search

domainaware / parsedmarc

A Python package and CLI for parsing aggregate and forensic DMARC reports
https://domainaware.github.io/parsedmarc/
Apache License 2.0
986 stars 214 forks source link

Add message about scoping shared mailboxes when using MSGraph ClientSecret auth #322

Closed nathanthorpe closed 2 years ago

nathanthorpe commented 2 years ago

There is a small issue when you need to scope to shared mailboxes as they are not a security principal.

You'll get the error The identity of the policy scope is not a security principal.

To fix this you must first create a mail enabled security group, add the shared mailbox to that group, and restrict using the group.

Also add resolve_entities=False on the XmlParser just to be safe. I don't think lxml is vulnerable but since we don't need it, good to turn off. Sonarqube was flagging it https://rules.sonarsource.com/python/RSPEC-2755.

codecov[bot] commented 2 years ago

Codecov Report

Merging #322 (7648944) into master (0e6e6c3) will not change coverage. The diff coverage is 100.00%.

@@           Coverage Diff           @@
##           master     #322   +/-   ##
=======================================
  Coverage   60.40%   60.40%           
=======================================
  Files           8        8           
  Lines        1278     1278           
=======================================
  Hits          772      772           
  Misses        506      506
Impacted Files Coverage Δ
parsedmarc/__init__.py 62.39% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 0e6e6c3...7648944. Read the comment docs.