkCredential = Utils.SetNetworkCredential(currentRepository, _networkCredential, _cmdletPassedIn);
                 ServerApiCall currentServer = ServerFactory.GetServer(currentRepository, _cmdletPassedIn, _networkCredential);
@@ -566,6 +575,20 @@ public IEnumerable<PSResourceInfo> FindByTag(
             for (int i = 0; i < repositoriesToSearch.Count; i++)
             {
                 PSRepositoryInfo currentRepository = repositoriesToSearch[i];
+
+                bool isAllowed = GroupPolicyRepositoryEnforcement.IsRepositoryAllowed(currentRepository.Uri);
+
+                if (!isAllowed)
+                {
+                    _cmdletPassedIn.WriteError(new ErrorRecord(
+                        new PSInvalidOperationException($"Repository '{currentRepository.Name}' is not allowed by Group Policy."),
+                        "RepositoryNotAllowedByGroupPolicy",
+                        ErrorCategory.PermissionDenied,
+                        this));
+
+                    continue;
+                }
+
                 repositoryNamesToSearch.Add(currentRepository.Name);
                 _networkCredential = Utils.SetNetworkCredential(currentRepository, _networkCredential, _cmdletPassedIn);
                 ServerApiCall currentServer = ServerFactory.GetServer(currentRepository, _cmdletPassedIn, _networkCredential);

src/code/InstallHelper.cs

@@ -269,6 +269,20 @@ private List<PSResourceInfo> ProcessRepositories(
             for (int i = 0; i < listOfRepositories.Count && _pkgNamesToInstall.Count > 0; i++)
             {
                 PSRepositoryInfo currentRepository = listOfRepositories[i];
+
+                bool isAllowed = GroupPolicyRepositoryEnforcement.IsRepositoryAllowed(currentRepository.Uri);
+
+                if (!isAllowed)
+                {
+                    _cmdletPassedIn.WriteError(new ErrorRecord(
+                        new PSInvalidOperationException($"Repository '{currentRepository.Name}' is not allowed by Group Policy."),
+                        "RepositoryNotAllowedByGroupPolicy",
+                        ErrorCategory.PermissionDenied,
+                        this));
+
+                    continue;
+                }
+
                 string repoName = currentRepository.Name;
                 sourceTrusted = currentRepository.Trusted || trustRepository;
 

src/code/PublishHelper.cs

@@ -355,6 +355,19 @@ internal void PushResource(string Repository, string modulePrefix, bool SkipDepe
                     return;
                 }
 
+                bool isAllowed = GroupPolicyRepositoryEnforcement.IsRepositoryAllowed(repository.Uri);
+
+                if (!isAllowed)
+                {
+                    _cmdletPassedIn.WriteError(new ErrorRecord(
+                        new PSInvalidOperationException($"Repository '{repository.Name}' is not allowed by Group Policy."),
+                        "RepositoryNotAllowedByGroupPolicy",
+                        ErrorCategory.PermissionDenied,
+                        this));
+
+                    return;
+                }
+
                 _networkCredential = Utils.SetNetworkCredential(repository, _networkCredential, _cmdletPassedIn);
 
                 // Check if dependencies already exist within the repo if:

src/code/ServerFactory.cs

@@ -1,11 +1,12 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.PowerShell.PSResourceGet.UtilClasses;
+using System;
 using System.Collections;
+using System.Linq;
 using System.Management.Automation;
-using System.Management.Automation.Runspaces;
 using System.Net;
+using Microsoft.PowerShell.PSResourceGet.UtilClasses;
 
 namespace Microsoft.PowerShell.PSResourceGet.Cmdlets
 {