123 lines
6.9 KiB
PowerShell
123 lines
6.9 KiB
PowerShell
|
. $PSScriptRoot\..\..\Load-PesterModules.ps1
|
||
|
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
|
||
|
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
|
||
|
$functionPath = Join-Path -Path $here -ChildPath $sut
|
||
|
Write-Host "Overriding SUT: $functionPath"
|
||
|
Import-Module $functionPath -Force
|
||
|
$moduleForMock = ""
|
||
|
|
||
|
Describe "Get-ActiveDirectoryAccount" {
|
||
|
|
||
|
$fakeAccountName = "FakeyMcFakeAccount"
|
||
|
|
||
|
Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Get-ActiveDirectoryAccount.tests' }
|
||
|
Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
Context "User Permissions" {
|
||
|
|
||
|
It "Writes a Warning if No Account Found and the User Does Not Have Domain Admin Rights" {
|
||
|
|
||
|
Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false }
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
Get-ActiveDirectoryAccount $fakeAccountName | Should -BeNull
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
|
||
|
-ParameterFilter { $Message -match "This command is being run without domain administrative privileges" } -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
}
|
||
|
|
||
|
Context "When Accounts Are Not Found" {
|
||
|
|
||
|
Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD User Found" {
|
||
|
|
||
|
$expectedExceptionMessage = "Fuzzy Wuzzy Was A Bear"
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
{ Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
|
||
|
-ParameterFilter { $Message -match "Get-ADUser: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
|
||
|
It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD Service Account Found" {
|
||
|
|
||
|
$expectedExceptionMessage = "Fuzzy Wuzzy Had No Hair"
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage }
|
||
|
|
||
|
{ Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose `
|
||
|
-ParameterFilter { $Message -match "Get-ADServiceAccount: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
}
|
||
|
|
||
|
Context "Parameter Validation and Manipulation" {
|
||
|
|
||
|
Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }
|
||
|
|
||
|
It "Outputs an object of type PSObject[]" {
|
||
|
|
||
|
(Get-Command Get-ActiveDirectoryAccount).OutputType.Type.ToString() | Should -BeExactly "System.Management.Automation.PSObject[]"
|
||
|
|
||
|
}
|
||
|
|
||
|
It "Writes a Warning and Exits Early if the Identity Contains Only Whitespace Characters" {
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
Get-ActiveDirectoryAccount " " | Should -BeNull
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
|
||
|
-ParameterFilter { $Message -match "Identity \[ \] must contain at least one non-whitespace character." } -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 0 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It
|
||
|
}
|
||
|
|
||
|
It "Does Not Call Get-ADServiceAccount if Get-ADUser Returns User" {
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { }
|
||
|
|
||
|
Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
|
||
|
-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
|
||
|
It "Does Call Get-ADServiceAccount if Get-ADUser Returns Null" {
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }
|
||
|
|
||
|
Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
|
||
|
-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
|
||
|
-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
|
||
|
It "Trims Provided Account Name" {
|
||
|
|
||
|
Mock Get-ADUser -ModuleName $moduleForMock -MockWith { }
|
||
|
Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) }
|
||
|
|
||
|
Get-ActiveDirectoryAccount " $fakeAccountName " | Should -Not -BeNull
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser `
|
||
|
-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
|
||
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount `
|
||
|
-ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It
|
||
|
}
|
||
|
}
|
||
|
}
|