ps/Modules/Alkami.DevOps.SystemEngineering/Public/Get-ActiveDirectoryAccount.tests.ps1

. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$functionPath = Join-Path -Path $here -ChildPath $sut
Write-Host "Overriding SUT: $functionPath"
Import-Module $functionPath -Force
$moduleForMock = ""

Describe "Get-ActiveDirectoryAccount" {

    $fakeAccountName = "FakeyMcFakeAccount"

    Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Get-ActiveDirectoryAccount.tests' }
    Mock -CommandName Write-Warning   -ModuleName $moduleForMock -MockWith { }

    Context "User Permissions" {

        It "Writes a Warning if No Account Found and the User Does Not Have Domain Admin Rights" {

            Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false }
            Mock Get-ADUser             -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADServiceAccount   -ModuleName $moduleForMock -MockWith { }

            Get-ActiveDirectoryAccount $fakeAccountName | Should -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
                -ParameterFilter { $Message -match "This command is being run without domain administrative privileges" } -Times 1 -Exactly -Scope It
        }
    }

    Context "When Accounts Are Not Found" {

        Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { }

        It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD User Found" {

            $expectedExceptionMessage = "Fuzzy Wuzzy Was A Bear"

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }

            { Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
                -ParameterFilter { $Message -match "Get-ADUser: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It
        }

        It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD Service Account Found" {

            $expectedExceptionMessage = "Fuzzy Wuzzy Had No Hair"

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }

            { Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
                -ParameterFilter { $Message -match "Get-ADServiceAccount: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It
        }
    }

    Context "Parameter Validation and Manipulation" {

        Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }

        It "Outputs an object of type PSObject[]" {

            (Get-Command Get-ActiveDirectoryAccount).OutputType.Type.ToString() | Should -BeExactly "System.Management.Automation.PSObject[]"

        }
        
        It "Writes a Warning and Exits Early if the Identity Contains Only Whitespace Characters" {

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }

            Get-ActiveDirectoryAccount "       " | Should -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
                -ParameterFilter { $Message -match "Identity \[       \] must contain at least one non-whitespace character." } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser           -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It
        }

        It "Does Not Call Get-ADServiceAccount if Get-ADUser Returns User" {

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }

            Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning        -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
                -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
        }

        It "Does Call Get-ADServiceAccount if Get-ADUser Returns Null" {

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }

            Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
                -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
                Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
                -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
        }

        It "Trims Provided Account Name" {

            Mock Get-ADUser           -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }

            Get-ActiveDirectoryAccount "    $fakeAccountName    " | Should -Not -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
                -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
                Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
                -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
        }
    }
}
First full commit 2023-05-30 22:51:22 -07:00			`. $PSScriptRoot\..\..\Load-PesterModules.ps1`
			`$here = Split-Path -Parent $MyInvocation.MyCommand.Path`
			`$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'`
			`$functionPath = Join-Path -Path $here -ChildPath $sut`
			`Write-Host "Overriding SUT: $functionPath"`
			`Import-Module $functionPath -Force`
			`$moduleForMock = ""`

			`Describe "Get-ActiveDirectoryAccount" {`

			`$fakeAccountName = "FakeyMcFakeAccount"`

			`Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Get-ActiveDirectoryAccount.tests' }`
			`Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { }`

			`Context "User Permissions" {`

			`It "Writes a Warning if No Account Found and the User Does Not Have Domain Admin Rights" {`

			`Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false }`
			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }`

			`Get-ActiveDirectoryAccount $fakeAccountName \| Should -BeNull`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
			`-ParameterFilter { $Message -match "This command is being run without domain administrative privileges" } -Times 1 -Exactly -Scope It`
			`}`
			`}`

			`Context "When Accounts Are Not Found" {`

			`Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { }`

			`It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD User Found" {`

			`$expectedExceptionMessage = "Fuzzy Wuzzy Was A Bear"`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }`

			`{ Get-ActiveDirectoryAccount $fakeAccountName -Verbose } \| Should -Not -Throw`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
			`-ParameterFilter { $Message -match "Get-ADUser: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It`
			`}`

			`It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD Service Account Found" {`

			`$expectedExceptionMessage = "Fuzzy Wuzzy Had No Hair"`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }`

			`{ Get-ActiveDirectoryAccount $fakeAccountName -Verbose } \| Should -Not -Throw`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
			`-ParameterFilter { $Message -match "Get-ADServiceAccount: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It`
			`}`
			`}`

			`Context "Parameter Validation and Manipulation" {`

			`Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }`

			`It "Outputs an object of type PSObject[]" {`

			`(Get-Command Get-ActiveDirectoryAccount).OutputType.Type.ToString() \| Should -BeExactly "System.Management.Automation.PSObject[]"`

			`}`

			`It "Writes a Warning and Exits Early if the Identity Contains Only Whitespace Characters" {`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }`

			`Get-ActiveDirectoryAccount " " \| Should -BeNull`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
			`-ParameterFilter { $Message -match "Identity \[ \] must contain at least one non-whitespace character." } -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 0 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It`
			`}`

			`It "Does Not Call Get-ADServiceAccount if Get-ADUser Returns User" {`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }`

			`Get-ActiveDirectoryAccount $fakeAccountName \| Should -Not -BeNull`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
			`-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It`
			`}`

			`It "Does Call Get-ADServiceAccount if Get-ADUser Returns Null" {`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }`

			`Get-ActiveDirectoryAccount $fakeAccountName \| Should -Not -BeNull`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
			`-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
			`-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It`
			`}`

			`It "Trims Provided Account Name" {`

			`Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }`
			`Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }`

			`Get-ActiveDirectoryAccount " $fakeAccountName " \| Should -Not -BeNull`
			`Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
			`-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It`
			Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
			`-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It`
			`}`
			`}`
			`}`